News

The Gold Standard Election team discusses how to increase trust in elections
SC General Election Day Nov 5th, 2024
Years
0
:
Months
0
:
Days
0
:
Hrs
0
:
Mins
0
:
Secs
0

As we approach the 2024 election, many of you will wonder what we can do to improve the process.  The people need trustworthy elections.  For this election, we need to overwhelm the polls so our voices are heard and votes accurately counted.  Ultimately, our country must return to the basics—voting (and counting the ballots) on one day at the local precinct utilizing pen, paper, and people.

Each voter should vote by marking paper ballots hand-counted by volunteers at the precinct with bipartisan participation.  The count should be completely transparent, as our South Carolina state constitution calls for the votes to be “counted in public.”

The Gold Standard team was assembled with people from multiple states (South Carolina, Minnesota, Ohio, Texas, and South Dakota) to re-engineer the process.  The result of all their hard work is the Gold Standard Elections Whitepaper.  The team occasionally will meet to discuss various election topics.  Here are some recent videos you may find interesting.

Lack of Trust is the fundamental issue, and ensuring transparent voting is the solution

Too many third-party organizations are involved in our election process, which adds to public mistrust of election results.  “The people” have lost control over the process.  Transparency of the process is vital.  When technology replaces oversight of the people, it becomes a problem. 

 Hava from Ohio explains.  

Machines don’t always catch errors and are not as good as humans at determining voter intent.  Rick explains.  Was your vote counted correctly?  How would you know?

The technology is highly complex.  Why is it so difficult to count circles on a paper?  Why do we need a few million lines of code to count your vote?  There are many layers in the process.  Do our election officials and workers even understand these systems?

There are some reports and methods to enhance transparency, but many election officials refuse to use them.  Why don’t they value transparency?

The best way to count votes is a hand-tally method:

For more on this method, see this video: https://rumble.com/embed/v59a6o3/?pub=3gxmck

The Gold Standard tally method is a great way to count ballots in an emergency and an efficient way to conduct hand-count audits.

Mis-, Dis-, and Mal-Information
SC General Election Day Nov 5th, 2024
Years
0
:
Months
0
:
Days
0
:
Hrs
0
:
Mins
0
:
Secs
0

Guest post by Laura Downing

We keep hearing that Mis-, Dis-, and Mal-Information are actual threats to democracy and must be dealt with by those who have determined that they are such.

According to CISA (Cybersecurity & Infrastructure Security Agency), “Misinformation is false, but not created or shared with the intention of causing harm”. WHO gets to determine “intent” or “harm”?
“Disinformation is deliberately created to mislead, harm, or manipulate a person, social group, organization, or country.” WHO gets to decide that deliberation and
how they misled, harmed, or manipulated others? “Malinformation is based on fact, but used out of context to mislead, harm, or manipulate.” WHO gets to decide what is fact and the context? The answers to these questions should identify the “who” that is driving this evaluation. A better evaluation of information is whether it is TRUE or FALSE. TRUE information should be allowed to be created, spread, repeated, or published, and all without punishment or suppression. FALSE information should be allowed to be created, spread, repeated, or published, and all with the expectation that the recipient has the right to rebut, ignore, counter, and/or dismiss all false information. The 9 th Commandment (of the Ten) is about lying and bearing false witness. Both are prohibited by the Almighty. So, those who are involved in false information should know that the penalty is gonna involve extreme heat.

Our Founders knew there was a better way than to have ANYONE determining what speech is “allowed”. They enshrined this RIGHT to free speech in the First Amendment to the Constitution which says, “Congress shall make no law …abridging the freedom of speech, or of the press.” And yet, the mantra about protecting democracy by doing this very thing is proceeding unabated. Look around. Do you have free speech? Is there freedom of the press? Why are we allowing that right to be curtailed by those who want to restrict it? No country can ever be considered Free unless her citizens are allowed to speak
freely. No one should have the right to tell them what, when, where, how, or if they can say what they want to say. No one. Any effort to suppress speech is, by definition, censorship and unconstitutional.
The next time you are told something is Mis-, Dis-, or Mal-Information, maybe you should focus on whether or not the information is TRUE or FALSE and react accordingly.

Why you shouldn’t vote early nor generally request an absentee ballot and then vote in person
SC General Election Day Nov 5th, 2024
Years
0
:
Months
0
:
Days
0
:
Hrs
0
:
Mins
0
:
Secs
0

The countdown is on for the 2024 election. Now that many states have imposed early voting so many people wonder how and when they should vote. (SC added 14 days of early voting in the election bill of 2022; prior to that we had 1 day of voting except for 2020 where they had a temporary emergency 29 day early voting period). Furthermore, many “influencers” are giving advice that doesn’t make sense to those of us fighting for election integrity 24-7 for the last 4 years.

There are many options: vote early in person?, by absentee ballot?, on election day?

After studying this issue with election integrity experts for the past 4 years we have some answers for you.

In addition, please do the following prior to voting and consider helping ensure your vote counts by:

  • Check your registration status; you must be registered at least 30 days prior to the election
  • Vote in person on election day; confirm your precinct location beforehand (please refrain from voting early). In this must-see video, Laura and Rick from the Gold Standard Elections team discuss why.
  • Encourage your friends to vote; drive them to the polls
  • Have a neighborhood picnic for people who voted
  • Sign up with your political party to be a poll watcher
  • Observe the absentee ballot processing and tabulation
  • Attend your county logic and accuracy machine testing
  • Attend your county provisional hearing and canvassing/certification of the vote
  • Attend your county hand count audit of the results
  • Stay up to date on breaking election news at our Telegram channel
    How do we protect and secure our elections, particularly in the event of an emergency?
    SC General Election Day Nov 5th, 2024
    Years
    0
    :
    Months
    0
    :
    Days
    0
    :
    Hrs
    0
    :
    Mins
    0
    :
    Secs
    0

    Rassmussen has polled ‘likely voters’ since the 2020 election and the results consistently show that most do not trust electronic voting systems. Notably, 62% believe that there will be cheating in the 2024 election. These results have increased over time, with Democrats and Independents in addition to Republicans increasingly concerned.

    Recent incidents of cyber hacks on governmental systems only add to these concerns.  In fact, the Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Security Agency (CISA) warn that the threat assessment of a cyber-attack on the 2024 election is “likely.”

    Furthermore, the Crowdstrike incident in July not only affected airlines, hospitals, and businesses but it also affected early voting in the Arizona primary. Electronic poll books, which are connected to the internet were down, crippling two of the largest counties in the state. This issue potentially impacts all 50 states as they all have Albert Sensors which are used to detect malicious traffic in the counties, including election equipment.  What effect did the Crowdstrike debacle have on the election infrastructure since these Albert Sensors supposedly run on servers that use Crowdstrike for endpoint security? Can we be assured that our systems weren’t affected? Inquiring minds what to know.

    At the minimum, each county needs to have an emergency plan in place to mitigate any unforeseen events as well as to ensure that there is a smooth, uninterrupted vote for the 2024 election.  People don’t trust these systems and these recent events only increase concerns over the accuracy of our vote count. There is a better way– a simple, efficient, and transparent method to count ballots. This method can be used as an alternative to machines or can be utilized in the event of an equipment failure or interruption of an electronic voting system. Furthermore, it is a great way to conduct hand-count audits.

    Here is a link to the full Gold Standard report for conducting all phases of the election process (Voter Registration, Voter Validation, Marking and Counting, Reporting) to optimize transparency, security, verifiability, and accessibility of our elections.

    The video below primarily focuses on the counting of the ballots which is only one part of the 3rd phase of the process, albeit a critical one. It explains the method and includes a quick video (3 minutes and 43 second) clip of someone calling out the names from the actual ballot images from the 2022 Treasurer’s race in Dodge County, WI. We run through a tally of 100 ballots (2 stacks of 50) including ballots from both the ES&S Express Vote Ballot Marking Device (BMD) as well as hand-marked ballots—not unlike your typical mail-in ballot.  

    You can follow along with this blank tally sheet to try this method yourself.  For more info and materials go to uscase.org.

    Here is the completed tally sheet from that session. You can check the first 100 ballots that were called out to your tally sheet.

    Both completed tally sheets above reconcile.

