Georgia complained to Diebold about patch after election
On Dec. 3, 2002, Georgia Secretary of State Cathy Cox’s office faxed documents to the then-president of Diebold Election Systems Bob Urosevich listing a series of issues that occurred shortly before the November 2002 election.
Documents provided to RAW STORY by a whistleblower close to Cox’s office show that one of the key problems Georgia officials were trying to resolve was related to an unauthorized patch installed on machines prior to the election.
In one document, Cox’s office asked Urosevich for confirmation that a “0808 patch was applied to all systems; confirmation that the patch was not grounds for requiring the system to be recertified at national and state level; as well as verifiable analysis of the overall impact of the patch to the voting system” (See attached pdf, p. 3)
Cox didn’t know prior to the election that a patch had been installed, the source said. Cox, who is now president of Young Harris College in Georgia, returned phone calls but could not be reached for comment by press time.
“People working for Diebold were told to keep this quiet so Cox would not find out,” the whistleblower said. “They knew she was in over her head and had come to completely rely on Diebold. They controlled the warehouse, the machines, and the certification. There were no state employees.”
Diebold renamed itself Premier Election Solutions in 2007. The company has come under fire on numerous occasions for failing to protect its software from hackers, and its systems have been decertified in California. Maryland's House of Delegates voted to ban the company from its electronic voting in 2006, though the law didn't pass the Senate and state is now considering Premier for their optical scan systems.
According to this individual, this was the patch that he then passed on to cyber-security expert Stephen Spoonamore. Spoonamore, a highly regarded computer security specialist who has worked for US government agencies, has since come forward claiming that he took the Diebold patch to the Department of Justice -- specifically to the Cyber-Security/Cyber-Crime unit of the Computer and Intellectual Property Section -- after it was brought to his attention.
Calls to the Department of Justice seeking confirmation that Spoonamore had delivered the Diebold patch were not returned.
Initially, the whistleblower said, there were no concerns or questions regarding the $54 million contract, for which Diebold beat out eight other firms, to install a statewide electronic voting system. It was only after certain “red flag” events occurred that people inside the Secretary of State’s office, as well as Diebold employees, began to have suspicions, he added.
What initially raised questions, according to the source, was the behavior of then-Diebold CEO, Bob Urosevich, who personally flew in from Texas and applied the patch in just two counties, DeKalb and Fulton, both Democratic strongholds.
Another flag went up, this person added, when it became apparent that the patch installed by Urosevich had failed to fix a problem with the computer clock -- which employees from Diebold and the Georgia Secretary of State’s office had been told the patch was designed specifically to address.
The Secretary of State’s office became aware of this installation during the month after the November 2002 election, as the documents are dated Dec. 3. It's unclear how Cox handled the findings once she was made aware of the patch installation and other technical issues cited in the documents.
Questions raised about race and Diebold terminals
During the period between the election and the faxing of the documents to Diebold by Cox's office on December 3, critics of electronic voting had begun to raise questions about the Georgia race.
Incumbent Democratic Sen. Max Cleland, who was five percentage points ahead of Republican challenger Saxby Chambliss in polls taken only a week before the voting, lost 53 percent to 46 percent. Roy Barnes, the incumbent Democratic Governor, who had been leading challenger Sonny Perdue by a fairly wide margin of eleven points, lost 51 percent to 46 percent.
Cleland could not be reached for comment.
Calls and emails to Premier Election Solutions were not returned.
According to Georgia Election Law Title 21-2-322.16: “No voting machine shall be adopted or used unless it shall, at the time, satisfy the following requirements. ... It shall, when properly operated, register or record correctly and accurately every vote cast.”
The last-minute patch installation and the lack of official recertification may have rendered the 2002 GA results invalid.
The whistle-blower, who was close to Cox’s office at the time, says he was privy to the discussions surrounding the documents and was concerned by the electoral outcome. That led him to approach Spoonamore and ask him to examine the Diebold patch.
Security issues have plagued Diebold's software and machines. In 2006, researchers from the University of Connecticut demonstrated that the firm's optical scan terminals could be compromised. HBO's "Hacking Democracy," which studied the vulnerability of electronic voting machines -- with a particular focus on Diebold -- found that the terminals were subject to hacking and inaccurate vote totals.
In 2007, Diebold posted the photograph of a key used to open their machines on the company's website. Hackers were able to produce a duplicate key based on the photo.
Posts
No comments:
Post a Comment