By Patrick Colbeck

Prior to the 2022 election in Arizona, plaintiffs Kari Lake and Mark Finchem filed a lawsuit against Arizona Secretary of State Katie Hobbs calling for an injunction against the use of electronic voting systems in the upcoming election. Kari Lake was running for governor against Katie Hobbs.

Lake and Finchem were concerned that the Dominion electronic voting systems in use to manage Arizona elections were riddled with security vulnerabilities that would impact the integrity of the election. As it turns out, their concerns were justified.

Background

The court history of the Lake v. Hobbs lawsuit involves a series of legal challenges and decisions spanning multiple courts, including the Maricopa County Superior Court, the Arizona Court of Appeals, and the Arizona Supreme Court.

Below is a summary of the court history:

Filing of the AZ Lawsuit and Initial Court Decisions:

  • On December 9, 2022, Kari Lake filed an election contest in Maricopa County Superior Court, claiming that the results of the governor’s race should be overturned.
  • On December 15, 2022, Katie Hobbs filed a motion to dismiss, arguing that there was no evidence to support Lake’s claims.
  • On December 19, 2022, Judge Peter A. Thompson dismissed eight of Lake’s 10 counts and narrowed one of the remaining counts.
  • An evidentiary hearing was held on December 21 and 22, 2022, on the remaining two counts.
  • On December 24, 2022, Judge Thompson ruled in the defendants’ favor, rejecting the election contest and confirming Hobbs’s victory.

Appeals and AZ Supreme Court Involvement:

  • Lake filed a notice of appeal in the appellate court on December 27, 2022.
  • She also requested an expedited review by the Arizona Supreme Court, which declined to review the matter at that time because the case was still pending before the appellate court.
  • On February 16, 2023, the Arizona Court of Appeals affirmed the trial court’s ruling in favor of the defendants.
  • On March 22, 2023, the Arizona Supreme Court issued a ruling affirming the lower courts’ decisions dismissing six of the seven counts. However, the Supreme Court sent the case back to the trial court to determine whether the one remaining count should be allowed to proceed or whether it could be dismissed on other grounds.

Final AZ Trial Court Decision:

  • The Maricopa County Superior Court held a three-day trial on the one remaining count in Lake’s case—related to mail-in ballot signature verification.
  • On May 22, 2023, Judge Thompson ruled that Lake failed to prove misconduct by county election officials, once again dismissing the case and confirming Hobbs’s victory over Lake in the 2022 Arizona governor’s race.

Having exhausted remediation by the Arizona court system, the plaintiffs filed their suit with the federal court system.

United States District Court Decision:

  • The first federal court to take up the case (now referred to as Lake v Fontes due to Fontes assuming the position of AZ SoS) was the United States District Court in Arizona.
  • The court dismissed the case on the basis of standing.

United States 9th Circuit Court of Appeals Decision:

  • The plaintiffs filed for an appeal to the 9th Circuit Court of Appeals.
  • The court affirmed the ruling of the lower court.

The 9th Circuit ruling was the latest decision made by the federal courts.

Evidence

Maricopa County, AZ Audit Evidence

One of the often overlooked discoveries that came out of the 2021 audit of Maricopa County, AZ pertains to the fact that there was evidence that the Election Management System (EMS) server was connected to the internet. Perhaps even more alarming is the fact that someone attempted to hide this fact by deleting system logs. Internet history was recovered, however, in “unallocated space” on the server hard drive.

The following assertions were made by cybersecurity expert Ben Cotton in his report to the Arizona Senate in the wake of the Maricopa Audit.

In other words, Maricopa County auditors did not perform a professional examination of the election equipment. Ben Cotton’s efforts revealed that the EMS server was configured to connect to the internet upon startup.

Mr. Cotton further discovered log data noting multiple visits to external URL’s via internet connections.

Not only was there evidence that the Arizona election system in Maricopa County, AZ was connected to the internet, there was also evidence that someone intended to delete such evidence. These findings should have been the headlines out of the Maricopa Audit.

Lake v Hobbs Evidence

The Maricopa Audit formed the foundation for further investigations into the security of electronic voting systems. The original Lake v Hobbs lawsuit featured the following allegations:

  • All Arizona-certified optical scanners and ballot marking devices, as well as the software on which they rely, have been wrongly certified for use in Arizona because they do not comply with the statutory requirements set forth at A.R.S. §16-442(B), making these systems easily vulnerable to manipulation.
  • An independent post-2020 election audit of Maricopa’s electronic voting machines found an 11,592-ballot discrepancy between the official result totals and the equivalent Final Voted File’s totals, demonstrating an inability to reconcile votes.
  • Congressional and other government officials’ warnings that Arizona’s registration system was actually hacked in 2016 and the vulnerabilities remained unremedied.
  • Maricopa election officials did not have the credentials necessary to validate tabulator configurations and independently validate the voting system prior to an election. The vendor, Dominion, had those credentials, and refused the Arizona Senate’s subpoena to produce those passwords in connection with the Senate’s investigation of these voting machines.
  • Despite certifications by the Election Assistance Commission (“EAC”), voting machines like those used in Arizona have been hacked, manipulated, or failed to record votes accurately on multiple occasions
  • Recognized experts have shown that all safety measures intended to secure electronic voting machines against manipulation of votes, such as risk limiting audits and logic and accuracy tests, can be defeated.

Any one of these allegations should call the efficacy and security of electronic voting systems into question.

New Evidence

Since the original filing, new evidence has been revealed that should make it even easier for the court to do what is right. What is this new evidence?

The petitioners finally obtained system log (“SLOG”) files from Maricopa’s 2020 election. The data found in these SLOG (event log) files are at odds with Maricopa’s statements to the district court with respect to material facts on which the district court relied in dismissing petitioners’ claims for lack of standing. Based on that new information, the petitioners amended their allegations to include the following findings from the SLOG files:

  • In place of the Arizona-certified election software that Maricopa claimed to use, Maricopa’s election software has been surreptitiously altered with respect to components controlling how ballots are read and tabulated. The election results put through this uncertified software are unreliable. Contrary to Maricopa’s representations to the district court, the election software Maricopa used in the 2020 election is not approved by the EAC or for use in Arizona in violation of Arizona law.3 The SLOG files show that Maricopa used the same uncertified software in the 2022 election.
  • Contrary to Maricopa’s representations to the district court, Maricopa did not conduct statutorily mandated pre-election logic and accuracy (“L&A”) testing prior to the November 2020 election on all its vote center tabulators. Instead, Maricopa L&A tested only five spare tabulators. Maricopa did the same thing in connection with the November 2022 election.
  • Further, in Dominion’s contract with Maricopa—and its contracts with other counties nationwide—Dominion commits to protecting election data with high-level Federal Information Processing Standard (“FIPS”) level encryption. New evidence shows that, since at least 2020, Dominion configured its machines with the decryption keys in an election database table in plain text—protected by nothing other than Windows log-in credentials that are easily bypassed—enabling any malicious actor total control over its electronic voting systems. This security breach violates common sense, to say nothing of FIPS-level encryption. While this breach has the game-changing magnitude of the Allies’ deciphering Germany’s ENIGMA machine in World War II, it is far worse. Dominion leaves the decryption keys bare, in plain text.

Risks

The new evidence cited reveals additional points of concern regarding the integrity of our elections. Storing decryption keys in plain text on election management system (EMS) servers shown to have connected to the internet introduces several significant risks that can compromise the integrity, confidentiality, and availability of the election process. These risks include:

  1. Unauthorized Access and Data Breach: If decryption keys are stored in plain text, attackers who gain access to the EMS servers can easily decrypt sensitive data, such as voter information, vote counts, and election configurations. This could lead to data breaches, exposing personal information of voters and potentially compromising the secrecy of their votes[1][4][7].
  2. Manipulation of Election Data: With access to decryption keys, malicious actors could manipulate election data, including voter registrations, vote tallies, and election results. Such manipulation could alter the outcome of elections or undermine confidence in the electoral process[1][5][6].
  3. Denial of Service (DoS) Attacks: Attackers could use the decryption keys to decrypt and corrupt critical election data, rendering the EMS servers inoperable. This could disrupt the voting process, delay the reporting of election results, and require significant effort to restore system integrity[2][5].
  4. Spread of Malware: If attackers can access and decrypt sensitive data, they could also inject malware into the EMS servers. This malware could spread to connected voting machines and other parts of the election infrastructure, further compromising election security and integrity[2][5].
  5. Loss of Public Trust: The discovery that decryption keys are stored in plain text and that election systems are vulnerable to attack could significantly erode public trust in the electoral process. A loss of confidence in election security and outcomes could have long-term effects on democratic participation and legitimacy[1][5].
  6. Legal and Regulatory Non-Compliance: Storing decryption keys in plain text may violate legal and regulatory requirements for protecting sensitive data. Non-compliance could result in legal penalties, fines, and damage to the reputation of election authorities[4].
  7. Increased Attack Surface: By connecting EMS servers to the internet and storing decryption keys in plain text, the attack surface is significantly increased. This makes it easier for attackers to identify and exploit vulnerabilities, leading to a higher risk of successful cyber attacks[2][5].

Writ of Certiorari

The introduction of new evidence in the wake of the decisions by the 9th Circuit Court of Appeals opens the door to petitioning the Supreme Court of the United States (SCOTUS) for a Writ of Certiorari.

If SCOTUS does issue the requested Writ, the 9th Circuit Court of Appeals would be compelled to conduct a trial that examines the evidence provided.

Conclusion

Lake and Finchem have been proven more than justified in their concerns about the ability of the electronic voting systems to conduct a fair and accurate election. To eliminate these risks, eliminate the use of electronic voting systems and return to a transparent hand count of paper ballots. It remains to be seen if the United States Supreme Court will direct lower courts to do their job and conduct a professional assessment as to whether or not electronic voting systems pose a significant enough risk to order a return to hand counting of ballots.

Related Posts

Citations:

[1] https://security.stackexchange.com/questions/18572/is-it-okay-for-api-secret-to-be-stored-in-plain-text-or-decrypt-able

[2] https://www.nist.gov/itl/voting/security-recommendations

[3] https://www.usaid.gov/sites/default/files/2023-01/Understanding-Cybersecurity-Throughout-the-Electoral-Process_1.pdf

[4] https://metomic.io/resource-centre/plain-text-credentials

[5] https://www.nbcnews.com/politics/elections/online-vulnerable-experts-find-nearly-three-dozen-u-s-voting-n1112436

[6] https://www.comparitech.com/blog/information-security/cryptography-secure-electronic-voting-systems/

[7] https://www.passcamp.com/blog/dangers-of-storing-and-sharing-passwords-in-plaintext/

[8] https://electioncenter.org/electionresources/Internet%20Voting/e-voting.security.pdf

[9] https://www.proquest.com/scholarly-journals/privacy-preserving-e-voting-system-supporting/docview/2767176638/se-2

[10] https://www.reddit.com/r/linuxquestions/comments/grio02/how_secure_is_storing_personal_information_in/

[11] https://www.verizon.com/business/resources/articles/s/protecting-against-election-cyber-attacks/

[12] https://nap.nationalacademies.org/read/25120/chapter/7

[13] https://stackoverflow.com/questions/995379/why-shouldnt-a-private-key-be-stored-verbatim-or-in-plain-text-on-the-local-com

[14] https://www.cisa.gov/news-events/news/best-practices-securing-election-systems

[15] https://www.reddit.com/r/devops/comments/xcz764/is_it_a_bad_idea_to_store_secrets_in_code/

[16] https://www.govinfo.gov/content/pkg/GOVPUB-PREX28-PURL-gpo131941/pdf/GOVPUB-PREX28-PURL-gpo131941.pdf

[17] https://www.linkedin.com/pulse/dangers-storing-passwords-your-computer-what-do-dan

