SF Bay Area Indymedia indymedia
About Contact Subscribe Calendar Publish Print Donate

Legal Support

Link To The Full Stash Of Diebold Memos...
by Anon.
Monday Sep 29th, 2003 9:45 PM
The following is a link to the incriminating stash of Diebold Election Systems memos... please take copies of this data and redistribute...
http://www.sentry.nu/s/lists/

This set of emails has been posted all over the place and shut down all over the place. Webmasters - especially those out of the reach of the DMCA - are encouraged to take a full copy of the memos at the above link.

For background.... the following summary was posed on DU when the Italian set of files was posted...

"In the support link, check out October 2001 for the "alter the audit log in Access" memo, April 2000 for memos that refer to transmitting vote data from optical scan machines by cell phone, April 2002 for a Tab Iredale (senior programmer) memo that urges folks to avoid getting Windows CE certified by anyone, and January 2001 for a memo from Ken Clark (principal engineer) talking about how pointless it is to attempt a recount on a touch screen.

Then, bear in mind that GEMS programs 1.11.14 and 1.17.17 are certified -- and check out how many times they are installing 1.14.xx and 1.15.xx series and using them in elections! (Totally illegal: what this means is the software used in these elections was never looked at by ANYONE except a handful of programmers in Canada.) Pretty much throws the whole certification and testing argument out the window.

There are a few "gems" (pardon the pun) about blaming problems on the customer; one where they find that they upgraded software for the optical scan and now it won't work on some optical scan machines in Virginia. They discuss giving them new optical scans, but decide to instead find a way to blame it on the customer and make them pay for new machines.

Also look for one in Colorado Springs (El Paso County Colorado) where they discuss the fact that they can't pick up a check until they do a demo of what they sold, but they don't have software that does what they sold, so they discuss a way to fake the demo, mentioning they've faked it before...

Boring reading, but productive for anyone who wants to head directly into your attorney general's office and demand that we put a stop to using Diebold optical scan and touch screens."


Comments  (Hide Comments)

by anon
Monday Oct 6th, 2003 2:21 PM
Diebold keeps knocking these servers down, here's a link - download and mirror!

http://d176.whartonab.swarthmore.edu/

or get it directly:
http://d176.whartonab.swarthmore.edu/diebold_internalmemos.pdf
by Anonymous
Thursday Oct 9th, 2003 10:43 PM
Another <a href='http://noisebox.cypherpunks.to/~visible/vote/vote.html'>mirror.
by some
Tuesday Oct 14th, 2003 10:23 AM
Internal Memos: Diebold Doing End-Runs Around Certification

Friday, 12 September 2003 (PDT)
By Bev Harris – blackboxvoting.org

 http://www.blackboxvoting.com

********
If certification isn't being done properly, the whole house of cards falls. Below are actual copies of internal Diebold memos which show that uncertified software is being used in elections, and that Diebold programmers intentionally end-run the system.

Quick backgrounder first, scroll down to see the memos.

BACKGROUND

Our voting system, which is part of the public commons has recently been privatized. When this happened, the counting of the votes, which must be a public process, subjected to the scrutiny of many eyes of plain old citizens, became a secret.

The computerized systems that register voters, will soon sign voters into the polling place using a digital smart card, record the vote we cast, and tally it are now so secret they are not allowed to be examined by any citizens group, or even by academics like the computer scientists at major universities.

The corporate justification for this secrecy is that these systems adhere to a list of "standards" put out by the Federal Election Commission, and that an "ITA" (Independent Testing Authority) carefully examines the voting system, which is then provided to states for their own certification.

As it turns out, the states typically do not examine the computer code at all, relying instead on a "Logic and Accuracy" test which will not catch fraud and has frequently missed software programming errors that cause the machines to miscount.

A Diebold message board has been used since 1999 to help technicians in the field interact with programmers to solve problems. The contents of this message board were quietly sent to reporters and activists around the world, most likely by a Diebold employee. In a letter to WiredNews, Diebold has acknowledged that these memos are from its own staff message boards.

Without further commentary, judge for yourself whether Diebold has been following certification requirements:


From Nel Finberg, Technical Writer, Diebold Election Systems

(Note: Metamor/Ciber is the ITA assigned to certify the software)

alteration of Audit Log in Access

To: "support"
Subject: alteration of Audit Log in Access
From: "Nel Finberg"
Date: Tue, 16 Oct 2001 23:31:30 -0700
Importance: Normal

Jennifer Price at Metamor (about to be Ciber) has indicated that she can access the GEMS Access database and alter the Audit log without entering a password. What is the position of our development staff on this issue? Can we justify this? Or should this be anathema?
Nel

Reply from Ken Clark, principal engineer for Diebold Election Systems

RE: alteration of Audit Log in Access

To:
Subject: RE: alteration of Audit Log in Access
From: "Ken Clark"
Date: Thu, 18 Oct 2001 09:55:02 -0700
Importance: Normal
In-reply-to:

Its a tough question, and it has a lot to do with perception. Of course everyone knows perception is reality.

Right now you can open GEMS' .mdb file with MS-Access, and alter its contents. That includes the audit log. This isn't anything new. In VTS, you can open the database with progress and do the same. The same would go for anyone else's system using whatever database they are using. Hard drives are read-write entities. You can change their contents.

Now, where the perception comes in is that its right now very *easy* to change the contents. Double click the .mdb file. Even technical wizards at Metamor (or Ciber, or whatever) can figure that one out.

It is possible to put a secret password on the .mdb file to prevent Metamor from opening it with Access. I've threatened to put a password on the .mdb before when dealers/customers/support have done stupid things with the GEMS database structure using Access. Being able to end-run the database has admittedly got people out of a bind though. Jane (I think it was Jane) did some fancy footwork on the .mdb file in Gaston recently. I know our dealers do it. King County is famous for it. That's why we've never put a password on the file before.

Note however that even if we put a password on the file, it doesn't really prove much. Someone has to know the password, else how would GEMS open it. So this technically brings us back to square one: the audit log is modifiable by that person at least (read, me). Back to perception though, if you don't bring this up you might skate through Metamor.

There might be some clever crypto techniques to make it even harder to change the log (for me, they guy with the password that is). We're talking big changes here though, and at the moment largely theoretical ones. I'd doubt that any of our competitors are that clever.

By the way, all of this is why Texas gets its sh*t in a knot over the log printer. Log printers are not read-write, so you don't have the problem. Of course if I were Texas I would be more worried about modifications to our electronic ballots than to our electron logs, but that is another story I guess.

Bottom line on Metamor is to find out what it is going to take to make them happy. You can try the old standard of the NT password gains access to the operating system, and that after that point all bets are off. You have to trust the person with the NT password at least. This is all about Florida, and we have had VTS certified in Florida under the status quo for nearly ten years.

I sense a loosing battle here though. The changes to put a password on the .mdb file are not trivial and probably not even backward compatible, but we'll do it if that is what it is going to take.

Ken

Reply by Nel Finberg

RE: alteration of Audit Log in Access

To:
Subject: RE: alteration of Audit Log in Access
From: "Nel Finberg"
Date: Wed, 17 Oct 2001 14:48:16 -0700
Importance: Normal

Thanks for the response, Ken. For now Metamor accepts the requirement to restrict the server password to authorized staff in the jurisdiction, and that it should be the responsibility of the jurisdiction to restrict knowledge of this password. So no action is necessary in this matter, at this time. Nel

From Tyler to Ken Clark, Diebold Election Systems

Re: Nichols Lab

· To: >,
· Subject: Re: Nichols Lab
· From: "Tyler"
· Date: Mon, 15 Feb 1999 14:04:19 -0600

In point of fact, the user documentation MUST be completed before attempting certification. It is my understanding that the documentation is a certification requirement. I don't know how closely Nichols will scrutinize the documentation, but I wouldn't feel comfortable going forward with certification with what we have for GEMS. Ostensibly, the documentation we submit to Nichols will become the "certified" documentation and we ostensibly shouldn't provide anything but that to customers. But then again, with regards to the entire NASED certification process, I can never quite get a handle on the relationship between "ostensible" and "reality."... :-)

From Ken Clark

RE: AVTS - Diagnostics & Installation

· To: "Support Team (E-mail)"
· Subject: RE: AVTS - Diagnostics & Installation
· From: "Ken Clark"
· Date: Tue, 6 Jul 1999 16:41:56 -0500
· Importance: Normal

> From:  owner-support [at] gesn.com On Behalf Of > Juan Rivera

> > I do not feel that it is necessary or desired to do this on each and every > election. We, the manufacturer, are supposed to set the > procedures to follow > for this equipment since we build it.

I hate more than anyone else in the company to bring up a certification issue with this, but a number of jurisdictions require a "system test" before every election. I just helped Knecht yesterday with an RFP from Riverside that required this. That is why the AccuVote displayes the silly ***System Test Passed*** message on boot up instead of "memory test passed", which is all it actually tests.

No argument from me that it is pointless. You could probably get away with a batch file that prints "system test passed" for all I know. We will do something along those lines with the new unit after a memory test or whatever.

Ken

From Ken Clark

RE: Testing sb100 database 1.14.2 (asap please)

· To: "SUPPORT (E-mail)"
· Subject: RE: Testing sb100 database 1.14.2 (asap please)
· From: "Ken Clark"
· Date: Fri, 7 Jan 2000 09:38:52 -0600
· Importance: Normal

> Do you all think it would be a good idea to get Jeff Dean to send us 10 or > so precincts by eight parties with pre-printed test decks from one of the > California sites for Jane to test AccuVote and CC???? If so, > I'll call Jeff > Dean and set up asap.

*Any* testing we can do on 1.14 is a good idea. With the risk of sounding alarmist, 1.14 really needs more testing. Even though much of GEMS looks the same from the outside, the guts changed substantially between 1.11 and 1.14. That's why you see all kinds of things completely unrelated to shadow races broken in the early 1.14 releases.

Hats off to everyone posting 1.14 bug reports.

Ken

(The above memo is important because it documents that the "guts" of GEMS 1.14 are substantially changed from the certified version, 1.11 -- it was then used in elections, but according to Diebold's own chart of which versions were certified, version 1.14 was never certified.)



From Steve Knecht

1.14 vs. 1.15 GEMS versions

(uncertified versions used.)

· To: "Global Support"
· Subject: 1.14 vs. 1.15 GEMS versions
· From: "Steve Knecht"
· Date: Fri, 14 Jan 2000 17:10:34 -0800

Is it the intention of development staff that California March election will be run on some version of 1.14 or will we end up in the 1.15 range. Can you comment on the following: Are the changes being made now to 1.15 GEMS things that are in the ballot layout realm, and will not impact ballot processing, or tabulation issues?? In other words, is it possible that changes made from now on will break things we're starting to test, such as memory card up/download, central count, etc. We are beginning testing of 1.14.4 this week. Should we be testing with something else?

I guess a little summary picture of what you expect over the next 3 weeks of testing would be helpful. I'd say we will have to lock down GEMS by mid - February, AVTS ballot station is to go on-line, along with a pollbook function by Feb. 7, but we are supposed to do testing and L&A prior to this. No panic yet, just wondering where we're going to lock some of this down for the March primary.

