This just struck me, and it could be HUGE if we can get attention for this in the right circles!

My understanding of how the Diebold hack works is the piece that stores the votes is essentially "pre-programmed" with negative votes for some candidates and positive votes for another candidate so that it shows "zero" votes although this is not really the case. Some one correct me if I am wrong on this.

My solution: Let the machines count the votes. Record the results. Then have the machines count the votes again. If there was no "hacking" then the vote count will be exactly double for everyone. If there was any hacking, doing this simple procedure would easily show if it had been hacked.

I am all for paper ballots and a hand count. But this seems like such and easy way around the known hack, I can't see why anyone would have a complaint.

What do you think?

Wouldn't the baseline on the second count be subject to the preprogrammed totals as well? So it would show exactly double on the second count? I am not familiar enough with how the machines work, or the hacks to know where the counting begins. But I would think if the baseline is corrupt, every count will go off that baseline.

No because the hack - as I understand it - starts one candidate at a negative vote count and another with a postive count.

So for example:

Starting state:

Candidate A: -5
Candidate B: 5
The device registers as no votes being cast.

Now lets say that 20 votes are cast, 12 for Candidate A and 8 for B.

Ending tally:
Candidate A: 7
Candidate B: 13

It correctly shows that 20 votes were cast, but stole the election from candidate A.

Now here is what would happen if they followed my idea:

Ending second tally:

Candidate A: 19
Candidate B: 21

Note that it STILL shows candidate B winning. THIS IS NOT IMPORTANT. What is important is based on the first tally, with no hack the results SHOULD have been

Candidate A: 14
Candidate B: 26

Thus the fact that fraud had occurred would be revealed. It may be that I don't completely understand the hack though, but from what I have read about it, this is accurate.

I think the issue with these machines is that the memory cards that hold the vote counts can also contain executable programs. If this is the case, the programs would run and adjust the votes up or down, but keep the overall total number of votes the same. I think if you ran it though again, the program would tabulate the votes in the same way and the result would be the same. So, it would not be detectable by a second count of the votes by the machine itself.

I think the issue with these machines is that the memory cards that hold the vote counts can also contain executable programs. If this is the case, the programs would run and adjust the votes up or down, but keep the overall total number of votes the same. I think if you ran it though again, the program would tabulate the votes in the same way and the result would be the same. So, it would not be detectable by a second count of the votes by the machine itself.

One problem with what you are thinking here. The programmer of that executable probably didn't plan on the fact that you'd run the votes through twice WITHOUT resetting the count.

To be honest, the only way what you said above would hold true is if the hacker knew what the exact paper ballot count would be before the election, and that is pretty much impossible.

I think the issue with these machines is that the memory cards that hold the vote counts can also contain executable programs. If this is the case, the programs would run and adjust the votes up or down, but keep the overall total number of votes the same. I think if you ran it though again, the program would tabulate the votes in the same way and the result would be the same. So, it would not be detectable by a second count of the votes by the machine itself.

See I understood that the cards could NOT hold any code, just data. If they hold executables then of course it would be easy to still hack it. My understanding of the the hack was that the memory cards were manipulated in such a way to start a candidate out negative (far enough to lose but not far enough to end negative) and that the initial verification of the card did not check the vote count for each candidate but just showed a "total" of zero votes cast.

I guess another verification if that is the case would be to do a complete read of the card showing the totals for each candidate, not just the "net" total.

Why won't they just do a hand recount (isn't there a black box they can open)? Diebold is known for its security flaws. It's not smart for them to refuse to recount the votes.

It's an executable program, so it could be programmed to do whatever they want it to do. There isn't any way of knowing exactly what the program is doing unless it was actually caught on the machine, and that won't happen.

One problem with what you are thinking here. The programmer of that executable probably didn't plan on the fact that you'd run the votes through twice WITHOUT resetting the count.

To be honest, the only way what you said above would hold true is if the hacker knew what the exact paper ballot count would be before the election, and that is pretty much impossible.

I think though if it always adjusted the vote in the same way depending on what each ballot said, then it would come out the same, just doubled in totals.

Why won't they just do a hand recount (isn't there a black box they can open)? Diebold is known for its security flaws. It's not smart for them to refuse to recount the votes.

