L.A. based investigative journalist and
(ger) Brad Friedman specializes in election fraud and issues with Diebold machines and other voting machines. Based on the
[Of course I checked these quotes. The NYT quote is linked. The LATimes blog Feb. 7, 2007 comes up with the quote on google, but I can't get to the link.]
He's been watching the Anchorage April 3, 2012 election carefully. Since I wrote some posts on the election, I've been included in emails among a group of people concerned how the election was conducted. Brad too is part of this group.
He watched the Assembly meeting (I'm assuming online) Thursday night. He sent out an email which took her [Election Commissioner Gwen Mathew's] testimony apart paragraph by paragraph. And he's given us permission to use it. Thanks Brad for letting us post this, but more importantly applying your expertise to our election. His critique is so damning about the competence and knowledge of our local election commissioner that I'm posting it here for all to evaluate.
(I must confess I was committed to another event last night that was scheduled before the special Assembly meeting was. But
"As Gwen Matthews told me personally on the phone, she had not read any of the many security
analyses and reviews of Diebold (pronounced DEE-bold, since
approximately 1859 when the company was founded) op-scan systems. That
was apparent tonight in her testimony for the Assembly as she simply
either made things up about Diebold in CA, or repeated what someone had
told her.
"Here's part of what she said, which was so wrong in so many ways that I'll post what she said, and then respond line-by-line below it...
GWEN
MATTHEWS: In 2003, in California, the Superior -- some court, I can't
remember what it is -- they ruled that the Diebold machines were not
good for elections. But that is the touch-screens in California. These
are much different. The touch-screens, they had software, firmware,
hardware issues -- which, by the way, were resolved -- and, but these
machines are simple scanning machines and counters. They're very basic.
The only security risk would be the memory card that is in each Diebold
machine.
Through
the years, I have worked elections as well. And they
do occasionally come off. I mean part of our procedure is the night of
the election, we take the memory cards out of the Diebold machines,
along with the tapes -- the zero report tapes -- and the election
results and we put them in their own envelope. And we take them to City
Hall and we hand them to people who 'do all that stuff'. So, it's not
unusual for the security seals to break, because they're supposed to
that night.
If
you're concerned about the security of this, you have to have a motive,
you have to have opportunity, you have to have expertise to program
that card, plus I don't think they sell that kind of equipment at Radio
Shack. I think it's rather specialized.
These machines are "overnighted" [she means sent home on "sleepovers" with poll workers],
but I think it's unreasonable to assume that someone would want to
break into that many precinct chairmen houses and get away with it and
have no trail of that.
One
last thing. These machines are easy to check, because they have a paper
trail. You can have another machines with -- and by the way Jacqueline
[Duke] programs these, she's the only administrator, she has an observer
when she does it -- um, and you can run through the same ballots
through that machine. It has a paper trail, which was a factor of the
court case in California.
"Good lord. Not even close. On any of it. Let's go graf-by-graf (sorry!)
GWEN
MATTHEWS: In 2003, in California, the Superior -- some court, I can't
remember what it is -- they ruled that the Diebold machines were not
good for elections. But that is the touch-screens in California. These
are much different. The touch-screens, they had software, firmware,
hardware issues -- which, by the way, were resolved -- and, but these
machines are simple scanning machines and counters. They're very basic.
The only security risk would be the memory card that is in each Diebold
machine.
"The 2003 suit she's referring to doesn't actually have anything to do with security of the Diebold machines. It was a qui tam case, filed by Bev Harris of Black Box Voting,
concerning the fact that Diebold had defrauded the state by lying about
their touch-screen voting machines. This was discovered after Stephen
Heller, a whistleblower at Diebold's law firm Jones Day, found that
Diebold was planning to lie to state officials about having illegally
inserted uncertified firmware into their machines in Alameda County (and
one other, as I recall).
"The
Secretary of State at the time, Kevin Shelley, decertified the
touch-screen systems in the state entirely after that incident, and
Diebold eventually paid $3.5m (as I recall) to settle the Qui Tam
fraud lawsuit. It had nothing to do with the actual security of the
systems themselves, but the fact that Diebold had lied about it all to
officials and installed uncertified firmware.
"Those
issues were not "resolved," as Gwen says. Rather, a new Sec of State
came in later, Bruce McPherson, appointed by Schwarzenegger and simply
certified the same touch-screens (and had Diebold guys working out of
his office -- literally) that Shelley had previously decertified.
"He
did that in 2006, even after the December 2005 Leon County, FL Hursti
Hack which showed how, not only could the Op-scan memory cards be gamed,
but so could the memory cards in the touch-screens and, most
disturbingly, the GEMS central tabulator itself. That -- not the
2003 fraud case -- is what is referred to in the 2006 Security
Analysis commission by McPherson, that I quoted from in my original
report on the Anchorage election mess. As I wrote (but Gwen failed to
read, I guess):
Memory card attacks are a real threat.
We determined that anyone who has access to a memory card of the
[Diebold Accuvote op-scan], and can tamper it (i.e. modify its
contents), and can have the modified cards used in a voting machine
during an election, can indeed modify the election results from that
machine in a number of ways. The fact that the the results are incorrect
cannot be detected except by a recount of the original paper ballots.
The
analysis went on to warn that the hacker "was indeed able to change the
election results by doing nothing more than modifying the contents of a
memory card."
"It
would be safest if it is not widely used until these bugs are fixed
(they never were) and until a modification is made to ensure that
the...attack is eliminated." The scientists wrote that "strong
procedural safeguards should be implemented that prevent anyone from
gaining unsupervised or undocumented access to a memory card, and these
procedures should be maintained for the life of all cards. ... Any
breach of control over a card should require that its contents be zeroed
(in the presence of two people) before it is used again."
