From the Open-Publishing Calendar
From the Open-Publishing Newswire
Indybay Feature
Yellow button on California voting machines permits multiple votes
"Just push the yellow button and you can vote as many times as you want," Tom Courbat, an Election Integrity advocate from Riverside County, California informed The BRAD BLOG tonight. Not that we're in any mood to report more such stories, but this seems to be a big one. A very big one.
It seems there's a little yellow button on the back of every touch-screen computer made by Sequoia Voting Systems, that allows any voter, or poll worker, or precinct inspector to set the system into "Manual Mode" allowing them to cast as many votes as they want.
Concerns about the flaw were first reported some thirty days ago to California Secretary of State Bruce McPherson's office by Ron Watt, a Tehama County, CA precinct inspector who has been a poll worker in the county for the last fifteen years. And yet, as recently as a radio interview last Tuesday, McPherson — who has been crowing about having the country's most stringent security process for voting systems — denied he was aware of any security issues with Sequoia systems.
"They didn't care about it," Watt told us tonight about his "late September or early October" discussion with McPherson's voting systems chief Bruce McDannold. "He said he didn't think it was an important issue. He said I don't believe this is really a vulnerability."
Watt and Courbat disagreed and placed another phone call to the SoS' office on Friday after Watt received a copy of Sequoia's "Poll Workers Guide, Booklet #5: Troubleshooting" via a public records request in Tehama. On pages 19 through 22 of the booklet — which is marked as "Confidential and Proprietary" — he confirmed the simple manual override to the system. He'd learned about it years earlier and the new manuals confirmed that button was still in place. Even in the latest models of the Sequoia Edge voting systems (both models 1 and 2).
The complete sequence to override the system and enter manual voting mode, along with the Sequoia booklet received via Watt's public records request, is now posted here at BlackBoxVoting.org.
Watt had been taught to be a poll worker trainer by De La Rue, the former parent company of Sequoia, years ago when the systems were first brought into the county. The two men placed a conference call with McDannold last Friday after receiving the booklet. McDannold again reportedly downplayed the concerns, but said "he'd look into it," according to Courbat.
He called Courbat back on Monday afternoon to say Sequoia technicians had been in the SoS office and had confirmed the vulnerability. (A complete transcript of McDannold's Monday phone message left on Courbat's cell phone, confirming the security issue and describing the actions — or lack thereof — being taken, is at end of this article.)
Sequoia's voting machines are perhaps the most widely used in California, in some 19 different counties, including both Tehama and Riverside, which is known as the "Home of E-Voting" as it was the first county in the nation to deploy such systems. But identical Sequoia machines are also used in dozens of other states around the country including Florida, Illinois and elsewhere.
Thanks to the diligence of Watt and Courbat, it is now confirmed that all such systems are completely vulnerable to virtually anyone who wishes to cast as many votes as they please.
"I can do it in 18 seconds," says Watt. "I can train you to do it in 3 minutes. Just push the yellow button, wait 3 seconds and it chimes. Push the yellow button again, wait 3 seconds and it chimes again. Then it's all on the screen prompts. You're asked 'Do you want to enter manual mode?' and you push 'Yes'…And then you're on your way."
"You can then vote as many times as you want. You won't ever have to stop until someone physically restrains you from voting," he explained.
"But wouldn't someone hear the chime?" we asked…
"No, it's barely audible. Quieter than the beep on your computer when it boots up. The systems are usually kept up against the wall to be near a power outlet and away from the poll workers for privacy. Plus, if you really wanted to pull it off, just come in with a friend and have them talk to the poll workers to distract them. Nobody would ever know."
McDannold's message left on Courbat's cell phone Monday confirming the issue. "Sequoia was actually in here this morning giving us a demonstration of the feature and how it works and how you would set it up and put it into that mode," said McDannold.
He claimed that the SoS office had then contacted all California counties using the Sequoia Edge and said "they are all doing poll worker training" and "putting signs up to warn people about the severe penalties for tampering with voting equipment uh which is would fall under—- most of them are putting signs actually on the machines."