Here is the related memo from Ken Clark:

Needless to say, the changes were extensive. The paint is still wet, and I expect people will want some tweaks in functionality as well as the obligatory bug fixes. We'll treat the early 1.15 series as "prereleases" for LHS testing so California does not have to suffer. Once 1.15 looks at least as solid as 1.14 though, we'll end the 1.14 branch. 1.14 and earlier Databases will upgrade to 1.15 without harm as usual. People testing 1.14 are encouraged to try out 1.15 to avoid any surprises when they are forced to upgrade.

Ken

(Here is a whole series of odd memos pertaining to how they should handle the inconvenience of an uncertified version number popping up on the screen in Florida)

From Greg Forsythe

Florida Certified Versions

· To: "Support"
· Subject: Florida Certified Versions
· From: "Greg Forsythe"
· Date: Thu, 17 Feb 2000 11:12:02 -0500
· Organization: Global Election Systems, Inc

Just received a call from Beverly Hill, Alachua County. She has a survey form from the state regarding versions and things. She is at the SA screen and the version is 1.92-15. Saturday, Feb. 12 she created a screen test database. This copy has 1.92-14. 1.92-14 is certified, 1.92-15 is not. SOLUTION REQUIRED! Greg Forsythe

Re: Florida Certified Versions

From Nel Finberg

· To:
· Subject: Re: Florida Certified Versions
· From: "Nel Finberg"
· Date: Thu, 17 Feb 2000 09:51:10 -0800

I am currently looking into the problem with Beverly. Nel

From Greg Forsythe

Re: Florida Certified Versions

To:
Subject: Re: Florida Certified Versions
From: "Greg Forsythe"
Date: Thu, 17 Feb 2000 12:55:09 -0500
Organization: Global Election Systems, Inc
References: <007301bf7961$cda9d030$cdbb2fd1@greg

Hernando's original database installed with Gunzip shows 1.92-09. Their copy has 1.92-14. It appears that when the database is gunzipped from the original diskette it carries the version from the source. When a copy is made on the customer's computer the version relates to the version the customer's computer programmed for. Solution might be to make the copy the official database showing the correct version. Comments .....

From Nel Finberg

Re: Florida Certified Versions

To:
Subject: Re: Florida Certified Versions
From: "Nel Finberg"
Date: Thu, 17 Feb 2000 10:24:37 -0800
References: <007301bf7961$cda9d030$cdbb2fd1@greg

The problem has been fixed. Nel

From Greg Forsythe

Re: Florida Certified Versions

To:
Subject: Re: Florida Certified Versions
From: "Greg Forsythe"
Date: Thu, 17 Feb 2000 13:33:55 -0500
Organization: Global Election Systems, Inc

Well done Nel! How did you fix it? Did you delete the original and use the copy? If the diskettes had been sent in an unzipped format using Number 10, the Restore function in the System Administration Menu, would the database have come up with the version the customer's machine was running the first time and cause no problems? Greg

From Nel Finberg

Re: Florida Certified Versions

To:
Subject: Re: Florida Certified Versions
From: "Nel Finberg"
Date: Thu, 17 Feb 2000 13:13:25 -0800
References:

What we failed to do at the time the date was repaired in Alachua's database (which showed question marks in the date field as a result of being prepared in patch 15) was set the database release file to patch 14. This is what I did this morning as well as set the release files for all of the remaining databases on their system. It should be noted that it could be that a lot of databases were initially set up with earlier versions of VTS, which we should be attentive to, given the stringency of certification in the state. I will clean up release files on the new Florida accounts in the next few days. Nel

From Nel Finberg

Re: Florida Certified Versions

· To:
· Subject: Re: Florida Certified Versions
· From: "Nel Finberg"
· Date: Thu, 17 Feb 2000 10:09:56 -0800

(uncertified versions used.)


You are correct. However, Hernando's database should technically have been compiled using patch 14, not patch 9. We do want to make sure that ballots have been successfully tested and memory cards uploaded, particulary given the initial version conflict. It would be a good idea to get rid of the original diskette in order to remove the perception of version conflicts.

Nel

From Nel Finberg

Re: Florida Certified Versions

· To:
· Subject: Re: Florida Certified Versions
· From: "Nel Finberg"
· Date: Thu, 17 Feb 2000 10:24:37 -0800

The problem has been fixed. Nel

From Cathi Smothers

GEMS Versions

From: Cathi Smothers [mailto: csglobal [at] earthlink.net]
Sent: Monday, June 05, 2000 5:02 PM
To: Ken Clark
Okay. Here's a "stupid new employee" question.
I need to get the MN accounts upgraded to 1.16. How do I know which version of GEMS (i.e. 1.16.3, 1.16.4, etc.) to use?

From Ken Clark

RE: GEMS Versions

To:
Subject: RE: GEMS Versions
From: "Ken Clark"
Date: Mon, 5 Jun 2000 18:00:49 -0500
Importance: Normal
In-reply-to:

From: Cathi Smothers [mailto: csglobal [at] earthlink.net]
Sent: Monday, June 05, 2000 5:02 PM
To: Ken Clark

Hope you don't mind the support list follow up. Certainly not a stupid question, and its worth a post on this topic every once in a while.

Baring any certification issues, the latest stable release is what you want to upgrade accounts to. We always let people know when a release is for testing only in the release announcements. Testing releases are usually 1.X.1.Y releases. For example 1.16.1.1-6 were all testing releases. At some point we conclude that testing is going well, and declare the branch stable. A new testing branch is then opened, and only bug fixes go into the stable branch. Right now 1.16.latest is considered stable, 1.16.4 being the current release by my mail. How stable the stable branch really is has everything to do with how much testing by support it receives.