This would be ideal, however they ahve said that is not going to happen and I expect they claim it would take too much time and be too costly. That was why I thought my idea might have some merit, it would be fairly fast and easy (relative to a manual recount) and it would expose any irregularities at least if I am understanding the vulnerabilities.

Yes, that would definitely work!

The only problem is getting the people who are running the machines to do it.

That's a great idea, OI!!

It's an executable program, so it could be programmed to do whatever they want it to do. There isn't any way of knowing exactly what the program is doing unless it was actually caught on the machine, and that won't happen.

Have you read about the hack? Because everything I have read points to manipulating DATA on the memory card before a single vote is cast. I believe that the memory card hold only data, not an executable. Is that wrong?

My understanding of the the hack was that the memory cards were manipulated in such a way to start a candidate out negative (far enough to lose but not far enough to end negative) and that the initial verification of the card did not check the vote count for each candidate but just showed a "total" of zero votes cast.

I guess another verification if that is the case would be to do a complete read of the card showing the totals for each candidate, not just the "net" total.

I don't think that's how the hack works. As I understand it, the program causes each vote for the candidate the hacker wants to lose, to add 1/4 vote to the tally of the candidate programmed to win. (So even with the hack, the pre-decided "loser" can still win if he gets a big enough margin of votes.)

why the heck would they rely in pre-programmed memory cards. They should just be blank memory cards that can be wiped clean before the vote....

I am going to go do some more research on the hack and be back with answers.

I saw the video on the hack. It works exactly as you describe it. Your idea would work exactly as you say it would.

Yes OI this seems like a sound idea to root out any hacking. Well done.

this site has a lot of info on the hack and the vote rigging software that can be loaded on the memory cards.

http://itpolicy.princeton.edu/voting/

OK, my idea does not address the virus as described in the Princeston study.

My idea was based on the following hack.

Diebold hack proven in county test!
by Glenn Yeagley
December 17, 2005

Due to contractual non-performance and security design issues, Leon County (Florida) supervisor of elections Ion Sancho told Black Box Voting that he will never again use Diebold in an election. He has requested funds to replace the Diebold system from the county. He will issue a formal announcement to this effect shortly.

Finnish security expert Harri Hursti proved that Diebold lied to Secretaries of State across the nation when Diebold claimed votes could not be changed on the memory card.

A test election was run in Leon County today with a total of eight ballots - six ballots voted "no" on a ballot question as to whether Diebold voting machines can be hacked or not. Two ballots, cast by Dr. Herbert Thompson and by Harri Hursti voted "yes" indicating a belief that the Diebold machines could be hacked.

At the beginning of the test election the memory card programmed by Harri Hursti was inserted into an Optical Scan Diebold voting machine. A "zero report" was run indicating zero votes on the memory card. In fact, however, Hursti had pre-loaded the memory card with plus and minus votes.

The eight ballots were run through the optical scan machine. The standard Diebold-supplied "ender card" was run through as is normal procedure ending the election. A results tape was run from the voting machine.

Correct results should have been:

Yes:2
No:6

However, just as Hursti had planned, the results tape read:

Yes:7
No:1

The results were then uploaded from the optical scan voting machine into the GEMS central tabulator. The central tabulator is the "mother ship" that pulls in all votes from voting machines. The results in the central tabulator read:

Yes:7
No:1

This exploit, accomplished without being given any password and with the same level of access given thousands of poll workers across the USA, showed that the votes themselves were changed in a one-step process. This hack would not be detected in any normal canvassing procedure, and it required only a single credit-card-sized memory card.

On Oct. 17, 2005 Diebold Elections Systems Research and Development chief Pat Green specifically told the Cuyahoga County (Ohio) board of elections that votes cannot be changed using only a memory card. Video of Pat Green, Cuyahoga County

According to Public Records responses obtained by Black Box Voting in response to our requests shows that Diebold promulgated this misrepresentation to as many as 800 state and local elections officials.

In other news, according to "Bradblog" a stockholder suit was filed today against Diebold by the law offices of Scott and Scott:

In the above case, my solution would catch the hack. I am not sure of the details of how the "Princeton" virus hack works.

Have you read about the hack? Because everything I have read points to manipulating DATA on the memory card before a single vote is cast. I believe that the memory card hold only data, not an executable. Is that wrong?

Diebold claims that there are no executable programs, but the experts who examined them claimed otherwise.