[18] https://www.cisa.gov/cybersecurity-toolkit-and-resources-protect-elections

[19] https://www.securecodewarrior.com/article/coders-conquer-security-infrastructure-as-codesensitive-data-storage-plaintext-storage-of-passwords

[20] https://www.politico.com/f/?id=00000172-9406-dd0c-ab73-fe6e10070001

Share This Info With Your Fellow Patriots
29 thoughts on “The Case Against Electronic Voting Systems”
  1. ABTec stepped in and partnered with what we have believed that it could be a revolutionary LMS platform boosted with artificial intelligence (AI), and gamification

  2. ABTec stepped in and partnered with what we have believed that it could be a revolutionary LMS platform boosted with artificial intelligence (AI), and gamification

  3. ABTec stepped in and partnered with what we have believed that it could be a revolutionary LMS platform boosted with artificial intelligence (AI), and gamification

  4. ABTec stepped in and partnered with what we have believed that it could be a revolutionary LMS platform boosted with artificial intelligence (AI), and gamification

  5. Good day! Would you mind if I share your blog with my facebook group? There’s a lot of folks that I think would really appreciate your content. Please let me know. Cheers

  6. I truly savored what you’ve accomplished here. The sketch is elegant, your authored material trendy, however, you seem to have developed some trepidation about what you aim to offer next. Certainly, I shall revisit more regularly, just as I have been doing nearly all the time, in case you uphold this ascension.

  7. Your writing is not only informative but also incredibly inspiring. You have a knack for sparking curiosity and encouraging critical thinking. Thank you for being such a positive influence!

  8. Wow, wonderful blog layout! How long have you been blogging for? you make blogging look easy. The overall look of your site is great, as well as the content!

  9. I sincerely enjoyed what you have produced here. The design is refined, your authored material trendy, yet you appear to have obtained a degree of apprehension regarding what you aim to offer next. Certainly, I shall return more frequently, just as I have been doing almost constantly, provided you uphold this incline.

  10. This website has quickly become my go-to source for [topic]. The content is consistently top-notch, covering diverse angles with clarity and expertise. I’m constantly recommending it to colleagues and friends. Keep inspiring us!

  11. Fantastic read! I was especially impressed by the depth provided on the topic, offering a perspective I hadn’t considered. Your insight adds significant value to the conversation. For future articles, it would be fascinating to explore more to dive deeper into this subject. Could you also clarify more about the topic? It caught my interest, and I’d love to understand more about it. Keep up the excellent work!

  12. Fantastic read! I was especially impressed by the depth provided on the topic, offering a perspective I hadn’t considered. Your insight adds significant value to the conversation. For future articles, it would be fascinating to explore more to dive deeper into this subject. Could you also clarify more about the topic? It caught my interest, and I’d love to understand more about it. Keep up the excellent work!

  13. Fantastic read! I was especially impressed by the depth provided on the topic, offering a perspective I hadn’t considered. Your insight adds significant value to the conversation. For future articles, it would be fascinating to explore more to dive deeper into this subject. Could you also clarify more about the topic? It caught my interest, and I’d love to understand more about it. Keep up the excellent work!

  14. You’re welcome! I appreciate your willingness to engage further. If you have any specific questions or topics you’d like to delve into, feel free to share them. Whether it’s about recent developments in technology, intriguing scientific discoveries, captivating literature, or anything else on your mind, I’m here to provide insights and assistance. Simply let me know how I can help, and I’ll be happy to assist you further!

  15. Thank you for your response! I’m grateful for your willingness to engage in discussions. If there’s anything specific you’d like to explore or if you have any questions, please feel free to share them. Whether it’s about emerging trends in technology, recent breakthroughs in science, intriguing literary analyses, or any other topic, I’m here to assist you. Just let me know how I can be of help, and I’ll do my best to provide valuable insights and information!

  16. What a fantastic resource! The articles are meticulously crafted, offering a perfect balance of depth and accessibility. I always walk away having gained new understanding. My sincere appreciation to the team behind this outstanding website.

  17. Wow Thanks for this post i find it hard to come across great material out there when it comes to this content thank for the blog post website

Comments are closed.