CD Media
Analysis

Expert Report From Election, Information Assurance And Cyber Security Systems Matter Expert

Expert Report From Election, Information Assurance And Cyber Security Systems Matter Expert
Image by Joe Ravi

The Election Laws We Have

Almost two decades ago, Congress passed the Help America Vote Act of 2002 (HAVA). One of the motivations to draft the bill was the controversy that surrounded the 2000 presidential election. The purpose of HAVA was to systemize guidelines and procedures that would be comprehensive and easy to follow—thus installing confidence and agreement in election results.

In the same year, the Federal Information Security Management Act of 2002 (FISMA) was enacted. One of FISMA’s purposes was to secure government information and create standards that would protect the nation’s information security including cybersecurity and other information structures.

In addition to these federal guidelines, HAVA instructed the Election Assistance Commission (EAC) to develop voluntary voting system guidelines, which states may adopt if they so choose. While HAVA and FISMA are mandatory federal guidelines, state implementation of EAC guidelines varies.

When an election is contested, the first consideration should be if the election met the federal standards of HAVA, FISMA, that state’s implementations of EAC guidelines and the state’s own laws.

Did the 2020 Election Meet the Requirements in Current Election Law?

The simple answer is no. In 2020 the vote failed to meet requirements of HAVA, FISMA and EAC guidance on multiple levels. Since multiple aspects of these guidelines were violated, we must comprehensively audit all aspects of this election and repair the result, where possible. Without an honest, fair, and free election process the country’s democratic principals will cease to exist.

If the violations of the guidelines are too extensive to fix, we must revote where possible. On a state and local level this is as simple as moving to a special election. For the President/Vice- president the issue is without precedent but ample precedence exists for fixing congressional and senatorial elections.

It is also imperative that we perform thorough forensic investigations in every state for possible criminal conduct and prosecute any that is found.

Voting in 2020

If we are going to understand what happened in the 2020 election, we have to understand the way voting today works. We have long past the old days of a paper ballot cast in the presence of multiple locals and candidates who were often known to the voters at a local level.

Today voting systems consist of machines, procedures, policies, boundary protections, and boundary guards. The system is quite complex, but the law requires compliance with all the major system components. Failure to comply breaks certification and makes using the system illegal and fraudulent. It is clear from the laws that certification of an election outside permitted boundaries is simply not allowed without review. Retention of all auditable items is also required for 22 months. The massive number of irregularities already identified in the 2020 election raises serious concerns and makes the case that these audits should begin immediately in order to fully understand what took place.

While the voting system is quite complex it can be summarily explained by this diagram.

Types of Voting & Their Processes

There are essentially four types of incoming votes: mail-in, absentee, in-person, and provisional. Each is listed below with a generalized representation of the process associated with it.

Mail-in

  1. Voter receives unsolicited or solicited mail-in ballot.
  2. Voter follows instructions which includes filling out or attaching the required personal identification data on the security envelope, ballot is marked and put into a security envelope and sealed. Security envelope is inserted in a mailing envelope, sealed and mailed. ID information required varies significantly from state to state as does other aspects of mail-in votes such as signature, notarization, DOB, address, etc.
  3. Ballot is received at mail facility or deposit drop box then forwarded to the vote counting center.
  4. Voting center receives ballot through mail or from drop boxes
  5. Table’s count and batch votes, batches registered now or after judging
  1. The condition and where the ballot came from is checked and/or observed by election judges/observers from both parties.
  2. Rejected ballots are sent to provisional status for further review or destructions if ID, condition, or intent cannot be determined.
  3. Accepted ballots are turned into accepted vote proxies as secret ballots. Security envelope is removed and kept while the ballot is forwarded for counting in a secrecy/security envelope or folder.

Absentee

  1. V oter fills-in application per state instructions.
  2. Serialized absentee ballot are sent to the voter.
  3. Voter follows instructions which includes filling out personal identification data on the security envelope, ballot is marked and put in security envelope and sealed. Security envelope is inserted in mail envelope, sealed and mailed. ID information required varies significantly from state to state as does other aspects of mail-in votes such as signature, notarization, DOB, address, etc.
  4. Ballot is received at mail facility or deposit drop then forwarded to Vote Counting Center
  5. Voting center receives ballot through mail or from drop boxes
  6. Table’s count and batch votes, batches registered now or after judging
  7. The condition and where the ballot came from is checked and/or observed by election judges/observers from both parties.
  8. Rejected ballots are sent to provisional status for further review or destructions if ID, condition, or intent cannot be determined.
  9. Accepted ballots are turned into accepted vote proxies as secret ballots. Security folder or envelope is removed and kept while the ballot is forwarded for counting in a secrecy folder.

In Person

  1. Voter is verified by poll workers using a variety of approved means.
  2. Voter is certified by both parties and given a vote proxy, approved ballot to cast.
  3. Voter fills in ballot, uses a DRE-printer or EBM machine to generate and cast ballots. With Dominion Voting Systems the casting is usually done in a second step at a bulk or low volume image casting machine. Vote is read and image of the ballot is captured along with meta-data. Image is stored on image caster internal memory and external memory card.
  4. Physical ballot is stored.
  5. Rejects are repaired on the spot if handled properly.
  6. Final ballots are cast.