Its fair to say the nature of this company and business make this process fairly informal, perhaps more so than I would like. Testing releases go out to customers when they shouldn't, and new features get added to stable branches when they shouldn't. It is not entirely undisciplined either though. Obviously you need to keep an eye on the support and bugtrack lists. Sometimes a bug slips into a stable branch, in which case its better to ship a version you trust, or wait for it to get corrected.

Secondly, does the upgrade simply consist of installing the new executable file or are there other components that need to be installed as well? They are currently using 1.11.8.

There are several components.
The GEMS exe
The ABasic directory and abasic.ini
The Reports directory and reports.ini
Locale.ini

The DLL files shipped on the GEMS CD get updated from time-to-time as well, though not often. Is usually a good idea to order the CD for a long-haul upgrade. Its not really clear whether 1.11->1.14 qualifies as long haul or not. That really depends on your comfort level. There is never any harm in ordering a CD. Other frequently asked questions while I am here:

Features are always propagated forward. I suppose one day we might remove a feature, but I've never seen it happen.

Baring bugs, artwork and memory cards are still compatible after GEMS upgrade unless there is a big announcement to the contrary. Its only happened once that artwork was incompatible after upgrade, and memory cards have never been incompatible.

The database changes between major releases (1.15->1.16) but not minor releases (1.16.1->1.16.2). You can downgrade out of trouble between minor releases, but a major release upgrade is a one way trip.

Ken

From Jeff Hintz

Software for Los Angelas, CA

To: "Support Team (E-mail)"
Subject: Software for Los Angelas, CA
From: "Jeff Hintz"
Date: Thu, 31 Aug 2000 12:31:06 -0500
Importance: Normal

I am going out to LA next week, and I would like to know what software version of Gems & AVTS is being sent out on their equipement. Thanks, Jeff Hintz

(uncertified versions used.)

From Rodney D Turner

RE: Software for Los Angelas, CA

To:
Subject: Re: Software for Los Angelas, CA
From: "Rodney D Turner"
Date: Thu, 31 Aug 2000 13:31:55 -0500
References: <000201c01371$42bb57a0$0903a8c0@Jeff

Hi Jeff, I have completed the computer for LA and Alameda. The computer for LA has GEMS 1-16-9 and the AVTS units have 3-13-1-4. The computer for Alameda has GEMS 1-16-10 and GEMS 1-16-9 ( there is a short-cut on the desktop for GEMS 1-16-9) the AVTS units have 3-13-1-4. All of the AVTS units including VIBS, have an OS of Windows NT. Because of NT, you have to remove the floppy from the drive during start-up. If you do not, NT changes the Imation drive from "A" to "D". If you forget to take out the disk from the drive, you have to restart without the disk in the drive to get it back to drive "A". Drop me a line Jeff, if you have any questions, or concerns. Rodney  rodney [at] gesn.com

From Talbot Iredale

RE: Software for Los Angelas, CA

To:
Subject: Re: Software for Los Angelas, CA
From: "Talbot Iredale"
Date: Thu, 31 Aug 2000 12:03:50 -0700

(uncertified versions used.)

Jeff and Rodney, LA and Alameda will need a revised version of GEMS and maybe BallotStation to support the import/export that they require. I am working on it now but I am certain there will be more changes.

From Larry Dix

RE: Software for Los Angelas, CA

To:
Subject: RE: Software for Los Angelas, CA
From: "Larry Dix"
Date: Thu, 31 Aug 2000 15:41:58 -0500
Importance: Normal

Tab – Would you be willing to venture an outside guess as to when the revised GEMS version will be ready. This really becomes an issue since I need to coordinate staff to be onsite. Is this also the case for Alameda? Coordination of time and staff is everything on these 2 installs. Larry J. Dix Global Election Systems

From Ken Clark

Re: Gems-1-17-1

To:
Subject: RE: GEMS-1-17-1
From: "Ken Clark"
Date: Thu, 31 Aug 2000 17:33:04 -0500
Importance: Normal
In-reply-to: <058c01c0138a$f76e27e0$ 1204a8c0 [at] gesn.com>

Is this a "testing" release or not? (Ashamed to ask). I think the hallucinations ought to be resurfacing with Steve already. Ken

From Talbot Iredale

(uncertified versions used.)

RE: GEMS-1-17-1

To:
Subject: Re: GEMS-1-17-1
From: "Talbot Iredale"
Date: Thu, 31 Aug 2000 16:14:23 -0700
References:

This is no more of a test release than 1.16.9 was though I would not be surprised if we have to make more changes to fully support LA and Alameda. Tab Re: Software for Los Angelas, CA

· To:
· Subject: Re: Software for Los Angelas, CA
· From: "Steve Knecht"
· Date: Fri, 1 Sep 2000 09:10:49 -0700
· References: <000201c01371$42bb57a0$0903a8c0@Jeff>

(uncertified versions used.)

Jeff, I think my thread may be out of sync, but discussion with Tab yesterday indicated that you'd be at least at 1.17.1 or higher to provide you with the "import" capability with their database. I believe Rodney / Mike would have to tell you what they loaded onto AVTS. Tab is still working on several programs that may affect what AVTS Rev and GEMS rev we both end up with.

From Tari Runyan

1-17-7-5 testing

· To: "SUPPORT (E-mail)"
· Subject: 1-17-7-5 testing
· From: "Tari Runyan"
· Date: Mon, 23 Oct 2000 08:21:16 -0600

(uncertified versions used.)

I have tested this version to the extent I am able - twice even and unless anyone else has discovered anything - i think it can be released to the Ca Counties - Let me know if anyone else has any concerns as I would like to get this out this morning. Thank you

(There are dozens more memos like this, and hundreds that document the use of uncertified versions of the voting system, spanning a period from 1999 to 2003.)


