Geogia’s Secretary of State Raffensperger Gave Hackers A Roadmap

. . . to Infiltrate Voting Machines A Year Before the 2020 Election

By George Eliason, Jan 3, 2021

Original Creative Destruction Media article here.

The 2020 ELECTION WAS STOLEN. If the information below doesn’t convince you, it’s because you’re part of the problem. Donald Trump won the 2020 election.

If you’re American and care about your country and it doesn’t matter what side of the political aisle you’re on, if you don’t support Donald Trump now, you lose. We all lose. American Democracy came in with a bang and left with a whimper. The country is lost.

America, it’s time to say HELL NO!

With the Georgia run-off election happening on January 5th, you will get angry with the information you’re about to read. Voters in every other state using Dominion/Diebold systems, ES&S, Unisyn, or other electronic voting system during the 2020 election will be angry.

GA Secretary of State Brad (SoS) Raffensperger posted what is essentially a guide to hack Dominion, ES&S, and Smartmatic voting systems during the summer of 2019, one year ahead of the 2020 elections. This made every aspect of the Dominion Voting Systems Democracy Suite open for business to anyone in the business of skewing elections. Raffensperger gave them a year to prepare with the actual components Dominion uses and perfect the methodologies used to hack the GA election.

This link is to the redacted GA Master Technical Evaluation. Although redacted, the report left every route needed to hack and control each technical component Dominion uses as well as adding an actual vulnerability to get hackers started.

The GA evaluation also lists the scanners needed to find the source code and all possible routes into all three systems. I’ll be getting back to this later but it even identifies Dominion’s source code.

Just to make sure I have your attention, below is a list of every piece of Dominion equipment that GA certified. Each piece is listed from the evaluation as a link showing how to hack it. A comprehensive breakdown is in the GA contract. There is no mention of a firewall on the Dominion system at all in the evaluation because it’s not “online,” even though routes to every sandboxed system are available to hackers through WiFi and Bluetooth components inside the sandbox itself.

In short, there is no security on the Dominion system at all. Most importantly, you’ll see how the election is being stolen from the inside.

The stories about the election tallies being sent overseas to Germany, Rome, the UK, Canada, and other exotic places to be processed are true. Inside Dominion’s contract is a use of temporary foreign worker’s clause for the GA general election. This is Dominion’s contract with the State of Georgia.

Dominion hired workers in foreign countries to service the 2020 election. Dominion uses 3 or 4 levels of access keys to operate the Democracy Suite system. Just to be able to work from outside the United States, these foreign nationals working with the ballots need have master tech keys. With the tech keys every part of the system is open and every election file is available and changeable.

The following is from ES&S’ contract with Michigan. ES&S is a close mirror company to Dominion. Both companies offer remote access for election servicing work.

ES&S offered remote access to voting equipment as recently as last year, according to this ten-year contract between ES&S and the state of Michigan — with a start date of March 1, 2017. The contract offers election officials the choice of an on-site technician at $1,575/day or a “remote access” option at “$250 per election set-up.” ES&S Michigan Contract

How big is the barn door Raffensperger opened to hackers? — over 20 pieces of equipment which represent what you see at a polling station and what you don’t see. Raffensperger’s list identified every avenue for hackers to explore for every election in 2020.

Dominion specializes in selling outdated, no longer supported systems and equipment. The links below show how easy it is to find hacking instructions for everything in the polling station.

As an example, and because the ballot on demand printers are always on, hackers can use the Bluetooth to gain direct access to the “offline” network connected directly to Dominion’s Democracy Suite and always have access to the entire system. KNOWINK’s PollPad provides WiFi and Bluetooth access but is supposed to have some kind of firewall. Below, you’ll see how KNOWINK made that useless.

For the full drawdown specifications on Dominion’s equipment, refer to the GA contract linked above and found online. The image below is Dominion’s own diagram for the election system in use. Every one of the 20 hackable+ pieces above correlates to what shown in the diagram.

All of Dominion’s minimalist security features for their software and equipment are delivered standard in the off position. Therefore, in most cases, security measures are never turned on.

Part of this is Dominion’s insistence that the system is offline. This was found in testing conducted in 2002 as Diebold products and again in 2016 after Dominion took over Diebold products.

img

Dominion is managing all the elections through Amazon Cloud environments backed by Cisco. Ex-employee hacked Cisco’s AWS Infrastructure; erased virtual machines. The main benefit of the cloud was protection against DDOS attacks. This cloud is what KNOWINK is using as their baseline security. It doesn’t work if you are already inside the system.

