Thursday, December 29, 2005
Previously Certified Diebold Machines Approved Erroneously
Diebold elections machines employ something called interpreter code which is expressly forbidden in the specs for federal qualification and CA state certification. This needs to become another angle worked in the campaign to unite California election reformers. I'm in the midst of gathering some legal opinions so this piece will have to get held over before I can issue a specific call to action.
However, I will share my thinking which is that people in each of the 17 Diebold client counties should be attempting to get an injunction or restraining order against any further use of the clearly out of compliance yet previously certified Diebold machines. To make it easier to discuss this possibility and feel out your own legal possibilities, the rest of this post covers related background.
As reported last week, the office of CA Secretary of State Bruce McPherson sent a letter to Diebold explaining that their voting systems could not be certified without further federal review of the source code.
It is the Secretary of State's position that the source code for the AccuBasic code on these cards, as well as for the AccuBasic interpreter that interprets this code, should have been federally reviewed.Actually, even if you don't know what AccuBasic is or what AccuBasic interpreter does (I'll tell you later), it is simple to understand that interpreters are expressly forbidden by the 2002 Voting System Standards/Guidelines, which are required for federal qualification and California certification.
Volume 1, Section 4So it makes no sense for McPherson to demand "more" federal testing since the system will fail on its face and could only have "passed" previously in error.4.2.2 Software IntegrityVolume 1, Section 6
Self-modifying, dynamically loaded, or interpreted code is prohibited, except under the security provisions outlined in section 6.4.e.6.4.1 Software and Firmware Installation
The system shall meet the following requirements for installation of software, including hardware with embedded firmware:
e. After initiation of election day testing, no source code or compilers or assemblers shall be resident or accessible.
For more context here, AccuBasic is Diebold's proprietary code. On December 23, the Electronic Frontier Foundation announced that Diebold had demonstrated its commitment to keeping the code a secret by taking its machines out of consideration in North Carolina's certification process. Diebold could only be considered for certification if they revealed the code and they chose to walk away. McPherson has created a juicy new pickle for Diebold in California.
As far as what the interpreter code actually does, it is about translating data between programming languages in the counting/tabulation process. Imagine trying to convert currency but without a published exchange rate. Here is a more technical explanation provided by Harri Hursti in his 7/4/05 report filed for BlackBoxVoting.org based on Hursti's May 2005 hack testing in Leon County, FL:
Accu-Basic programming is a two phase process. First the Accu-Basic program source code needs to be pre-compiled with a compiler, converting it from a human readable source code form into token based pseudo-code. The pseudo-code is still a non-binary, ascii file. This first phase programming is normally done on a standard PC running Windows or *ix-variant operating system. The author used the FreeBSD platform. Then this pseudo-code is transferred to the final execution environment (that is, to the voting machine), where the pseudo-code is executed by an interpreter.Hursti's words are clearer in the context of his more recent hack test in Leon County. That demonstration was very widely reported and resulted in Elections Supervisor Ion Soncho resolving not to use Diebold for future elections. The following day Volusia County, FL followed suit.
Note: The interpreter, built into the optical scan firmware, will execute the code following the instructions on the memory card. No information has been provided about the interpreter.
So to review, some old information has come to be viewed in a new light. Diebold machines currently certified for use in CA contain illegal programming that should have precluded their certification in the first place. The suggestion is exploring legal means to prevent their future use and the promise is to come back with specifics on this in a near future posting. In addition, it may be useful to throw this line to elections officials and County Supervisors who should be looking for a way to abandon the sinking Diebold ship.
Excellent commentary, important points.
Guv, your work is effective, in the real world as well as on the Internet. Kudos.
Black Box Voting
Activists from here in Texas called me this morning, and had already read it!
Have you linked to this one, with a great explanation of what interpreted code is, including a schematic?
What’s all the fuss about Interpreted Code?
By John Washburn, for VoteTrustUSA
December 29, 2005 http://www.votetrustusa.org/index.php?option=com_content&task=view&id=645&Itemid=26
Keep up the good work!
By 10:08 PM, at