Finnish security expert Harri Hursti proved that Diebold lied to Secretaries of State across the nation when Diebold claimed votes could not be changed on the memory card.


My understanding of the Hursti hack is that it is an executable that adjusts the votes on the fly. I don't think it used preloaded vote totals.

My question is, are the vote totals stored somewhere else after the malicious code deletes itself to do the double count. I don't think so. If it were, just use that stored vote count instead of the shown count.

Long story short, there certainly appears to be ways to hack these with malicious code, not just data manipulation. Since my idea would not take that into account, it is probably useless. Keep pushing for that hand count of physical ballots!

you know, I just realized that we are talking about two different things. The type of voting machine that is most concerning is the kind that does not leave a paper trail. The kind that OI is talking about is an optical scanner voting machine where the ballots are still available and the vote is easily verifiable. The fully electronic voting machine has no ballot, so the votes could not be run through again. I think the fully electronic, ballotless voting machines are the ones that are really concerning and vulnerable to the hacks.

I like what Florida did. They are now upgrading their voting machines, so they produce a paper printout of your vote. Then you can verify it yourself, then put it in the ballot box. The machines have no control , people just have to look at the print out prior to droping it in the ballot box.

I like what Florida did. They are now upgrading their voting machines, so they produce a paper printout of your vote. Then you can verify it yourself, then put it in the ballot box. The machines have no control , people just have to look at the print out prior to droping it in the ballot box.

That is great, and the way it should be, however, the issue for us is this weekend. If the votes are manipulated to make Ron perform poorly, it makes our job even harder. But not impossible.

There is another thread on here talking about voter fraud too and how it was on
WHO radio, and the other campiagns were saying RP people were too concerned about it were going a bit nuts over it.

http://www.ronpaulforums.com/showthread.php?t=11257

Would someone go through the effort to mess with a straw poll? Maybe, but we can't let that stop us. Bottom line, RP has not spent hardly any time in Iowa until this week. We can't get all worked up over the results if they are low.

They have banking systems that can keep track of your money to within a penny and they are by and large secure, but we can't have a voting system that is secure. Ironic.

I think the answer is simple:

In the Ames straw poll they will use the optical scanners. They can relese the "preliminary" vote count on time. but then start a hand count later to verify the results.

The bigger picture, as to the elections we need a paper trail that can be done the same way. get a instant base for the election, but then a manual count of PAPER recorded votes as well.

I think the answer is simple:

In the Ames straw poll they will use the optical scanners. They can relese the "preliminary" vote count on time. but then start a hand count later to verify the results.


That's the only sensible answer, but the Iowa officials don't seem to be looking for a sensible answer.

If they are using the optical scanners in Ames then my solution would work to verify the count, and they could not claim the "inconvenience" of a hand count.

How about the RP campaign just says; put this slip of paper in this box on the way out of the polls if you voted for rp. Since most RP supporters are passionate you would get a significant amount of slips, you could count these; and get a rough estimate for where you are at.

EASY.

Have you read about the hack? Because everything I have read points to manipulating DATA on the memory card before a single vote is cast. I believe that the memory card hold only data, not an executable. Is that wrong?

This video explains the paperless machines well: http://youtube.com/watch?v=5WMG34cv0zM

It isn't just a hack, it's a virus. Somebody could go to a machine like they were going to vote, take out the memory card that is in it, pop in their own memory card that has the virus in it, restart the machine, then pop in the original memory card. The virus is now on the machine's internal memory, and can do whatever it was programmed to do. They can do this in under a minute. Just watch the video, it explains it better than I can.

HOWEVER, they are using paper ballots in the Iowa Straw Poll, which are then fed into Diebold automatic counters. These are not the same as the ones in the video. I don't know a lot about these, but I've heard that there are still vulnerabilities. I think it would take somebody who has inside access to these to take advantage of the vulnerabilities, so it is a lot less likely that there will be any vote fraud then if it was the paperless machines. The good thing is that there is a paper trail. The bad thing is that the ballots may not always be kept in public site, and the Iowa GOP says there will be a $184,000 fee for doing a manual recount.

I think the paper ballot is a good way to judge who voted for Ron Paul. I woke up with this other idea of putting a penny in a very large jar if you voted for Dr. Paul and then remembered those round disks that were used for bingo. Lightweight and cheap.
If nothing else, my idea will give someone a good laugh.