Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Part 2: Full Scope of Dominion Voting Machine Hack in Federal Court is FAR Worse than Just the BIC Pen Hack – Audit Logs Can Be Edited
Gateway Pundit ^ | Brian Lupo

Posted on 01/26/2024 9:09:26 AM PST by Red Badger

In Part 1 of this series on the explosive testimony and demonstration of University of Michigan Professor Dr. J Alex Halderman in the federal lawsuit Curling v. Raffensperger, The Gateway Pundit covered more in-depth the ease of exploiting the “BIC pen hack” and, further, the simple and inexpensive creation of voter, poll-worker, and, most importantly, technician Smart cards to attack the Dominion ICX BMD or ballot marking device.

Part 1 can be read here.

https://www.thegatewaypundit.com/2024/01/part-1-full-scope-dominion-icx-hack-federal/

But there was much more revealed in Judge Totenberg’s courtroom regarding the vulnerabilities of these electronic voting devices.

To summarize Part 1, Dr. Halderman was able to use a simple BIC ball-point pen to reboot a Dominion ICX BMD by simply inserting it into the power button on the back of the machine and hold it down for five seconds. This rebooted the machine into Safe Mode and allowed Super User access, granting the attacker almost unlimited abilities to manipulate data on the machine.

Professor Halderman was also able to use a Smart card purchased for $10 online and a $20 USB Smart card Reader from Amazon to program voter cards that could be used over and over again, county-wide. He also made a poll-worker card and, most importantly, a technician card that would also grant “Super User access.”

We learned that commands to manipulate the Dominion ICX BMD could be automated – simply insert the card and it will do the rest. Further, nothing was needed that wasn’t public information to complete the programming.

These cards would require some expertise to program, but once the counterfeit cards are made, anyone could insert it into the machine and exploit the vulnerability automatically.

Here again is the transcript from the court hearing and Professor Halderman’s testimony.

PDF AT LINK..................

But there has to be a way that these attacks could be detected, right? Not necessarily.

No Evidence of Exploitation Dr. Halderman then demonstrated how he can delete portions of the system’s audit log in order to delete any evidence that he had accessed and modified the system. Dr. Halderman testified:

Professor Halderman: “So now I’m back in the technician menu…and what I’m going to do is I’m going to go to the file manager and open the ICX’s audit log file. This is one of the log files that the machine creates, and I’m going to open it with the on-screen text editor.

What I have just done with the technician card is I have loaded this technician card with the automated commands that I want to run in a way that they appear in the audit log. But I’m going to open the audit log and edit it with the on-screen text editor.

I’m actually going to highlight a portion that came from my card and hit the cut button to move it to the machine’s clipboard. And I’m going to save the audit log just to show you that I can delete portions of the audit log with the on-screen text editor.

Dr. Halderman described it as deleting log entries “that would otherwise be evidence of some malfeasance.” He can cover his tracks from anyone being able to discover the access he had and what he was able to do to the Dominion ICX BMDs.

Seemingly for demonstrative purposes, Dr. Halderman performed each step manually, but he testified that it can be done “programmatically”. Insert the card and let the machine do the rest. He also testified that he can quickly insert a command that would “take the other automated commands out of the log file that were copied from my technician card and execute them.”

The Bash Bunny Next, Dr. Halderman demonstrated perhaps the most serious of the vulnerability exploits, in this author’s opinion, at least.

The following demonstration was not done live in court, but rather through a continuous video recording utilizing the Fulton County Dominion ICX BMD (ballot marking device). This video was played live before the court.

The “attacker” in the video reached behind the printer that accompanies the Dominion ICX BMD and unplugged the USB cable and plugged in what is called a Bash Bunny. The device looks like a big USB stick, but with the Bash Bunny, the “attacker” is “able to load it with a sequence of commands that it will then send to the device as if it were a keyboard.”

“…The Bash Bunny will start driving the device, and you can see that it is moving through a sequence of things on the screen. This is the USB device controlling it.

And it is going to go through and modify settings, as I describe in the report. It is going to then open a terminal, get superuser access, and take steps to install malicious software that is stored on that same USB device.

Now, the USB — the malicious software is a version of the ICX application that we have — we have extracted from the machine and slightly modified it to add some malicious functionality. And the Bash Bunny device is installing the malicious version of the application on the machine and replacing the version that regularly would function.”

All of this was done automatically. The “attacker” simply plugged in the USB device and it completed its installation and replacement of the software in less than two minutes. Once the Bash Bunny is programmed, there is no special skill required to initiate this attack.

