Skip to comments.
Dominion Voting Systems CEO Says Company Has Never Used SolarWinds Orion Platform
Epoch Times ^
| 12/15/2020
| Zachary Steiber
Posted on 12/15/2020 3:30:16 PM PST by SeekAndFind
The CEO of Dominion Voting Systems on Tuesday said the company has never used a platform that experts believe was breached by hackers as far back as last year.
“We don’t use the SolarWinds Orion package that was the subject of the DHS report from the 13th,” CEO John Poulos told legislators in Michigan via video link.
However, a screenshot of a Dominion webpage that The Epoch Times captured shows that Dominion does use SolarWinds technology. Dominion later altered the page to remove any reference to SolarWinds, but the SolarWinds website is still in the page’s source code.
SolarWinds’s technology was exploited by actors who inserted malicious software into updates for its Orion platform, according to officials with the Department of Homeland Security (DHS) and cybersecurity experts.
The DHS’s Cybersecurity and Infrastructure Security Agency (CISA) warned that the compromise of the network “poses unacceptable risks” and ordered federal agencies that use it to revoke internet access to the affected devices.
The attack “was likely the result of a highly sophisticated, targeted, and manual supply chain attack by an outside nation state, but we have not independently verified the identity of the attacker,” the company said in a statement.
Non-Orion products don’t appear to have been compromised, SolarWinds said.
Poulos said Dominion hasn’t ever used the Orion platform. No legislators asked him about what SolarWinds technology the company does use, and Dominion didn’t respond to requests for comment.
Dominion provides voting equipment and software to 28 states.
(Excerpt) Read more at theepochtimes.com ...
TOPICS: Crime/Corruption; News/Current Events; Politics/Elections
KEYWORDS: ceo; dominion; hacking; solarwinds
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-52 next last
To: proust
I saw on the Donald.win site that it was still in the source code.
21
posted on
12/15/2020 4:05:26 PM PST
by
CommieCutter
(If the left wants sunshine then I want rain.)
To: SeekAndFind
US intel will prove him to be a liar.
22
posted on
12/15/2020 4:12:21 PM PST
by
DarthVader
(Not by speeches & majority decisions will the great issues th the day be decided but by Blood & Iron)
To: All
The Supreme Court’s Texas Ruling is Nothing Short of Disgrace
How many of those litigant states backing Texas used the rigged Dominion voting machines?
The answer to that demonstrates that the USSC aided and abetted state officials’ election tampering equipment/software of Dominion Voting Systems.
By rejecting the Texas lawsuit, the USSC effectively said, “we the Supreme Court permit you to manipulate and disenfranchise America voters outside the jurisdictional of your own state legislatures b/c numerous details in the Texas lawsuit exposed the tax-paid public servants as derelict......possibly criminal......in carrying out their duties.
Alarmingly, the USSC protected the tax-financed administrative state-——particularly those election officials who were beneficiaries of Zuckerbrg’s $400 million outlay.
AG’s in states who were party to Texas’ lawsuit, might now start investigating Dominion Voting Systems for their crimes, utilizing their own tax-financed L/E capabilities.
23
posted on
12/15/2020 4:12:22 PM PST
by
Liz
( Our side has 8 trillion bullets; the other side doesn't know which bathroom to use. )
To: SeekAndFind
24
posted on
12/15/2020 4:33:15 PM PST
by
DannyTN
To: SeekAndFind
Hmmm lying there is illegal. What kind of jail time for that.
To: SeekAndFind
Was he under oath when he said it? That would be perjury, no?
26
posted on
12/15/2020 5:04:47 PM PST
by
Texas Eagle
(If it wasn't for double-standards, demonicRATS would have no standards at all.)
To: SeekAndFind
Again and Again, no Dominion election software system ever used Orion, see my prev posts.
Please Stop Spreading Stupid
This is Serv-U which is an FTP client sold by the same company. It has nothing to do with the Orion platform.
what you are doing is just like saying “the control software in my Hyundai car got hacked, this means that every cargo container with Hyundai stenciled on it is compromised”
Please stop
27
posted on
12/15/2020 5:11:10 PM PST
by
algore
To: HighSierra5
I was being sarcastic. But I restate the question - and so what if they lie. GOPeers love liars.
