scottxyz is my new favorite poster/ Go check him out in Bev's thread!

Hey BlackBox fans....this guy is the Bomb! Go check him out in Bev's Rob Georgia thread! http://www.democraticunderground.com/discuss/duboard.php?az=show_mesg&forum=104&topic_id=12577&mesg_id=12577&page=

Bev....I believe scottxyz got your back! :-)

That was a good read. I am so stupid about all of this. Everytime I read the information from a new or different source I begin to understand it better. Frankly put, do I think this will bring down the administration? So far probably not unless we can prove they mess with the elections. Will this hurt them? Oh yes, if we can get the info out. We can change the way elections are run and I think if the voting is fair Bush* will not stand a chance. To me the most important part is to change the elections system to something that is fair. The rest can come later, after the Dems are in office and the investigations begin. GREAT work to Bev and everyone who has put time into this, you are my heros. scottxzy? May I copy your post?

And I once owned and was chief guru in my weekend and night time multi-person programing company - this proves how little one has to know - how little I knew back in the 70's and early 80's - the early-microsoft world - and still get paid.

A very well done write-up -

I hope Bev see's it

:-)

Well I had all sorts of ideas of what to use my 100th post for, but in the end I'm using it to say thanks Trumad for linking back to that thread, and I have to agree with you, scottxyz posts there are the most awesome, well informed rants I've heard in a long time.

I wish I could have said it better myself...but I couldn't. Damn.

Just goes to show you - let the ones who know do the arguing, and follow these easy steps:
1. stand back
2. watch
3. learn

kick it to the top

On those tech-heavy conversation in the Black Box threads, so unfortunately, I don't usually read them when they start to get get too techie.

scottxyz's posts were hilarious and informative and mostly understandable to myself, a non-techie.

And I like his suggestion about carbon paper ballots. LOL!

Thanks for directing us over there, trumad.

from Scottxyz:

"Go over to slashdot and try talking about "security" and "Access" in the same breath and see how seriously they take you over there - they won't even dignify you with a response, they'll just laugh at you and spray you with onomatopoetic responses like

http://slashdot.org/comments.pl?sid=70364&threshold=1&commentsort=0&tid=103&tid=126&tid=99&mode=thread&cid=6395360

because all programmers know there is no security in Access. If Bev wants to leave out references to "one-way dialup modems" that's of course fine - because the fact that a voting system was written in Access is quite damning enough.)"

=====

The slashdot comment:

*choke*

*wheeze*

bwahahahahahahahahahahahah

*gasp*

Wait, these things are already in use?!?

*thud*

=============

Due to the length of that thread, for those on dialup modem, I'd like to honor Scottxyz by reposting his original here:

From Scottxyz

===========

At least one country (Australia) knows how idiotic it would be to use proprietary Microsoft blackbox spaghetti code for something like voting where transparency is vital:

Electronic voting and counting
Development of the system
http://www.elections.act.gov.au/EVACS.html#code

EVACS was written using Linux open source software to ensure appropriate transparency. A copy of the source code is available in a zip file (127 kb). The source code ... is in a separate file (38 kb). For more information contact Software Improvements.

In Australia anyone can download the open-source code they use in their voting systems, so the public can verify that it works. (The same way we know paper ballots work. Voting technology should be transparent, not blackbox.) Of course we couldn't do this in America for "copyright" or "profitability" reasons.

There's no reason for a voting system to be complicated or proprietary
Let me tell you something. I'm a programmer with about 10 years of experience with Microsoft Access. It's considered an insecure "toy" programming environment with minimal or no auditing capabilities and only appropriate for small projects. Access provides two programming languages to work in: SQL and VB (also known as VBA). SQL (Structured Query Language - a rock-solid industry standard that predates Microsoft) is where you write the guts of the system - you define tables (consisting of rows and columns) and then define "SELECT" queries computing totals based on adding together rows from those tables. VBA (Visual Basic for Applications - a crappy Johnny-come-lately language introduced to the programming world by Microsoft, full of weird confusing semi-documented behavior that drives most programmers up the wall for the first few months they use it - and generates lots of fees for Micro$oft at their 900-number help hotline) is where you write the code that displays the screens and menus. It's very easy to write "spaghetti code" in Access's built-in VBA language but a good programmer can avoid that by doing all of the computational work in SQL queries and then using just a modicum of VBA to get the various screens and menus to work together. (Note: You can of course write "spaghetti code" in any language.)

