Help Black Box Voting Examine ES&S Software 197
From Bev:
"ES&S 'Unity' central tabulator software.
Software stash: three zip files --
http://www.blackbox1.org/ems.zip
http://www.blackbox1.org/un5.zip
http://www.blackbox1.org/Unity.zip
User Manuals for ES&S software can be found here:
http://www.bbvforum s.org/forums/messages/2197/2864.html
This is the ES&S central tabulator software, the ES&S counterpart to the Diebold
GEMS central tabulator software. No source code, sorry, and no software for the
precinct machines. This is reportedly one generation back, but from what I'm
told has significant similarities to the new stuff. I would appreciate it if
you can provide me with feedback on your impressions after looking at it. You
may want to Slashdot it or whatever.
Best,
Bev Harris
Founder
Black Box Voting
Mod parent up. (Score:1, Informative)
blackboxvoting.org is indeed registered to Bev Harris, but blackbox1.org is registered to "Registration Private" by "Domains by Proxy".
Legit? Yes (Score:5, Informative)
I spoke to her for about 5 minutes, explained that an article showed up on
This is not a phishing scam, it's really from Bev, and she's trying to solicit help from the
Oh, and yes, I'm posting this same comment in reply to all of the "is this real?" comments... Moderators: please do not mod me down without calling them yourself (go to blackboxvoting.org for phone number).
Kaan
story is legitimate, I just talked to Bev by phone (Score:5, Informative)
Kaan
Hi, I'm Bev Harris. There's nothing fishy here. (Score:5, Informative)
I won't say where they came from. I've checked them out to the extent possible, and they appear to be the real thing. In any situation like this you have to consider that the software might have changed significantly, or that someone could have left a honey pot out there, but I don't think this is a honey pot, not going to publish why on an Internet site. There is a good possibility that current versions have significant changes. Looking over these files should tell us a lot about how the ES&S programmers think, programming styles, etc. I haven't had time to look at the files at all, and I'm not a programmer. This program is designed to run on Windows, according to the user manuals, so I imagine you can just install it and start tinkering, as we did with the Diebold GEMS program. Some of the material refers to "Aero," which is definitely an older version that grew into the Unity program.
No source code was provided (no source code was provided for the Diebold GEMS program, either, remember). The software is only for the election management system/central tally system, and we have so far been unable to get programs for the precinct-based individual voting machines, nor for the ES&S equivalent of the memory card, which they call the "PEB".
Black Box Voting is receiving very credible reports of ES&S meltdowns in several states, though they always seem to have a temporary technician around to promise everyone their vote was not lost. Hard to explain, of course, since 18,000 votes are missing in action right now in Sarasota Florida, with about 300 votes separating the candidates for a U.S. House of Representatives race.
We are getting reports of ES&S anomalies from BOTH political parties.
If anyone has any questions, you can e-mail me at the e-mail address on the blackboxvoting.org Web site.
Best,
Bev Harris
Founder
Black Box Voting
Re:this is legitimate, it's not phishing (Score:3, Informative)
I asked Bev the same thing, she didn't want to say very much about it. So I'll add my own commentary: legality aside, if you piss off somebody big enough, they will find a way to shut you down, no matter what. Black Box Voting has had problems with this in the past (as explained in Hacking Democracy, where Bev originally found Diebold's Gems software on a public ftp server, her website was shut down, but not before many others had downloaded the contents).
2) Even if it is legal for us to download it and posses it, how can we usefully examine the software unless hack it it in such a way which will probably break the DMCA (or other laws)
Good question. The answer is, "you probably can't". The DMCA probably applies here, and probably says it's illegal for us to even discuss their proprietary software. I suggested to Bev that she try to participate in the discussion on
If she won't say where she got it from then I'm going to assume that it is illegal. Also if this is illegal then isn't
I can't disagree with you. Bev said she could not disclose anything about where it came from, because it would likely reveal who it came from, and she couldn't do that. I don't know what to tell you. The DMCA probably applies, and that's just something you'll have to decide on your own.
I would further suggest that you consider whether voting software for public elections should be so secret as to be hidden behind a generic law such as the DMCA. That's really the issue here - everything about electronic voting is a secret, and her organization is trying to expose that.
Kaan
FYI: This is now reported on Black Box Voting (Score:5, Informative)
Re:Legit? Yes (Score:3, Informative)
Already done. Check http://www.blackboxvoting.org/ [blackboxvoting.org] and see for yourself.
Ask and ye shall receive... (Score:3, Informative)
Ask and ye shall receive... there's an update on their primary website
http://www.blackboxvoting.org/ [blackboxvoting.org]
Re:No source code, sorry (Score:3, Informative)
The first thing you want to do is figure out, broadly, what it's supposed to do. Install the software. Get it running. Look over the buttons and menu options. Look over the manual. Next I'd start examining the likely inputs and outputs. What data gets fed into the software? What does it output? What does it store? How does it store it? It may be worthwhile to find an external way to read the datastore (e.g. opening an access database in access) or that may come later.
Now that you have an idea of how the software works, start examining how it handles inputs of different types. What are the expected inputs? Does it handle those properly? What are some unexpected inputs that are still input-able by the UI? What are some unexpected inputs that would not be possible or likely through the UI, i.e. a deliberately or intentionally corrupted input file or stream. Can you inject arbitrary values into the software where there should be none? Can you get the software to perform unexpected operations by manipulating the input? Attack the UI deliberately, perform operations in unexpected sequences, etc.
During this process I guarantee that you will make the application break somewhere, if you're creative enough. Now you want to take the unexpected behavior that you caused and find some way to exploit it. In this case, one must ask, is there some way to manipulate the vote count through exploitation of the defect in the code? Better yet, is there some way to accomplish this manipulation strictly through the UI that generated the input? Or at least, with minimal rights to the aggregated input data, in this case? Can you make the software change the count through manipulating the UI of the counting application?
Coders fall into routines and often repeat the same mistakes over and over. If you find one type of defect (e.g. SQL injection vulnerability), chances are you will find others like it. If they miss proper RI checking in one place, chances are they do so in others. You start to get a feel for how the program works and how it breaks. If you have written enough code of a similar nature, after a few hours or days of fooling around, you will probably have a very good idea of how the application is organized and even have an inkling of the code that went behind it without ever seeing a line of source or assembly.
It was software made for profit in a closed-source environment, so they did not disclose or fix all the bugs they found during test. That's the way of closed source, proprietary software. They presumably fixed larger crashes and glaring problems but left the smaller stuff alone in the interest of adding features and meeting deadlines. These smaller issues and poor design decisions will make up the weaknesses in the code that can ultimately be exploited for fun and profit.