Jim March

Sacramento, CA

http://www.ninehundred.net/~equalccw/voteprar.html / jmarch@prodigy.net

 

Nov. 3^rd 2003

 

Mr. Mark Kyle

Undersecretary of State

1500 11^th Street

Sacramento, CA 95814

 

Certification Comments And Public Records Act Request

 

            Mr. Kyle,

 

While the format of this document is unusual, the need to combine these two functions in one document will become clear.

 

A memo has turned up in the Diebold internal Email stash that raises serious ethics questions about a former employee of your agency, and these questions need answers.  Surprisingly, the issue doesn’t revolve around Diebold at all.

 

The memo:

 

To: support@gesn.com

Subject: California Certification

From: Deborah Seiler <deborahseiler@attglobal.net>

Date: Tue, 27 Nov 2001 14:39:28 -0800

 

-----------------------

 

Certification of the R6 received a unanimous recommendation from the  California Secretary of State's 7 member Voting Systems Panel  today.  Legally, only the Secretary of State can certify it, but his certification is typically a pro forma ratification of the VSP's recommendation. I expect to have the signed certificate within a few days.

 

Lou Dedier, the Elections Division analyst responsible for voting system certification, told the panel our system had functioned without a hitch.  (Little did he know I was sitting there with a machine with a frozen throat!) He noted the high quality components, saying we had "spared no expense" to develop a quality product.  He also described to the Panel his inability--in contrast to some other systems--to break into it from the screen.  He later told me he used his Palm pilot to break into another system, illustrating the dangers of wireless upload.  He also told me privately that he attempted to program the PCMCIA card but failed.  His PC told him he had a one in 40 billion chance of success.  He told me this in contrast to SureVote's system which he said he broke into in "a minute and a half" and ESS's which he hacked in "an hour."

 

Lou did say that Avante passed Wyle on 11/24. Hart and Avante will probably be on the VSP agenda in January, though Lou said he had 150 questions for Hart to respond to.

 

Anyway, a big thanks to Larry, Ian, Susan, Steve, and anyone else involved.  Now, any suggestions for fixing the card reader?  Something is blocking the throat so the card can't be inserted even partially.

 

A bit of web-digging located the following:

 

California Deputy Secretary of State Joins Election Systems & Software

October 16, 2002

Omaha, Neb., October 16, 2002 – Lou Dedier, one of California's top election system experts, is departing the Secretary of State's office to join Omaha-based Elections Systems and Software, Inc. (ES&S), the world’s largest and most experienced provider of total election management solutions.

Dedier, California's Deputy Secretary of State, Director of Voting Systems and Technical Advisor to the state Voting Modernization Board, and Chair of the Visual Impair Voting Assistance Committee, will become ES&S vice president and general manager of California operations effective October 15. In his new role, Dedier will lead the ES&S partnership with California election officials in modernizing their election systems. California jurisdictions must replace existing punch card voting machines before the 2004 presidential election.

 

So the obvious question is: did Lou Dedier fully and properly report the problems found, or did he turn his knowledge of the problems into a cushy job at ES&S?

 

The Public Records Act Request attached as Appendix A of this memo will seek to answer that question.

 

Also attached (Appendix B) is an overview of “PCMCIA vote hacking” and the potential for fraud in that area.

 

Thank you for at least reading this far,

 

Jim March

 

CC:      Mr. Kyle has promised to forward this to the rest of the certification board.

            It is also available for public distribution at:

            http://www.ninehundred.net/~equalccw/sscomments3.pdf

 

Appendix A: Public Records Act Request

 

Responding Agency: California Secretary of State Department

 

1)   This is a request for all documents in the possession of the Secretary of State’s office in which Lou Dedier, acting in his official duties, alone or as part of a group/commission/study/task force/etc., commented on the security features or lack thereof of voting systems by ES&S, esp. where comments/reports were made of lack of security of data held on PCMCIA[1] computer memory cards.

 

The papers may be redacted to eliminate information as to exactly HOW the insecurities found work; what I want is evidence that Lou Dedier properly reported any problems found that would allow a malicious party to re-write the contents of a PCMCIA card[2].

 

2)   Please provide documents relative to all decisions/drafts/memos that involve both Lou Dedier and ES&S during the months August, September and October of 2002.

 

Please respond by Email when these records are ready:  jmarch@prodigy.net

 

Appendix B: Basics Of PCMCIA Vote-Hacking

 

Most laptops today have one or more PCMCIA “slots”, or “card openings”.  These small doors in the side or back of a laptop go unnoticed by some users, but for many others provide a standard interface for optional wireless modems, network interfaces, modems, video capture devices and other such accessories.

 

Few card slots today are used for the original purpose of this interface: memory cards.  But PCMCIA memory cards are still used for specialized applications and are commercially available off the shelf.

 

The physical “footprint” of the cards is the same as a standard credit card.  They’re thicker, but not by much; many standard wallet credit card holders can also hold a PCMCIA memory card.

 

Since memory was the original purpose for the interface, most laptops can read memory cards with no “drivers” required – it’s literally a “pop it in and read the contents” proposition.

 

So a “PCMCIA vote hack” would look like this:

 

1)     Hacker gets ahold of a card of the type used by the county.  He/she needs one with the blank data template for the election in question, therefore securing physical access to these cards is crucial pre-election.  However, as companies such as Diebold, Sequoia and ES&S often help with ballot layout and creation, they have access to the same memory card contents, in the form of a computer file or even duplicate card.  These vendors have a rather poor track record as to security of their digital property; the fact that I’m quoting the full contents of Diebold’s internal Emails speaks for itself.

 

2)     The hacker then reads the contents of the card into a laptop, and there alters the vote counts as desired.

 

3)     The hacker puts the original card back (if that was the source of the data required) and goes to a computer store to buy another memory card of the same size and type.  The brand isn’t really relevant.  The hacked vote data set is written to this.

 

4)     On election night…well, basic switcheroo, right?  Same thing people do with playing cards, except these are smaller and even easier to palm.

 

ADVANCED-LEVEL versions:

 

5)     A really creative geek would have a palmtop-class computer in a coat pocket or purse that has a PCMCIA slot.  This computer would be programmed to erase the contents of any card inserted.  That way, no possible “duplicate” could appear as with Volusia County in 2000.

 

6)     For the ultimate in creative hacking, read enough of the contents of the real card in said handheld to know how many votes were cast, and customize the fake card OR re-program the original.  This means getting ahold of the card for maybe 20 minutes or so; it can be done while driving the card back to elections office HQ.