Now please keep this kicked, because: Has anyone here really thanked these people publicly for the fantastic work they did breaking their Diebold story?
Tadayoshi Kohno, Adam Stubblefield, Aviel D. Rubin and Dan Wallach
They did the analysis. They wrote it up (no small feat, because they actually made it understandable to the layman). They put their names in public. They took the risks. They'll take the heat. They lined up the coverage in the NYT.
Anatomy of busting out an issueScoop Media had the guts to publish the link to those files. (I wouldn't have).
Yes, I did a bunch of research, which led to finding the ftp site and making a whole bunch of phone calls to others who visited also, and downloaded. A cadre of researchers from here and elsewhere helped us break a very good story about bypassing passwords, changing audit logs, vote overwriting and the pitfalls of using Access.
Dr. David Dill and Dr. Doug Jones weighed in right after the Johns Hopkins and Rice researchers with powerful statements, adding important fuel to the fire.
But it was THESE GUYS that made this happen. Tadayoshi Kohno, Adam Stubblefield, Aviel D. Rubin and Dan Wallach
For my own part, I am rather proud of the news pickup. The press blast in the wee hours of the morning Thursday is a key reason this is now in over 150 major news outlets. The piece was designed to generate ongoing stories, and it will.
Now, the great thing about the original "Inside an Electronic Voting Machine" article and the Sludge "Bigger Than Watergate" was that they led over 100,000 visitors to Scoop, got it slashdotted, and since he had made the link to the files available, a bunch of academics and press people got hold of them. Then it turned into a race. That access and attention turned into the story by Kohno, Stubblefield, Rubin and Wallach
To maximize pickup and set us up for the next step, I used a PR technique that we don't do often, but it worked great! I'll show you below. What it did was get reporters attention that this was an important story, and help them start making phone calls instantly.
I included contacts for the Diebold people, forcing Diebold to make public statements before they had a chance to get together on their story. They made a couple pretty bad mistakes, which we will capitalize on. After that will follow --nope, edited that out. You'll see.
============
Thought you'd like to see an unconventional press piece that worked. It is done "incorrectly" in that you usually never want more than two names at the top, especially in e-mails. The way the contact list was done here, it was almost the lead in the story. That produced shock and awe.
Even more important, that technique got reporters on the phone with Diebold, forcing public statements from them before they had their first cup of coffee.
Timing: I learned of great research paper by the fearsome four, and the NYT piece, around 9 p.m. Pacific. By 2 a.m., thousands in the press were getting fed. It went out to every political, investigative, consumer, and high tech reporter in America, newspapers, magazines, wire services, TV and radio. It started like this:
===========
BULLETIN: Electronic Voting Machines Blasted by Scientists, Hacked by AuthorWhat follows is a set of discoveries, the result of the first-ever public examination of a secret, proprietary computer program used to count votes in 37 states. A hundred dollar item allows anyone to stuff the ballot box; remote access has been left unprotected, encryption keys have been made available to hackers, and passwords, audit logs and votes have been compromised.
CONTACTS and EXPERTS - BEV HARRIS xxx-xxx-xxxx
[email protected] (vain and probably inappropriate to put myself at the top, I know)
- DOUGLAS W. JONES, Associate Professor, The University of Iowa, Iowa Board of Examiners for Voting Machines and Electronic Voting Systems and expert congressional witness on electronic voting machines xxx-xxx-xxxx
[email protected]- DR. DAVID DILL, Electronic Voting Expert, Stanford University Dept. of Computer Science xxx-xxx-xxxx
[email protected]- KIM ALEXANDER: California Voter Foundation, xxx-xxx-xxxx
[email protected]- DAN SPILLANE - Whistleblower, a former senior test engineer who has built touch screen machines. Spillane has expertise in certification standards and legal issues -- xxx-xxx-xxxx
[email protected]- REP. RUSH HOLT: Architect of a HB 2239, a bill to require voter-verified paper trails, eliminate risky remote access to voting machines, and require proper auditing of results District office:
[email protected] Washington Office xxx-xxx-xxxx
- ALISTAIR THOMPSON Publisher/Editor Scoop Media, the publication which released the 40,000 Diebold files, a bold decision which is already being compared to the release of the Pentagon Papers: ++xxx-xxx-xxxx
[email protected]- JOE RICHARDSON: Diebold official spokesman: xxx-xxx-xxxx
- ROBERT JOHN UROSEVICH (“BOB”) - Diebold Election Systems CEO: office xxx-xxx-xxxx
- TALBOT IREDALE: Diebold head programmer and a stockholder: xxx-xxx-xxxx
- SHAWN SOUTHWORTH: Official voting machine certifier for the United States (see information in article below): xxx-xxx-xxxx
- DR. BRIT WILLIAMS: Official voting machine examiner and member of NASED board that selects voting machine certifiers xxx-xxx-xxxx
- R. DOUG LEWIS: Head of “The Election Center” which organizes NASED and NASS xxx-xxx-xxxx
- KAY MAXWELL, president, League of Women Voters: Opposes HB 2239 provisions for voter-verified paper trail. (local chapters are not in agreement with national office on this) xxx-xxx-xxxx
[email protected].
WHY THE BIG DEAL?
You can overwrite votes. You can vote more than once. The system is vulnerable to both inside and outside attacks. Intruders can overwrite audit logs. You can assign passwords to all your friends.
“Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts.” -- Researchers from Johns Hopkins and Rice Universities, in paper just released: "Analysis of an Electronic Voting System"
http://avirubin.com/vote.pdf “Computer Voting Is Open to Easy Fraud, Experts Say” (New York Times, July 24 2003)
http://www.nytimes.com/2003/07/24/technology/24VOTE.htmlThese discoveries were made after examining Diebold voting system files left on an open web site, in a security breach somewhat stunning in magnitude. These files had been stored, unprotected, on a company web site for several years. The site appeared to be in continuous use, with new files added frequently, and its design invited visitors into an ftp page, which was available with anonymous access and no password...
================
(Why weren't the original four researchers on the contact list? Because I couldn't find their contact info and needed to make sure the thing hit the desks before 7 a.m. Eastern, so it had to go-go-GO, no more time to fuss with it)
I planned to have another volley out last night, but my communications were completely hacked, lost all contact with the world three times in 24 hours. I need to find my old DU emails, because we set up backups for this kind of situation, and I'll need to reactivate the backup system for press blasts now that things will start heating up.
(My system was taken out twice the first time, but 75 percent had already gone out before they got at my DSL lines).
I'm on kind of a fun romp with DemActivist right now because the last batch of invasions into my communication system left a trail of crumbs...likewise with my service provider, who set up a monitoring system that seems to have gathered a little information.
Can anyone tell me how to get at the old DU email? Or can we start over, so I can get a few back-up blasters in place? PM me on that.
Bev Harris
Black Box Voting