Y'all might find THIS entertaining :) (vote fraud related)

http://www.equalccw.com/dieboldtestnotes.html

Although my site's kinda slammed right now :D. You can get to that page OK, but trying to download the big multi-megabyte test and data files is iffy on dialup.

See also:

http://www.democraticunderground.com/discuss/duboard.php?az=show_topic&forum=104&topic_id=269727

Having been thrown off DU myself, I can't comment on that thread there. Sigh.

Great Googley Moogley!!! That is one ace-high hornet's nest you've thrust a stick into. Good on you!

Great work, Jim! I'd love to nominate you for an award for this, but if you upset too many politicians with your revelations, I hope you don't end up with a Darwin Award! :D

Jim,

For those at work (or small text impared) what is the one paragraph summary of this expose?

-s

Keen work sir.

Sam

Good Job Jim

Having been thrown off DU myself, I can't comment on that thread there. Sigh.

Thay want the files on a fast server and want to Fileshare it!!

Thay want to know how the files got out and how to open them.!
That being said -- do not discuss techniques of password cracking on DU or on any message board. Bad idea.

Also it's Pres Bush fault:rolleyes:


I have say i find this very interesting!!:scrutiny:

Also:
http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm

The thumbnail super-condensed version is that Diebold Election Systems sells an electronic vote system that was designed to allow easy vote tampering. The circumstancial evidence is that they DID hack the vote in Georgia's Nov. 2002 races as a test (Diebold runs the whole election in that state).

They also stole live voting data from San Luis Obispo County (Calif) at 3:31pm on the day of the election, 3/5/02. They stashed the file on their FTP site, crudely password-protected with the name of a Diebold employee who was on-site the day of the election ("Sophia", probably Sophia Lee). This was wildly illegal, PLUS it proves that they have the ability to do modem, internet or wireless comms in and out of the central vote-tally box. Which suggests the possiblity of outside vote tampering, because we can prove that the central vote collection software ("GEMS") can be dicked with six ways from Sunday.

They left that FTP site wide open for no-password access until some other folks led by Bev Harris found it and grabbed 40,000 files in January of this year.

From my site, you can download any of four sets of GEMS programs, and/or any of several data sets including the SLO County data. There are extensive notes on loading it, using it and using an ordinary copy of MS-Access (any recent version) as a "hack tool" to alter votes, audit trails or anything else.

Diebold has extensive ties to the Republican party.

"I am committed to helping Ohio deliver its electoral votes to the President next year."

- Wally O'Dell, CEO of Diebold (which is bidding on a contract to operate Ohio's elections!)

:scrutiny:

See also:

http://www.portclintonnewsherald.com/news/stories/20030827/localnews/140871.html

It looks pretty ugly.

The thumbnail super-condensed version is that Diebold Election Systems sells an electronic vote system that was designed to allow easy vote tampering. The circumstancial evidence is that they DID hack the vote in Georgia's Nov. 2002 races as a test (Diebold runs the whole election in that state).

So that's why the liberals in CA tried to postpone the election to get more "modern" (read; easier to tamper with) voting devices.

Color me unsurprised.

Wow Jim, watch your six:scrutiny:

www.blackboxvoting.org

Orthonym:

"Seen" it? Oh ya. Look in the forums there. You'll find my name (and postings) all over the place :).

That's ground zero for all this stuff.

sucked the file into MSSQL

looks like it's part of a DTS package
possibly OLAP, but more likely just a part of a larger data pump

*shrug*

no biggie at all.

Wow! :what:

This is as important as the RKBA.

Thank you

NukemJim

Hal...sorry, I have absolutely no idea what you're talking about.

First, please define "the file"? Which one? The SLO County file, or you managed to hack past the ATL file? Or something else?

Second...until...geez, early 2001, I was doing IS tech support. Since about 1986. And *I* couldn't follow what you're talking about.

I know what MS-SQL is. After that, you completely lost me.

You wanna clarify?

:confused:

A DTS Package is part of a SQL database and OLAP is like "cube" data allowing different views from the same data.

GT

Fine. Now what file is he talking about!?

cobb-corrected-100102-backup.mdb

I sucked the mdb file into SQl 2K and took a quick look at it. There's more queries in it than are normally seen in an Access database. I suspect it's native SQL and that they used a DTS package to transform it into Access.

I'd have to see the entire GEMs setup to be certain, but on the surface it looks like this is just a small part being "pumped" out. SQL has the ability to act not only as a transactional and analytical engine, but also a data pump. A data pump just extracts data from the databse, and pumps it from one source to another for whatever reason. Mostly it's used in data mining (OLAP- Online Analytical Processing)/data wharehousing or backups.

There's a couple of clues here that make me suspect this:
- the sheer number of select queries - unusual i an Access database, perfectly normal in SQL.
- the name of the file- backup
- the entries in the VCClosed query - 0 (which I'm guessing stands for not closed)
- lack of any forms - structure of the mdb - - it's only tables and queries - rather odd for an Access database - - more what I'd expect to see from just a portion of a SQL database being extracted.
- I can't see Diebold using an Access database (or the Jet database engine) as the engine behind the program. Not when every Tom Dick and Harry software shop is going to either full blown SQL (or MSDE), Oracle or Pervasive or any one of several others (MySQL) as the backend. Using a file based database system has gone the way of the dodo. (Too cumbersome and too slow and far too limited in the size of the database - - IIRC, Access tops out @ 2GB. SQL tops out in the terrabyte size range)

I can only guess they are transforming the data into Access rather than using more traditional SQL techniques, such as log shipping, due to the cost and the connection(s) involved.

OR

They (Diebold) are using Access as a down and dirty front end for the SQL (Asssuming it's MSSQL based to begin with,,,which I'm 99% certain it is).

I think your best bet would be to run the whole thing past someone well versed in SQL and see what they think.

http://www.sqlmag.com/Forums/ is the TFL of SQL for information.

OK. Wait a minute. This is REAL interesting.

Time out a sec and we'll get back to Hal's work, but first:

DOES ANYBODY HAVE MIRROR DISK SPACE!? MY ISP AIN'T GOT ENOUGH BANDWIDTH! HELP!!!

Seriously, drop me EMail if you've got university disk space or something available. These files have "fair use" written all over 'em, drop me a line for details. This is urgent.

Hal, the "database tool" that Diebold is providing is GEMS. Now, when you start it up there's a checkbox that allows selecting between MS-Access and MS-SQL.

ALL files encountered so far have been MS-Access. Including files in which we know that actual vote data was tallied - not Cobb County, that's known to be a "test run" - but the SLO County data is NOT, according to a conversation I had with the Registrar of that county - it contains actual absentee ballot votes from an actual election (and there's a LOT of questions as to how Diebold stole it!).

See also:

http://www.blackboxvoting.org/cgi-bin/dcforum/dcboard.cgi?az=read_count&om=57&forum=DCForumID12

...for a look at the hardware environment.

So, we know the data is in ACCESS during a key two-hour window in which they're also "externally available". To Diebold.

And y'all might find this link interesting:

http://www.portclintonnewsherald.com/news/stories/20030827/localnews/140871.html

Sooooo...it appears to me, IF Hal is right, that the data has been left in an UNsecure format right when it's most vulnerable to being dicked with.

:scrutiny:

These links go into the hardware situation, and how the wide-open GEMS software could be physically accessed:

http://www.blackboxvoting.org/cgi-bin/dcforum/dcboard.cgi?az=read_count&om=57&forum=DCForumID12

http://www.blackboxvoting.org/cgi-bin/dcforum/dcboard.cgi?az=read_count&om=61&forum=DCForumID12

As you can see, there's a bit of a difference of opinion as the most likely form of attack. But once IN to the GEMS software, there's no disagreements at all; since we have GEMS physically in our hands, we know exactly where the flaws are. If we had access to the GEMS box and physical hardware environment we could rapidly sort out where the weak spots are there.

As is, there's some guesswork involved but based on enough hard fact to get a solid clue as to what's possible.

There was a sidebar in PC Magazine about this issue this month, with a link to the blackbox site...

Their basic take was that it was major-league retarded to make voting machines out of PC components running a regular MS operating system.

Hack city.

- Gabe

Jim:
You're beating on these guys like a hippie on speed attacking his bongos. Good job. :D

Kharn

And PCMag was quite correct. So far as that goes.

The problem is that we can find barrelsful of "security flaws" and nobody will care.

What Bev Harris has been finding inside GEMS and the database strucure is different: deliberate "tamper friendly" features.

Look, yesterday I was on the phone with Julie Rodewald, the SLO County Registrar. (Not one of her flunkies, HER, the top person in the office.) And at one point, she explained that tampering is impossible, because after the election they randomly pick a precinct and hand-count the vote there, thus defeating any cheat.

She was quite silent for a while when I explained that yes, such spot-checking of precincts is exactly how honest local elections officials behave - and how GEMS was specifically set up to defeat that by pulling single-precinct data from a different data table than the county-wide figures come out of. Without telling anybody using the GEMS console that this is the case, while not mentioning that MS-Access can hack into the data in realtime, while GEMS is running, without need of a password and without triggering an audit trail item.

THAT is what's not getting attention so far.

Man!!! I have often felt that the notion of shadowy figures running things,
"behind the scenes" has much merit. Illuminati, Tri-Lateral Commission, etc.,
come to mind right away. Information like this that you are revealing, well...tinfoil hats aside, the implications make the hairs on the back of my neck stand up.... :what:

Can be just as deadly on a small scale, however.

You can get to that page OK, but trying to download the big multi-megabyte test and data files is iffy on dialup.There is a way to get the file even if it craps halfway through.

Go to http://www.speedbit.com/DefaultT.asp? .

On the bar at the top, hover over "Download" and click on "Download DAP".

At the next window, click on "Download Now" which is a 1.67M file.

Install it on your machine. Now you can fly.

The software accelerates the download but, more importantly, allows you to resume downloading a file that has been interupted during download. This is cool. Now, if a file craps on you, you don't have to start from zero and hope you get to the other end okay.

Although there is a version you can purchase, the DAP software is free. Free is cheap at twice the price.

Kinda bothers me that Diebold has ties to the Repubs. I know that none of them are honest, but this is the kind of thing I'd expect from the Democrats - playing dirty when they can't win.

OK, I've found mirror space for all those big files. This page:

http://www.equalccw.com/dieboldtestnotes.html

...has been edited to show the new links and the mirror status of each. They're uploading now, some are up, the rest will be done by 1:00pm Pacific time, 9/6/03.

:)

Kinda bothers me that Diebold has ties to the Repubs. I know that none of them are honest, but this is the kind of thing I'd expect from the Democrats - playing dirty when they can't win.True, but the main thing driving this rush to a technological fix is the Demorats' inability to operate polling places.

In Florida alone we saw:

Confusion over how read a "butterfly" ballot. So we can't ask Demorats to read; that would be patently unfair.

Confusion as to how to exert 3 bazillionths of an inch/pound with a stylus in order to avoid a knocked-up chad, a dingleberry chad, a bloated chad, ad infinitum, ad nauseam. So we can't ask Demorats to exert themselves, they may after all have the lumbago, or some such, that would preclude physical effort.

Confusion as to why FELONS AND ILLEGAL FRICKIN' ALIENS are ineligible to curse our republic with their corrupt vote, while at the same time not understanding why those WHO ARE SERVING THEIR COUNTRY IN THE MILITARY should have their votes counted, since if not for them...WE WOULDN'T EVEN HAVE A FRIGGING COUNTRY!!!! So we can't ask Demorats to think; that would be patently unfair.


So how about this? We assign all of the candidates a color, we then issue everyone (regardless of how many babies they may have raped and killed, or what beach they just washed up on) a mood ring. Then whoever's color the collective mood rings colors most resemble could be our elected leader. Oh... and hell, just to make it fair to the Demorats, why don't we ask that the judges of the ring colors be COLOR-BLIND!!!! Oh...no wait...color-blindness is found more often in men, and so that would mean that fewer wymyn could be color judges......AAAAAAGHHHH!!!!!!


:cuss: :cuss: :cuss: :cuss: :cuss: :fire:

Another advantage of using DAP is that the program downloads the file simultaneously from any mirror sites it finds.