    Ideally, maximizing accessibility for all legal, eligible voters is extremely important. Lack of trust unfortunately is a key reason people won’t vote, thus reducing participation in our elections. Trust will improve only if we can demonstrate secure, transparent, and verifiable elections. If voters have a firm belief in the above, then they will enthusiastically vote.  Transparent elections, with ballots being counted by local registered voters at the precinct level, are the ultimate antidote to distrust of the system.  It is the duty of our elected officials and election officers to have a plan in place should there be an interruption in our election infrastructure and they also need to focus on constant improvement of the processes and procedures as they stand today.

    We hope you found this useful. Please comment on the Rumble video or email us at scsafeelections@zohomail.com or info@uscase.org. We can train you further virtually or in person.

    If you want more practice, you can also watch this demo of the Governor’s race https://www.youtube.com/watch?v=Y2WCL1fcEus&t=396s

    Here is the empty tally sheet for that race.

    Can we really TRUST the validity of our vote?
    SC General Election Day Nov 5th, 2024
    Years
    0
    :
    Months
    0
    :
    Days
    0
    :
    Hrs
    0
    :
    Mins
    0
    :
    Secs
    0

    Guest post by Lea Williams

    Article II § 1 of the South Carolina Constitution states “All elections by the people shall be by secret ballot, but the ballots shall not be counted in secret.” We have been assured by the elections office that we can have confidence that the machines can be trusted, even though the process is not transparent. They claim we can check our “paper” ballots for accuracy but only a small percentage of voters do; and even though they can view their ballot selections, the ballots are read via a barcode at the top. Voters can’t read barcode and aren’t allowed to take pictures in the polling location.

    Another way our vote is verified is for the counties to conduct hand count audits open to the public. This process, given my own personal experience, leaves much to be desired. Here are my observations.

    In the last primary election, I attended the hand count audit at The Office of Voter Registration and Elections of Charleston County. The public notice said “The purpose of a hand-count audit is to ensure the number of ballots cast was accurately recorded by the tabulation device.” Additionally, the audit ensures that the number of votes cast for a particular candidate was accurately recorded by the tabulation device.’

    The audited precincts and contests, however, are selected by the State Election Commission (SEC). The SEC does not use random sampling to determine which precincts and races to audit. I called the SEC on July 2, 2024 to find out the specific process they use to select the precincts and races to be audited. I was told they would have to get permission to send the formula to me and would get back to me. I am still waiting.

    The day of the audit when the counting started, I attempted to move up closer to the  table where the staff was performing the audit in order to view the count. I was told I could watch the process, not the count. On the public notice it said, ‘To ensure secrecy of the ballot, photography/videography is prohibited during hand-count audits.’ If I cannot see the ballot nor take a photograph of the ballot because I could somehow identify the ballot’s voter, our ballots are not cast in “secret” as they claim. This actually would violate federal and state law.

    In a recent court case, the SEC claimed they could not give the cast vote records (CVRs) because that information would allow those receiving that information to identify the voter. It is very clear that neither the SEC nor the election office believe our votes are cast in secret. Nor are they willing to have any transparency in the ballot counting. The primary issue is that there is a distinct difference in the casting of the vote versus the counting of the vote. As stated at the beginning of this article, our constitution is quite clear that the votes “shall not be counted in secret.” If our current system potentially allows people to identify a voter, that needs to change. Furthermore, we need to design a system and process that allows for the public count that is fully transparent. Voters and candidates deserve to know that their vote was counted correctly and is verifiable. This would inspire trust, which we are sorely lacking now. If voting by machines fails to allow a secret ballot, then we need to stop using them.

    Here is one simple thing you can do. Because of the importance of the verifiability of the next election, please call your legislator and demand that the hand count audit after the election includes a public verified random selection of the races to be audited and that the count be done with transparency such that the public can have full view of the ballots.

    Your Elections Are Not Transparent in South Carolina and State Attorneys Are Wasting Your Tax Dollars
    SC General Election Day Nov 5th, 2024
    Years
    0
    :
    Months
    0
    :
    Days
    0
    :
    Hrs
    0
    :
    Mins
    0
    :
    Secs
    0

    The SC State Election Commission is currently trying to punish a group of South Carolina citizens for asking for records of the 2020 election. Regardless of your position on what happened in 2020, the following should be very concerning to anyone who values transparency of government. For background on the lawsuit referred to in this article, click here.