# # # # #
Bev Harris is author of Black Box Voting: Ballot Tampering In The 21st Century … See  http://www.blackboxvoting.com/ and it's activist arm  http://www.blackboxvoting.org/

homepage: http://www.scoop.co.nz/mason/stories/HL0309/S00150.htm


add a comment on this article
Diebold Shuts Down Blackboxvoting.org With Legal Threats 11.Oct.2003 19:56
------------------------------------------------------------------------
David

Diebold Shuts Down Blackboxvoting.org With Legal Threats
Posted on Wednesday, September 24 @ 00:55:36 EDT by David


Claiming that links on the bbv.org site were infringing on their copyright, Diebold has temporarily shut the site down.
The issue at question is links to a database of Diebold email provided by an insider that documents Diebold's ongoing campaign of fraud and deception in the design, manufacture and sale of its computer voting machines and software.

Diebold originally objected to emails being posted in their entirety on the bbv.org site. When the material was taken down, Diebold then claimed that links to sites outside the US were infringing their copyright, and the ISP complied with the demand.

This will not stand. We are searching for new home for the site and it will go back up as soon as we can manage it.




by we are everywhere
Thursday Oct 16th, 2003 10:53 PM
Diebold is now sending cease and desist letters to ISP's telling them to remove the "infringing" page or site (ie Indymedia) or face the consequences. Thankfully at least one ISP is refusing and EFF will be defending them.

Keep posting this stuff everywhere. They deserve to be shaking in their boots.

http://www.eff.org/Legal/ISP_liability/20031016_eff_pr.php

by Osama Bin Kenobi
Friday Oct 17th, 2003 3:14 AM
Distribute the information via p2p, which Diebold can't stop. Then just post links to the files on a webpage. Amazing, isn't it? A legitimate use for p2p!
by fumphis
Friday Oct 17th, 2003 8:16 PM
Link to incriminating Diebold memos is down!
by Scifience
( webmaster [at] scifience.net ) Saturday Oct 18th, 2003 5:57 AM
I have mirrored the book chapters as well as the memos on my site (read the latest blog posting).

http://www.scifience.net/
by Scifience
Saturday Oct 18th, 2003 6:00 AM
If anybody has more memos for me to host, email them webmaster [at] scifience.net.
by a googler
Saturday Oct 18th, 2003 6:46 AM
http://makeashorterlink.com/?F21A32146


The HTML cached version of the PDF file.
by malverian
Saturday Oct 18th, 2003 7:05 AM
It might be a good idea to try to get this spread on Freenet. In fact.. I think it would be a neat idea to have Indymedia sponsor some kind of decentralized forum as a "back up plan" for the website in the event a case like this ever actually holds merit.
by the canadian kid
( robert [at] soros.ca ) Saturday Oct 18th, 2003 7:24 AM
Unfortunately, and its really too bad, but freenet codebase is undergoing some heavy duty overhauls right now which make it next to impossible to retrieve any data. Maybe within two or three months it'll be back in shape, I'd love to post a freenet key to this data right now but I cant insert anything *SIGH*......

I have several colocated boxes serving in Canada, would I be in any legal difficulties by serving up this document outside of the u.s. ? Seems like a silly question but u.s. power seems to have a grip over most of the world these days... and I'm not interested in incurring the wraith of your glorious leader george bush...
by Chris S.
Saturday Oct 18th, 2003 7:36 AM
However what would be best is for someone who lives outside the US with access to hosting in Europe to mirror the BBV stuff.

Ideally you want to make sure that nobody between the host and the transatlantic connection is subject to pressure from the US side (ie no US owned providers). For this reason a host on an European academic network would be best.
by Etaoin Shrdlu
( etaoin.shdlu@+REMOVE+sympatico.ca+REMOVE+ ) Saturday Oct 18th, 2003 9:35 AM
As my mother said, "mirror early, mirror often".

http://emdx.org/r.php?U=BBV

Note to Diebold drones: this is out of reach of the DMCA, so your legal threats will be posted there for all to enjoy.

by Scifience
( webmaster [at] scifience.net ) Saturday Oct 18th, 2003 11:01 AM
I have mirrored the full PDF as an HTML file on my site:

http://www.scifience.net/

Tell everyone to read this; it is important!
by Tal Rotbart
( tal@+.REMOVE.+netbox+.NO.+.com+.SPAM.+ ) Saturday Oct 18th, 2003 11:46 AM
The mirror is at:
http://opium.mine.nu/bbv/

Please be gentle, this is hosted on my home PC...
Note: This is outside the juristicion of the DMCA.
by Tal Rotbart
( tal@+no-spam+netbox+.no-spam.+.com ) Saturday Oct 18th, 2003 12:02 PM
Mirror is at:
http://opium.mine.nu/bbv/

Please be gentle, this is my home PC.
Note: This is outside the juristiction of the DMCA.
by p2phacker
Saturday Oct 18th, 2003 3:40 PM
Or get it from GNUnet (censorship resistent, anonymous P2P):

In a directory:
gnunet://afs/4A198E200E74FE93A5DFC9F8AD9F0B582F72542E.F3798FD9096BAF03035AD0A3F3DC6E982FD817DE.3B459249.11264