Dominion’s Ballot Marking Device

The one piece of equipment not listed above is the Dominion BMD or ballot marking device. After the election equipment is certified for use, no changes can be made to the software or hardware without SoS and EAC approval and maintain the certification for the election.

According to a 2020 election lawsuit [filed in GA](https://www.brennancenter.org/sites/default/files/2020-10/STATE_DEFENDANTS’_RESPONSE_TO_THE_COURT’S_ORDER%2C_[DOC. 957].pdf), during September 2020 ahead of the general election GA SoS Raffesperger ordered county election officials to do a complete software wipe of the BMDs and install brand new software that never went through the certification process. As of the October 2nd report, Dominion had not submitted a request for this major change with the U.S. Election Assistance Commission (EAC).

According to the Master Technical Evaluation listed above, both Dominion and the GA SoS are very clear on the fact that this breaks the certification for GA and may well get the ballots voters cast tossed as a result. The new software was never even tested to see if it caused other issues with the system.

GA SoS Raffensperger ordered counties to make the change knowing it is illegal in GA and puts the onus of liability on the county election managers themselves if they complied. This email, from the lawsuit shows how serious the situation is. SoS Raffensperger also helped draft a loophole in the law to make EAC certification meaningless even though GA law demands compliance with Federal election standards.

img

This is where things get interesting with the Ballot marking Devices (BMDs). The only TRUE record of what vote was cast is in the hand of the voter who can read it. The following shows why using unreadable barcode makes it impossible for a voter to know when fraud is being committed with the Dominion system.

According to the GA evaluation linked above, when the BMDs are in operation there are two open and accessible ports on the machines.

Other than the obvious point of hackable access, which I’ll get to momentarily, what you may not know is the Diebold machines GA replaced in 2019 were Dominion owned machines. Dominion bought Diebold in 2010 from ES&S including all the software and licensing that ran the systems. The source code for Dominion and ES&S is the same C++ Diebold machines used in Georgia that ran from 2002-2019.

The new Dominion machines are running the same hacked C++ source code as the machines they replaced. I first found this in the GA Tech Eval where the GA evaluators listed the two scanners needed to find all the hacking vulnerabilities in the Dominion Democracy Suite system and disclosed the first vulnerability enough to get lazy hackers interested.

The first scanner, Nessus, is a top of the line web-property vulnerability scanner. The second one, Style Cop is what interested me after looking it up. Style Cop is used for C++ source code scans. This confirmed Dominion is still using the Diebold source code and why the licensing it received from ES&S was in perpetude.

From the Dominion’s GA contract we see the Democracy Suite system includes the following Third-Party Software. Earlier versions of these unsupported software were part of the Dominion owned Diebold system.

EMS Standard Server Prerequisites

  • Microsoft Visual J#
  • Microsoft Visual C++ 2013 Redistributable Packag
  • Microsoft Visual C++ 2013 Redistributable Package (64bit)
  • Microsoft Visual C++ 2015 Redistributable Package (32bit)
  • Java Runtime Environment
  • Microsoft SQL Server 2016 Standard
  • Microsoft SQL Server Management Tools
  • Cepstral Voices
  • Arial Narrow Fonts

EMS Client Workstation Prerequisites

  • Microsoft Visual J#
  • Microsoft Visual C++ 2013 Redistributable Package
  • Microsoft Visual C++ 2015 Redistributable Package 64bit
  • Java Runtime Environment
  • Maxim iButton Drive
  • Adobe Reader
  • Microsoft Access Database Engine
  • Open XML SDK 2.0 for Microsoft Office
  • Arial Narrow Fonts

The crossover from Diebold to Dominion isn’t just to give a historic perspective. The corrupted system CD Media outlined going back to the 2002 election in Cracking Dominion’s Source Code- It’s been called a threat to National Security since 2003 was in service under Dominion auspices from 2010 until Dominion replaced it with what amounts to an equipment update and software enhancement.

The lawsuit against Dominion linked above was begun in 2020 by the same people that investigated how much manipulation could be done in 2003, 2006, and 2016.

The strange anomalies that were caught during the 2020 general election can be explained simply by looking for an updated version of cheats that were done previously. For example, where inflated voter turnouts and percentage of votes cast for Biden were the same across multiple precincts, it looks like a new version of a negative voting scheme.

In 2005 these investigators found Diebold/Sequoia/Dominion BMDresults could be altered with a memory card. Today the machines use smartcards and thumb drives. Researcher Harri Hursti found that the memory cards were capable of counting negative votes. After altering the card and inserting it, ballot totals were changed on the central tabulator and the voting machine results tape undetectably. The same group proved results reports could be altered without a password using a Visual Basic script.