To: CommieCutter
29
posted on
12/15/2020 5:21:46 PM PST
by
4Liberty
(How does a kids car-donation nonprofit pay for so MANY radio ads if it's a charity?)
To: SeekAndFind
They easily lie to the a-hole Congress fools who in return easily believe the lies.
30
posted on
12/15/2020 5:32:54 PM PST
by
shanover
(...To disarm the people is the best and most effectual way to enslave them.-S.Adams)
To: malach
Yes, what difference does it make? The accusation is that the software/system is capable of changing votes and shifting votes on purpose not that it was hacked. That’s actually someone trying to provide cover for Dominion, it’s just more BS.
31
posted on
12/15/2020 5:47:00 PM PST
by
WHBates
To: algore
This is Serv-U which is an FTP client sold by the same company. It has nothing to do with the Orion platform. Sure, except it has as many 2020 vulnerabilities as Orion. The company is like Adobe, created and run to spread vulnerabilities. Nobody should use any of their software especially voting machine companies.
32
posted on
12/15/2020 6:45:14 PM PST
by
palmer
(Democracy Dies Six Ways from Sunday)
To: palmer
No, the attack vector was the update system, and only one malicious .dll file specifically for one product was identified.
Please do not spread misinfo, there is enough already.
33
posted on
12/15/2020 6:50:37 PM PST
by
algore
To: 4Liberty
Wow, so the Serv-U gif is hosted on the Solarwinds webserver
Omg. haha
34
posted on
12/15/2020 6:55:16 PM PST
by
algore
To: SeekAndFind
35
posted on
12/15/2020 6:58:01 PM PST
by
tbw2
To: algore
No, the attack vector was the update system, and only one malicious .dll file specifically for one product was identified. No you are wrong. solarwinds -- serv-u_ftp_server SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution. 2020-07-05 7.5 CVE-2020-15541
That's just one of many for the product.
Please do not spread misinfo
It's a garbage product mainly useful for companies that want to add vulnerabilities to their products.
36
posted on
12/15/2020 7:15:36 PM PST
by
palmer
(Democracy Dies Six Ways from Sunday)
To: palmer
No I am right.
That was a totally different issue. That bug did affect
Serv-u versions 15.0.. to 15.2.. but that issue was identified and patched in july.
But it was a vulnerability/bug, not a deliberate attack that including signed .dll files inserted into the update matrix for a specific product in a deliberate penetration attempt
You do see the difference?
37
posted on
12/15/2020 8:57:07 PM PST
by
algore
To: palmer
“It’s a garbage product mainly useful for companies that want to add vulnerabilities to their products”
More like an expensive product that is one of many created in order it easier to manage lots of slave machines, and see who is uppity.
38
posted on
12/15/2020 9:02:22 PM PST
by
algore
To: SeekAndFind
The screenshot came from an expert witness in Sidney Powell’s GA lawsuit. A cyber security expert. Captured and secured the code for the website, and it was copyright SolarWinds.
Then Solarwinds pulled the site credits/log.
39
posted on
12/15/2020 9:06:05 PM PST
by
John S Mosby
(Sic Semper Tyrannis)
To: algore
Yes, I understand the difference.
Signed code attacks are easy and a dime-a-dozen. Code signing certs are everywhere and easy to obtain. China and Taiwan have hundreds of code signing certs they can use to create or compromise products, and they do it all the time. The media is pretending this is novel and they obviously fooled you.
Other software supply chain attacks are through unsigned open source, also quite common. The US military has a ton of open source in it, supposedly all vetted but its not.
Vulnerabilities are a hidden way to allow adversaries to gain access to a product. For example a voting machine company can use SW that they know is vulnerable, advertise that fact on their website, and expect that enemies can use that information to meddle in elections.
A good example of the latter is Adobe. Inserting Adobe components is not much more than a way to make sure that a product is hackable.
Why would any company do that, you might ask. The answer is simple: $$$.
40
posted on
12/15/2020 9:09:11 PM PST
by
palmer
(Democracy Dies Six Ways from Sunday)
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-52 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson