Did GOP hackers target county tabulator PCs, not precinct Diebolds?

Eagle-eyed DUers have noticed that counties in Florida with high proportions of registered Democrats delivered the vast majority of their votes to Bush, but ONLY where optical scan machines were being used. (See Post #74 at http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=104x2602324 .) This suggests that GOP election criminals may have used classic misdirection to pull off stunning election thefts in dozens of locations.

Everyone was looking for precinct-level anomalies in counties using voting machines without voter verifiable paper trails.

But in Ohio and Florida, the only two seesaw states with enough electoral votes to swing the election to Bush for sure, there was a major problem for possible Republican election felons: Not enough counties were using touch screens!

Florida has 67 counties, and Ohio has 88. Only 15 counties in Florida and 7 in Ohio were using precinct-level touch-screen voting machines vulnerable to easy vote theft. (See "TABLE: U.S. states using e-voting in Nov. 2" election, IDG News Service 10/19/04, at http://www.itworld.com/Tech/2987/041020evotestates/ ).

Too many votes per county would have to have been switched from Kerry to Bush after the polls closed for any precinct-level touch-screen attack to pass under voters' radar.

But in many places there are at least two steps between precinct tallies and state certification of electors on December 13th. If precincts report to counties and then counties report to states, and if there are scores of counties, some county tabulation efforts may be vulnerable to ordinary garden-variety Microsoft Windows hacking.

When Howard Dean guest-hosted "Topic A with Tina Brown" on CNBC a few months ago, Bev Harris (of http://www.blackboxvoting.org ) demonstrated how easy it can be for hackers to fiddle with county tabulaor databases on ordinary PCs running Microsoft Windows. (See http://www.commondreams.org/headlines04/1106-30.htm and Post #1 below).

The beauty of stealing votes from county tabulators is its efficiency and its provision of plausible deniability to state election officials. They need not be aware of any details of nefarious attacks on the vote. They could just Let It Happen on Purpose (LIHOP)!

SO, there are several questions we should be demanidng that Ken Blackwell and his counterpart in Florida MUST answer, NOW:

(1) How do vote tallies get from precincts to counties and from counties to state election bureaucrats?

(2) Are precincts connected to county tabulating PCs by modem?

(3) What operating systems do county tabulators use?

(4) Who are their ISPs? Do tabulator PCs have hardware firewalls? Do they run antivirus software? Antispyware software? Were antivirus and antispyware cleanups documented on the morning of November 2 for each of these machines? Were logs from antivirus and antispyware software kept? If not, why not?

(5) What has been done to the hard drives of the county tabulators since preliminary election tallies were released? Are all these county tabulator PCs now shut down and impounded for inspection by impartial computer security experts? If not, why not?

All it would take to ignite a NATIONAL FIRESTORM of demands for recounts would be to find one judge in one county in Florida or Ohio to issue an order for this kind of inspection, and for inspection to find a virus or spyware on one tabulator PC!

The video is online at http://www.votergate.tv .

From http://www.commondreams.org/headlines04/1106-30.htm ):

"On the CNBC TV show "Topic A With Tina Brown," several months ago, Howard Dean had filled in for Tina Brown as guest host. His guest was Bev Harris, the Seattle grandmother who started www.blackboxvoting.org .... Bev pointed out that regardless of how votes were tabulated, the real "counting" is done by computers. Be they Diebold Opti-Scan machines..., or the scanners that read punch cards, or the machines that simply record a touch of the screen, in all cases the final tally is sent to a "central tabulator" machine. That central tabulator computer is a Windows-based PC.

"In a voting system," Harris explained to Dean on national television, "you have all the different voting machines at all the different polling places, sometimes, as in a county like mine, there's a thousand polling places in a single county. All those machines feed into the one machine so it can add up all the votes. So, of course, if you were going to do something you shouldn't to a voting machine, would it be more convenient to do it to each of the 4000 machines, or just come in here and deal with all of them at once?" ... "What surprises people is that the central tabulator is just a PC, like what you and I use. It's just a regular computer." "So," Dean said, "anybody who can hack into a PC can hack into a central tabulator?" Harris nodded affirmation, and pointed out how Diebold uses a program called GEMS, which fills the screen of the PC and effectively turns it into the central tabulator system. "This is the official program that the County Supervisor sees," she said, pointing to a PC that was sitting between them loaded with Diebold's software. ...