The individual files:
gnunet://afs/AAED8C5710C2EF2444CBC673F46C823B26A24D52.82EE8483195F3209F9F3F56266FC81A54CE746B2.4125BA59.66591
gnunet://afs/B51F4ED6A30B9A346D76C4479AE99A66391F9988.3423BA9B003815E6B51A14C88C778A9E8A073C71.B7C8C8CE.124306
gnunet://afs/88692BC9C3A676F9469FF22FDE88EBEC8FF03A93.186C49059BC7B978088FB601E627B9F60FF13798.D80FD279.86760
gnunet://afs/7FD7CB6AAA09BC02A890014F071C35A69A97A3AE.4B72370837E8F79682A2DCB2A3C0230FE5039FF3.F38A2578.124819
gnunet://afs/41897B18ED53327654C9B719C760E21D934C916E.83A9E421CB41C32440C4B18D6A3D613787C99C6E.952AD56F.82380
gnunet://afs/11A14F89922EC87D522F9DE10F35834851BA1496.F2E40FD038D33CEDDB7A86C41744F6FA2C9DDD41.8FF058FB.141494
gnunet://afs/10463B4D39FDC072E63C616DE9C8570F818C6027.097ECB706B609BE27BE119F7111434AF0FA096D3.70796C47.239234
gnunet://afs/4248B16C4DD9F044077D3D17E0BB2AFC0C810A1C.0B5337D7A66E8FE59AE018542687E7924CCF513C.111D3739.67304
gnunet://afs/42CBF0FD6555CD921C994449BD85EE4DFEBD680A.D4C5533D682F73E4A309E8F0B18F149E8E775D80.8DAD3C48.123125

by Zenon Panoussis
( oracle [at] provocation.net ) Saturday Oct 18th, 2003 4:55 PM
Mirror galore. Ralph E. Joke, don't bother with meaningless cease & desists. If you really mean it, then sue.
by anon
Saturday Oct 18th, 2003 5:32 PM
the pdf of diebold's memos is incomplete. a full version will be released shortly - watch this page for updates.
by another netizen against private voting scheme
Saturday Oct 18th, 2003 10:51 PM
For those who have compatible P2P applications, the nine (9) PDF'ed chapters of Black Box Voting are available in a single zip file using the following URNs (Universal Resource Names):

sha1:NT4AUG3JQE7PA2ADB2LV62WSVKBWBOF3
tree:tiger/:NL6OKRPRRRW2ZAWDNWI5J63CBTCYWYXU6IYRWNA
md5:6eb03f2948c6f4f9d361a539bcd6d192
ed2k:332926740e45ece69dd13884335648de

Obligatory leading text:

"If you would like to support the author and publisher of this work, please go to http://www.blackboxvoting.com/support.html"

"This book is available for purchase in paperback from Plan Nine Publishing, http://www.plan9.org."

Enjoy!
by LocalH
Sunday Oct 19th, 2003 6:42 AM
http://localh.kicks-ass.org/bbv/

May go down at any time, and it's on a slow-ass link (16KB/s upstream). But it's yet another mirror, and if I get 1 hit in my logs, then I've achieved what I want to.
by anonymous
Sunday Oct 19th, 2003 6:53 AM
HOly crap.. you guys are all living in the past have any of you ever heard of bittorent "google it frig!

NO need to do any silly mirriring.. its dam well almost none stopable.. start mirriring a .torrent file

the tech is so cool the more people that want the file the faster your download goes. so take a directory of the content and make a .torrent end of story .. oh and tell people to leave there downloads running even after they are done.. or to re-download (it will just spawn a seeD!)
by LocalH
Sunday Oct 19th, 2003 9:59 AM
http://localh.kicks-ass.org/bbv

I've switched over to BitTorrent. Anyone who was getting the direct downloads can finish, once they have (or decide to cancel), and my bandwidth opens back up, I'll seed the torrents.
by anon
Sunday Oct 19th, 2003 10:30 PM
Here:
http://d125.wortha.swarthmore.edu/
by narc on the list! &quot; Officer Anon&quot;
Monday Oct 20th, 2003 12:02 AM
Officer Anon is back to see if we are ploting against the system! WATCH WHAT YOU SAY, IT MAY BE USED AGAINST YOU IN THE COURT OF HOME LAND SECURITY!
by LocalH
Monday Oct 20th, 2003 9:06 AM
It's ironic how exposing FLAWS in the electronic voting system that will eventually be the cornerstone of our democracy, and we have to worry about the gov't coming down on us.

Only in America...
by whowhere
Monday Oct 20th, 2003 12:48 PM
It is my understanding that a ".to" domain purchased directly from the Kindom of Tonga, not the US rep., is immune to any form of forced disclosure because of the laws of Tonga about internet privacy.

This should be investigated and a brief tutorial posted for all to use in the future because more and more we will see cases like the RIAA and Diebold that we need the protection against their deep pocket lawyers.
by Anonymous
Monday Oct 20th, 2003 8:58 PM
Reading these mails, I'm struck by how banal they are. These guys are treating their machines and software just like any systems house would. Rushing bugfixes to the field, "managing customer perceptions," it's all S.O.P. in the systems biz. Only, these aren't just any old systems. They are the mechanisms of Democracy in America. Business as usual just. will. not. do!

Kudos to the brave webmasters defying the blunt instrument of legal threat! And particular props to whoever let the cat out of the bag in the first place!
by anon
Tuesday Oct 21st, 2003 1:52 PM
THE MEMOS

Read the diebold memos:
http://why-war.com/memos/s/lists/

Search the diebold memos:
http://why-war.com/memos/cgi-bin/search.pl

MEMO EXCERPTS

"Elections are not rocket science. Why is it so hard to get things right! I have never been at any other company that has been so miss [sic] managed."
source: http://why-war.com/memos/s/lists/announce.w3archive/200110/msg00002.html

"I have become increasingly concerned about the apparent lack of concern over the practice of writing contracts to provide products and services which do not exist and then attempting to build these items on an unreasonable timetable with no written plan, little to no time for testing, and minimal resources. It also seems to be an accepted practice to exaggerate our progress and functionality to our customers and ourselves then make excuses at delivery time when these products and services do not meet expectations."
source: http://why-war.com/memos/s/lists/announce.w3archive/200110/msg00001.html

