Last Updated on October 9, 2024
Recent court testimony in Georgia has revealed that Encryption Keys used with Dominion Voting machines can be used to decrypt and change election result files.
VoterGA Co-Founder Garland Favorito summarized the court testimony given last week in Fulton County Superior Court at a hearing of the Georgia State Election Board on Tuesday, October 8th.
The testimony was given by Clay Parikh and Ben Cotton the week prior to the court in the matter of DeKalb Republican Party vs. Raffensperger, in Fulton Superior Court.
“Clay Parikh demonstrated in court that you could change the votes without even doing the decryption,” Garland told National File in an exclusive interview.
In the summary video, Favorito covers points revealed by experts Clay Parikh and Ben Cotton in the DeKalb GOP v. Raffensperger case concerning the security vulnerabilities that are inherent in Dominion Voting Systems both in Georgia and nationally.
The experts analyzed four authenticated county election databases received via Open Records Requests through VoterGA. In other words, the data was received legally, and the chain of custody of the data is beyond reproach.
The election experts testified that different Georgia county servers were accessed remotely by Dominion in the 2020 General Election and 2021 U.S. Senate runoff.
Key points include how:
- All Dominion systems worldwide are set up to communicate with each other through a common X.509 certificate value,
- A key Admin account password is hard coded and publicly known,
- Other passwords used are generic, not user specific, thus defeating auditability of updates,
- Passwords are encrypted instead of being securely hashed,
- The encryption keys are stored in clear, plain text in a database table,
- The keys can be easily retrieved and used to read passwords and decrypt election results for tampering, and how
- Malware can flip votes even without decryption.
DOMINION SERVERS CONNECTED TO MAIL SITES
Mr. Cotton also analyzed an authenticated county election management server received from an attorney and explained that it had been connected to an internet mail site.
ELECTION FILES WERE MODIFIED VIA THE INTERNET
Cotton added that nearly 3,000 .EXE or .DLL executable program files were modified on the server since original installation on 9/12/19.
Cotton also found an uncertified compiler that would allow a bad actor to create his own malware programs and violate certification.
As a result of their analysis, the experts concluded that the system could not currently pass guidelines required for EAC certification.
They do not pass minimum requirements because encryption keys are required to be stored in an encryption module.
Further, it is not “safe and practicable for use” as required for state certification.
Fulton Superior Court Judge Scott McAfee concluded that certification is a one-time event, not ongoing, and the case is now headed for the Georgia Supreme Court.
You can watch the testimony here below.
You can watch the full courtroom testimony below.