Rick Weible holds up his laptop with ElectionWare software as he demonstrates severe vulnerabilities during a Brookings Co. Board Meeting on March 19th.
On March 19th at a County Commission meeting in Brookings County, South Dakota, Rick Weible, an election integrity activist and founder of Midwest Swamp Watch, conducted a real-time exposé of ES&S ElectionWare software vulnerabilities. Sitting in front of the five board members present for the meeting, Weible began his presentation using just his laptop and a USB drive.
His testimony was specifically regarding ES&S’s ElectionWare software, however, most of the vulnerabilities have been discovered across other election vendor’s systems, including Dominion Voting, who’s vulnerabilities were documented in the Federal Curling v. Raffensperger trial in January, as reported by The Gateway Pundit.
Weible began his brief 5-minute testimony by claiming that he was sent a “critical piece of evidence from somewhere else in the country using the same voting system that [South Dakota] is certified for.” He then highlighted that the system conforms with the federal government’s Elections Assistance Commission (EAC) certifications.
Here is the transcript:
Rick Weible: And I’ll just tell you flat out that it does conform to the certificate that is published by the EAC. Four of our counties also have the same type of hard drive. What I can show you immediately is that I was able to take a forensic copy of that hard drive and actually boot up the electionware system on a non-conforming laptop. That is a complete violation of the certificate which required that the trusted platform module be enabled.
It would be impossible normally for that hard drive to go off of a certified machine that is communicating with its chip to be able to boot up on here. And, the other piece of evidence that I have of nonconformity is that you will notice that I have a thumb drive on the side of it. That thumb drive is a bit locker key that is used to basically allow the security of the laptop to boot up. That is another violation because what is supposed to happen is it should be on an official Delkin thumb drive that is supposed to be serialized and secure. So I’ve just given you two pieces of evidence.
I’ve also shown another piece of evidence in other states that have published in lawsuits because their auditors and attorney generals and state’s attorneys did not do due diligence of publishing the manuals online in the court cases. Sheriff Stanick can confirm on page ten of this manual, the default administrator user and password is publicly available on the Internet. And I have that copy here. And I showed Sheriff Stannick page ten and he can confirm that the password is there and not redacted. The other manuals for the complete system, including the DS 200, 450 and 850, all of those passwords are available online as default.
We are also aware that when Sea Change was in charge of the elections during the last few years, the default password was “election one,” and it was universal across all the states that they were operating in. Thankfully, we’re using ES&S directly and they should be changing those passwords. My recommendation is that the password should be different for each of the machines. Don’t use the same password across the spectrum so that you can help delay it. The other piece is that you’re probably wondering if I can even log in to this laptop to actually get in.
Yes, I can. And there it is going in right now. So I have been able to even circumvent their security and default the password to whatever I wanted it to be. And there is the electionware software. And yes, now I have the ability to decrypt the thumb drives of this county and any other county across the United States that’s using electionware 6.1.1 so we could view the Casco(?) records and valid images.
So the fact that now I’ve just shown you this piece of evidence, I understand that my life is at risk and that the United States does not want this to be known that this software is available on the dark web, the manuals are publicly available out on the Internet in multiple states and our elections are not secure and we should be requesting immediate change orders of ES&S to update the antivirus. They have not even updated the security patches of this laptop since 2019 or the antivirus since March 29, 2019. The four counties that use this laptop in our state are 100% at risk. Also the DS 200s, 400s and 50s, and 850s have no antivirus on them whatsoever.
So if you get a new thumb drive from ES&S and plug it in, even this laptop is unaware of potentially the last five years of vulnerabilities that have hit the US. Thank you.
USB Evidence
Despite conforming with EAC certifications, Weible was allegedly able to boot up a “forensic copy” of the election system’s hard drive on a “non-conforming laptop” which he claims is a “complete violation of the certificate” which “required that the Trusted Platform Module be enabled.”
Weible testified:
“What I can show you immediately is that I was able to take a forensic copy of that hard drive and actually boot up the election ware system on a non-conforming laptop. That is a complete violation of the certificate, which required that the Trusted Platform Module be enabled. It would be impossible normally for that hard drive to go off of a certified machine, that is communicating with its chip, to be able to boot up on here.
And the other piece of evidence that I have of non-conformity is that you will notice that I have a thumb drive on the side of it. That thumb drive is a BitLocker Key that is used to basically allow the security of the laptop to boot up. That is another violation because what is supposed to happen is it should be on an official Delkin thumb drive that is supposed to be serialized and secure.”
BREAKING NEWS
Rick Weible presents new evidence of ES&S vulnerabilities at yesterday’s March 19, 2024 Brookings County Commission Meeting.
Now it’s public record.
Is his life at risk?
He seems to think so.#ElectionIntegrity#WeThePeopleCount#LimitGovernmentNotPeople pic.twitter.com/4dNc69fqLv
— Barry Wernick (@Wernick4Dallas) March 20, 2024
Former Voting System Test Labratory (VSTL) tester Clay Parikh confirmed Weible’s findings. Parikh told The Gateway Pundit:
“He is 100% accurate on all of it. The vendors always say you can only use a specific USB drive, but they never configure it to check for that.
One of the security measures with BitLocker is that you can have the BitLocker pin or certificate loaded onto a USB drive for recovery. Therefore, the machine should not be able to boot up unless it has the correct BitLocker pin in it. What he did was put the pin on an uncertified USB drive that the operating system should not have recognized to begin with.”
Publicly Available Passwords
After discussing the vulnerabilities regarding unauthorized USBs bypassing the system’s security controls, Weible mentions that “other states” have published manuals in court cases and on the internet without doing their due-diligence. The manuals contain the unredacted default user name and passwords that are used by administrators.
Other manuals for the ES&S DS200, DS450, and DS850 are have their default passwords available online as well. Further, previous passwords were changed to “Election1” and made universal across several states utilizing the same election vendor, according to Weible.
Even without using the publicly available default passwords, he was able to “circumvent their security and default the password to whatever [he] wanted it to be.” This allowed him to “decrypt the thumb drives of this county and any other county across the United States that’s using ElectionWare 6.1.1.1.”
Security Patches?? Antivirus??
Lastly, Weible said that we should be requesting “immediate change orders”, referred to as Engineering Change Orders or ECOs, from ES&S to update the antivirus on the systems. According to him, ES&S has not updated the security patches since 2019 or the antivirus since March 29th, 2019.
“The four counties that use this laptop in our state are 100% at risk,” said Weible.
And even more shocking: Weible claims the DS200s, 450s and 850s have no antivirus on them whatsoever. So if you get a new thumb drive from ES&S and plug it in, even this laptop is unaware of the last five years of vulnerabilities that have hit the US.”
In a follow-up article, we will compare these findings regarding the ES&S machines and software with those of other election vendors that have strikingly similar vulnerabilities that investigators have uncovered over the last few years.
The post “I Understand My Life is at Risk” – Election Integrity Activist Rick Weible Alleges in Real-Time Demonstration Vulnerabilities in ES&S Voting Software During County Board Meeting appeared first on The Gateway Pundit.