Replies

Yep.

The most secure election ever.

This is part of the finding of the forensic analysis of ONE Dominion system that they were allowed to get their hands on. Just ONE. Any of you IT folks out there (as I am) look at this analysis below, and see much professional security out there? Anyone?

What do YOU think of this? This is verbatim from the report (I formatted it just a bit differently for readability, but the text is exact):

SERVER OVERVIEW AND SUMMARY

Our initial audit on the computer running the Democracy Suite Software showed that standard computer security best practices were not applied. These minimum-security standards are outlined the 2002 HAVA, and FEC Voting System Standards – it did not even meet the minimum standards required of a government desktop computer.
The election data software package USB drives (November 2020 election, and November 2020 election updated) are secured with bitlocker encryption software, but they were not stored securely on-site. At the time of our forensic examination, the election data package files were already moved to an unsecure desktop computer and were residing on an unencrypted hard drive. This demonstrated a significant and fatal error in security and election integrity. Key Findings on Desktop and Server Configuration: - There were multiple Microsoft security updates as well as Microsoft SQL Server updates which should have been deployed, however there is no evidence that these security patches were ever installed. As described below, many of the software packages were out of date and vulnerable to various methods of attack.
1. Computer initial configuration on 10/03/2018 13:08:11:911
2. Computer final configuration of server software on 4/10/2019
3. Hard Drive not Encrypted at Rest
4. Microsoft SQL Server Database not protected with password.
5. Democracy Suite Admin Passwords are reused and share passwords.
6. Antivirus is 4.5 years outdated
7. Windows updates are 3.86 years out of date.
8. When computer was last configured on 04/10/2019 the windows updates were 2.11 years out of date.
9. User of computer uses a Super User Account.
The hard drive was not encrypted at rest – which means that if hard drives are removed or initially booted off an external USB drive the files are susceptible to manipulation directly. An attacker is able to mount the hard drive because it is unencrypted, allowing for the manipulation and replacement of any file on the system.
The Microsoft SQL Server database files were not properly secured to allow modifications of the database files.
The Democracy Suite Software user account logins and passwords are stored in the unsecured database tables and the multiple Election System Administrator accounts share the same password, which means that there are no audit trails for vote changes, deletions, blank ballot voting, or batch vote alterations or adjudication.
Antivirus definition is 1666 days old on 12/11/2020. Antrim County updates its system with USB drives. USB drives are the most common vectors for injecting malware into computer systems. The failure to properly update the antivirus definition drastically increases the harm cause by malware from other machines being transmitted to the voting system.
Windows Server Update Services (WSUS) Offline Update is used to enable updates the computer – which is a package of files normally downloaded from the internet but compiled into a program to put on a USB drive to manually update server systems.
Failure to properly update the voting system demonstrates a significant and fatal error in security and election integrity.
There are 15 additional updates that should have been installed on the server to adhere to Microsoft Standards to fix known vulnerabilities. For the 4/10/2019 install, the most updated version of the update files would have been 03/13/2019 which is 11.6.1 which is 15 updates newer than 10.9.1 This means the updates installed were 2 years, 1 month, 13 days behind the most current update at the time. This includes security updates and fixes. This demonstrated a significant and fatal error in security and election integrity.
1. Wed 04/10/2019 10:34:33.14 - Info: Starting WSUS Offline Update (v. 10.9.1)
2. Wed 04/10/2019 10:34:33.14 - Info: Used path “D:\WSUSOFFLINE1091_2012R2_W10\cmd\” on EMSSERVER (user: EMSADMIN)
3. Wed 04/10/2019 10:34:35.55 - Info: Medium build date: 03/10/2019 16
4. Found on c:\Windows\wsusofflineupdate.txt
5. *WSUS Offline Update (v.10.9.1) was created on 01/29/2017 *WSUS information found here https://download.wsusoffline.net/
Super User Administrator account is the primary account used to operate the Dominion Election Management System which is a major security risk. The user logged in has the ability to make major changes to the system and install software which means that there is no oversight to ensure appropriate management controls – i.e. anyone who has access to the shared administrator user names and passwords can make significant changes to the entire voting system. The shared usernames and passwords mean that these changes can be made in an anonymous fashion with no tracking or attribution.
To any IT professional, these things would constitute nearly criminal negligence done by a total incompetent and be a fire-able offense.

Except that this was NOT criminal negligence done by a total incompetent. This was CRIMINAL malfeasance, done intentionally and is prosecutable.

And this was ONE system. ONE node out of probably thousands in this country.

Agree. It is a crime. A big Crime.

Our initial audit on the computer running the Democracy Suite Software showed that standard computer security best practices were not applied.

Thanks for the report. I suspected as much. I doubt any local IT people ever touch these machines.

Microsoft SQL Server Database not protected with password... Democracy Suite Admin Passwords are reused and share passwords... Antivirus is 4.5 years outdated.. Windows updates are 3.86 years out of date... When computer was last configured on 04/10/2019 the windows updates were 2.11 years out of date... User of computer uses a Super User Account...

You're saying a smart teenager could have maintained this system better?