How They Could Steal the Election This Time
The Kids Prick Open a Scandal
Some kids who are "really interested in computers" were playing around last year, spidering through the links on various websites, when they discovered that Diebold had an unsecured FTP site (the same one Behler had used). One of the boys noted the fact on his website. Some other material on that site--not the stuff about Diebold--attracted a lot of hits, and that automatically led Google, the cyberspace search engine, to position it among the early-listed sites for many searches. One day Bev Harris, a literary publicist in Washington who was doing research for a book on vote-counting in computers, fed Google the right search words and the FTP site itself popped up. Knowing little about computers, she turned to David Allen, who was publishing her book, and he recognized the openly posted source codes and much other data concerning Diebold voting machines.
A small group of activists in Georgia worked with Harris. One of them, Roxanne Jekot, who runs a software consulting firm, analyzed "almost every line" of the Diebold source code and found many ways to change vote totals there and also in the Microsoft operating code. "The software is totally junk," she says. "They sold vaporware." Determined to get peer review of what she was finding, Jekot approached David Dill, the Stanford computer science professor.
"Both Roxanne and Bev were very courageous and determined to lift the veil of secrecy on the code," Dill says. "I think most academics would be much more cautious, especially about publishing the fact that they looked at the code. I certainly was, and I wasn't about to get other people in trouble by asking them to help me. A number of us would be inclined to talk to lawyers before doing anything too bold. So it made a huge difference that Bev posted the code in New Zealand for everyone to download. That reduced but didn't eliminate the legal risks of the Johns Hopkins/Rice University people looking at the code. If Bev and whoever else was involved in releasing this code had not been so brave, people [with strong professional reputations] might not have been able to speak out so freely."
After some agreements on a division of roles, Avi Rubin of Johns Hopkins and three other scientists produced a devastating twenty-three-page exposure of the Diebold software. That was followed by two more damaging technical studies in Ohio. Then a "Red Team" exercise to break the Diebold code was staged at RABA Technologies' headquarters in Maryland. Four of the eight computer scientists on the team had worked at the National Security Agency, and the team director had been the senior technical director for the NSA. The team concluded, "A voter can be deceived into thinking he is voting for one candidate when, in fact, the software is recording the vote for another candidate." A security vulnerability "allows a remote attacker to get complete control of the machine." And one can "automatically upload malicious software" that will "modify or delete elections." Some kids sniffing around in cyberspace had led, step by step, to the dawning national realization that computerized vote-counting puts democracy in grave danger.