"They are also being very conscious of the placement of the equipment so that they can observe, actually many of them are - have already planned to assign staff members to do nothing but just watch the machines for that purpose to make sure ah nobody is reaching around or doing anything," McDannold explained on the recorded message.
"It's not the voters we're worried about doing this," Courbat said. "It's the Precinct Captains and Elections Officials across thousands of precincts across the country. This isn't unique to Riverside or Tehama. Tens of thousands of votes can be stolen across the country," he added.
Courbat was furious at Sec. of State McPherson, who has been touting his record on security issues for voting systems on the campaign trail. A record, we might add, that seems to have little in common with McPherson's frequent public claims. He has certified system after system in the Golden State despite scores of vulnerabilities, inaccuracies, failures and malfunctions found in each of them.
McPherson is currently in a tight race with his Democratic challenger, State Sen. Debra Bowen, who has been a long time champion of Election Integrity and security issues, as well as transparency for such systems and in government as a whole. She has also been critical of McPherson's lax security standards, such as allowing hackable Diebold voting systems to be sent home with poll workers on "sleepovers" for days and weeks prior to elections despite serious vulnerabilities, more than 16, found by McPherson's own team of computer scientist advisors at UC Berkley.
"If McPherson says he didn't know about this on Tuesday during that interview, after his office had been notified long ago, then he's lying," Courbat charged. "McPherson had to know by Monday. He either knew about it or his staff never told him, in which case they need to be fired on the spot."
But if Watt knew about this vulnerability for years himself, why didn't he say something prior to 30 days ago?
"Ya know, I always thought people were honest. I really did," he told us during tonight's phone call. "I didn't really think anybody would exploit something like this. I just thought the best of people. But now I feel differently. After this last election, the Primary Election on June 6th, I saw things I couldn't believe. After all this talk about security for these systems, and chain of custody stuff…I saw the chain of custody issues just thrown right out the window in Tehama County," he said.
"Maybe it was naiveté before, I don't know. But after what I saw in that election, it just suddenly dawned on me. We've got a very serious problem here."
###
The transcript of the phone message left by Bruce McDannold on Tom Courbat's cell phone follows in full…
T-R-A-N-S-C-R-I-P-T
10-30-06 Voice Mail Message from Bruce McDannold – CA Secretary of State’s Office, 4:34 p.m. [2 minutes, 40 seconds duration] left on cell phone of Tom Courbat.
Yes, Mr. Courbat. Bruce McDannold from the uh Secretary of State’s office. We spoke Friday night and I just wanted to get back in touch with you.
Since we spoke, we have ah reviewed the information. Sequoia was actually in here this morning giving us a demonstration uh of the feature and how it works and how you would set it up and put it into that mode [the manual mode that allows continuous voting on any Sequoia Edge I or Edge II machine]. We’ve reviewed it with them and I have to at least notice or note that that’s not an easy thing to reach around and go through that sequence unobserved.
We’ve also spoken with all the counties ah that are Sequoia users today and verified they were all aware of that as a feature for the backup purposes, of course, that we discussed and why that feature was put in. Uh, they’re all aware of it, they have all of them been training their staff and are continuing to train their staff and their poll workers on observing that and watching the equipment um during the day for uh any use of that system or people reaching around certainly or too long in the voting booth or the audio beep that it automatically emits every time you try to put it in that mode there’s also an audio warning that goes with that so, you know, it’s an important kind of mitigation being aware.
They are all doing poll worker training ah they’re all putting signs up to warn people about the severe penalties for tampering with voting equipment uh which is would fall under—- most of them are putting signs actually on the machines. They are also being very conscious of the placement of the equipment so that they can observe, actually many of them are - have already planned to assign staff members to do nothing but just watch the machines for that purpose to make sure ah nobody is reaching around or doing anything.
And then of course, um a final important component is, they’re all required to do balloting accounting afterwards to verify and demonstrate that no one has ah tampered with the machines or put any extra votes on it. So ah we’re confident at this point that there are effective mitigation strategies out there — everybody’s clear that the essential [potential?] danger and alert to it, confident that it won’t be affecting the election. Hopefully that answers your questions and puts you at a little more at ease. If you have any further questions or want to get back in touch with me, my number of course is 916-653-7244.
Thanks
Concerns about the flaw were first reported some thirty days ago to California Secretary of State Bruce McPherson's office by Ron Watt, a Tehama County, CA precinct inspector who has been a poll worker in the county for the last fifteen years. And yet, as recently as a radio interview last Tuesday, McPherson — who has been crowing about having the country's most stringent security process for voting systems — denied he was aware of any security issues with Sequoia systems.
"They didn't care about it," Watt told us tonight about his "late September or early October" discussion with McPherson's voting systems chief Bruce McDannold. "He said he didn't think it was an important issue. He said I don't believe this is really a vulnerability."
Watt and Courbat disagreed and placed another phone call to the SoS' office on Friday after Watt received a copy of Sequoia's "Poll Workers Guide, Booklet #5: Troubleshooting" via a public records request in Tehama. On pages 19 through 22 of the booklet — which is marked as "Confidential and Proprietary" — he confirmed the simple manual override to the system. He'd learned about it years earlier and the new manuals confirmed that button was still in place. Even in the latest models of the Sequoia Edge voting systems (both models 1 and 2).
The complete sequence to override the system and enter manual voting mode, along with the Sequoia booklet received via Watt's public records request, is now posted here at BlackBoxVoting.org.
Watt had been taught to be a poll worker trainer by De La Rue, the former parent company of Sequoia, years ago when the systems were first brought into the county. The two men placed a conference call with McDannold last Friday after receiving the booklet. McDannold again reportedly downplayed the concerns, but said "he'd look into it," according to Courbat.
He called Courbat back on Monday afternoon to say Sequoia technicians had been in the SoS office and had confirmed the vulnerability. (A complete transcript of McDannold's Monday phone message left on Courbat's cell phone, confirming the security issue and describing the actions — or lack thereof — being taken, is at end of this article.)
Sequoia's voting machines are perhaps the most widely used in California, in some 19 different counties, including both Tehama and Riverside, which is known as the "Home of E-Voting" as it was the first county in the nation to deploy such systems. But identical Sequoia machines are also used in dozens of other states around the country including Florida, Illinois and elsewhere.
Thanks to the diligence of Watt and Courbat, it is now confirmed that all such systems are completely vulnerable to virtually anyone who wishes to cast as many votes as they please.
"I can do it in 18 seconds," says Watt. "I can train you to do it in 3 minutes. Just push the yellow button, wait 3 seconds and it chimes. Push the yellow button again, wait 3 seconds and it chimes again. Then it's all on the screen prompts. You're asked 'Do you want to enter manual mode?' and you push 'Yes'…And then you're on your way."
"You can then vote as many times as you want. You won't ever have to stop until someone physically restrains you from voting," he explained.
"But wouldn't someone hear the chime?" we asked…
"No, it's barely audible. Quieter than the beep on your computer when it boots up. The systems are usually kept up against the wall to be near a power outlet and away from the poll workers for privacy. Plus, if you really wanted to pull it off, just come in with a friend and have them talk to the poll workers to distract them. Nobody would ever know."
McDannold's message left on Courbat's cell phone Monday confirming the issue. "Sequoia was actually in here this morning giving us a demonstration of the feature and how it works and how you would set it up and put it into that mode," said McDannold.
He claimed that the SoS office had then contacted all California counties using the Sequoia Edge and said "they are all doing poll worker training" and "putting signs up to warn people about the severe penalties for tampering with voting equipment uh which is would fall under—- most of them are putting signs actually on the machines."
"They are also being very conscious of the placement of the equipment so that they can observe, actually many of them are - have already planned to assign staff members to do nothing but just watch the machines for that purpose to make sure ah nobody is reaching around or doing anything," McDannold explained on the recorded message.