"There
would be no way to know that any of these attacks occurred; the canvass
procedure would not detect any anomalies, and would just produce
incorrect results. The only way to detect and correct the problem would
be by recount of the original paper ballots," they found.
"That had nothing to do with the 2003 fraud case!
"When
Matthews says, about her "amazing" machines that "The only security
risk would be the memory card that is in each Diebold machine," it's
clear she hasn't bothered to read any of the security reports about these machines -- as she told me that she had not!
"That, of course, is just one report. There have been many many others
finding all of the above and even much worse. In 2007, the newer CA
Sec. of State Debra Bowen did a "Top-to-Bottom Review" of all e-voting
systems in the state of CA. You can peruse the reports here which led
her to decertify BOTH the touch-screen AND the op-scan, which was conditionally recertified
with, among other security requirements, tamper-evident seals that, if
broken, would de-certify the machine for use in an election.
"Here are those many reports -- often redacted for security reasons, to remove the most helpful stuff for hackers:
"A
year later, the Sec of State of Ohio, Jennifer Brunner, commissioned
another study by her own state. Here are those results (Diebold had been
renamed "Premier" by then to try and shake off some of the taint they
had earned from all the fraud suits and decertifications and
whistleblowers, etc.)
"Back to Gwen's statement tonight:
Through
the years, I have worked elections as well. And they
do occasionally come off. I mean part of our procedure is the night of
the election, we take the memory cards out of the Diebold machines,
along with the tapes -- the zero report tapes -- and the election
results and we put them in their own envelope. And we take them to City
Hall and we hand them to people who 'do all that stuff'. So, it's not
unusual for the security seals to break, because they're supposed to
that night.
"'Hand
them to people who 'do all that stuff''". Love that. Anyway, no, the
security are not supposed to break. They are supposed to be cut at the
end of the night by the poll workers. If they just break on their own,
it kinda defeats the purpose of security seals. Yes, they are crappy, and actually can be gamed (removed without breaking them, and then re-applying them), but that's hardly the point.
If
you're concerned about the security of this, you have to have a motive,
you have to have opportunity, you have to have expertise to program
that card, plus I don't think they sell that kind of equipment at Radio
Shack. I think it's rather specialized.
"Fair enough. You have to have "motive…opportunity [and] expertise". There are plenty of folks who have all of
the above. Take, for instance, Jacqueline Duke. Her motive would be
clear: Make sure her old boss won the election and that the ballot
measure he opposed (Prop 5) did too. Of course, she would have both the
opportunity and the expertise to game the system, because, as Gwen says
as well, " Jacqueline programs these, she's the only administrator".
"Not
saying she did it. Just saying that she had all the requirements to
game the entire system. Many others did as well. For example, the "people who 'do all that stuff'", as Gwen mentioned. And yes, poll workers could do so as well. More on that in a moment.
"As far as the equipment required. Well, Harri Hursi programmed his memory card for the Leon County Hack seen in Hacking Democracy
by purchasing a crop scanner off the Internet for less than $100
dollars. Pima County, AZ did the same thing when they wanted to test,
they say, how easy it would be to do what Hursti did.
"But
no equipment is needed at all to simply change results on the GEMS
central tabulator. That is done with a few keystrokes by "the people who
'do all that stuff'", if they like.
These machines are "overnighted" [she means sent home on "sleepovers" with poll workers],
but I think it's unreasonable to assume that someone would want to
break into that many precinct chairmen houses and get away with it and
have no trail of that.
"As the Princeton Diebold Virus Hack of 2006 showed -- (I broke the story at Salon and in a more detailed version at The BRAD BLOG, the hack was later demonstrated, among many other places, live on Fox "News")
-- a single memory card can be loaded with a virus that then passes
itself either from machine to machine, or straight into the GEMS
tabulator affecting all cards and results in the election. One needn't "break into that many precinct chairmen houses" to do this.
"Gwen is absolutely clueless about
which she speaks, and is clearly repeating what she's been told by the
Diebold reps (who are now either ES&S or Dominion, whichever one
Anchorage uses as their vendor since Diebold was sold off.)
One
last thing. These machines are easy to check, because they have a paper
trail. You can have another machines with -- and by the way Jacqueline
[Duke] programs these, she's the only administrator, she has an observer
when she does it -- um, and you can run through the same ballots
through that machine. It has a paper trail, which was a factor of the
court case in California.
"Nothing that she mentioned "was a factor of the court case in California." She simply made that up.
"A so-called "paper trail" is no good if you don't examine it. By refusing to allow the Assembly to hand count the paper ballots,
it does no good whatsoever to have a "paper trail". In allowing someone
like Jacqueline Duke (who worked for a guy on the ballot) to program
the machines (with some unnamed "observer"), train the pollworkers to
ignore broken security seals, and then take custody of the "paper trail"
(the ballots) themselves for a month before anybody ever gets to
examine even one of those ballots by hand, makes a mockery of the entire
system.
"That
Gwen Matthews is the author of the report used to determine whether
that election should be certified or not is a joke. That she serves as
the Election Commissioner of Anchorage is an insult. That she would
blatantly mislead and/or lie to the Assembly in making her presentation
by offering absurd "facts" that have absolutely nothing to do with
reality is both an outrage, and merits a LOUD call for her to removed
from her post -- along with Jacqueline Duke, by the way -- immediately.
"Good
luck guys. You folks may use any or all of the above on the record any
way you see fit. IF you have any questions, feel free to ask.
Brad
