Last week, Judge Amy Totenberg unsealed a long-anticipated report by Michigan University’s Professor J. Alex Halderman. According to a tweet summarizing his findings, Prof. Halderman claimed that not only did they find “critical issues”, such as an arbitrary-code-execution vulnerability, but that these flaws remain unpatched. And will not be patched until after the 2024 Presidential Election, despite CISA releasing a security advisory and Dominion, in response, creating an update to the software. Georgia Secretary of State Brad Raffensperger has been aware of the issues for two years now, and with 18 months to go until 2024’s election, he will not update the machines to help secure these vulnerabilities.
Prof. Halderman states in his blog based on the report that “the most critical problem we found is an arbitrary-code-execution vulnerability that can be exploited to spread malware from a county’s central election management system (EMS) to every BMD in the jurisdiction. This makes it possible to attack the BMDs at scale, over a wide area, without needing physical access to any of them.”
While Halderman offers an overview of how malware can be spread throughout a county with simple access to the EMS, he also explains in the report how this can defeat the testing of the machines in two ways: one through Hash Validation and the other through Logic and Accuracy Testing.
.
.
.
Source Article (thegatewaypundit.com)
>Last week, Judge Amy Totenberg unsealed a long-anticipated report by Michigan University’s Professor J. Alex Halderman. According to a tweet summarizing his findings, Prof. Halderman claimed that not only did they find “critical issues”, such as an arbitrary-code-execution vulnerability, but that these flaws remain unpatched. And will not be patched until after the 2024 Presidential Election, despite CISA releasing a security advisory and Dominion, in response, creating an update to the software. Georgia Secretary of State Brad Raffensperger has been aware of the issues for two years now, and with 18 months to go until 2024’s election, he will not update the machines to help secure these vulnerabilities.
>Prof. Halderman states in his blog based on the report that “the most critical problem we found is an arbitrary-code-execution vulnerability that can be exploited to spread malware from a county’s central election management system (EMS) to every BMD in the jurisdiction. This makes it possible to attack the BMDs at scale, over a wide area, without needing physical access to any of them.”
>While Halderman offers an overview of how malware can be spread throughout a county with simple access to the EMS, he also explains in the report how this can defeat the testing of the machines in two ways: one through Hash Validation and the other through Logic and Accuracy Testing.
.
.
.
[Source Article](https://www.thegatewaypundit.com/2023/06/halderman-report-dominion-machines-can-be-subverted-during/)
(post is archived)