link to Home Page

RAS Modem Connections

Here are the details about remote access vulnerability through the modem connecting polling place voting machines with the central vote-counting server in each county elections office. This applies specifically to all Diebold systems (1,000 counties and townships), and may also apply to other vendors. The prudent course of action is to disconnect all modems, since the downside is small and the danger is significant. The central servers are installed on unpatched, open Windows computers and use RAS (Remote Access Server) to connect to the voting machines through telephone lines. Since RAS is not adequately protected, anyone in the world, even terrorists, who can figure out the server´s phone number can change vote totals without being detected by observers.

The audit log is a computer-generated automatic record similar to the "black box" in an airplane, that automatically records access to the Diebold GEMS central tabulator (unless, of course, you go into it in the clandestine way we demonstrated on September 22 in Washington DC at the National Press club.) The central tabulator audit log is an FEC-required security feature. The kinds of things it detects are the kinds of things you might see if someone was tampering with the votes: Opening the vote file, previewing and/or printing interim results, altering candidate definitions (a method that can be used to flip votes).
Bev Harris