Democratic Underground Latest Greatest Lobby Journals Search Options Help Login

BBV - Diebold Source Code!

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Topic Forums » Election Reform Donate to DU
Andromeda Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 01:53 AM
Original message
BBV - Diebold Source Code!
Edited on Sun Nov-14-04 01:55 AM by Andromeda
This came in my mailbox. It's from .

Date: Wed, 10 Nov 2004 22:45:01 -0500
From: "Valerie" < >
Subject: junk voting

Diebold Source Code!!! --by ouranos ( "Dr. Avi Rubin is currently Professor of Computer Science at John Hopkins University. / He 'accidentally' got his hands on a copy of the Diebold software program--Diebold's source code--which runs their e-voting machines. Dr. Rubin's students pored over 48,609 lines of code that make up this software. One line in particular stood out over all the rest: #defineDESKEY((des_KEY8F2654hd4" All commercial programs have provisions to be encrypted so as to protect them from having their contents read or changed by anyone not having the key... The line that staggered the Hopkins team was that the method used to encrypt the Diebold machines was a method called Digital Encryption Standard (DES), a code that was broken in 1997 and is NO LONGER USED by anyone to secure programs. F2654hd4 was the key to the encryption. Moreover, because the KEY was IN the source code, all Diebold machines would respond to the same key. Unlock one, you have then ALL unlocked. I can't believe there is a person alive who wouldn't understand the reason this was allowed to happen. This wasn't a mistake by any stretch of the imagination."

If ATM didn't leave a verifiable paper trail and were as error prone as voting machines, banks would be bankrupt. Throw out all the voting machines and have the new ones manufactured by ATM companies!


I'm sorry if this has been posted before.

Printer Friendly | Permalink |  | Top
ParanoidPat Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 02:01 AM
Response to Original message
1. People on DU were looking at the source code long before.......
.......Avi Rubin and the Johns Hopkins study were ever released. :evilgrin:

The Rubin study was originally released back in 2003. :)
Printer Friendly | Permalink |  | Top
Kralizec Donating Member (982 posts) Send PM | Profile | Ignore Sun Nov-14-04 03:59 AM
Response to Reply #1
3. Haha, I feel so EMBARASSED!!
Because I posted the paper by Dr. Rubin thinking that no one here had read it. Needless to say, I am not used to being in an environment where the information I have is actually old information. Ahhh, feels good to be home.
Printer Friendly | Permalink |  | Top
ParanoidPat Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 03:31 PM
Response to Reply #3
7. "Ahhh, feels good to be home".......... Yeah, tell me about it!
I've lost count of how many stories I've seen discussed here days, weeks or even months before they show up in the press, if they even show up at all.

Here's a link to a rather heated discussion from the 'old' DU forum that was started July 2, 2003, when we were discussing Bev breaking the "Diebold Code is Hackable" story for the first time, Weeks before the Aviel Rubin / Johns Hopkins report was released.

Who read bartcop's Bev Harris comments today?

I wonder if Bart ever apologized? :shrug:
Printer Friendly | Permalink |  | Top
UL_Approved Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 03:49 AM
Response to Original message
2. One comment
The hard-coding of ANY encryption key into software causes a well-known back door. It wouldn't matter if they used DES in this instance or not. Blowfish, RSA, or any other strong cryptographic cypher would be rendered just as useless. They needed to have a special smart card which contained the encryption key for the device and other codes to tell the machine that administrative functions are to be performed. This key would be loaded up at the beginning of the day with the key to be used, open and close times for the polls, ballot lists, and possibly the registered voter lists. Every voter would then be authenticated with a key or keys present on their smart card. Election administrators would have other keys. At the end of the day, a smart card or other recording media would be pulled after the machine was officially closed. Using a scan card or an encrypted USB drive could serve these purposes. With all of the digital signatures, encryption, and secure media available today, this Diebold business is just a joke. But we're not laughing.
Printer Friendly | Permalink |  | Top
Robert Oak Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 04:07 AM
Response to Reply #2
4. it's beyond a joke,
I keep thinking no one who has an engineering degree is this incompetent with design...

but then again, doing favors and getting government contracts and add to it some of the nightmare designs in the industry in general and I'm not so sure...

98% of me says this is intentionally horrific, designed for the purpose of fraud, while 2% believe some of the CTO's of the dot con era finally managed to land a job.

Printer Friendly | Permalink |  | Top
hvn_nbr_2 Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 02:54 PM
Response to Reply #4
5. It's not incompetence
Diebold makes ATMs. ATMs work right millions of times every day. If you press "deposit" they don't light up "withdrawal" or wait till the end of the transaction and then say "withdrawal." If you enter "$40" they give you $40, record $40 in your account, and GIVE YOU A PAPER RECEIPT. ATMs don't get hacked. They don't install new software without the bank's knowledge or approval.

Diebold KNOWS how to make secure, accurate, auditable systems. There's only one reason they build insecure, inaccurate, unauditable election systems. I think we all know why that is.
Printer Friendly | Permalink |  | Top
bullimiami Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Nov-14-04 03:18 PM
Response to Original message
6. diebold IS an atm company.
i got cash out of one of the damn things at the airport last weekend.

of course they are not incompetent, so this is by design.
Printer Friendly | Permalink |  | Top
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Mon Jan 22nd 2018, 06:35 AM
Response to Original message
Advertisements [?]

Home » Discuss » Topic Forums » Election Reform Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC