The Dominion, ad to the take over of America
Feb 1, 2024 08:53:32 #
The BIC Pen Attack
Initially, last week a tech with a BIC pen pressed the reset button on the back side of the Dominion ICX BMD for approximately 5 seconds, which rebooted the machine into “Safe Mode”. Dr. Halderman was able to do this without removing or breaking any of the safety seals that are installed on the machine to “prevent” tampering.
Once the Dominion ICX BMD was booted into “Safe Mode,” the tech was able to launch the Android Launcher, which is a menu of different applications installed on the device. He noted that the Android 5.1 is severely outdated. Current Android runs version 14. When asked if Android 5.1 is still supported by the manufacturer, Dr. Halderman answered, “it is not.”
Counsel then asked the tech what he could do with this type of access, to which he responded. The transcript reads:
“Well, here we have the file manager. This is an application that will let me on-screen navigate through the files on the machine. You can use that to copy or delete files or to open them up in an on-screen text editor and edit or even change the contents of the file on the screen.
Here, we have the settings icon that allows you to change any of the operating systemwide settings or to remove or install software on the device.
So through the settings applications is one way that someone could directly install malware using this safe mode vulnerability.”
Dr. Halderman then discussed an application called the terminal emulator. He described it as “particularly powerful.” The terminal emulator allows you to run a command called SU, or “Super User”. This is used to bypass the operating system's security controls. Dr. Halderman said a computer would typically challenge you for a secret password to gain this type of Super User access. But utilizing this BIC pen hack, Dr. Halderman was able to simply gain that access through a simple prompt:
“Would I like to allow superuser access, allow or deny?”
Dr. Halderman described what he was able to accomplish with this type of access:
“Well, gosh, it — superuser access would allow me to — to read, to modify, or to change any of the data or software that is installed on the device.”
He was asked, “Are there any limits to what you could do to a ballot using this access?”
“To the ballot data on the machine? No,” he responded.
“Are there any limits to what you could do to the election software on the BMD with this access?”
“No.”
But this hack wasn’t discovered by Dr. Halderman. And it wasn’t discovered recently. In fact, this critical vulnerability was published by the US Elections Assistance Commission (EAC) on January 16, 2020, 11 months before the 2020 Presidential Election. According to Dr. Halderman, it was the first month that Georgia deployed the Dominion ICX BMDs.
Dr. Halderman previously received a Dominion ICX BMD for his initial testing and subsequent report in August of 2020, almost eight months after this vulnerability was discovered by the EAC. It wasn’t remedied then and it doesn’t seem to have been remedied to this day, a full four years later. The machine Dr. Halderman utilized in the courtroom for the demonstration was provided by Fulton County’s elections department in the configuration used currently in elections.
This was just one of many vulnerabilities that were demonstrated in Judge Amy Totenberg’s federal courtroom.
The Smart Card Hacks For Just $30
The Dominion ICX BMD has several variations of cards that are used to allow different functions. Among them, technicians have a specific card. Poll workers have a specific card. And voters, after they check-in, are given a “one-time use” card to vote.
Next, Dr. Halderman demonstrated a vulnerability using a counterfeit poll worker card. For this ‘hack’, Dr. Halderman purchased some smart cards online for about $10 each. There are no restrictions from purchasing these cards online, as he noted. He then utilized a USB smart card reader for $20 on Amazon and was able to use that to create a counterfeit poll-worker card for the Dominion ICX BMD.
Dr. Halderman then created a voter card by utilizing his software and the same equipment mentioned above. This voter card differed from the ones issued at a polling location in that it can be used an infinite number of times and in any location countywide for the same election. Typically, a voter card issued to a voter by a poll worker is a one-time use card.
The third type of card that Dr. Halderman was able to make was more significant. This card is called a technician card and it can be utilized to install malware. Dr. Halderman testified:
“So a technician card is the third kind of Smart card for the ICX BMDs. A technician card is sort of like a master key. It unlocks a technician menu from which service workers at the county or Dominion personnel perform functions like loading the ballot designs before an election or performing software updates.”
He then inserted the technician card into the Dominion ICX BMD and bypassed the pin prompt that appeared. Then a prompt on-screen appeared and said that the menu is unavailable while the poll is open. His counterfeit technician card was able to bypass that safeguard as well.
With this access, Dr. Halderman was able to back out of the application that runs during the election and access the Android desktop. He then gained Super User access, once again, but this time with a simple Smart card he created using items purchased online for about $30 and “without access to any secret information.” This would be undetectable as inserting a card into the Dominion ICX BMD is a required function by the voter when they use the machine.
Counsel then asked him:
“Can automated commands be used to cause the machine to print ballots that do not reflect the voter’s intentions?”
“Yes, they can.”
“Did you need any nonpublic information to make the technician card?”
“Remarkably, no,” he responded.
It gets worse. Much worse. Biden will win in 2024!
Initially, last week a tech with a BIC pen pressed the reset button on the back side of the Dominion ICX BMD for approximately 5 seconds, which rebooted the machine into “Safe Mode”. Dr. Halderman was able to do this without removing or breaking any of the safety seals that are installed on the machine to “prevent” tampering.