"It's not the voters we're worried about doing this," Courbat said. "It's the Precinct Captains and Elections Officials across thousands of precincts across the country. This isn't unique to Riverside or Tehama. Tens of thousands of votes can be stolen across the country," he added.
Courbat was furious at Sec. of State McPherson, who has been touting his record on security issues for voting systems on the campaign trail. A record, we might add, that seems to have little in common with McPherson's frequent public claims. He has certified system after system in the Golden State despite scores of vulnerabilities, inaccuracies, failures and malfunctions found in each of them.
McPherson is currently in a tight race with his Democratic challenger, State Sen. Debra Bowen, who has been a long time champion of Election Integrity and security issues, as well as transparency for such systems and in government as a whole. She has also been critical of McPherson's lax security standards, such as allowing hackable Diebold voting systems to be sent home with poll workers on "sleepovers" for days and weeks prior to elections despite serious vulnerabilities, more than 16, found by McPherson's own team of computer scientist advisors at UC Berkley.
"If McPherson says he didn't know about this on Tuesday during that interview, after his office had been notified long ago, then he's lying," Courbat charged. "McPherson had to know by Monday. He either knew about it or his staff never told him, in which case they need to be fired on the spot."
But if Watt knew about this vulnerability for years himself, why didn't he say something prior to 30 days ago?
"Ya know, I always thought people were honest. I really did," he told us during tonight's phone call. "I didn't really think anybody would exploit something like this. I just thought the best of people. But now I feel differently. After this last election, the Primary Election on June 6th, I saw things I couldn't believe. After all this talk about security for these systems, and chain of custody stuff…I saw the chain of custody issues just thrown right out the window in Tehama County," he said.
"Maybe it was naiveté before, I don't know. But after what I saw in that election, it just suddenly dawned on me. We've got a very serious problem here."
###
The transcript of the phone message left by Bruce McDannold on Tom Courbat's cell phone follows in full…
T-R-A-N-S-C-R-I-P-T
10-30-06 Voice Mail Message from Bruce McDannold – CA Secretary of State’s Office, 4:34 p.m. [2 minutes, 40 seconds duration] left on cell phone of Tom Courbat.
Yes, Mr. Courbat. Bruce McDannold from the uh Secretary of State’s office. We spoke Friday night and I just wanted to get back in touch with you.
Since we spoke, we have ah reviewed the information. Sequoia was actually in here this morning giving us a demonstration uh of the feature and how it works and how you would set it up and put it into that mode [the manual mode that allows continuous voting on any Sequoia Edge I or Edge II machine]. We’ve reviewed it with them and I have to at least notice or note that that’s not an easy thing to reach around and go through that sequence unobserved.
We’ve also spoken with all the counties ah that are Sequoia users today and verified they were all aware of that as a feature for the backup purposes, of course, that we discussed and why that feature was put in. Uh, they’re all aware of it, they have all of them been training their staff and are continuing to train their staff and their poll workers on observing that and watching the equipment um during the day for uh any use of that system or people reaching around certainly or too long in the voting booth or the audio beep that it automatically emits every time you try to put it in that mode there’s also an audio warning that goes with that so, you know, it’s an important kind of mitigation being aware.
They are all doing poll worker training ah they’re all putting signs up to warn people about the severe penalties for tampering with voting equipment uh which is would fall under—- most of them are putting signs actually on the machines. They are also being very conscious of the placement of the equipment so that they can observe, actually many of them are - have already planned to assign staff members to do nothing but just watch the machines for that purpose to make sure ah nobody is reaching around or doing anything.
And then of course, um a final important component is, they’re all required to do balloting accounting afterwards to verify and demonstrate that no one has ah tampered with the machines or put any extra votes on it. So ah we’re confident at this point that there are effective mitigation strategies out there — everybody’s clear that the essential [potential?] danger and alert to it, confident that it won’t be affecting the election. Hopefully that answers your questions and puts you at a little more at ease. If you have any further questions or want to get back in touch with me, my number of course is 916-653-7244.