Provisional

1. When condition, origin of vote or intent are unclear, further judgement is required— usually conducted by members of both parties,

2. The ballot is approved, repaired or discarded based on strict legal procedures of the state and sent to counting or discarded

Casting

1. Ballot is scanned and read. Image file, data, metadata and ballot counts are recorded electronically on internal devices and external memory cards/encrypted hard drives.

Tabulation

  1. Memory cards and encrypted hard drives are read by tabulators.
  2. Results are forwarded to a management server.

Management Server

  1. Prepares vote tallies and reports
  2. Management edits and reports are made locally or from remote systems.
  3. Data files or reports are sent to the state.

What we need

Based on numerous affidavits and credible examples of breeches in law, lapses of OpSec, procedural failures and accuracy the election needs a full forensic audit. Extensive manual records are supposed to be kept of voters, verification steps, custody transfer, judgements/adjudication, ballots and security envelopes. The proof is in the discrepancies between these logs, physical records, ballots, envelopes and the electronic data. Image cast data is a critical target for auditing; comparing vote tabulation, images and the original ballots. This can do work iteratively using valid sufficiently large randomized sampling, exhaustive reconciliation, and then, if necessary, full recount by hand or in cases where casting is not polluted re-tabulation. Costs are high, but this is amongst the most important things we do as a country.

What we need to examine

Guard Functions such as:

  • Logs and books
  • V oter identification
  • Mail-in/absentee verification requirements
  • Locked ballot boxes
  • Chain of custody documents
  • Data Cards/flash drive not allowed inbound or outbound
  • Ballot inventory control
  • Inspections entering and leaving
  • Observer statements

Protection functions intacts:

  • Locked boxes
  • Locked doors
  • Guards
  • Ballot boxes
  • Seals
  • Backup memory Certification and Compliance Map and Review:
    • HAVA Federal Elections 1:500,000 ballot transposition errors, hundreds of certification controls, NIST 908 security controls
    • EAC – State law
    • FISMA under critical infrastructure designation
    • FIPS199
    • SP800-53 Rev4 Misconduct observed:
  • Illegal adjudication
  • Offsite scanning
  • Ballot forgery
  • Ballot destruction
  • Pre-printed ballots
  • Observer interference
  • Legal requirement ignored of waived
  • Provenance by-pass
  • Software updates during lockout period or without recertification
  • Traces of unauthorized actions Examples of critical external failures:
    • Observers not present
    • Ballot dumps
    • Cards and USBs coming and going without control
    • Signature verification not completed
    • Hard drives and cards entering and leaving
    • No controls at ballot drops
    • No video of ballot drops
    • No custody transfer
    • No ballot logs or controls
    • Ballot insertions
    • Off-site opening or processing

• Ballot counts not equal to vote tally

Examples of critical internal failures observed:

  • No observers
  • Unvetted visitors
  • Failure of edge controls
  • Failure to check security envelopes
  • Uncontrolled use of adjudication stations
  • Loading and unloading data
  • Continued operation after close
  • Ballot entry off hours
  • Malware or algorithms
  • Internet connections
  • Certification failures Conclusions There is a common misperception, when a system is uncontrolled, it cannot be trusted. HAVA based certification is quite stringent. It is not just the machines but every step of the process, the guarding functions, policies and procedures that all work together to ensure there are honest elections that must remain intact. Any failures render some ballots invalid, these are errors just as much as a machine counting error. If the total number of ballots affected by any lapses of law or procedure are in excess of the allowed error rates the election was not legally certified(1:500,000 ballot positions). The certifications are largely invalid in critical jurisdictions and should be invalidated. We need to understand what happened during this election. We need to repair the portions of the election we can and need to invalidate and redo those portions we cannot. Further, we need to punish anyone criminally involved in this fiasco. We need to make sure this never happens again.

Keep The Truth Bombs Coming From CDMedia! Donate!  

Related posts

Westport School Superintendent Threatens Parent Concerned With Sexualized Video Shown To Elementary Students…What Is ‘Child Grooming?’

CD Media Staff

Baris Discloses Coming CDMedia/Big Data Poll in Georgia To Be Released Today

CD Media Staff

The Battle You Thought You Knew…Iwo Jima

Joseph Hammond

1 comment

Christine Bushong August 5, 2021 at 7:56 pm

Who is responsible for enforcing these laws? If they are federal laws, I suppose it would be the DOJ, and since nothing has been done, they must be complicit. Who oversees the DOJ? Congress? Worthless there, too. How about suing the feds for failing to enforce the laws like this and immigration? Is there any recourse? Why have laws if they are not enforced?

Reply

Leave a Comment

Subscribe to our evening newsletter to stay informed during these challenging times!!

Clicky