The Bash Bunny costs about $100 and can be utilized without removing or tampering with any of the seals on the Dominion ICX BMD. As Dr. Halderman testified, an “attacker” can utilize a cable coming off the printer to connect the Bash Bunny rather than removing a seal and connecting it directly to the Dominion ICX BMD. That connection is not typically sealed, according to Dr. Halderman.

Part 3 of this series will follow.

During the testimony of Dr. Halderman, attorney David Oles was not permitted to ask any questions of Dr. Halderman. Oles represents co-plaintiff Ricardo Davis of VoterGA.org. Yesterday, The Gateway Pundit reported that Oles was able to get proffers submitted to the court regarding Dr. Halderman and Dr. Philip Stark’s testimonies.

The trial that includes this explosive testimony and live demonstration is currently underway in the Northern District of Georgia in Judge Amy Totenberg’s court.


TOPICS: Crime/Corruption; Government; Politics/Elections; US: Georgia
KEYWORDS: dominion; raffensperger; raffenspergervideo; votefraud; votingmachines
Navigation: use the links below to view more comments.
first previous 1-2021-4041-49 last
To: z3n

Murdoch settled rather than undergo a deposition.


41 posted on 01/26/2024 2:58:11 PM PST by lepton ("It is useless to attempt to reason a man out of a thing he was never reasoned into"--Jonathan Swift)
[ Post Reply | Private Reply | To 4 | View Replies]

To: ProtectOurFreedom
Unfortunately, I do not see ANY Republican champions in Congress who have made election integrity the hill to die on.

Nope. They've got "theirs". Besides, it's difficult and the donors don't care because they've got "theirs".

42 posted on 01/26/2024 3:05:21 PM PST by Gritty (The issue is never the issue. The issue is always the Revolution. - Saul Alinsky)
[ Post Reply | Private Reply | To 34 | View Replies]

To: Political Junkie Too

“Fox News settled rather than let the evidence of voting machine tampering be introduced in a credible court.”

Not quite. Dr. Haldeman testified that the Dominion machines could be easily compromised, but also testified that he had no evidence they had been compromised. Fox was was sued for publicly stating that the Dominion machines had been compromised, but couldn’t prove that they had.


43 posted on 01/26/2024 3:17:46 PM PST by Labyrinthos
[ Post Reply | Private Reply | To 5 | View Replies]

To: Gritty

Exactly. They’ve all got “theirs” and we get the shit sandwich. Time and time and time again. It never ends. Not only that, it ALWAYS gets worse than before, never better.

Name ONE thing the District of Criminals has done to make the USA a better place.


44 posted on 01/26/2024 3:28:43 PM PST by ProtectOurFreedom (“Occupy your mind with good thoughts or your enemy will fill them with bad ones.” ~ Thomas More)
[ Post Reply | Private Reply | To 42 | View Replies]

To: ProtectOurFreedom
Name ONE thing the District of Criminals has done to make the USA a better place.

They put on a really nice parade once every four years?

Oh, wait a minute. Who's paying for it? ... never mind.

45 posted on 01/26/2024 3:51:10 PM PST by Gritty (The issue is never the issue. The issue is always the Revolution. - Saul Alinsky)
[ Post Reply | Private Reply | To 44 | View Replies]

To: Labyrinthos
I'll accept that correction.

IIRC, part of the accusation against Dominion was Dominion stating that their machines couldn't be hacked, and Dominion was aggressively suing anyone who suggested otherwise. Fox's settlement scared off others from challenging Dominion's claims.

Now we know that Dominion was wrong. Their machines are hackable. The question now is, did they know it all along and used lawfare to shut people up to protect their reputation, or did they truly not know the vulnerabilities of their own technology?

-PJ

46 posted on 01/26/2024 4:25:49 PM PST by Political Junkie Too ( * LAAP = Left-wing Activist Agitprop Press (formerly known as the MSM))
[ Post Reply | Private Reply | To 43 | View Replies]

To: Political Junkie Too

I’ll go with Door #1.


47 posted on 01/26/2024 4:59:19 PM PST by ProtectOurFreedom (“Occupy your mind with good thoughts or your enemy will fill them with bad ones.” ~ Thomas More)
[ Post Reply | Private Reply | To 46 | View Replies]

To: Red Badger

Best Campaign ad ever. (Raffensperger and Stacey Abrams in the Devil went down to Georgia).
https://youtu.be/tedKXYiHwzE


48 posted on 01/28/2024 10:09:40 PM PST by Nateman (If the Pedo Profit Mad Moe (pig pee upon him!) was not the Antichrist then he comes in second.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger
Meanwhile...

Why Are Virginia Democrats Working So Hard To Prevent Election Audits?

49 posted on 04/05/2024 6:36:40 AM PDT by mewzilla (Never give up; never surrender!)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-49 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson