Georgia’s Secretary of State Brad Raffensperger was aware that the state’s voting machines had a software vulnerability that allowed them to be hacked but he still used them for his own reelection in 2022, according to reports.
Instead of addressing the security concerns, Raffensperger covered up a report exposing the issues and sought to bury it until after the 2024 election cycle.
On Wednesday, the Federal District Court for the Northern District of Georgia unsealed the 96-page Halderman Report – the Security Analysis of Georgia’s ImageCast X Ballot Marking Devices.
According to a report by J. Halderman, a Professor of Computer Science and Engineering at the University of Michigan, and Drew Sringall, an Assistant Professor and Security Researcher at Auburn University, there are several vulnerabilities in the Dominion Voting Systems’ ImageCast X system that can be exploited.
Far-left Georgia Judge Amy Totenberg sealed and covered up the results of the investigation of Dominion voting machines in Georgia.
The judge then sat on the report for two years until its release this week.
According to the report, it is possible to manipulate the votes cast on Dominion voting machines.
Additionally, the report highlights the vulnerability of the Dominion software, which makes it susceptible to hacking.
On Thursday VoterGA founder Garland Favorito joined Steve Bannon on “The War Room” to discuss the findings from the explosive report.
The report has revealed that Raffensperger hid this information from the public until now.
On Wednesday, Professor Halderman wrote about his findings in a blog post:
Back in September 2020, the Court granted the Curling Plaintiffs access to one of Georgia’s touchscreen ballot marking devices (BMDs) so that they could assess its security.
Drew and I extensively tested the machine, and we discovered vulnerabilities in nearly every part of the system that is exposed to potential attackers.
The most critical problem we found is an arbitrary-code-execution vulnerability that can be exploited to spread malware from a county’s central election management system (EMS) to every BMD in the jurisdiction.
This makes it possible to attack the BMDs at scale, over a wide area, without needing physical access to any of them.
Our report explains how attackers could exploit the flaws we found to change votes or potentially even affect election outcomes in Georgia, including how they could defeat the technical and procedural protections the state has in place.
While we are not aware of any evidence that the vulnerabilities have been exploited to change votes in past elections, without more precautions and mitigations, there is a serious risk that they will be exploited in the future.
On Thursday Professor Halderman tweeted out that Raffensperger will not install Dominion’s security patches before the 2024 election.
Astonishingly, Georgia Secretary of State Brad Raffensperger, who has been aware of our findings for two years, just announced that the state will not get around to installing Dominion’s security patches until after the 2024 Presidential election. 🤦https://t.co/bnPXoP6Xc2
— J. Alex Halderman (@jhalderm) June 14, 2023
In a recent statement, Raffensperger said:
The office also announced that there will be pilots of the recently Election Assistance Commission-certified version of Democracy Suite, 5.17, in 2023.
This software has not been deployed in any election in any jurisdiction as of yet.
The pilots will examine its full functionality in a real-world setting.
Also, in reviewing the processes it will require an update of the nearly 45,000 pieces of voting equipment, along with the subsequent acceptance testing.
This process will take tens of thousands of manhours.
Therefore, the statewide move to 5.17 will occur following the 2024 election cycle.
This will allow the state and counties to focus on executing municipal elections and running the Presidential cycle. It also allows the state to put together a thoughtful, thorough plan to roll out the latest software.
Raffensperger has been aware of the investigators’ findings for two years.