You are viewing a single comment's thread.

view the rest of the comments →

krypt ago

WRONG OP TITLE, Omits deliberate crypto weaknesses seen in actual source code, not mentioned at all in this PDF!

OMITS deliberate exploitable crypto and security weakneses , :

https://voat.co/v/QRV/4117743/

highlights from actual source code analysis :

MY REVELATIONS (not so secret)

Source code defects in "Dominion Democracy Suite Voting System" I pronounce include :

SHA-1 is a Shambles:

(PDF) https://eprint.iacr.org/2020/014.pdf

  • Use of MD5 : MD5 is only good for corruption detection, NOT security! NSA banned it in 2001. FIPS 140-2 from 2001 says to use approved secure hashes. People have published "collisions" of any MD5, if bytestream can be stretched.

  • Weak crackable AES 128 bits used!!! Should be AES 256, but the code silently drops it to AES 128 in undocumented fashion.

  • Debugging harness code hidden in production firmware builds allows anyone with debugger harness access to RAM space. (proven). Debugger harness can be attached to innocent looking Android Cell Phone and a Arduino dongle, by a voter!.

  • Hard coded encryption keys hidden in source code (yes really)

  • Sensitive keys are stored on disk unencrypted and a external device can trivially read these critical crypto keys.

  • Hard coded encryption keys hidden in source code of the master vote tabulator for the precincts (yes really)

  • Random number and entropy routine to make live challenge-response keys lacks enough entropy and thus makes VERY CRACKABLE transmission keys.

Note that the diversity hire chin-tapping retard code reviewers hired by State of California to find those exploits found NONE and put NONE in their August 2019 security overview report shown here : (PDF) https://votingsystems.cdn.sos.ca.gov/vendors/dominion/dvs510software-report.pdf

That corrupt Democrat-loving code review company is called "Gaming Laboratories International, LLC" A casino machine review company hired to look for gambling exploits in random number generators and nothing else, it seems.

https://gaminglabs.com/ found NOTHING I mentioned in the ICP2 firmware/hardware 473,991 lines of source code. They found NO PROBLEMS of democrat inserted cryto weakneses I listed! Bwah hah hah hah hah! Neither did CodeMonkey or his pals yet.

Are we living in CLOWN WORLD, when women and diversity skin retards are hired for penetration source code analysis?

Rudy Giuliani press conference Nov 19th states strongly WHY NO DEFECTS FOUND by engineers other than in Texas. Dominion promises re-election to those who allow its purchase in States!

All the exploitable weaknesses above could be used to rig an election on a machine, within a machine, though on vote night EXTERNAL COUNT manipulation via Q-Snatch NAS and compromised MS Windows via Europe was more visible,

Leftist Democrat Soros shills and Tel Aviv Jews on voat will downvote this.

JEW SHILLs DOWNVOTE my priceless truths!

Not one of those security exploit holes snuck into the source are in that OP PDF. Also not listed above are actual special "missing lines of code" in logic.

MISSING LINES?

Yes. The Dominon source code actually has lots of vital lines of code missing. Many "switch" case statements do not have default cases, for "none of the above" or "default" else. This is a classic way to hide a large chunk of code from functioning, requested by NSA, not merely a single missing logic line. I think Apple's SSL was once hacked that way by a bad actor engineer. Professional programmers write error handlers for unexpected cases in a switch statement. Criminals and diversity hires, do not.

Likewise, choosing ANY of the crypto weakness I mentioned is highly suspect. I listed 10 true absolute critical defects in security.

Nothing I listed is on any web site it seems, not even the newbie CodeMonkeyZ related people, but voat has it. Voat has these exploitable holes listed.

And now , you have Dominion exploitable weakness list too. Though you need the 473,991 lines of source code of ICP2 firmware, to see which case statements in the C/C++ code for the vote machines can be used to leverage a full firmware mod attack, and I am not putting one word of source code onto voat.

Speaking of source code, none of this post is secret or confidential and can be gleaned by very strong due dilligence.