Today the long-sealed J. Alex Halderman report was unsealed and released to the public. Very sobering findings that must be addressed prior to the 2024 election cycle. But GA SOS has no plans to mitigate this serious security flaws. 1/ conta.cc/441PJrq

Today, the Federal District Court for the Northern District of Georgia unsealed a 96-page report that I wrote w/ Prof. Drew Springall from Auburn University. It describes serious vulnerabilities we found in Georgia's Dominion ImageCast X ballot marking devices. storage.courtlistener.com/recap/gov.usco…

But Dominion also hired MITRE to counter our report: dominionvoting.com/mitre-report/ MITRE didn't do any security tests, yet it asserts attacks are "operationally infeasible", dangerously contradicting CISA's finding that the problems are "real risks" and should be "mitigated promptly".

MITRE's analysis is wrong, because it fails to account for how elections are operated in the real world. It is entirely predicated on a false assumption: MITRE says it "assumes strict and effective controlled access to Dominion election hardware and software."

That was wishful thinking when it was written, and it's ridiculous today, because we've learned that Georgia's Dominion software *has already been stolen and distributed* by unauthorized parties, who had repeated access to the voting equipment. apnews.com/article/2022-m…

The known breaches in Georgia would be sufficient to uncover and exploit every vulnerability we found—and likely others we missed. Yet MITRE’s risk assessment assumes that Georgia perfectly protects the equipment from illicit access across all of its 159 counties.

Our findings are a reminder that elections face ongoing risks that call for vigilance from policymakers, technologists, and the public. Officials like Raffensperger should uphold voter confidence by improving security, not denying or ignoring real problems. Voters deserve better.

Gabriel Sterling MITRE Mike Lindell Marilyn Marks Gabe, the MITRE report is wrong. It assumes "strict and effective controlled access", but your Dominion software has already been stolen. The Coffee County breaches were more than sufficient access for the attacks we discovered. Y'all need to patch.

#Everyone, check this out! The courts are finally letting the public see the report about the serious vulnerabilities in Georgia's election system. If you don't want to read the whole 96pp, read this blog post about it from J. Alex Halderman: freedom-to-tinker.com/2023/06/14/sec…

This is NOT MAGA snake oil. These are real vulnerabilities.

J. Alex Halderman 3/5 J. Alex Halderman wrote a great blog post summarizing and adding context b/c this has been an on-going project for 2.5+ years (since Sept 2020). It's important to remember that... freedom-to-tinker.com/2023/06/14/sec…

These are real vulnerabilities, but Ds will likely ignore them bc the “Big Lie” made it difficult 4 people to distinguish legitimate election security concerns (eg, Russia’s attack on 2016) from MAGA snake oil (2020). Meanwhile, MAGA operatives have breached these systems in GA.

The judge knows Georgia’s voting system is problematic, but she waited too long to rule & then the Big Lie hit & now MAGAs equate vulnerabilities w/ proof that Trump “won” (which is idiotic, but they are idiotic), making everyone else too afraid to acknowledge real concerns. 1/

The line between academic election integrity research and election denialism is bright and clear. If it looks blurry, check the prescription on your political lens 🤨

Philip Stark Gabriel Sterling MITRE J. Alex Halderman Mike Lindell Marilyn Marks Cybersecurity and Infrastructure Security Agency What the hell is wrong with you, Gabe? Do you also plan to go out and lie again about the Coffee County breach which you falsely claimed on 4/29/22 at the Carter Center "didn't happen"? As you know, you knew full well at the time you made that claim that it absolutely DID happen.

Your claim is null and void It was always about control...

.J. Alex Halderman's report on Georgia's ballot-marking devices was unsealed, and I'll be honest: I'm disappointed in the state's response so far. Responses like this, where Gabriel Sterling lumps Halderman in with Mike Lindell, set a dangerous precedent. …altionforgoodgovernance.sharefile.com/share/view/s45…

The GA SoS is leaning heavily on a report written by MITRE that concludes exploitation of the vulnerabilities is unlikely. But it's worth highlighting this footnote: "MITRE’s assessment[...]assumes strict & effective controlled access to Dominion election hardware & software."

Here are *7* cases from 2017 to 2023 in which an obscure citizen was convicted and sentenced to prison time for having classified material at home -- under the exact same Espionage Act "willful retention" provision Trump is charged under: cnn.com/2023/06/15/pol…

Experts' letter to MITRE: “If MITRE genuinely aspires to 'provide objective analysis' about election systems, it will correct the record now and retract its dangerously misleading analysis.”