    This lawsuit, which was essentially a SC Freedom of Information Act (FOIA) challenge, was dismissed earlier this year along with the defendants’ (several counties’ and the State Election Commission’s (SEC’s)) counterclaim. However, upon dismissal of the suit, the SC State Election Commission filed a motion to reconsider the counterclaim against the SC Safe Elections group and its associates to bar us from ever being able to request any records via the Freedom of Information Act (FOIA) from the state of SC or its counties regarding the 2020 election and to pay their legal fees!!!! On August 5th, SC Circuit Judge Coble, will hear their motion for reconsideration for this counterclaim.

    To add insult to injury, this lawsuit, which was initially filed in August of 2022, was the subject of lawfare by our state and county Governments. After drawing out the case, which should have been heard (based on FOIA law) in 6 months for over 2 years, the judge ultimately dismissed our case and their counterclaim. This is despite the fact that the very first judge assigned to the case decided that not only was there enough information for us to proceed, but that it warranted an injunction which required the counties to preserve the data until the conclusion of the lawsuit, otherwise we and the citizens of South Carolina could potentially suffer irreparable harm. The second judge also decided that there was enough evidence to proceed.

    While we disagreed with the third judge’s decision (Judge Coble) to dismiss our case, and after spending in excess of $80,000 which we crowdfunded, we certainly don’t believe that the defendants, the SC State Election Commission (SEC), should come after us for simply trying to get vital information for the 2020 election. Furthermore, it is ironic that while we accepted the judge’s decision, the SEC is asking the judge to reconsider thus forcing us to spend more money in legal fees yet they are complaining that we need to reimburse them? Their actions amount to pure harassment and we have faith that Judge Coble will rule in our favor. We do ask for your continued prayers.

    One of the main reasons we brought this case to the court system was that the SEC denied our FOIA requests for Cast Vote Records and the Attorney General’s office refused to correct what we believe was a misguided opinion. We even had multiple expert witnesses who could support this, along with precedent in the majority of other states that release this exact information to the public. The AG’s office thus recommended that the only way for us to settle this matter was through the court system. Unfortunately, we were unable to get our day in court despite the mountain of evidence and expert witnesses on our side, but one must ponder the question, “why is the SC Election Commission trying so hard to keep the 2020 data from being analyzed?” It is not just Cast Vote Records (CVRs). 

    Citizens are unable to obtain ballot review files, audit logs, penetration or hash testing results (or evidence that these tests were performed). Voter rolls are priced excessively high at over $2,500 and they are threatening to raise the price even higher. Poll observers are often limited to areas where they are unable to see the machines or election process. In addition, citizens who wish to view the absentee ballot review process and post-election hand count audits are told to sit where they can’t even view the information on the ballot. How can we observe the count of our vote, which by our SC State Constitution is supposed to be public, when our view of the ballots is prohibited? Note that the election commission itself agreed that there was no Personally Identifiable Information (PII) on the ballots.

    Trust must be earned and FOIA law, which encourages transparency of government agencies who spend our tax dollars, is an important avenue for citizens to ensure their government is acting in their best interest. Note that a recent Rasmussen poll found that 62% of likely voters believe that there will be cheating in the 2024 election. We are not in the minority.

    We are told to trust the machines which are “not connected to the internet,” but we know that machines can be infiltrated regardless, even if they are air-gapped.  We are told to trust our election officials but one county election director who also happened to be the President of the SC Association of Registration and Election Officials (SCARE) was just indicted for Social Security fraud. In fact, that very director’s office was named as a defendant in our lawsuit and her answers could be described as evasive as best. Furthermore, the state of SC Legislative Audit Council’s report of the SC Election Commission that was issued in January of 2024 showed massive issues of concern, particularly regarding cyber and physical security of the machines.  A summary of the issue and the full report are included here. How can we fully trust this system which is overly complex by design and in which our own state auditors found egregious issues?