Negative voting subtracts votes from one candidate and gives them to the other in a prescribed manner. This preserves the totals for the election and allows precise targeting of specific precincts needed for a candidate to win without drawing any attention.

Example: There are 10000 voters in a Republican-dominated precinct. Candidate A is expected to win by 1000 votes. The smart card or thumb drive is programmed at the adjudication workstation (Microsoft Visual) and gives Candidate B 1021 of Candidate A’s votes. Easy peasy.

According to the GA Evaluation, with two open ports, the BMDs are open to do this.

The GA evaluators also acknowledged the presence of more than one set of audit books on the system.

By using some variation of the negative ballot-counting scheme would go a long way to explaining the mass exaggerated over counts swing state precincts had. There were too many cooks in the kitchen with access to make changes and no chef to coordinate the action.

In the last article, we highlighted the work Bev Harris did exposing the now Dominion-owned system. It’s time to revisit it because the same unsecured audit system using Microsoft ACCESS data base been used in GA since 2002. It is in use today.

Harris found the election files for GA with a no password access on Diebold’s FTP site contained a gold mine for how to steal elections. Access to Dominion’s system provides for the following in 2020.

The contents of these files amounted to a virtual handbook for vote-tampering: They contained diagrams of remote communications setups, passwords, encryption keys, source code, user manuals, testing protocols, and simulators, as well as files loaded with votes and voting machine software.

Diebold Elections Systems AccuVote systems use software called “GEMS,” and this system is used in 37 states. The voting system works like this:

Voters vote at the precinct, running their ballot through an optical scan, or entering their vote on a touch screen.

After the polls close, poll workers transmit the votes that have been accumulated to the county office. They do this by modem.

At the county office, there is a “host computer” with a program on it called GEMS. GEMS receives the incoming votes and stores them in a vote ledger. But in the files we examined, which were created by Diebold employees and/or county officials, we learned that the Diebold program used another set of books with a copy of what is in vote ledger 1. And at the same time, it made yet a third vote ledger with another copy.

Apparently, the Elections Supervisor never sees these three sets of books. All she sees is the reports she can run: Election summary (totals, county wide) or a detail report (totals for each precinct). She has no way of knowing that her GEMS program is using multiple sets of books, because the GEMS interface draws its data from an Access database, which is hidden. And here is what is quite odd: On the programs we tested, the Election summary (totals, county wide) come from the vote ledger 2 instead of vote ledger 1, and ledger 2 can be altered so it may or may not match ledger 1.

Now, think of it like this: You want the report to add up only the actual votes. But, unbeknownst to the election supervisor, votes can be added and subtracted from vote ledger 2. Official reports come from vote ledger 2, which has been disengaged from vote ledger 1. If one asks for a detailed report for some precincts, though, the report comes from vote ledger 1. Therefore, if you keep the correct votes in vote ledger 1, a spot check of detailed precincts (even if you compare voter-verified paper ballots) will always be correct.”

If you scroll up to the 3rd party software listing, that same Microsoft Access data base and multiple book system is still being used to throw elections seamlessly and undetectably.

Auditing

Again from Bev Harris provided all this information on a share as widely as possible basis. The audit trail is what is supposed to guarantee election security. Harris went to the same Diebold/Dominion website and downloaded a GEMS (General Election Management System) audit report.

“Note that a user by the name of “Evildoer” was added. Evildoer performed various functions, including running reports to check his vote-rigging work, but only some of his activities showed up on the audit log.

It was a simple matter to eliminate Evildoer. First, we opened the election database in Access, where we opened the audit table: Then, we deleted all the references to Evildoer and, because we noticed that the audit log never noticed when the admin closed the GEMS program before, we tidily added an entry for that.

Adjudication Workstation Prerequisites

  • Dell Latitude T3420 Lapto
  • Microsoft Visual J#
  • Microsoft Visual C++ 2013 Redistributable Package
  • Microsoft Visual C++ 2015 Redistributable Package 64bit
  • Java Runtime Environment
  • Adobe Reader

The adjudication workstations provide the means to write the Microsoft Visual scripts to plug into the BMDs and stays on top of the actual results. The ballots can be changed seamlessly without detection.

Video Testimony from yesterday showing some of the above is being found

Dominion Passwords and Logins

When you see what you can do with the passwords and logins remotely is where everything gets crazy. Consider what an activist in Michigan or Minnesota, Canada, or the UK can do to the 2020 general election because they have access to the system, Microsoft Access, and the right level password. If everything was on the straight and narrow in Georgia, someone thousands of miles away can easily decide who the winners are. They can access it in Dominion’s cloud. They can rewrite the audit logs. They can adjust the vote in the necessary precincts just enough to win after the fact and change the election.

