Original contract between Dominion and Georgia.

Quote:

---

11.7 Data and Network Security. 11.7.1 Contractor is responsible for providing network security and security for such of its facilities where its servers or other network equipment are located. Contractor shall also comply with its own then current security policies and procedures, and its security policies and procedures shall comply with laws and regulations applicable to Contractor.

11.7.2 If, during the course of this Agreement, Contractor is creating, hosting, maintaining, processing or transmitting any State Confidential Information on or through any Contractor computer networks, data centers, labs, supporting environments, Web servers or other information technology resources (collectively "Contractor Computer Systems"), or is otherwise using any Contractor Computer Systems in connection with this Agreement, then with respect to all such Contractor Computer Systems, Contractor will, in accordance with industry best practices or higher standards that are in all cases no less than reasonable:

(a) Limit physical and electronic access to Contractor's employees and essential third-party contractors, on a need-to-access basis, who have signed a written agreement that is at least as protective of the confidentiality and security of State Confidential Information as those provided in this Agreement;

(b) Implement and maintain technical access controls that, at a minimum, require unique identification and authentication of all users, restrict access to all data, software, or other file-system objects exclusively to those users who need such access to perform their job responsibilities, and limit administrator-level control to only authorized IT personnel;

(c) Implement and maintain transmission controls that, at a minimum, allow only the data protocols required for the function and management of each solution to be used or transmitted and insure the confidentiality, availability, and integrity of all transmissions;

(d) Implement and maintain firewall technology and intrusion detection software configured to minimize or eliminate hacking and other threats;

(e) Implement and maintain protection against viruses, worms, Trojan horses, spyware, and other malicious code;

(f) Perform routine reviews of logs files and system records for suspicious activity;

(g) Perform regular reviews of relevant security notifications and alerts (e.g., notifications of bugs, attacks, and patches), and apply such patches and fixes as appropriate;

(h) Implement and maintain disaster recovery, backup, and other contingency plans; and

(i) Conduct regular security audits, reviews, and tests and systematically retain log files, system records, test plans, and other security documentation.

11.7.3 Contractor shall notify State immediately upon discovery or notification of any actual, potential or threatened Security Breach. Contractor agrees to take action immediately, at its own expense, to identify and eradicate (or to equip State to identify and eradicate) any further Security Breach and carry out any recovery necessary to remedy any impact of such Security Breach. Contractor's actions will include at a minimum:

(a) Confirming the attack;

(b) Denying access from the source of the attack;

(c) Investigating and evaluating the extent of the damage, if any;

(d) Backing-up the affected systems and those suspected to be affected;

(e) Strengthening defenses everywhere, not just the suspected path that the attacker used, if possible;

---

Exhibit B (page 49)

Quote:

---

EQUIPMENT, SOFTWARE, DELIVERY DATES AND PURCHASE PRICE(S)

1. Democracy Suite (EMS) Software description Democracy Suite is an Election Management System (EMS) that supports all ImageCast voting channels: early votes, vote by mail votes, Election Day votes from touchscreen ballot marking devices (ICX) and Scanner, and Uniformed and Overseas Citizens Absentee Voting Act (UOCAVA) votes, from a single comprehensive database.

The structure of the election files, as well as the content of the iButton security keys, is bit-level sensitive with regards to accuracy and precision. This means that a single bit change can influence system behavior. The structure of these interfacing entities is dependent on the election domain business logic implemented within the system. Therefore, within the EMS EED application, election files and iButton security keys can only be created when the election project is in the "ballot generated" state.

From an accuracy point of view, CRC checks are implemented. From a security point of view, election files utilize SHA256 (keyed hash HMAC) or digital certificates and AES encryption for data integrity and confidentiality. The figure below presents an overview of the EMS interfaces, focusing on the Democracy Suite internal and external entities.

The Democracy Suite system includes the following Third Party Software:

EMS Standard Server Prerequisites
Microsoft Visual J#
Microsoft Visual C++ 2013 Redistributable Package
Microsoft Visual C++ 2013 Redistributable Package (64bit)
Microsoft Visual C++ 2015 Redistributable Package (32bit)
Microsoft Visual C++ 2015 Redistributable Package (64bit)
Java Runtime Environment
Microsoft SQL Server 2016 Standard -(Microsoft SQL Server Management Tools)
Cepstral Voices
Arial Narrow Fonts

EMS Client Workstation Prerequisites

Microsoft Visual J#
Microsoft Visual C++ 2013 Redistributable Package
Microsoft Visual C++ 2015 Redistributable Package 64bit Java Runtime Environment
Maxim iButton Driver
Adobe Reader
Microsoft Access Database Engine Open XML SDK 2.0 for Microsoft Office
Arial Narrow Fonts

Adjudication Workstation Prerequisites

Dell Latitude T3420 Laptop
Microsoft Visual J#
Microsoft Visual C++ 2013 Redistributable Package
Microsoft Visual C++ 2015 Redistributable Package 64bit
Java Runtime Environment
Adobe Reader

---

There are also some graphs accompanying that section that I can't import here that could be of assistance.

Contract

Quote:

---

Original contract between Dominion and Georgia.....

---

Thank you AggieHawg.

I stand by my want for paper and verification. Somethings just don't need automation.

MouthBQ98 said:

---

Seems to me they need a look at the firmware/software running at the time of the election. It would indicate if that hardware feature was enabled or equipped to be enabled.

---

Pretty hard to read it once it's turned into machine code. Not impossible, but it's not in English anymore. Getting the phone records would be easier and a real smoking gun. You could also clip a wire to the enable pin of the IC and turn the machine on.

The only interface that should be in a voting machine apart from the selection keys is the power plug. And that is stretching it.

Like sending everyone home, then continuing to count, covering windows at ballot processing places and phantom broken water pipes, the fact that it is there is a symptom.

That's what I mean by being able to prove something nefarious. If the LTE modem was accessed to call something, you'd be able to get a log of it from the service provider

Charpie said:

---

That's what I mean by being able to prove something nefarious. If the LTE modem was accessed to call something, you'd be able to get a log of it from the service provider

---

Good luck getting a court to agree to that request. My point is that it doesn't belong there in the 1st place.

Why do democrats squeal like stuck pigs when anyone tries to suggest ID's at the ballet box?

Hint...it's NOT because they care about the half a dozen folks who have decided to never get an ID.

sleepybeagle said:

---

Why do democrats squeal like stuck pigs when anyone tries to suggest ID's at the ballet box?

Hint...it's NOT because they care about the half a dozen folks who have decided to never get an ID.

---

THIS.

Similar to their suppression of oversight. Scott Adams covered this with elegant simplicity.

11.7 and 11.7.2 don't prevent contractor from remotely accessing the equipment and it's squishy language if they do. But, if someone is willing to cheat then I don't think a contract violation means much to them. Just my opinion.

The chip could be configured to run on a private LTE network theoretically, but that would have to be set up and licensed by the FCC on certain local spectrum I would assume, so this is unlikely.

eric76 said:

---

FriscoKid said:

---

eric76 said:

---

From https://www.dominionvoting.com/imagecast-precinct/

Quote:

---

OPTIONAL

Secure wireless transmission capability if approved for use according to jurisdictional rules.

---

---

Good job.

---

I was hoping that Dominion Voting System's web site would give more detail on why the device is included. It did mention that they have the capability so it isn't like they are trying to hide it.

A manual for the device that would include information on exactly why it is there would be useful.

---

Is this it? From 2015.

Link

Here's the Texas Sec of State report on Dominion.
Link

Quote:

---

Ultimately, this set of conditions is too large to be considered de minimis. I recommend against certification of Dominion Voting Systems Democracy Suite 5.5-A

---

Significant issues were noted during the testing of the system resulting in the above recommendation.

FriscoKid said:

---

Charpie said:

---

That's what I mean by being able to prove something nefarious. If the LTE modem was accessed to call something, you'd be able to get a log of it from the service provider

---

Good luck getting a court to agree to that request. My point is that it doesn't belong there in the 1st place.

---

"Get the provider records" is a little harder than anyone is willing to admit, isn't it? Whose records are you getting? Which phone number are you looking for? Is it using a virtual SIM card that spoofs another? Maybe it changes?

The fact it is there at all is concerning.

Has anyone figured out why a modem was built into it? I'd think the usual communists would be screaming with their 'explanation' by now if they could concoct a story, and I haven't really followed this at all.

The other thing that I think we are glossing over is the fact that Trump's campaign used data in the 2016 election in a way that had never seen before. They were ahead of their time with getting their messaging out and use of software/applications to drive their message home. Do we really think that the Biden campaign was as smart as the Trump campaign here?

Charpie said:

---

The other thing that I think we are glossing over is the fact that Trump's campaign used data in the 2016 election in a way that had never seen before. They were ahead of their time with getting their messaging out and use of software/applications to drive their message home. Do we really think that the Biden campaign was as smart as the Trump campaign here?

---

What does that have to do with an LTE modem in a voting machine?

Charpie said:

---

The other thing that I think we are glossing over is the fact that Trump's campaign used data in the 2016 election in a way that had never seen before. They were ahead of their time with getting their messaging out and use of software/applications to drive their message home. Do we really think that the Biden campaign was as smart as the Trump campaign here?

---

I don't think Biden can even put his own underwear on without help, but it's not pertinent to this modem question.

I guess the point is that we are assuming that they are there because they can be tampered with. We don't have proof yet that there was any tampering. I mean, both campaigns were tech savvy, and I have to hand it to Trump that his campaign was WAY more savvy.

Who did the tampering? China? I can believe that.

Lots of things have ways to communicate with machines that the average person is completely unaware of. If you buy a computer, you have to get on the web to get firmware and other software updates so that the machines can keep working. That is likely why the modems were there.

Charpie said:

---

The other thing that I think we are glossing over is the fact that Trump's campaign used data in the 2016 election in a way that had never seen before. They were ahead of their time with getting their messaging out and use of software/applications to drive their message home. Do we really think that the Biden campaign was as smart as the Trump campaign here?

---

"The Biden campaign" was a complete joke. Tell some lies to a few people in cars, then go back home to rest for several days. There was no enthusiasm, no crowds, no nothing.

Which of course makes the idea of rampant cheating all that much more likely, if they can find it and prove it.

Quote:

---

Lots of things have ways to communicate with machines that the average person is completely unaware of.

---

I'm not the average person and neither are the other engineers that have chimed in on this thread.

The issue posed on this thread to me is not so much whether or not the modems were used to cheat (that is for a different thread). The issue is that we have certain people trying to convince everyone that our elections are safe and secure and the discovery of modems in the machine goes a long way in discrediting that notion. It therefore follows that it discredits the people that are pushing the "safe and secure" mantra.

The politics comes in when you take a look at who is pushing the mantra and why they might be doing that.

Don't disagree. We can see how cheating possibly happened. We can't prove it, yet. Lots of things should be logged/

Charpie said:

---

That's what I mean by being able to prove something nefarious. If the LTE modem was accessed to call something, you'd be able to get a log of it from the service provider

---

That idea would have held up 20 years ago, but modern cellular radios (LTE included) typically do not perform traditional "call setups" to transfer data. The entire network is built around an IP packet core (think internet...) and there are just too many permutations and modes of data transfer to be able to say definitively what was conveyed, and to where. The most that might be available from service providers is seeing if or when the radio itself (identified by its unique hardware identifiers... IMEI and IMSI) registered on a given network, and how much (if any) data was transferred, but even that is dicey.

"DePerno was arraigned in Oakland County on Tuesday on four criminal charges in connection with accessing and tampering with voting machines after the election, according to court records."
https://www.fox2detroit.com/news/matt-deperno-ex-gop-candidate-for-attorney-general-and-trump-ally-charged-in-election-machine-tampering

Well, he DID expose a security flaw with the voting machines. Apparently any old ******* can request one from a local clerk that is friendly to their cause and do god-knows-what with it.

torrid said:

---

Well, he DID expose a security flaw with the voting machines. Apparently any old ******* can request one from a local clerk that is friendly to their cause and do god-knows-what with it.

---

Not sure it happened here but states keep the same machines so long, used ones of the same vintage are available for purchase in some instnaces. How Harry Husti got his electronic voing machines for his hacking competitions. He bought used machines.

It is easy to imagine some monitoring tasks that they should probably perform.

For example, if a voting machine crashes and reboots, then it should probably send a message to a server saying that it had rebooted. That could alert personnel of potential issues of the machine.

It would make sense in many cases to use a wired network for security reasons. Keep in mind that it is not that difficult to filter out all but very specific packets for both incoming and outgoing. In some cases where there might be a remote voting site with no Internet available. Also, if someone saw the cable and disconnected it, they could then do what they wanted with the machine without it sending out any log messages.

If you are worried about incoming packets, you could program the device to activate the network interface to send a message and then immediately deactivate the network interface after sending the message. And in the very brief time it is connected, drop all incoming packets.

For what it's worth, if you use standard syslog on port 514, it will use udp which is connectionless. No connection is established -- just send the log message. There is no need to listen for a response.

eric76 said:

---

It is easy to imagine some monitoring tasks that they should probably perform.

For example, if a voting machine crashes and reboots, then it should probably send a message to a server saying that it had rebooted. That could alert personnel of potential issues of the machine.

It would make sense in many cases to use a wired network for security reasons. Keep in mind that it is not that difficult to filter out all but very specific packets for both incoming and outgoing. In some cases where there might be a remote voting site with no Internet available. Also, if someone saw the cable and disconnected it, they could then do what they wanted with the machine without it sending out any log messages.

---

No. It causes distrust because of vulnerabilities in the system. As is being evidenced by this thread.

If you want a secure system, you remove the vulnerabilities. If you do not remove them, I can only conclude there is a reason they are there.

eric76 said:

---

It is easy to imagine some monitoring tasks that they should probably perform.

For example, if a voting machine crashes and reboots, then it should probably send a message to a server saying that it had rebooted. That could alert personnel of potential issues of the machine.

It would make sense in many cases to use a wired network for security reasons. Keep in mind that it is not that difficult to filter out all but very specific packets for both incoming and outgoing. In some cases where there might be a remote voting site with no Internet available. Also, if someone saw the cable and disconnected it, they could then do what they wanted with the machine without it sending out any log messages.

If you are worried about incoming packets, you could program the device to activate the network interface to send a message and then immediately deactivate the network interface after sending the message. And in the very brief time it is connected, drop all incoming packets.

For what it's worth, if you use standard syslog on port 514, it will use udp which is connectionless. No connection is established -- just send the log message. There is no need to listen for a response.

---

No, no, no. If there's any problem with a machine, it should enter an error state and not allow any further use. There should absolutely be no network accessibility, none, zero. No reason for that.

The first time I ever used one of those original electronic voting machines.

You know the ones.

It's had some sort of weird trackball wheel and a bunch of confusing buttons. Basically the least user friendly design imaginable.

I remember thinking to myself there's no way in hell this crazy contraption ain't used for fraud some at time in the future.

Wait ….They lied…. NO WAY!

FTR: DePerno did have a court order.