BBV: An inside report on our demonstration to California Secy of State [View All]

I assume Andy didn't already post this. (I've been tied up with other projects, not able to get on DU much). Things are surreal, folks:

On August 8, the CNBC show aired where I showed part of the GEMS hack to Howard Dean.

On August 9, California Secretary of State Kevin Shelley called me at home. "I had no idea," he said, and asked me to fill him in on everything about the problems with GEMS. Then it started to get weird.

"Sure, I'll come to Sacramento next week to show you. It's worse than the hack I showed Howard Dean," I said.

The GEMS hack affects both touch screens and paper ballot optical scan systems, used in over 30 states. The double set of books is specifically designed to enable a hacked election to pass a paper ballot spot check audit, like the 1% spot check used in California.

Kevin Shelley is not available (fairly terrible political problems right now, involving campaign finance problems and other situations). I called his right hand man, Mark Kyle, who wanted to stall the meeting for after the formal meeting by the California Voting Panel, set up for Aug 18. I called my attorney, an election law specialist, Lowell Finley. "Uh-oh," he said. "They may be trying to stall you until after they certify the new GEMS version, because after that it's too late. California law doesn't allow decertification this close to an election."

So I headed down to California for the Voters Panel meeting Aug. 18. Jim March -- I know, he's controversial and can be unconventional -- but he was brilliant!

"Bev, can you demonstrate the full hack in 3 minutes?" he asked. While the meeting was progressing I set it up on my laptop. He went to the podium and gave a rousing account of how Galileo once set up a telescope -- but when he tried to get officials to look through it, no one would, because it was politically incorrect. It violated the beliefs of the church at that time.

"In July 2003, Bev put the telescope there for us to see what's really inside GEMS," he said. "I looked. Last week, Howard Dean also looked through the telescope. Bev is here, right now, with her laptop. My question to you, the California Voting Systems Panel, is this: Will you look?"

The panel shifted uncomfortably in their chairs. I had already been alloted 3 minutes to speak, and I can demonstrate the hack in less than three minutes. They finally said, "No, uh, we've already dealt with that."

They REFUSED TO LOOK.

When asked HOW they'd "dealt with it" Mark Kyle said a meeting had been set up for the following week. After the meeting, I asked him when, but he couldn't commit to a time.

I went to three Diebold execs -- well, actually, two guys from Diebold and one damage control guy (they paid $92,000 to the damage control firm in June). I asked, "Will you look through the telescope? After all, you'll have to answer questions about this."

Diebold said no. Instead, they went behind closed doors and demonstrated the Diebold "AVVPAT" system -- Accessible Voter Verified Paper Audit Trail." This was done in private and appears to be a violation of the California Public Meetings laws. Internal documents we have obtained imply that their solution is VoteHere. We have requested more information on exactly what it is that they demonstrated.

I then went to Deborah Hensch, a county registrar in a Diebold county, who came to testify against security measures. "Will you look through the telescope?" I asked. She said no.

I then invited anyone who dared to look to the bistro across the street, where I demonstrated the double set of books to Kim Alexander, Dennis Paull, Margarite Smith, and others. California computer advisor David Jefferson came, and I demonstrated it to him.

"I can't think of ANY legitimate reason for this to be in there," he said. He also said there is no way this should be used in a voting system.

Dr. Jefferson bet me an "expensive dinner" that despite this illegitimate, no-way-it-should-be-there problem with the central tabulator, he said he does not believe California will do the things necessary to mitigate the risk.

I began chasing Mark Kyle around the table to lock in that meeting. I met with 60 Minutes for several hours. I spoke with Time Magazine and The Washington Post.

I lined up a computer security expert (Hugh Thompson) and found an elections official who had run the GEMS program in a county with 1.4 million voters, who had eyewitness testimony on who was programming GEMS during the time the double set of books was put in (it happened just before the presidential election in October, 2000).

We all trooped down to California for the meeting which, remember, Kevin Shelley had personally called me to request.

First, the Secretary of State's office nixed the 60 Minutes film crew. Then they refused to allow the reporter to even attend the meeting. Plan B: ParanoidPat and his kick-ass camera crew. Plan C: Andy Stephenson with his magic video.

We began the meeting. The moment Mark Kyle saw the cameras, he said "no way."

Then they lawyered up: The meeting was halted for an hour as they went to get the counsel for the secretary of state's office and the defense counsel for the S.O.S. from the California Attorney General's office.

They made these stipulations:
1) No video. (Sorry, ParanoidPat. Pat's awesome, by the way)
2) No recording
3) No requests for notes
4) You cannot use this meeting against us.

Now why would they do this?

One reason: In my lawsuit, paragraph 2, filed in November 2003, we exposed the double set of books in GEMS. The California Attorney General and the S.O.S. office should therefore have known about the problem, yet they ran an election with this flaw anyway on March 2, 2004. Once you know how to trigger it, it takes only minutes to find the problem. Yet, they asked no questions and apparently did not bother to look for it in the GEMS 1.18.18 software used in the presidential primary.

Smoking gun document

But that's no excuse for not correcting it in the next version, GEMS 1.18.19.

On April 21, I revealed to the California Voting Systems Panel in a public meeting the existence of a document which proved that Diebold, though it had updated and supposedly upgraded the GEMS program, DID NOT CORRECT THE PROBLEM.

California officials knew. Yet they did nothing to mitigate the risks.

I told Mark Kyle that one reason for the meeting was to make sure they were personally aware of the GEMS problem, which appears to have been put there intentionally. I told him that yes, if they go ahead and use GEMS without correcting the problem and without implementing appropriate security improvements, we would hold them accountable. We would also hold them accountable if they refused to look.

We did the demo. The GEMS double set of books appeared right on schedule, after invoking the 2-digit trigger in the secret location,which decouples the books.

Then Hugh Thompson, the security expert, showed how to bypass the weak security that California had put in (removing the MS Access program from the county computer). He showed how to go in via phone modem and also by implanting a 6-line text file, a Visual Basic script that gives total control of the central tabulator. When asked how many people have access, it turns out that thousands have the telephone access codes (it is given to the pollworkers, and Diebold temps as well). When asked how many people in the U.S. have the ability to write that 6-line text script, it turns out that tens of thousands do.

The CPA shook his head. David Jefferson, at one point, clapped his hand to his forhead and rolled back in his chair. One voting panel guy went to sleep. Mark Kyle left the meeting early.

Then we presented the evidence of exactly who it was who put in this double set of books, and the evidence that it was intentional.

Then we presented solutions.

Then they ignored us and made no indication that they will do anything at all. One guy took notes, but when asked if he had any questions, or would like a synopsis of the security measures that would mitigate risks, he said no.

WHAT'S NEXT:

We are seeking a venue to demonstrate this using real machines. We will also be doing something in the next few days, and until it's done, we aren't telling exactly what. We have been arranging with film crews to cover this and disseminate the film. Canadian TV flew down on Aug 23 and filmed the GEMS hack with Jim March demonstrating it.

Here's what I think:

We should, everywhere, go and confront election officials and especially secretaries of state to ask them to look. We should do so on video, documenting it if they refuse to look. We should set up demo meetings with as many public officials as possible, and document that they have seen it. This makes them accountable, you see. It is akin to having a car with a gas tank that explodes: If you know it, and you choose to do nothing, you are liable.

We're thinking of producing a "Hack Along with BBV" CD for citizens, like you, to practice with and take to your own public officials to ask them: "Will you look?"

What you need:

1) a laptop with Windows 2000 or XP
2) MS Access 2000
3) chutzpah

Bev Harris