    To summarize, we are told to just trust the entire ecosystem while being denied access to key election records available to citizens in other states like OH, GA and TX, while being harassed and punished for asking questions. This has to stop. Our goal at SC Safe Elections is to enhance the confidence our citizens have in their elections, at a time when this is at an all-time low in our country. In order to do that we need a transparent system and election officials willing to work with us to enhance and improve that system through robust standard operating procedures and processes. Our expertise is wide and deep regarding election laws and best practices. We shouldn’t be punished for trying to improve our government practices. 

    The US Supreme Court’s ruling on the Chevron doctrine in Loper Bright Enterprises v. Raimondo (Loper), will profoundly impact companies and industries regulated by federal agencies that have grown accustomed to being the ultimate arbiter of ambiguous language in the laws, rules and regulations. This ruling sends a strong statement to these agencies regarding their ability to make and interpret laws outside of the legislature. This needs to also apply to the state level. Unconstitutional rules and regulations shouldn’t be promulgated by unelected officials, gaining a rubber stamp by legislators who ofttimes are not versed in those regulations, nor is the process transparent, accessible to, or accepting of citizens who might be. This sort of power can breed corruption and unintended consequences.  Our government officials are servants. They work for the people. They should remember that and act accordingly. We have a government for the people by the people. Transparency of government agencies is crucial to maintaining power by the people. It will help us keep our children safe from indoctrination in our schools, allow us to maintain our property rights and ability to make our own medical decisions, it will allow us to have safer communities free from crime and corporate control.

    If you are interested in helping us improve elections and the transparency of our government, contact us at scsafeelections@zohomail.com.

    Bigger, Badder Election Fraud  
    SC General Election Day Nov 5th, 2024
    Years
    0
    :
    Months
    0
    :
    Days
    0
    :
    Hrs
    0
    :
    Mins
    0
    :
    Secs
    0

    Guest post by Laura Downing 

    Many people, but not enough of them to change anything, are concerned about the millions of illegal aliens coming across the southern border of America.  In addition to their receiving immediate SSI benefits, debit cards, phones, housing, and medical care that Americans cannot receive, illegal aliens are registering to vote.  According to The New York Post, “welfare offices and other agencies in 49 US states are providing voter registration forms to migrants without requiring proof of US citizenship.”  Does anyone see a problem?

    Representative Chip Roy of Texas sponsored a Bill in the U.S. House known as the SAVE Act, or Safeguard American Voter Eligibility Act.  Contrary to the screaming by the left about voter suppression, the Bill simply requires that anyone registering to vote through the DMV, welfare offices, or other government agencies must provide documentary proof of U.S. Citizenship before receiving the voter registration form.  Sounds reasonable because anyone who wants to do anything in a civilized society must provide valid identification, but cue liberal outrage.  The SAVE Act passed in the House 221-198, with 5 Democrats voting Aye.  Who are the 198 that voted to let illegal aliens register to vote?  What are they thinking? 

    Senators Mike Lee and John Kennedy introduced the SAVE Act in the Senate, but the Democrat “elected representatives” defeated it.  President Biden said he would veto the Bill if it was passed.  Just who do the Democrats think they are REPRESENTING?  Surely, they don’t believe they represent American citizens?  In what clown world do NON-CITIZENS get to vote for anything? 

    There are groups in our country that are actively targeting illegals to register them to vote.  Who are these people and how could they possibly think that is ok?  Yet, here we are.

    The most likely plan with illegal aliens being registered to vote is that these illegally-registered voters do not even need to cast a ballot, but their registrations can be used by bad actors to create fake ballots.  Watch and see.

    We have done little to nothing to secure our elections since the mess of 2020 and 2022, and this is just another step in the process of allowing election fraud risk.  So, let’s just sit here and let our country be taken over from the inside because we did NOTHING to prevent NON-CITIZENS from voting in our elections.  Fools, all.

    Implications of the Crowdstrike Outage on our Election Infrastructure
    SC General Election Day Nov 5th, 2024
    Years
    0
    :
    Months
    0
    :
    Days
    0
    :
    Hrs
    0
    :
    Mins
    0
    :
    Secs
    0

    On July 19th, Crowdstrike performed a global update to their software.  Performing this kind of an update is generally business as usual and does not cause issues.  For example, many people have probably heard of “Patch Tuesday” when Microsoft issues their weekly patches/updates to Windows computers. 