Dominion C++ hardcoded in the source code password- 1-1-1-1

KnowInk uses a single password across all its BlueTooth connected PollBooks- 1-2-3-4

The common factor for 3 of the 5 data breaches shown below are ES&S Bob Urosevich and Dominion’s Barry Herron.

Dominion uses three levels of keys according to the GA Technical Analysis. One is for poll workers. The second is a supervisory key that can add more keys and change workers into supervisors which opens all the programs. The third is Dominion tech keys. This has access to and can change anything in the system at any time including the software as well as adjust all the tabulations.

CSO found five voting machine vendors in the third-party data breaches we reviewed, including more than two thousand credentials for the defunct Diebold, now owned by Dominion Voting.

The other four are ES&S, Dominion Voting, MicroVote and Unisyn Voting Solutions. ES&S has the most credential pairs exposed (more than one hundred). The rest range from a handful to several dozen.

The breached credentials include key members of management, engineering, and operations teams for these companies. One case of password reuse over the last ten years would have been enough for an attacker to gain a foothold in a voting machine vendor’s network and potentially compromise the integrity of voting machines — and election results.

CSO shared copies of the third-party breach credentials, including work emails and passwords, via encrypted channels with ES&S, Dominion Voting and MicroVote.

img

From UpGuard “On August 11th, 2017, UpGuard Director of Strategy Jon Hendren discovered an Amazon Web Services S3 bucket configured for public access, the contents almost entirely downloadable to anyone accessing the bucket’s web address. Located at the AWS S3 subdomain “chicagodb,” the main repository contains two folders, “Final Backup_GeneralNov2016” and “Final Backups_6_5_2017,” as well as a 12 GB MSSQL database file. Many of the file names indicated the name of ES&S, one of the nation’s most prominent provider of voting machines and associated software.

Following Hendren’s notification of the discovery to UpGuard Director of Cyber Risk Research Chris Vickery, Cyber Risk Team analysis revealed that this 12 GB file, as well as a 2.6 GB file and a 1.3 GB file stored in each folder, each constitutes a separate copy of a database containing the personal information of 1.864 million Chicago voters. After notifying the affected municipality, the exposure was closed on the evening of August 12th.

While the databases contain a large number of SQL tables, with file names including such phrases as “BallotImages,” “polldata_summary,” and “pollworker_times,” of perhaps greatest interest is the table set titled “dbo.voters.” This data set lists the 1.864 million Chicago voters, each assigned a unique, internal voter ID, as well as their names, addresses, dates of birth, and more identifying details across dozens of columns. This reporter, a Chicago resident and registered voter, verified the data’s accuracy by looking himself up”.

The AWS cloud contained dozens of ES&S technician logins. If this was just a company site why would enough election data to work an election be there with the means (keys) to change it remotely?

Dominion credentials and logins were found the same way.

Dominion Voting Systems offers remote services that make changing election results from thousands of miles away possible. The supposed air gap in their voting system is a myth even the NYT acknowledges doesn’t work to begin with, but even if it did, the security lapses make it worthless.

Dominon also claims to encrypt data with hashing to the gold standard of SHA-256. Data is encrypted at rest and in transit to 258 bit level encryption.

It sounds great except Dominion couldn’t show how they do this at the GA Technical Evaluation. The Dominion team didn’t know who was responsible for supervising encryption either.

Lastly, the only proof Dominion can provide that software isn’t changed during the elections is through the audit logs which have been proven to encourage tampering. All they need to do is remove the entry and rerun the report.

Stacy Abrams lobbied online to get Dominion’s Democracy Suite for this election because she is part of that system with Governor Brian Kemp and SoS Raffenspurger.

Georgia’s Constitutional rights and citizen’s rights have been violated during every election for the past 18 years every time someone took advantage of this voting system at every level it’s used. Your vote didn’t matter. Your election was decided for you.

Georgia! I’m offended for you.

Both Republicans and Democrats use these corrupted elections systems to gain power and wealth today at the expense of voters. If you voted for Joe Biden and think it’s ok because your candidate won, think again.

Every time a good qualified candidate who is for the American people runs, the election WILL BE STOLEN if this isn’t stopped now. Georgia, it’s time to say no more!

The 2020 ELECTION WAS STOLEN. If the information above doesn’t convince you, it’s because you’re part of the problem. Donald Trump won the 2020 election.

If you’re American and care about your country and it doesn’t matter what side of the political aisle you’re on, if you don’t support Donald Trump now, you lose. We all lose. American Democracy came in with a bang and left with a whimper. The country is lost.

America, it’s time to say HELL NO!