"I feel that over the next year, if the current management team stays in place, the Global [Election Management System] working environment will continue to be a chaotic mess. Global management has and will be doing the best to keep their jobs at the expense of employees. Unrealistic goals will be placed on current employees, they will fail to achieve them. If Diebold wants to keep things the same for the time being, this will only compound an already dysfunctional company. Due to the lack of leadership, vision, and self-preserving nature of the current management, the future growth of this company will continue to stagnate until change comes."
source: http://why-war.com/memos/s/lists/announce.w3archive/200112/msg00007.html


"[T]he bugzilla historic data recovery process is complete. Some bugs were irrecoverably lost and they will have to be re-found and re-submitted, but overall the loss was relatively minor."
source: http://why-war.com/memos/s/lists/support.w3archive/200207/msg00090.html

"28 of 114 or about 1 in 4 precincts called in this AM with either memory card issues "please re-insert", units that wouldn't take ballots - even after recycling power, or units that needed to be recycled. We reburned 7 memory cards, 4 of which we didn't need to, but they were far enough away that we didn't know what we'd find when we got there (bad rover communication)."
source: http://why-war.com/memos/s/lists/support.w3archive/200003/msg00034.html

"If voting could really change things, it would be illegal."
source: http://why-war.com/memos/s/lists/support.w3archive/200009/msg00109.html

"I need some answers! Our department is being audited by the County. I have been waiting for someone to give me an explanation as to why Precinct 216 gave Al Gore a minus 16022 when it was uploaded. Will someone please explain this so that I have the information to give the auditor instead of standing here "looking dumb"."
source: http://why-war.com/memos/s/lists/support.w3archive/200101/msg00068.html

"[...] while reading some of Paranoid Bev's scribbling."
source: http://why-war.com/memos/s/lists/support.w3archive/200302/msg00069.html

"Johnson County, KS will be doing Central Count for their mail in ballots. They will also be processing these ballots in advance of the closing of polls on election day. They would like to log into the Audit Log an entry for Previewing any Election Total Reports. They need this, to prove to the media, as well as, any candidates & lawyers, that they did not view or print any Election Results before the Polls closed. ***However, if there is a way that we can disable the reporting functionality, that would be even better.***" (emphasis added)
source: http://why-war.com/memos/s/lists/rcr.w3archive/200202/msg00051.html


"4K Smart cards which had never been previously programmed are being recognized by the Card Manager as manager cards. When a virgin card from CardLogix is inserted into a Spyrus (have tried CM-0-2-9 and CM-1-1-1) the prompt "Upgrade Mgr Card?" is displayed. Pressing the ENTER key creates a valid manager card. This happens in Admin mode and Election mode."
source: http://why-war.com/memos/s/lists/bugtrack.w3archive/200201/msg00025.html

LEARN MORE

http://www.why-war.com/features/2003/10/diebold.html
by Why War?
( media<<<@>>>why-war.com ) Tuesday Oct 21st, 2003 7:39 PM
Throughout Why War's campaign of electronic civil disobedience, we will maintain a permanent mirror URL at:

http://why-war.com/memos/

If the memos are moved to a different server, this URL will redirect you to the new site.
by k anderberg
( sheelanagig [at] Juno.com ) Wednesday Oct 22nd, 2003 11:11 AM
Interesting that slashdot and now your links to the memos are down too, good thing mirrors were taken immediately...
by anon
Wednesday Oct 22nd, 2003 3:47 PM
See http://www.why-war.com/features/2003/10/diebold.html for links at the top to current archives. They are at:


http://eddie.ratm.net/johnkimble/lists/lists.tgz
-and-
http://www3.telus.net/swix/list.tar.bz2

BitTorrent is better, it can be found at:
http://suprnova.lagalot.com/torrents/469/lists.tgz(1).torrent

Current link to archives is always at:
http://www.why-war.com/memos/

I am not affiliated with why-war.com.
by anon
Wednesday Oct 22nd, 2003 3:47 PM
If the FULL set of memos are 103,854,080 bytes in size un-compressed then I have them. As i am currently living down-under i should be able to provide a download mirror, maybe thru.......... i don't know
by anonymous
Wednesday Oct 22nd, 2003 3:52 PM
See http://www.why-war.com/features/2003/10/diebold.html for links at the top to current archives. They are at:
http://eddie.ratm.net/johnkimble/lists/lists.tgz
-and-
http://www3.telus.net/swix/list.tar.bz2

BitTorrent is better, it can be found at:
http://suprnova.lagalot.com/torrents/469/lists.tgz(1).torrent

Current link to archives is always at:
http://www.why-war.com/memos/

The "open source" (free) chapters for black box voting are located at:
http://centipede.provocation.net/diebold/
-and-
http://scifience.net/bbv/

I am not affiliated with why-war.com or either of the above mirrors.

Cheers!
by Zenon Panoussis
Thursday Oct 23rd, 2003 8:57 AM
The archive at http://centipede.provocation.net/diebold/ now carries the memos too. A full-text search is available at http://www.provocation.net/diebold/, but it rejects Internet Explorer (use any other browser).
by sharon johnson
Sunday Oct 26th, 2003 4:44 PM
message error 404 when trying to access link to memo
by Tocque Deville
Wednesday Oct 29th, 2003 12:15 AM
Get em while their up...
by northern guy
Thursday Oct 30th, 2003 6:39 PM
I listened to the story on the internal memos of Diebold and thought I would read them but all links are turned off.
More lies.
Hey Dude where's my country.
by Green
Friday Oct 31st, 2003 12:13 AM
Aside from the memo info I was glad to see the other info on there, debunking of Posner, also, from what I skimmed.
by Die, Diebold, Die!
Wednesday Nov 19th, 2003 12:39 PM
Kucinich Puts Diebold Memos On His Website! (english)
Voter 11:56am Wed Nov 19 '03
article#364242

Let's see Diebold issue a cease-and-desist order against Dennis Kucinich.