However, for a voting system, only an idiot programmer would write any more than a minimal amount of VB code. There's very little to do here: display a screen, let the user enter a vote, and close the screen.

You only need to define a base table with the votes (this is done in SQL, not in VB), and then write a GROUP BY query in SQL using the base table to tally up the votes. There's no procedural VB coding required for the guts of such a program. A little VB needs to be used to tie the whole thing together with some pretty menus and screens, but it would just be minimal window-dressing. A voting program that does one thing - entering and then totalling up ballots - is about as simple as you can get.

Which just shows how idiotic it is for Diebold to be saying there's anything "proprietary" or "trade secrets" or "copyrighted" here. They may have told their clients it was rocket science (to fatten up their fees), but any first-semester database programming student can write a GROUP BY query in SQL which computes a total. It's not something that needs to be copyrighted or protected like some kind of vital secret. It's about as complicated as doing a SUM() or a SUBTOTAL() function in Excel, which I'm sure many non-programmers have done. The whole notion that Diebold has to "protect its investment" in programming this trivial program is a load of crap.

Heck, right here I can write the a reasonable facsimile of the code that Diebold is claiming is a "proprietary" "trade secret" (and which they probably charged hundreds of thousands of dollars for).

Here's some simple code in SQL to, respectively, define a list of counties, define a list of candidates, record ballots, and then finally total ballots:

CREATE TABLE county (
county_id varchar(127) PRIMARY KEY
);

CREATE TABLE candidate (
candicate_id varchar(127) PRIMARY KEY
);

CREATE TABLE ballot (
ballot_id integer PRIMARY KEY,
county_id REFERENCES county,
candidate_id VARCHAR(127) REFERENCES candidate,
timestamp DATE DEFAULT NOW()
);

CREATE VIEW ballot_total
AS
SELECT count(*), candidate_id
FROM ballot
GROUP BY candidate_id;

Wow. Would you pay hundreds of thousands of dollars for this? Would you let a company clamp a copyright on this sort of standard stuff like it was some kind of "proprietary software"? (Yeah, there'd be a few more wrinkles to handle write-ins, etc - but you get the idea. Not a lot going on here.)

Diebold and ES&S are not only making our elections insecure, they're getting overpaid a lot of taxpayers dollars to do so!

That's pretty much all there is to programming a voting system. Sorry if it's a letdown for folks who think that programmers are geniuses or something but it's really pretty simple to write code that performs elementary addition and subtotalling.

Slap on a data-entry form which gets displayed so the voter can enter data once into the ballot table to cast their vote (Microsoft Access and most other database development environments often have built-in "wizards" which create such a data-entry form for the programmer automatically, or the programmer can roll up their sleeves and work for five minutes or so and make such a form themselves via a graphical programming environment) and then add in some sort of insecure modem-based unencrypted lame Internet communication protocol to send the subtotals down to some central office, and presto! you've got a big government contract for a completely insecure amateur voting system worthy of the slimiest backwater dictatorship!

The straw man: "one way dialup modems"
I won't even stoop to consider (at much length) the silly argument earlier over "one-way dialup modems" because once a machine is on a network a clever hacker - especially an "insider" hacker - can do whatever they want with it - whether or not the user manual says it's using a "one-way dialup modem" (yeah, bear in mind, Diebold says it's a one-way dialup modem. Since we never get to inspect these machines, why the hell are we even supposed to believe this abstruse claim?). Suffice to say that all you need is common sense here folks, and a recollection of what you've read in past few years about viruses running rampant particularly through systems that use Microsoft products. An email comes in (over that ultra-secure "one way modem dialup" connection or whatever the hell that is) and some fool opens it (maybe one of those unauthorized fools with security badges who for some mysterious reason has access to the room where the voting computers are) and then you've got a emailed virus running in the system every time the machine boots up again - a virus which can do all kinds of fun things like change tables in the Access program. (Even without an emailed virus coming in via modem, let's remember there are obviously plenty of other ways to get a virus onto a machine when the contractor can cry "copyright" whenever anyone attempts to look at their pathetic overpriced hodgepodge of hardware and software they have attempted to pass off as a voting workstation.)

But you don't even need such distracting arcana as "one-way dialup modems" or viruses to tinker with the database. Just go in and add and delete some rows like Bev explained in her article. A high-quality database (not Access) could use "triggers" to generate an audit trail to catch such a scenario - but Access doesn't support triggers.

The real smoking gun: TimeDateStampAdjuster
And while we're on a techie discussion... can I rant a bit about that special plug-in Bev illustrated in a screenshot - the one that lets you re-jigger the DateTimeStamp field? What on earth is that doing there?

You can check it out down at the bottom of this page:
http://www.blackboxvoting.com/scoop/S00065.htm

Yeah, instead of harping all day about the straw man in this case (the "one-way dialup modem") could we talk a bit about that bizarre little add-in called TimeDateStampAdjuster?



Talk about a smoking gun!!! What could that possibly be for except to blow away what little audit trail there might be in Access? There is NEVER any need on a database system to re-jigger a DateTimeStamp that's been set to Now() using the field's default setting when the ballot was first entered. You'd be kind of upset if you found that your ATM had a little add-on like that running on it - the better to post-date your check deposit so it won't be credited to your account on time.

I submit the ONLY reason that little TimeDateStampAdjuster add-in could be in the system is to allow tampering. There's absolutely no other reason to include such an "add-in". The meaning of "stamp" in the name TimeDateStamp is just what you'd think it is -- it's a system-generated stamp which is used to show when a record was entered (or last updated). It's there for security and it's supposed to be read-only - no user's supposed to be able to edit it. You don't "adjust" Time/Date stamps - you let the system generate them and they're strictly hands-off to humans.

Access doesn't actually even have Time/Date stamps - but you can get something similar with a bit of simple coding, using one of two methods:

(1) You can create an AfterUpdate event on the data-entry form, but this isn't very secure because it only works for records being edited via the data-entry form - it doesn't work if someone were to go and tamper with the underlying tables, bypassing the form - which is easy to do if you just (a) use the menu called 'Window' > 'Unhide' to bring up the screen showing all the underlying tables, or, if that's been blocked by some whiz-bang "security" you can also (b) hold down the SHIFT key when you open the database. (This isn't a secret - it's in the Access manual.)

(2) You could define a field and name it something like DateTimeCreated in table ballot and set it to the function Now() so that the current Date/Time is entered into the ballot record the instant it gets entered - but even that could be overridden using (a) or (b) above as well.

But I guess the thugs infiltrating the Georgia voting system were too lazy to go through all that manual labor, so they had the clever little labor-saving add-in called TimeDateStampAdjuster so they could save a few precious minutes while they're sneaking around tinkering with the voting machines. (As we all know from those suspense thriller movies where the clock is ticking while someone's desperately trying to hack into the computer, this can be a high-adrenaline moment, so I guess it does make sense to automate this step so avoid hacker error and make sure the criminals can get in and get out quickly.)



Microsoft Access is a toy database
By the way, as you probably suspected, no ATMs, no flight-reservation systems, no field-deployed Department of Defense software is ever written the "toy" language Microsoft Access. Microsoft Access just isn't used for any major work ever, because all programmers know it isn't able to provide the auditing, security, networking or scalability required for mission-critical projects. The very fact that Diebold was allowed to win a bid for a wide-area network system using the "desktop" database Access speaks volumes about the incompetence of the government officials who ran the bidding process. If I had a potential client needing a wide-area networked database and I had the gall to show up and offer a system based on Access, I'd be laughed out of the room. It's only used for "desktop" or "departmental" databases - it's not a client-server database (it's a "file-server" database, which is vastly inferior to client-server), and it's not secure. And to top it all off, the Microsoft Access password file (*.MDW file) is known to be preeminentaly hackable and crackable.

While some people here are arguing about tangential issues such as so-called "one-way dialup modems", check out what the nerds over at slashdot are saying about the notion of even thinking about using Microsoft Access for a voting system. They find the idea utterly laughable.

Go to this page and do the "Find" command in your browser to search for "Access":
http://slashdot.org/article.pl?sid=03/07/08/1949200&mode=thread&tid=103&tid=126&tid=99

Or check out these derisive posts:
http://slashdot.org/comments.pl?sid=70364&threshold=1&commentsort=0&tid=103&tid=126&tid=99&mode=thread&cid=6395360

http://slashdot.org/comments.pl?sid=70364&cid=6395382

As you will notice, programmers don't even bother to get bogged down in the niceties of so-called "one-way dialup modems" - for them, the very idea of using Microsoft Access for something as serious as a voting system is humorous and/or horrifying enough in itself.