"Of course, you can't tamper with this software," Harris noted. Diebold wrote a pretty good program. But, it's running on a Windows PC. So Harris had Dean close the Diebold GEMS software, go back to the normal Windows PC desktop, click on the "My Computer" icon, choose "Local Disk C:," open the folder titled GEMS, and open the sub-folder "LocalDB" which, Harris noted, "stands for local database, that's where they keep the votes." Harris then had Dean double-click on a file in that folder titled "Central Tabulator Votes," which caused the PC to open the vote count in a database program like Excel. In the "Sum of the Candidates" row of numbers, she found that in one precinct Dean had received 800 votes and Lex Luthor had gotten 400.

"Let's just flip those," Harris said, as Dean cut and pasted the numbers from one cell into the other. "And," she added magnanimously, "let's give 100 votes to Tiger." They closed the database, went back into the official GEMS software "the legitimate way, you're the county supervisor and you're checking on the progress of your election." As the screen displayed the official voter tabulation, Harris said, "And you can see now that Howard Dean has only 500 votes, Lex Luthor has 900, and Tiger Woods has 100." Dean, the winner, was now the loser. Harris sat up a bit straighter, smiled, and said, "We just edited an election, and it took us 90 seconds." On live national television. (You can see the clip on http://www.votergate.tv.) And they had left no tracks whatsoever, Harris said, noting that it would be nearly impossible for the election software … or a County election official - to know that the vote database had been altered."

and Bev's response!!

http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=203x27966

You are absolutely right about where the hacking took place and now I am reasonably sure how it was done.

Any annecdotal evidence may be vital to Bev on this subject.

Jacob Matthan
Oulu, Finland

election criminal's version of a 'drive-by'?"

"But in many places there are at least two steps between precinct tallies and state certification of electors on December 13th. If precincts report to counties and then counties report to states, and if there are scores of counties, some county tabulation efforts may be vulnerable to ordinary garden-variety Microsoft Windows hacking."

OK, I know this sounds paranoid, but here me out...

It seems Rove's style to have Walden O'Dell tell the press he would do anything to "deliver Ohio's electoral votes" and allow Diebolds to be used with no paper trail just to distract us (as you said) from the real fraud.

Also, the administration could oh-so-graciously allow an investigation in Diebold to console the paranoid bloggers thereby discrediting all theories that the election was fixed.

It's almost like he's leaving breadcrumbs for us to follow just like on the 60 Minutes story and all his other "leaks".

don't realize that only 7 of 88 counties in Ohio, and 15 of 67 counties in Florida, used touch screens with no voter-verifiable paper trail. If as we suspect Republicans wanted to hack the vote, they would have been forced to 'case' unsecured computers in rural counties as well as highly scrutinized touch screens in more urban places. And thieves always choose easy scores where nobody's looking over complex targets with lots of potential witnesses.

Start with a 'normal' election, take 5% away from candidate A, give it to candidate B.

Rinse and repeat on 4 counties -- the ONLY 4 counties -- with the same software and same machines;
regardless of major differences in incremental voter registrations;
regardless of an urban/rural population.

Republican election thieves to exploit. It makes sense that counties using exactly the same software would be vulnerable to exactly the same attacks on the integrity of their votes.

When it comes to election crime, Republicans may be organized into independent cells, much like al Qaeda cells. State and county election officials who are gung-ho Busheviks may have a Let It Happen On Purpose (LIHOP) laissez-faire attitude toward blatant vote fraud, as long as it helps Bush. The major communication the actual criminals would have would be through common one-way listening to Bush/Cheney, White House, and state/local bureaucrats' announcements in the media.

"We're sure we're going to take Florida" would become the marching order. Then one crew would go after Sequoia software, while another would install Trojan horse programs on rural tabulator PCs, a third would start disqualifying elderly Democrats' absentee ballots because their now-shaky signatures did not match what they signed when they registered thirty years ago, etc, etc.

