[
At a county fee assembly in Brookings County, South Dakota, on March 19, Rick Weible, an election integrity activist and founder Midwest Swamp Watch, carried out a real-time expose of ES&S Electionware software program vulnerabilities. Sitting in entrance of the 5 board members current for the assembly, Weible started his presentation utilizing solely his laptop computer and a USB drive.
His testimony was particularly relating to ES&S's ElectionWare software program, nonetheless, many of the vulnerabilities have been discovered within the programs of different election distributors, together with Dominion Voting, whose vulnerabilities had been documented within the federal Curling v. Raffensperger trial in January. , as reported by The Gateway Pundit.
Weible started his transient 5-minute testimony by claiming that he was despatched “essential proof from elsewhere within the nation utilizing the identical voting system to which (South Dakota) is licensed.” He then highlighted that the system is in step with the Federal Authorities's Election Help Fee (EAC) certifications.
Right here is the transcript:
Rick Weeble: And I’ll inform you clearly that it conforms to the certificates printed by the EAC. Our 4 counties even have the identical sort of exhausting drive. What I can present you instantly is that I used to be in a position to take a forensic copy of that arduous drive and truly boot the Electionware system on a non-compliant laptop computer. This can be a full violation of the certificates that requires enabling the Trusted Platform Module.
Usually it will be unimaginable for that arduous drive to exit of the authenticated machine that’s speaking with its chip to have the ability to boot right here. And, the opposite proof of non-conformity I’ve is that you just'll discover I’ve a thumb drive on the aspect of it. That thumb drive is a BitLocker key that’s principally used to permit the laptop computer besides securely. That is one other violation as a result of what must occur is that it must be on an official Delkin thumb drive that’s thought of serialized and safe. So I’ve simply given you two proofs.
I've additionally proven one other piece of proof in different states that has been printed in lawsuits as a result of their auditors and attorneys basic and state attorneys didn’t do due diligence in publishing the handbook on-line in court docket circumstances. Sheriff Stanick can affirm on web page ten of this handbook, The default administrator person and password is publicly out there on the Web. And I’ve that duplicate right here. And I confirmed Sheriff Stanic web page ten and he might affirm that the password is there and has not been modified. Different manuals for full programs, together with the DS 200, 450 and 850, All these passwords can be found on-line by default.
We additionally know that when Sea Change was in command of elections throughout the previous few years, the default password was “election one”, and it was common in all of the states the place they had been working. Fortunately, we’re utilizing ES&S immediately and they need to be altering these passwords. I like to recommend that the password be completely different for every machine. Don't use the identical password throughout the spectrum so you possibly can assist delay this. The second factor you're in all probability questioning is can I really log into this laptop computer.
sure i can. And there it is occurring now. So I used to be in a position to circumvent their safety as properly and default the password to what I needed. And there may be electionware software program. And sure, I now have the power to decrypt the thumb drives of this county and some other county throughout the USA that’s utilizing Electionware 6.1.1 so we will see the CASCO (?) data and bonafide photos.
So the truth that I simply confirmed you this piece of proof, I perceive that my life is in peril And the USA doesn’t need it to be recognized that this software program is offered on the darkish net, the manuals are publicly out there on the Web in lots of states and our elections will not be safe and we must always request quick change orders of ES&S Antivirus To replace. They’ve additionally not up to date the safety patches of this laptop computer since 2019 or the antivirus since March 29, 2019. The 4 counties in our state that use this laptop computer are at 100% danger. Additionally the DS 200s, 400s and 50s, and 850s should not have any antivirus.
So even should you decide up a brand new thumb drive from ES&S and plug it in, this laptop computer remains to be doubtlessly unaware of the vulnerabilities the final 5 years have delivered to the US. Thanks.
usb proof
Regardless of conforming to EAC certifications, Weeble was reportedly in a position to boot a “forensic copy” of the election system's exhausting drive on a “non-conforming laptop computer”, which he claims is a “full violation of the certification.” “, which requires the “Trusted Platform Module” to be enabled.”
Weible testified:
“What I can present you instantly is that I used to be in a position to take a forensic copy of that arduous drive and truly boot the Election Ware system on a non-compliant laptop computer. This can be a full certificates violation, which requires the Trusted Platform Module to be enabled. Usually it will be unimaginable for a tough drive exterior an authenticated machine that’s speaking with its chip to have the ability to boot right here.
And the opposite proof of non-conformity I’ve is you'll discover I’ve a thumb drive on the aspect of it. That thumb drive is a BitLocker key that’s principally used to permit the laptop computer besides up securely. That is one other violation as a result of what ought to occur is that it must be on an official Delkin thumb drive serial And Protected,
in the present day's contemporary information
Rick Weible offered new proof of ES&S vulnerabilities at yesterday's March 19, 2024, Brookings County Fee assembly.
Now that is public document.
Is his life in peril?
Appears like he thinks so.#electionintegrity#WeThePeopleCount#LimitGovernmentNotPeople pic.twitter.com/4dNc69fqLv– Barry Wernick (@Wernick4Dallas) 20 March 2024
Former Voting Methods Check Laboratory (VSTL) tester Clay Parikh confirmed Weible's findings. Parikh instructed The Gateway Pundit:
“He’s 100% correct on all of this. Distributors all the time say you can solely use a selected USB drive, however they by no means configure it to check it.
One of many safety measures with BitLocker is you can load the BitLocker PIN or certificates onto a USB drive for restoration. Due to this fact, the machine won’t be able besides until it has the right BitLocker PIN. What it did was put the PIN on an unauthenticated USB drive that the working system mustn’t have acknowledged to start with.
publicly out there passwords
After discussing vulnerabilities relating to unauthorized USBs bypassing the system's safety controls, Weible famous that “different states” have filed court docket circumstances and printed manuals on the Web with out doing due diligence. The handbook comprises the unmodified default username and password which might be utilized by directors.
Default passwords for different manuals for the ES&S DS200, DS450, and DS850 are additionally out there on-line. Moreover, the earlier password was modified to “election1” and made common throughout a number of states utilizing the identical elections vendor, in keeping with Webull.
Even with out utilizing the publicly out there default password, he was in a position to “bypass their safety and default the password to no matter he needed.” This allowed them to “decrypt the thumb drives of this county and some other counties throughout the USA which might be utilizing Electionware 6.1.1.1.”
Safety Patch?? Antivirus??
Lastly, Weible mentioned we must always request an “quick change order,” referred to as an engineering change order, or ECO, from ES&S to replace the antivirus on the system. In line with them, ES&S has not up to date the safety patches since 2019 Or antivirus from March 29, 2019.
“4 counties in our state that use this laptop computer Are at 100% danger,“Weible mentioned.
And much more stunning: Weible claims that the DS200s, 450s and 850s There is no such thing as a antivirus on them. So even should you get a brand new thumb drive from ES&S and plug it in, this laptop computer doesn't find out about it America has confronted weaknesses within the final 5 years.,
In a follow-up article, we’ll evaluate these findings relating to ES&S machines and software program with these of different election distributors, which have surprisingly related vulnerabilities that investigators have uncovered over the previous few years.