dChan
Anonymous ID: 09c7b0 Nov. 26, 2020, 12:08 a.m. No.11792841   🗄️.is 🔗kun   >>2946 >>2969 >>2992

Dominion Voting Systems

ImageCast Democracy Suite

ImageCast is a prime example of a vulnerable optical scan system and its associated components. It

debunks the notion that only DRE systems are vulnerable to malicious adversaries. The Democracy

Suite is a paper-based optical scan system that includes an Election Management System (EMS), the

ImageCast Precinct (ICP), a precinct-based optical scan ballot tabulator, the ImageCast Evolution

(ICE), a precinct scanner with optional ballot marking capabilities, and the ImageCast Central (ICC), a

high-speed central ballot scan tabulator based on COTS hardware. As with ClearVote, the use of

COTS components increases transparency, but it may also increase the attack surface. The ICP has a

small touchscreen to allow users, ranging from poll-workers to attackers, to access diagnostic and

configuration settings. The system scans and interprets voter ballots and stores and tabulates each vote

from each paper ballot in compatible ballot storage boxes. An ATI device provides additional

accessibility to voters through “sip and puff” or by allowing them to listen to options as audio with

variable speed and playback functionality. Because the ATI is directly connected to the tabulator, there

is no paper ballot when votes are cast using ATI; further, the direct connection can be exploited by an

attacker to gain control over the system. The ICE scans, interprets, and tabulates voter ballots and it

displays them back to the voter through an LCD display. The ICC is a central ballot tabulator that

relies on a Canon DR-X10C or Canon DR-7550C scanner and a proprietary ballot processing

application software [12]. Exploits for these COTS systems can be easily found online and used to

disrupt the paper audit trail.

In one 2012 Wyle Laboratories security assessment of the suite for the EAC, the EMS, which was

hosted on a Sell Precision T1500 with a Rocsecure Commander 2UE external hard drive, password

policy complexity was disabled, administrative and guest accounts had not been disabled or renamed,

the backup and restore privilege was disabled, “audit shutdown system if unable to log security audits”

was disabled, “FIPS Compliant Algorithms for Encryption Hashing and Signing” were disabled, and

several user accounts were found to perform tasks outside their defined roles. Analysis of the ICP

19

 

found that USB ports were properly disabled and the RJ45 connector only allowed for operation of the

ATI device. Networked connection to the system was disabled (except the connection light) and no

information was accessible. In the ICE, a hole was discovered in the ballot box that was large enough

to permit “ballot stuffing”. All other access points appeared to be locked or sealed [17].

 

https://icitech.org/wp-content/uploads/2016/09/ICIT-Analysis-Hacking-Elections-is-Easy-Part-Two.pdf

 

They don't mention anything about the fact that Dominion themselves are compromised.

Anonymous ID: 09c7b0 Nov. 26, 2020, 12:28 a.m. No.11792961   🗄️.is 🔗kun   >>2971

April 16, 2018

Michael Walker

VSTL Project Manager

Pro V&V (Sent via e-mail)

700 Boulevard South, Suite 102

Huntsville, Alabama 35802

RE: Approval of ES&S EVS 5.4.1.0 Test Plan

Dear Michael Walker,

This letter is to inform you that Rev. C of the test plan submitted by Pro V&V for the testing of Election

Systems and Software (ES&S) EVS 5.4.1.0 voting system has been reviewed and approved. Per section

4.4.4.3 of the EAC’s Testing and Certification Program Manual (“Program Manual”) a test plan is approved

based on the information submitted. Test plan approval indicates the following:

• Approval simply signifies that the tests proposed, if performed properly, appear to be sufficient to

fully test the system. A final determination of the sufficiency of the testing is a global evaluation

based on the test plan, test cases, and test report reviews, as well as the EAC’s Quality Monitoring

Process outlined in Chapter 8 of the Program Manual.

• Approval allows the test laboratory to begin test case development, testing, and test report submittal.

• A test plan is approved based on information submitted. It is not known if relevant information was

omitted that would affect the testing campaign.

• The test plan is a living document and is expected to change and be updated during various phases of

the testing life cycle. A final version that reflects all of the testing completed (e.g. TDP, Hardware,

and Software) should be submitted to the EAC at the completion of testing. If this final “as run” test

plan does not reflect all the testing required, the EAC reserves the right to request further updates to

the test plan and possibly additional testing.

I also want to take this opportunity to remind you of the EAC’s requirements following approval of a test

plan. Section 4.5 of the Program Manual requires VSTLs to report any changes to a voting system or an

approved test plan directly to the EAC. Under this section, Manufacturers are required to enable VSTLs to

report all test failures or anomalies directly to the EAC. In addition, for further guidance on this matter, please

refer to Section 4.5.1 for information regarding the reporting requirements for changes to a system or test plan

during testing, and Section 4.5.2 for information regarding the reporting requirements for anomalies or

failures found during testing.

Section 4.6 of the Program Manual lays out the various requirements for the submission and approval of a test

report.

If you should have any questions regarding the approval of the test plan referenced above, or the rest of the

EAC’s certification process please contact me.

Brian J. Hancock

Director, Testing and Certification

cc: ES&S