Thanks
For more information:
http://www.bradblog.com/?p=3714
Add Your Comments
Comments
(Hide Comments)
Beeping sound can be silenced by inserting a set of radio earphones into the jack which was included for visually disabled persons.
Here is how the "Yellow Button Hack" is done:
1. Go to the back of the voting machine. Press and hold the yellow activate button (about 3 seconds). Release when the screen says "waiting for next voter".
2. Press and hold the yellow button again until the screen says "change to manual activation?"
3. Touch the "Yes" button on the screen.
4. At that point there will be a message on the screen that says "Manual activate voting enabled" (this is just displayed briefly)
5. Next message will read "Waiting for the next voter" When you see that you touch the message that says "start voting" or "resume voting" located in the lower right of the screen The AVC Edge is now set up for poll worker activation mode.
Here is the sequence:
If it's regular voting (as opposed to provisional)
a. Once you've touched the start or resume the "waiting for next voter" appears
b. Activate the ballot by pressing and releasing the yellow activate button
c. Activate the correct party for the voter AND press the yellow activate button using the keypad on the display screen
d. Select the voter's language if appropriate
e. Vote. (Once the voter has completed voting and cast their ballot. Prepare the Edge for the next voter. If the next voter is a regular voter repeat step B and D above.
You can now vote as many times as you want to.
This information was obtained in a public records request
Here is how the "Yellow Button Hack" is done:
1. Go to the back of the voting machine. Press and hold the yellow activate button (about 3 seconds). Release when the screen says "waiting for next voter".
2. Press and hold the yellow button again until the screen says "change to manual activation?"
3. Touch the "Yes" button on the screen.
4. At that point there will be a message on the screen that says "Manual activate voting enabled" (this is just displayed briefly)
5. Next message will read "Waiting for the next voter" When you see that you touch the message that says "start voting" or "resume voting" located in the lower right of the screen The AVC Edge is now set up for poll worker activation mode.
Here is the sequence:
If it's regular voting (as opposed to provisional)
a. Once you've touched the start or resume the "waiting for next voter" appears
b. Activate the ballot by pressing and releasing the yellow activate button
c. Activate the correct party for the voter AND press the yellow activate button using the keypad on the display screen
d. Select the voter's language if appropriate
e. Vote. (Once the voter has completed voting and cast their ballot. Prepare the Edge for the next voter. If the next voter is a regular voter repeat step B and D above.
You can now vote as many times as you want to.
This information was obtained in a public records request
Why would you reproduce such an uninformed, ignorant quote such as, "Just push the yellow button and you can vote as many times as you want"? It's not true, but every web site in the world and every so-called journalist seems quite content to repeat anything any so-called "activist" is willing to spew.
The facts are:
- The yellow button is a necessary component of Sequoia touchscreen machines and those of other vendors have something comparable. If they didn't, "activists" would be screaming about people not being able to vote under certain circumstances
- You can also stuff as many paper ballots into a ballot box as you like, IF you're willing to serve prison time for a few extra votes
- Again, attempting this would be a felony punishable by prison time
- In most cases, there is more to it than just fiddling with the button
- It would be impossible to accomplish this without everyone in the room seeing what you are doing.
The Sequoia machines have always had this capability - this is nothing at all new - and it has never been a problem before. These reports are simply the shrill noise emitted by children in need of attention - and you are apparently happy to provide them the stage for it.
Why would someone truly interested in clean elections publish the instructions for committing election fraud? These are actually the instructions for committing a felony and disrupting an otherwise clean election. Apparently, some people are more interested in causing harm and taking out their personal frustrations in a public venue then they are in actually helping to ensure that we have fair, fraud-free elections. The previous post, with the felonious instructions, should be removed from this site, as well as all the others on which they've been posted. But I don't suppose that will happen. Shame on you.
We are 100% volunteer and depend on your participation to sustain our efforts!
Get Involved
If you'd like to help with maintaining or developing the website, contact us.
Publish
Publish your stories and upcoming events on Indybay.
Topics
More
Search Indybay's Archives
Advanced Search
►
▼
IMC Network