And if you're still uncertain about what a hacker can do once a modem is established check out the popular hacker program "Back Orifice" (a kind of disgusting-sounding name parodying Microsoft's "Back Office" product):

http://www.nwinternet.com/~pchelp/bo/bo.html

Back Orifice is not a virus. It is in essence a remote administration tool.

It gives "system admin" type privileges to a remote user by way of the computer's Internet link.

What does this mean? It means that if Back Orifice is running in your computer, a remote operator anywhere on the global Internet can gain access and do almost anything you can do on your computer -- and some things you can't do -- all without any outward indication of his presence.


A modest proposal - from a programmer
How's this for a voting system: Carbon-paper ballots, in triplicate. Voter checks off their choices. White copy goes in the white bin (tallied by Republican-appointed polling officials). Pinnk copy goes in the pink bin (tallied by Democratic-appointed polling officials). "Goldenrod" or "canary" copy goes in the yellow bin (tallied by a UN-approved auditing company).

and as someone who does hand-to-code combat with VBA everyday, I can actually understand this!

lucid and important analysis. thanks for the re-post... the mega thread is getting VERY hard to follow...

doesn't seem to think so. :P

Not so much specifically wrt voting systems, but more generally wrt use of open source vs propietary software in the government.
There has been (and possibly still is) a battle between the Peru government and Microsoft.
(search for "Peru" on the slashdot site).

Peru makes quite a good case against propietary (and by extension, against MS). In spite of the strong pro MS lobby.

Exerpts from a letter by Peruvian Congressman David Villanueva Nuñez to MS:

http://slashdot.org/article.pl?sid=02/05/06/1739244&mode=thread&tid=109

"
Lima, 8th of April, 2002
To: Señor JUAN ALBERTO GONZÁLEZ General Manager of Microsoft, Perú

Dear Sir:

<snip>
It is also necessary to make it clear that the aim of the Bill we are discussing is not directly related to the amount of direct savings that can by made by using free software in state institutions. That is in any case a marginal aggregate value, but in no way is it the chief focus of the Bill. The basic principles which inspire the Bill are linked to the basic guarantees of a state of law, such as:

Free access to public information by the citizen.
Permanence of public data.
Security of the State and citizens.

To guarantee the free access of citizens to public information, it is indespensable that the encoding of data is not tied to a single provider. The use of standard and open formats gives a guarantee of this free access, if necessary through the creation of compatible free software.
<snip>
"

Where else would you get info like this? :shrug:

" the so-called "points" raised by Fredda and the blathering of SDent are irrelevant garbage" maybe now people can quit wasting time and space having to answer to them and get on with more important issues!
edit to get the quote right

It is a complete joke that Diebold used Microsoft software, at all. The unix/linux folks can tell you many, many stories of how their software is soooo bad...

--
How about the U.S. Navy test ship that was completely run by Microsoft software, fell completely dead in the water and had to be towed back to shore like the barge it had become?

How about the fact that the backbone of Microsoft's own mail system even a few years ago ran on unix? (Don't know if that's still the case).
--

That being said, we all need to understand something -- there is only one reason Microsoft is so damn successful. They have a multi-billion dollar marketing machine. If you start picking on Microsoft too much in all of this, you will confront that machine which is able to persuade so called "professional" IT managers in big companies to use their crappy software. That machine will completely blow us out of the water when used on non-techs (like, say, judges, election officials etc.)

On edit: typo

In far too many companies, IT managers are people who have been promoted into their position from other parts of the company and have little or no technical skills. They are simply bean-counters under another title. The IT managers usually have one trusted person that advises. Generally, said person has a real horn for M$, due to the fact that they have achieved status and received perks through their relationship, not to mention that they hold a "vaunted" MCSE ticket.

There is a simple answer to all this: Open Source the development of this. Give it to the GNU, Linux and *BSD people. Complete tranparancy and far better security. I predict that IBM and the other bigger Open Source-oriented companies would throw money into a pot for this.

Your first paragraph is why I put IT "professionals" in quotes. Unfortunately you could not see me rolling my eyes while I was typing...

I have seen the worst, and some of the best in my career.

But I did want to raise the issue about not poking the Microsoft marketing machine to hard -- unless that's *really* what is intended.

Screw compiler incompatibilities and idiosyncracies.

And truly well informed post.

he used far fewer words too.

bransonfu (408 posts) Tue Jul-08-03 10:25 PM Response to Original message

29. anything that uses MS Access should NOT be taken seriously.

"what a joke. that is a piece of crap with little to no security provisions that are worth much.

GREAT TO HEAR this is getting some headway."

http://www.democraticunderground.com/discuss/duboard.php?az=show_topic&forum=104&topic_id=8019&mesg_id=8019&page=#9789

Bev, have you contacted the Microsoft? Or asked the question informally of some of their employees?

Scottxyz sounds like he should be made elections commissioner, eh?

Bev, have you contacted the Microsoft? Or asked the question informally of some of their employees?

Scottxyz sounds like he should be made elections commissioner, eh?

on edit: How did that happen? I "voted" twice.

:shrug:

in the threads scottyxyz refers to describes how military ballots will be votable online in the 2004 election, and that the contractor for that process is largely Saudi-owned. I would have posted the text here but the links to articles in the post didn't work, so here's the link FWIW: http://slashdot.org/comments.pl?sid=70364&cid=6398138

gee....... so is * and his daddy.

can turn his post into an article-style piece, I will run it on truthout as backup to the Bev Harris piece we ran today.

If writing a couple lines if SQL is all it takes to impress you, I would have done it months ago...

I would have loved to have written scottxyz's rant too.

Go Forth and Kick Ass, scottxyz!

;-)

... in programming (systems and applications of many kinds), systems analysis, and internal auditing. I designed and developed a relational database system for a Fortune 5 company (used globally for their internal financial planning and analysis) even before "Microsoft Access" referred to communications software. (Yes, it's a recycled product name.) I've written major portions of an operating system, several embedded applications, and many KLOC in several languages at various levels.

That said (not to argue genital size), I finally find at least one post in this whole "Black Box" clusterfuck that I can agree with 98%, reserving the right to quibble only over suitable beverages about some technical niceties.

What I can agree with 'scottxyz' most on, at least in spirit if not in detail, is his "modest proposal." While I continue to be entranced by the huge power and potential of computational technology, I am also keenly aware of its enormous susceptibility to egregious abuse. Compounding that susceptibility to abuse is the abysmal tendency of people to be seduced by "what the computer says" and find themselves incapable of separating the wheat from the chaff.

Paper balloting is, IMHO, the only way to go -- preferably with solely manual tallying.

Nowhere that I can think of is it more important that the greatest number of ordinary people fully comprehend the mechanisms of a process than in voting and elections. My God(!), even in as low tech a process as punched cards we saw the appalling amount of misinformation and deceit regarding that mechanism. 80% of the supposedly "reputable" rhetoric regarding chads was beyond laughable! This can only be compounded by an order of magnitude by "touch screen" balloting -- even if the code is (supposedly) open-sourced.

One of the reasons I've desisted in participating in the "Black Box" threads is the enormous "garbage-to-gold ratio" in those discussions. Wading through so much ill-informed and amateurish jargon has been bad enough just to observe. And that's just a minor example of the gibberish that pervades other such discussions nationally -- including the gibberish ensconced in actual legislation.

We need to get this arguement as simple as possible.
Computers are susceptibile to abuse. It's that simple. And there is NO way you could know that they have been abused, unless you read the program.
I am not a techie, but I know this: What goes "in" is NOT necessarily what comes "out". People need to understand this.
We need to make it so that a simpleton will understand it.

or asserts that "System 'X' always ..." is utter hogwash from any kind of critical assurance standpoint. If there's one thing for certain, the behavior of any packaged (object-code-only) software is not only variable over time (updates, bug fixes, etc.), it's variable under different loads and in different contexts. The "Law of Unintended Consequences" is alive and well with software. Furthermore, the mere fact that the hardware (including discrete logic) and software (including firmware) is packaged and offered as a single 'device' increases the potential for abuse by an order of magnitude. The mere notion that a 'general purpose' O/S or subsystem would be appropriate for a mission critical function is ludicrous. If these Voting Stations actually contain a Microsoft O/S and Microsoft Access, I wouldn't even call them 'prototypes'; at most, I'd call them 'proof of concept' systems. Even under stringent controls, including thoroughly-tested open source and thoroughly-tested OTS components, I'd be wary that the systems were open to abuse merely because of the widespread access to them and the number of non-technically-skilled people with some oversight role.

"Production" is the last phase of testing.

and yes Any Techie does no the MS Access and security are oxymorons.