Finnish security expert Harri Hursti, together with Black Box Voting, demonstrated that Diebold made misrepresentations to Secretaries of State across the nation when Diebold claimed votes could not be changed on the "memory card" (the credit-card-sized ballot box used by computerized voting machines.
A test election was run in Leon County on Tuesday with a total of eight ballots. Six ballots voted "no" on a ballot question as to whether Diebold voting machines can be hacked or not. Two ballots, cast by Dr. Herbert Thompson and by Harri Hursti voted "yes" indicating a belief that the Diebold machines could be hacked.
At the beginning of the test election the memory card programmed by Harri Hursti was inserted into an Optical Scan Diebold voting machine. A "zero report" was run indicating zero votes on the memory card. In fact, however, Hursti had pre-loaded the memory card with plus and minus votes.
Correct results should have been: Yes:2 ; No:6
However, just as Hursti had planned, the results tape read: Yes:7 ; No:1
The results were then uploaded from the optical scan voting machine into the GEMS central tabulator, a step cited by Diebold as a protection against memory card hacking. The central tabulator is the "mother ship" that pulls in all votes from voting machines. However, the GEMS central tabulator failed to notice that the voting machines had been hacked.
The results in the central tabulator read:
Yes:7 ; No:1
This videotaped testing session was witnessed by Black Box Voting investigators Bev Harris and Kathleen Wynne, Florida Fair Elections Coalition Director Susan Pynchon, security expert Dr. Herbert Thompson, and Susan Bernecker, a former candidate for New Orleans city council who videotaped Sequoia-brand touch-screen voting machines in her district recording vote after vote for the wrong candidate.
The Hursti Hack requires a moderate level of inside access. It is, however, accomplished without being given any password and with the same level of access given thousands of poll workers across the USA. It is a particularly dangerous exploit, because it changes votes in a one-step process that will not be detected in any normal canvassing procedure, it requires only a single a credit-card sized memory card, any single individual with access to the memory cards can do it, and it requires only a small piece of equipment which can be purchased off the Internet for a few hundred dollars.
One thousand two hundred locations in the U.S. and Canada use Diebold voting machines. In each of these locations, typically three people have a high level of inside access. Temporary employees also often have brief access to loose memory cards as machines are being prepared for elections. Poll workers sometimes have a very high level of inside access. National elections utilize up to two million poll workers, with hundreds or thousands in a single jurisdiction.
Many locations in the U.S. ask poll workers to take voting machines home with them with the memory cards inside. San Diego County (Calif) sent 713 voting machines/memory cards home with poll workers for its July 26 election, and King County (Wash.) sent over 500 voting machines home with poll workers before its Nov. 8 election.
Memory cards are held in a compartment protected by a small plastic seal. However, these simple seals can be defeated, and Hursti has found evidence that the memory card can be reprogrammed without disturbing the seal by using a telephone modem port on the back of the machine.
The Hursti Hack, referred to as "the mother of all security holes" was first exposed in a formal report on July 4. (http://www.blackboxvoting.org/bbvreport.pdf).
(Note: You can view every article as one long page if you sign up as an Advocate Member, or higher).