Someone should interview Amit Yoran's (former DHS Cyber-Security Chief) about this. It was really embarrassing to Bush when he resigned. They can and should be held accountable for these issues.

Somebody should do a thorough study of those computers immediately. I can assure you that only a tiny percentage of those PC's were configured by properly trained IT professionals.

Are these dedicated computers? Are they properly patched? What percentage has viruses and spy-ware? Are they internet connected? How are the computers physically secured? ...

I doubt that there are many obvious problems with the large urban counties. Perhaps this is why they do so well in rural areas.

These computers should all be certified to meet government mandated security standards. IT security in this country is not were should be.

Thank you. Before I read your post, I hadn't made the obvious connection between poor security on County PCs and Homeland Security. This is a HOMELAND SECURITY ISSUE! Vote tallies have to be considered the most crucial government data of all. If county governments are not meeting the strictest security standards for their computers, people who have information about the security holes have a duty to report what they know.

And reporters who fear making a frontal attack on vote hacking can write stories that get at the issue through the back door of county-level computer security.

Who are the state-level directors of Homeland Security? What do they have to say about the issue? What does the National Association of Counties have to say about computer security? Have any of their surveys covered this issue? You've opened up a whole new level of research questions for DUers.

Recounts should catch those problems in those counties though. If the hubs were padding or changing votes, just recount the local precincts that appear out of whack.

One RNC poster said some of those FL counties are high Dem registration but that they voted for Reagan in the same numbers as Bush?

Florida has a law that says elections closer than a certain threshold trigger automatic recounts. So, it appears vote hacking gets investigated in Florida only when Republicans fail to steal ENOUGH votes. They wouldn't make that mistake again.

In Ohio, I'm unaware of any law that would trigger an automatic recount under ANY circumstances.

Do you know more about recount procedures?

Seems to me an important part of a LIHOP vote-hacking strategy would be choosing counties where election bureaucrats are so gung-ho Republican they'd never report any irregularities unless they were under tremendous media pressure.

Evidently, "electoral cybersecurity" is a buzzword we could use to avoid sounding conspiracy-minded when we question Bush's "mandate".

I found this story on the first page of results from googling "Amit Yoran"!

From http://www.infoworld.com/infoworld/article/04/10/01/HNchiefresigns_1.html

"Update: U.S. cybersecurity chief resigns

Amit Yoran, said to be frustrated with progress, gives one-day notice

By Grant Gross, IDG News Service October 01, 2004

WASHINGTON - The head of cybersecurity efforts at the U.S. Department of Homeland Security (DHS) has resigned this week, leaving his job after reportedly giving a one-day notice. Amit Yoran, director of the DHS National Cyber Security Division since September 2003, gave notice Wednesday that he would leave the job Thursday, according to an Associated Press news report. Yoran, former vice president of worldwide managed security services at Symantec (Profile, Products, Articles) Corp., resigned because of a lack of priority for cybersecurity within DHS, according to the AP....

YORAN IS THE SECOND U.S. CYBERSECURITY CZAR TO RESIGN IN LESS THAN TWO YEARS. IN JANUARY 2003, WHITE HOUSE CYBERSECURITY CZAR RICHARD CLARKE RESIGNED, CITING FRUSTRATION WITH THE BUSH ADMINISTRATION'S LACK OF PROGRESS IN CYBERSECURITY. As recently as Thursday, Yoran appeared at a National Cyber Security Alliance press conference to promote October as National Cyber Security Awareness Month. Because of collaboration between private business and the government, "cyberspace is becoming a safer place," Yoran said at the Washington, D.C., press conference.

Software executives said they are disappointed that Yoran felt he had to resign. Yoran's resignation could be a setback in DHS efforts to improve cybersecurity, said Douglas Goodall, president and chief executive officer of RedSiren Inc., an IT security vendor. Yoran's job -- dealing with the "politics and competing priorities" in DHS -- was a tough one, Goodall said. The White House released a National Strategy to Secure Cyberspace in February 2003, and without a strong leader at DHS, that report could gather dust, Goodall said. "Our fear, our concern, is in fact this could create a delay in turning a strategy into action," he added."