On March 19th at a County Commission meeting in Brookings County, South Dakota, Rick Weible, an election integrity activist and founder of Midwest Swamp Watch, demonstrated how easy it is to hack ES&S voting software. Five board members attended the demonstration. We have already seen similar demonstrations using Dominion Voting Machines. Weible began his brief 5-minute testimony by claiming that he was sent a “critical piece of evidence from somewhere else in the country using the same voting system that [South Dakota] is certified for.”
Here is the transcript:
Rick Weible: And I’ll just tell you flat out that it does conform to the certificate that is published by the EAC. Four of our counties also have the same type of hard drive. What I can show you immediately is that I was able to take a forensic copy of that hard drive and actually boot up the electionware system on a non-conforming laptop. That is a complete violation of the certificate which required that the trusted platform module be enabled.
It would be impossible normally for that hard drive to go off of a certified machine that is communicating with its chip to be able to boot up on here. And, the other piece of evidence that I have of nonconformity is that you will notice that I have a thumb drive on the side of it. That thumb drive is a bit locker key that is used to basically allow the security of the laptop to boot up. That is another violation because what is supposed to happen is it should be on an official Delkin thumb drive that is supposed to be serialized and secure. So I’ve just given you two pieces of evidence.
I’ve also shown another piece of evidence in other states that have published in lawsuits because their auditors and attorney generals and state’s attorneys did not do due diligence of publishing the manuals online in the court cases. Sheriff Stanick can confirm on page ten of this manual, the default administrator user and password is publicly available on the Internet. And I have that copy here. And I showed Sheriff Stannick page ten and he can confirm that the password is there and not redacted. The other manuals for the complete system, including the DS 200, 450 and 850, all of those passwords are available online as default.
We are also aware that when Sea Change was in charge of the elections during the last few years, the default password was “election one,” and it was universal across all the states that they were operating in. Thankfully, we’re using ES&S directly and they should be changing those passwords. My recommendation is that the password should be different for each of the machines. Don’t use the same password across the spectrum so that you can help delay it. The other piece is that you’re probably wondering if I can even log in to this laptop to actually get in.
VISIT OUR YOUTUBE CHANNELYes, I can. And there it is going in right now. So I have been able to even circumvent their security and default the password to whatever I wanted it to be. And there is the electionware software. And yes, now I have the ability to decrypt the thumb drives of this county and any other county across the United States that’s using electionware 6.1.1 so we could view the Casco(?) records and valid images.
So the fact that now I’ve just shown you this piece of evidence, I understand that my life is at risk and that the United States does not want this to be known that this software is available on the dark web, the manuals are publicly available out on the Internet in multiple states and our elections are not secure and we should be requesting immediate change orders of ES&S to update the antivirus. They have not even updated the security patches of this laptop since 2019 or the antivirus since March 29, 2019. The four counties that use this laptop in our state are 100% at risk. Also the DS 200s, 400s and 50s, and 850s have no antivirus on them whatsoever.
So if you get a new thumb drive from ES&S and plug it in, even this laptop is unaware of potentially the last five years of vulnerabilities that have hit the US. Thank you.
Weible testified:
“What I can show you immediately is that I was able to take a forensic copy of that hard drive and actually boot up the election ware system on a non-conforming laptop. That is a complete violation of the certificate, which required that the Trusted Platform Module be enabled. It would be impossible normally for that hard drive to go off of a certified machine, that is communicating with its chip, to be able to boot up on here.
And the other piece of evidence that I have of non-conformity is that you will notice that I have a thumb drive on the side of it. That thumb drive is a BitLocker Key that is used to basically allow the security of the laptop to boot up. That is another violation because what is supposed to happen is it should be on an official Delkin thumb drive that is supposed to be serialized and secure.”