Congressman Dennis J. Kucinich
10th District of Ohio





Voting Rights

Congressman Kucinich is seeking to ensure that voting is a right secured for all Americans. During the 2000 elections, there were numerous and serious problems at the voting booth in Florida and across the nation. Congressâ?? response was the passage of the Help America Vote Act in 2001. This legislation was designed to improve voting machines and voting processes. However, implementation of the Help America Vote Act, along with its funding and assistance to states, is far behind schedule. Additionally, recent analysis of voting machine software shows that these programs suffer serious internal flaws that threaten the security of votes case on such machines.

Privatized Voting, Private Interests

Under the Help America Vote Act (HAVA), the Election Assistance Commission is charged with establishing voluntary standards for voting machine software and creating an independent testing process for the software. However, this process is far behind schedule. Under HAVA, the Election Assistance Commission members should have been nominated by the President in February 2003. Unfortunately, these nominees have only recently been sent to the Senate for confirmation.

Without this federal review and testing of software, deeply flawed software has been marketed by companies and bought by states.

An Analysis of an Electronic Voting System was recently authored by Tadayoshi Kohno, Adam Stubblefield, Aviel Rubin, and Dan Wallach.

This voting software, produced by Diebold, has already been purchased by two states. According to this study, some of the most serious of numerous flaws permit a person to:

-vote multiple times,
-view ballots already cast on a machine,
-modify party affiliation on ballots,
-cause votes to be miscounted,
-create, delete and modify votes on voting machine, and
-tamper with audit logs and election results.

States Purchase Insecure Software

As a result of this study, Maryland put on hold its purchase of Diebold voting machines. Later, an independent review confirmed the previous findings. It counted 328 security weaknesses, and concluded that: â??The system, as implemented in policy, procedure and technology, is at high risk of compromiseâ?? (pg. 17).

Partisan Conflicts of Interest

The state of Ohio selected Diebold as one of four possible vendors for computerized voting machines. But in August 2003, the companyâ??s partisan conflicts of interest prompted public suspicion that the voting machine manufacturer was partisan. In August 2003, after returning from President Bushâ??s Crawford, TX ranch, Dieboldâ??s chief executive wrote a fundraising letter where he stated he was "committed to helping Ohio deliver its electoral votes to the president next year."

Diebold Internal Memos Reveal Knowledge of Software Flaws

These findings of software flaws have been confirmed by internal memos from Diebold employees. Diebold has harassed internet service providers with legal action for posting links to these memos. Congressman Kucinich believes that these memos show why transparency and public oversight are essential in the development of voting machines.

From conversations between employees at Diebold, including upper management, it is evident that they knew of insecure programs and made insecure changes to programs. Among these activities, employees:

-Permitted easy access to vote audit logs. Without requiring so much as a password, anyone could access the tabulation of votes and change the contents. (Memo from Nel Finber to Ken Clark, and Ken Clark response)

-Sold uncertified software (GEMS 1.14) that was used in elections, while knowing that numerous problems existed with the software. (Memo from Ken Clark)

-Changed voting software by sending uncertified patches and upgrades to customers, along with possible bugs (memo Ken Clark, re: GEMS versions, 6/5/2000)

-Contracted to â??provide products and services which do not exist and then attempting to build these items on an unreasonable timetable with no written plan, little to no time for testing, and minimal resources. It also seems to be an accepted practice to exaggerate our progress and functionality to our customers and ourselves then make excuses at delivery time when these products and services do not meet expectations.â?? (according to an employee upon resignation)

Stopping False Copyright Claims

Diebold has been using coercive legal claims to intimidate internet service providers and even universities to shut down websites with links to its memos and remove the memo content. Under copyright laws, however, universities are exempt, and posting links to the memos is not considered a violation of the law. By abusing the Digital Millennium Copyright Act, Diebold has intimidated numerous internet service providers to comply with its requests. The damage is two-fold: 1) limiting the publicâ??s information about the security of its voting machines, and 2) expanding corporate control over our most free medium of expression, the Internet.

Congressman Kucinich is working to address these problems by providing some of Dieboldâ??s internal memos on this site to increase public access, drafting legislation to address software security problems, and working to investigate Dieboldâ??s legal abuses.

New Legislation
Congressman Kucinich is working with his Congressional colleagues to draft legislation that would create an open-source design process for voting machine software. This process would ensure public oversight and transparency, as well as establish the most secure voting software for citizens to cast their votes.

Back Home Back to the Top

http://www.house.gov/kucinich/issues/voting.htm add your own comments
by Michael Muller
( mike [at] mullertech.com ) Friday Nov 21st, 2003 5:27 AM
I'm not sure if someone hasn't already mentioned this, but why not create a newsgroup? It's decentralized and will hit thousands of servers simultaneously. You can also create a 'binary' newsgroup to share zipped compilations of the memos and all the correspondance that's transpired since then, so people could read the memos and postings without fear of a particular shite being shut down. Have the monthly FAQ auto-post with the information and distribute that as well on both groups. Then set up websites that pull from the newsgroup and allow searching the archive
by Nelson Pavlosky
Saturday Dec 13th, 2003 7:45 PM
You can download, browse, and search the Diebold memos at the website for the Swarthmore Coalition for the Digital Commons. You can also read about our cool campus group that has a lot of other interesting stuff in the works. The student Diebold-exposing wiki is also an excellent resource.