Last updated on: 1/7/2009 | Author:

Potentially Stolen Diebold Source Code

FBI Contacts Former Legislator


  1. “Former Delegate Gets Purported Diebold Code”
  2. “Computer Voting Disks Likely Made For Testers”


I. Melissa Harris, reporter for the Baltimore Sun, explains in her Oct. 20, 2006 article “Former Delegate Gets Purported Diebold Code”:

“Diebold Election Systems, Inc. expressed alarm and state election officials contacted the FBI yesterday after a former legislator received an anonymous package containing what appears to be the computer code that ran Maryland’s 2004 polls…

The availability of the code – the written instructions that tell the machines what to do – is important because some computer scientists worry that the machines are vulnerable to malicious and virtually undetectable vote-switching software. An examination of the instructions would enable technology experts to identify flaws, but Diebold says the code is proprietary and does not allow public scrutiny of it…

Diebold has not confirmed that the code received by [Cheryl C.] Kagan is authentic, said Mike Morrill, a spokesman for the company in Maryland. But Johns Hopkins University computer scientists Aviel Rubin reviewed one of the disks and said he believed it was genuine…

Kagan called the attorney general’s office, and word of the disks began to spread. Learning of the development, Linda H. Lamone, the state’s elections chief, reported Kagan’s possession of the code to the FBI yesterday. Kagan said she had been contacted by an FBI investigator but had not met with him. ‘I intend to cooperate’ with the inquiry, Kagan said, adding that she believed evidence of a serious security breach had to be revealed. An FBI spokeswoman could not confirm yesterday the nature of the bureau’s interest…

The codes, which were delivered to Kagan in three versions on separate disks… appear to be created by two companies that test the software – Wyle Laboratories and Ciber Inc., whose teams are based in Huntsville, Alabama. Maryland law requires such independent testing before the equipment’s use. The disks have the testing authorities’ names on them, as well as other identifying features. Anyone who had permission to to handle these disks would have received passwords from Diebold, enabling investigators to trace those authorized to use them.”

Oct. 20, 2006 Melissa Harris


II. Cameron W. Barr, Washington Post Staff Writer, reports in his Oct 21, 2006 article “Computer Voting Disks Likely Made For Testers”:

“A Maryland election official said yesterday that possibly stolen computer disks believed to be electronic voting software were ‘apparently produced’ for use by a testing firm hired by the Maryland legislature in November 2003.

Ross Goldstein, deputy administrator for the Maryland State Board of Elections, said documents indicate that the disks were sent to Maryland so Raba Technologies Inc. could assess the security of the state’s electronic voting system, which is provided by Diebold Election Systems. A receptionist at Raba, based in Columbia [Maryland] declined to comment yesterday after consulting with her supervisor.

Labels on the disks indicate that they contain the versions of the two Diebold programs that powered electronic voting machines in Maryland in 2004, Goldstein said Thursday. Diebold said one version of one program is still in use in some jurisdictions elsewhere in the United States. Cheryl C. Kagan, a former Maryland delegate who has questioned the security of electronic voting systems, said the disks were delivered anonymously to her office in Olney on Tuesday.

State elections administrator Linda H. Lamone has asked the FBI to investigate the apparent theft and leaking of proprietary software…

Some computer scientists said the incident shows why the makers of voting systems should publicly disclose their software. ‘It’s hard to keep a secret like this for a long time,’ said Edward Felten, a Princeton University computer scientist who demonstrated in September how Diebold’s machines could easily be hacked. The company called Felten’s work inaccurate and unrealistic…

Kagan said that she expects to meet with FBI agents next week and that she was prepared to grant the FBI’s request to turn over the disks.”

Oct. 21, 2006 Cameron W. Barr


Related Links:

  1. Are Electronic Voting Systems Vulnerable to Hacking?
  2. Should Source Code for Electronic Voting Machines Be Publicly Available?