DEF CON 12 - Bev Harris & Rebecca Mercuri, Part 1 - Hack the Vote: Election 2004

Rebecca Mercuri, Ph.D., Hack the Vote: Election 2004

In the rush to solve problems that emerged from Florida's Presidential election dispute in 2000, computerized voting systems have been deployed in unprecedented numbers. Estimates indicate that 30% of the USA will be voting on fully electronic equipment offering no capability for independent recounts, and another 50% of the country will be casting ballots tabulated by computer-based scanners.

Vendors and promoters of these systems have made promises of reliability, accuracy and accessibility. Yet evidence from the 2004 primary season and earlier uses in 2002 and 2003 elections have demonstrated malfunctions resulting in irretrievable loss of vote data, usability issues including county-wide denial of service incidents, and fraud allegations due to software substitutions.

This talk will explore the vulnerabilities of electronic voting systems to insider and outsider attacks, along with the possibilities and ramifications of large-scale vote fraud in the 2004 election and beyond.

Dr. Rebecca Mercuri became an overnight celebrity during the media frenzy that ensued when the U.S. Presidential election ended in a dead heat in November 2000. A few weeks earlier, she had successfully defended her Doctoral Dissertation "Electronic Vote Tabulation: Checks and Balances" at the University of Pennsylvania, and then found herself writing testimony in the now-legendary Bush v. Gore case that was working its way through the legal system. Her testimony was presented to the U.S. 11th Circuit Court of Appeals and referenced in the briefs to the U.S. Supreme Court. Since then, she has provided formal testimony on voting systems to the House Science Committee, Federal Election Commission, U.S. Commission of Civil Rights, and the U.K. Cabinet, has been quoted in the U.S. Congressional Record, and has played a direct role in municipal, state, federal, and international legislative initiatives. Rebecca's comments on election technology are frequently cited by the media, and she authors the quarterly 'security Watch" column in the Communications of the Association for Computing Machinery (archived at www.notablesoftware.com). Having recently completed a research fellowship at the John F. Kennedy School of Government in their Belfer Center for Science and International Affairs, Dr. Mercuri will be moving to Harvard University's Radcliffe Institute in the Fall.

Bev Harris, author of "Black Box Voting: Ballot-Tampering in the 21st Century," began writing on the subject of electronic voting machines in October 2002. Her investigative journalism has since been cited in The New York Times (three times), and on CBS, Fox News, and CNN. In writing Black Box Voting, Harris spent over two thousand hours researching voting machines, and interviewed hundreds of witnesses including many election officials and even voting machine programmers who work directly for the firms that build these machines. During the course of writing Black Box Voting, Harris discovered that one of the largest voting machine companies, Diebold Election Systems, had committed a massive security breach, leaving thousands of sensitive voting system program files on an unprotected Web site. These files have now triggered a national investigation and activism movement to restore clean, trustworthy voting systems.

>>12500185

DEF CON 12 - Bev Harris & Rebecca Mercuri, Part 2 - Hack the Vote: Election 2004

Rebecca Mercuri, Ph.D., Hack the Vote: Election 2004

In the rush to solve problems that emerged from Florida's Presidential election dispute in 2000, computerized voting systems have been deployed in unprecedented numbers. Estimates indicate that 30% of the USA will be voting on fully electronic equipment offering no capability for independent recounts, and another 50% of the country will be casting ballots tabulated by computer-based scanners.

Vendors and promoters of these systems have made promises of reliability, accuracy and accessibility. Yet evidence from the 2004 primary season and earlier uses in 2002 and 2003 elections have demonstrated malfunctions resulting in irretrievable loss of vote data, usability issues including county-wide denial of service incidents, and fraud allegations due to software substitutions.

This talk will explore the vulnerabilities of electronic voting systems to insider and outsider attacks, along with the possibilities and ramifications of large-scale vote fraud in the 2004 election and beyond.

Dr. Rebecca Mercuri became an overnight celebrity during the media frenzy that ensued when the U.S. Presidential election ended in a dead heat in November 2000. A few weeks earlier, she had successfully defended her Doctoral Dissertation "Electronic Vote Tabulation: Checks and Balances" at the University of Pennsylvania, and then found herself writing testimony in the now-legendary Bush v. Gore case that was working its way through the legal system. Her testimony was presented to the U.S. 11th Circuit Court of Appeals and referenced in the briefs to the U.S. Supreme Court. Since then, she has provided formal testimony on voting systems to the House Science Committee, Federal Election Commission, U.S. Commission of Civil Rights, and the U.K. Cabinet, has been quoted in the U.S. Congressional Record, and has played a direct role in municipal, state, federal, and international legislative initiatives. Rebecca's comments on election technology are frequently cited by the media, and she authors the quarterly 'security Watch" column in the Communications of the Association for Computing Machinery (archived at www.notablesoftware.com). Having recently completed a research fellowship at the John F. Kennedy School of Government in their Belfer Center for Science and International Affairs, Dr. Mercuri will be moving to Harvard University's Radcliffe Institute in the Fall.

Bev Harris, author of "Black Box Voting: Ballot-Tampering in the 21st Century," began writing on the subject of electronic voting machines in October 2002. Her investigative journalism has since been cited in The New York Times (three times), and on CBS, Fox News, and CNN. In writing Black Box Voting, Harris spent over two thousand hours researching voting machines, and interviewed hundreds of witnesses including many election officials and even voting machine programmers who work directly for the firms that build these machines. During the course of writing Black Box Voting, Harris discovered that one of the largest voting machine companies, Diebold Election Systems, had committed a massive security breach, leaving thousands of sensitive voting system program files on an unprotected Web site. These files have now triggered a national investigation and activism movement to restore clean, trustworthy voting systems.

Hursti Hack 2005 Election Officials testing a random Diebold machine voting with a made up ballot.

Election Officials testing a random Diebold machine and voting with a made up ballot with one question on it. There were 6 no votes and 2 yes votes. The certified result? 7 yes votes and 1 no vote. People were very upset. Take a look for yourselves.

Harri Harras Hursti is a Finnish computer programmer and former Chairman of the Board and co-founder of ROMmon where he supervised in the development of the world's smallest 2 gigabit traffic analysis product that was later acquired by F-Secure Corporation.

In a series of four tests conducted in Feb., May, and Dec. 2005, Ion Sancho invited Black Box Voting to Tallahassee after an invitation to check the Diebold machines. Black Box Voting engaged the services of Dr. Herbert Hugh Thompson and Harri Hursti.[1] Dr. Thompson and Hursti believed they could change or hack vote totals without the system detecting entry. The first two projects targeted the computer program that adds up all the voting machine results and produces the final report. On Feb. 14 and again on May 2, Thompson successfully hacked the Diebold GEMS central tabulator and bypassed all passwords by using a Visual Basic script. This, however, would be detected in a vigilant environment if the supervisor of elections checks the poll tapes (voting machine results) against the central tabulator report.

>>12500479

ain't clickin dat shit, you don't even give a clue as to what it's about, not wasting my time