In 2018 Professor Halderman kicked things off in a federal court (Georgia) with an explosive 25k-word (sealed) affidavit. In sum: "the machines are shite".
Judge Totenberg still refuses to unseal it.
So I am unsealing it myself. National Security etc.
Pat Byrne, Journalist
"Over...15 years, I and other experts have repeatedly documented serious cybersecurity problem with these machines...numerous hardware and software security flaws, as well as ...weakness cannot be repaired through software updates.... every DRE ... in Georgia is vulnerable..."
"An attacker who can modify that software by infecting the machines with malware can cause the machines to provide any result of the attacker's choosing... I have demonstrated that, in just a few seconds, anyone can install...malware ... that will silently alter... every vote."
"We...develop[ed]...malware... that could infect the machines and steal votes. The malware modifies all of the vote records, audit logs, and protective counters stored by the machine, so that even careful forensic examination of the files would find nothing amiss."
"The malware was programmed to inspect each ballot as it was cast and modify the minimum number of votes necessary to ensure that the attacker's favored candidate always had at least a certain percentage of the total."
"We also developed a...virus that could spread ...malware... from machine to machine...propagated by the removable memory cards ...officials use to program the ballot design... By exploiting vulnerabilities...an infected memory card can spread the ...virus to the machine.
"...vulnerabilities reflect deeper architectural problems that cannot be corrected through software changes. Since all records of the vote are under software control, if there is any way for malware to infect the machine, the election results can be compromised."
"...Therefore, it is almost certain that the serious vulnerabilities discovered in these studies remain uncorrected in the software on Georgia's machines" [NB Halderman was writing 15 months before these same machines were used in the election of November 2020].
"Moreover...the machines rely on Windows CE... operating system. This software has not been supported by Microsoft in several years and has... significant vulnerabilities... Georgia's machines apparently have not had this operating system software updated since at least 2005."
"...Georgia's machines...apparently have not received software updates to correct any of the many security flaws discovered over the last 13 years , yet they remain in use."
"The security features built into Georgia's voting machines are inadequate to defend against cyberattacks. Whether voting machines are connected to the Internet is irrelevant...."
"One would expect a skilled attacker's work to leave no visible signs."
None of Halderman's recommendations were implemented.
15 months later came the notorious November 2020 election.
SoS Raffensberger insisted these same machines be used in Georgia's 2022 and 2024 elections.
They are still used in 30% of US counties (primarily swing state).
NB My possession of Halderman's long-sought 2018 affidavit is unrelated to any of my lawsuits. I received it in my capacity as a journalist over 2 years ago and have sat on it since.
Given the date and the stakes, it would be wrong to hide it any longer, I think.
To download the full PDF of Halderman's affidavit, go to DeepCapture:
deepcapture.com/2025/01/profes…
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.