The CISA Report released shortly before the weekend started shows multiple vulnerabilities and assumes that these were mistakes or poor design features. But is this true? It may be more likely that they are there to do exactly what they are doing which allows US elections to be stolen.
On Friday the government agency, CISA, released a report that was in response to the issues identified in the Halderman report. The Halderman report has been covered up by corrupt Georgia Judge Amy Totenberg. She doesn’t want the truth about voting systems used in Georgia and across the United States from being known.
The CISA report says that Halderman brought these issues to its attention.
J. Alex Halderman, University of Michigan, and Drew Springall, Auburn University, reported these vulnerabilities to CISA.
As was noted at TGP yesterday, the CISA report lists a number of significant issues with the election system that ran the 2020 Election in Georgia. In the corporate world, a system like this would be thrown out and replaced before ever being put in use, but this is the state government in Georgia and we have seen over the past few years how inept and unprincipled these state governments can be.
In the report, CISA shares the following about the multiple issues forwarded to CISA and apparently found in the Halderman report:
While these vulnerabilities present risks that should be mitigated as soon as possible, CISA has no evidence that these vulnerabilities have been exploited in any elections.
The report does not address how these vulnerabilities that allow bad actors to steal elections got there. The report certainly doesn’t suggest that these items are there intentionally, but it’s hard to believe that a voting system was put into production with these vulnerabilities not identified. This would never happen in the corporate world. Personal information is guarded like money in corporations today.
LadyDraza reports on Telegram that she believes the report is too hard on Dominion and that all the voting systems in use across the country have similar attributes and vulnerabilities.
LadyDraza continues with this comment about the system vulnerability and design noted in the report:
CISA claims that: “The tested version of ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious code.”
What the heck are they thinking that this could be leveraged by an attacker? How about this is an intentional functionality and the people paying for elections to go a certain way suddenly have them go a certain way because the DOMINION ENGINEERS have access to this same terminal emulator that THEY PROGRAMMED IN THERE IN THE FIRST PLACE! What about the usage of this terminal emulator to elevate privileges and – oh, say – dump the votes and make a new database that has the votes that they are being paid to ensure are in place? Exactly how ridiculous is it that the software that is being used to count the votes for the leader of the free world would have “Easter Eggs” in place?
LadyDraza makes another comment about how these systems would never be used in the corporate world.
CISA claims that: The tested version of ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code.
So, we have code in place that allows for rebooting into a different mode of operation than was tested for security by any agency or testing before the counties are sometimes even FORCED to spend taxpayer dollars on this crappy software? How many business owners are reading this? Let me know your thoughts about the idea of purchasing software to run your business only to find out that the machines could be booted into a different mode that would allow exfiltration of your company data or insertion of data that could impact your business by returning false reports?
The fact that the mitigations section does not include a link to a reliable sledgehammer salesman and some good lawsuit attorneys is a failure on the part of CISA.
Note also this short video from a presentation Halderman gave before the 2020 Election showing the concerns with voting systems that were known at that time.