Once the Dominion ICX BMD was booted into “Safe Mode,” the tech was able to launch the Android Launcher, which is a menu of different applications installed on the device. He noted that the Android 5.1 is severely outdated. Current Android runs version 14. When asked if Android 5.1 is still supported by the manufacturer, Dr. Halderman answered, “it is not.”
Counsel then asked the tech what he could do with this type of access, to which he responded. The transcript reads:
“Well, here we have the file manager. This is an application that will let me on-screen navigate through the files on the machine. You can use that to copy or delete files or to open them up in an on-screen text editor and edit or even change the contents of the file on the screen.
Here, we have the settings icon that allows you to change any of the operating systemwide settings or to remove or install software on the device.
So through the settings applications is one way that someone could directly install malware using this safe mode vulnerability.”
Dr. Halderman then discussed an application called the terminal emulator. He described it as “particularly powerful.” The terminal emulator allows you to run a command called SU, or “Super User”. This is used to bypass the operating system's security controls. Dr. Halderman said a computer would typically challenge you for a secret password to gain this type of Super User access. But utilizing this BIC pen hack, Dr. Halderman was able to simply gain that access through a simple prompt:
“Would I like to allow superuser access, allow or deny?”
Dr. Halderman described what he was able to accomplish with this type of access:
“Well, gosh, it — superuser access would allow me to — to read, to modify, or to change any of the data or software that is installed on the device.”
He was asked, “Are there any limits to what you could do to a ballot using this access?”
“To the ballot data on the machine? No,” he responded.
“Are there any limits to what you could do to the election software on the BMD with this access?”
“No.”
But this hack wasn’t discovered by Dr. Halderman. And it wasn’t discovered recently. In fact, this critical vulnerability was published by the US Elections Assistance Commission (EAC) on January 16, 2020, 11 months before the 2020 Presidential Election. According to Dr. Halderman, it was the first month that Georgia deployed the Dominion ICX BMDs.
Dr. Halderman previously received a Dominion ICX BMD for his initial testing and subsequent report in August of 2020, almost eight months after this vulnerability was discovered by the EAC. It wasn’t remedied then and it doesn’t seem to have been remedied to this day, a full four years later. The machine Dr. Halderman utilized in the courtroom for the demonstration was provided by Fulton County’s elections department in the configuration used currently in elections.
This was just one of many vulnerabilities that were demonstrated in Judge Amy Totenberg’s federal courtroom.
The Smart Card Hacks For Just $30
The Dominion ICX BMD has several variations of cards that are used to allow different functions. Among them, technicians have a specific card. Poll workers have a specific card. And voters, after they check-in, are given a “one-time use” card to vote.
Next, Dr. Halderman demonstrated a vulnerability using a counterfeit poll worker card. For this ‘hack’, Dr. Halderman purchased some smart cards online for about $10 each. There are no restrictions from purchasing these cards online, as he noted. He then utilized a USB smart card reader for $20 on Amazon and was able to use that to create a counterfeit poll-worker card for the Dominion ICX BMD.
Dr. Halderman then created a voter card by utilizing his software and the same equipment mentioned above. This voter card differed from the ones issued at a polling location in that it can be used an infinite number of times and in any location countywide for the same election. Typically, a voter card issued to a voter by a poll worker is a one-time use card.
The third type of card that Dr. Halderman was able to make was more significant. This card is called a technician card and it can be utilized to install malware. Dr. Halderman testified:
“So a technician card is the third kind of Smart card for the ICX BMDs. A technician card is sort of like a master key. It unlocks a technician menu from which service workers at the county or Dominion personnel perform functions like loading the ballot designs before an election or performing software updates.”
He then inserted the technician card into the Dominion ICX BMD and bypassed the pin prompt that appeared. Then a prompt on-screen appeared and said that the menu is unavailable while the poll is open. His counterfeit technician card was able to bypass that safeguard as well.
With this access, Dr. Halderman was able to back out of the application that runs during the election and access the Android desktop. He then gained Super User access, once again, but this time with a simple Smart card he created using items purchased online for about $30 and “without access to any secret information.” This would be undetectable as inserting a card into the Dominion ICX BMD is a required function by the voter when they use the machine.
Counsel then asked him:
“Can automated commands be used to cause the machine to print ballots that do not reflect the voter’s intentions?”
“Yes, they can.”
“Did you need any nonpublic information to make the technician card?”
“Remarkably, no,” he responded.
It gets worse. Much worse. Biden will win in 2024!
Feb 2, 2024 09:01:45 #
Capt-jack wrote:
The BIC Pen Attack br br Initially, last week a t... (show quote)
If we continue using dominion machines, it don't matter how we vote!!!
Feb 5, 2024 10:04:30 #
sabath wrote:
If we continue using dominion machines, it don't matter how we vote!!!
So true!
I keep writing to the GOP about this, zero response from them.
I have to wonder if it's all one big mob in DC all in cahoots to kill America.
We will have to mimic George Washington and Thomas Jefferson to save America.
If you want to reply, then register here. Registration is free and your account is created instantly, so you can post right away.