    What was different about this, however, is that this update deployed by Crowdstrike had not been properly tested and resulted in a Windows “blue screen or death”, which means crash.  The company released a fix fairly quickly, but one of the problems was that the original file that caused the issue had to be manually removed, significantly slowing the ability of companies to repair their systems.  Most companies were ultimately able to deploy the fix and get back up and running.

    There are ongoing questions about how this could have happened. Many companies, including Crowdstrike, use a process called “DevOps” to deploy their code/updates to live, production servers.  Devops aka DevSecOps brings developers (who write the code), IT operations (who deploy the code) and cybersecurity teams (who secure the code) together to create a collaborative, automated and secure “pipeline” for pushing updates out to live production servers.   Part of this process include quality assurance testing as well, that is designed to ensure code is fully tested so it functions correctly and as designed.  

    The issue is, what happened should not have been able to happen.  There are many guardrails that are implemented as part of these processes to ensure that all code is tested before it goes into production.  The fact that an update that caused such obvious and widespread computer crashes could have been deployed indicates either that either there was significant negligence/incompetence or there was something malicious at play.  Crowdstrike has indicated that the issue came from a bug in a validation program that was supposed to test the new code before it was released.  This coupled with other issues in their process (were not doing staggered releases, but routinely released the updates globally, and testing amount and quality were not adequate) created this massive IT outage.  Of course, any company can make a mistake that can cause issues, but this was so obvious it is still hard to believe, in spite of the company indicating it was a number of process mistakes and failures, that there wasn’t malfeasance involved in some way.  A test or “canary” deployment to even 10 machines would have discovered it.  If it is malfeasance, the question of “why?” still remains. 

    Who is Crowdstrike?

    Crowdstrike is a publicly traded American company, founded in 2011 and has headquarters in Austin, Texas. Crowdstrike is a major player in the cybersecurity industry providing endpoint detection and response (EDR) software products which are deployed on workstations and servers. EDR products are designed to identify and block malicious activity on those endpoints and provide alerts on this activity.  Crowdstrike is the leader in this area and is utilized by most major banks as well as other multi-nationals, in addition to many smaller companies.

    George Kurtz, Dmitri Alperovitch and Gregg Marston were co-founders of Crowdstrike.  Many of the founders and some employees originally worked at McAfee, a large anti-virus vendor.   Dmitri Alperovich, born in Moscow, was formerly Chief Technology Officer of Crowdstrike and has strong ties to the intelligence community, with connections to both the Department of Defense and the Department of Homeland Security.   In addition, there are strong ties with the FBI; Crowdstrike hired Shawn Henry who was formerly an executive assistant director there.  Other former FBI officials also work for the company. 

    Some other interesting data points and background:

    The Center for Information Security (CIS) has an agreement with Crowdstrike to provide endpoint security for all CIS managed endpoints.  

    The Albert sensors, that are the intrusion detection system managed by CIS and deployed to the state and counties, run on CIS managed endpoints.  It is a reasonable conclusion that Crowdstrike is running on the machines that are hosting the Albert sensors, because CIS has an agreement with Crowdstrike to provide EDR services. 

    EAC conformance/certification documentation indicates that Crowdstrike is not deployed to ES&S voting computers (Tabulators, ballot marking devices, EMS), but there are a number of questions:

    • Do South Carolina and county workstations/servers use Crowdstrike and is data from those computers being sent to the CIS Security Operation Center for analysis and alerting?
    • Epollbooks are not certified as part of the EAC certification process referenced in above, so is Crowdstrike running on the computers that are running the epollbook software or voter registration software?  To wit, during the Crowdstrike outage, Arizona epollbooks and voter registration were taken offline.

    Crowdstrike was the company tapped by the DNC and Perkins Coie to investigate a “breach” of the DNC server which they ultimately claimed was “hacked by the Russians.”  This became part of the Russia collusion hoax related to Donald Trump.  Subsequent investigations by non-leftist investigators have called their conclusions into serious question and the Russia collusion narrative has been debunked.  The implications of this are concerning because Crowdstrike was at the center of this targeting of Donald Trump and potentially falsifying forensic reports and data to support this narrative.  What else they would be willing to do is an open question, particularly in this crucial election year. The timing of this mishap is concerning and notable.

      Security Implications of the Crowdstrike Outage for Elections

      This outage has some very serious implications for elections in the United States. 

      1. Availability and Disaster Recovery.  Arizona was in early voting for a July 30th election and this outage took most of their voter registration and epollbook computers offline.  The question to ask is whether or not the South Carolina state and counties have resiliency plans in place in the event this kind of outage were to happen during an election.  If citizens can’t be checked in, or if lines are very long, then it will not be possible for them to vote and they will be disenfranchised.   It is known that Republicans tend to vote on election day – in the 2022 election in Arizona, there were many technical glitches in largely Republican areas that occurred on that day.  Given what just happened, a Crowdstrike like outage could heavily impact election day voting.   
      2. Surveillance and 3rd party dependencies:  Security professionals need visibility into systems and user activities in order to protect their companies.  Crowdstrike software (and others like it) is installed on the workstations and servers to provide this visibility.  It is highly privileged software that is constantly monitoring the endpoints including what is installed on them, and what users/software are doing.  This software has the capability and permission to stop activities that it considers to be malicious.  This means that any company using this software is trusting companies like Crowdstrike to not be malicious and to protect the company information.  There are contracts in place and vendor security assessments are done to ensure the company is protected, but the fact remains that these companies have a great deal of power and visibility into what the company and its employees do.  The potential impact on elections is:
        • If South Carolina election officials are using computers that are running Crowdstrike then they are running software with that immense power and surveillance capabilities.  What data could potentially be sent to the Center for Internet Security’s Security Operations Center?
        • Albert Sensors, mentioned above, run on computers that are protected by Crowdstrike. Albert sensors collect network data and send it to the Center for Internet Security’s Secruity Operation Center, but an endpoint detection and response product will also send information on what is happening on the workstation/server itself – this data will also be going to the CIS Security Operations Center.  It is not supposed to be sending any election related data there, but could this happen
      3. Attack Detection – Albert sensors run on computers that have Crowdstrike installed.  If those computers are taken offline, then that also takes down the intrusion detection capability so any ability to detect an attack is seriously impacted.  This means the election infrastructure would be wide open to an attack and the ability to detect and respond to it significantly diminished.

      Here are some questions to ask of your election officials in your area:

      1. What specific components of the ES&S election system utilize CrowdStrike? Our ES&S system has Windows servers which should utilize CrowdStrike. What about Epoll books which are connected to the internet? What about laptops or central county computers that house Electionware or the computer that reports results to SCYTL/Clarity (ENR) from the Electionware central county computer? Election IT professionals should check for the following: On Windows Operating System Crowdstrike files will be in C:\Windows\System32\drivers\CrowdStrike
      2. What specific data is being sent to the Center for Internet Security’s Security Operations Center and is this a uni-directional or two-way path for data transfer?
      3. Were the computers running the Albert sensors in the state/county environments impacted by the July 19th Crowdstrike outage?  If so, has any forensic investigation been done to validate that there were no cyber-attacks during that time that could impact the state/county networks and potentially the election equipment?
      4. Please provide information on your emergency plan. At a minimum, poll workers should be trained on the use of paper poll books/rosters as a backup or redundant check in methodology.  What would be better is if poll workers could be trained on the use of paper ballots and how to hand count them in the case of an even bigger outage. If there is not a plan in plan our group SC Safe Elections has developed one that would be a great way to mitigate this risk. See https://www.scsafeelections.org/the-gold-standard-for-elections/. We could train poll workers who will find it wasy and efficient.
      5. If Crowdstrike is in the environment, is it set for automatic updatesAre Microsoft updates set to be deployed automatically?  If updates are not being tested by the county or state IT departments before deployment into their environments, then this type of outage could happen again.   

      Computers are infiltrated every day and our election systems do have some connectivity to the internet AND our electronic voting systems can also be penetrated via flash drives, cell phone “man in the middle attacks, wireless, and hidden modems. It is essential that our election officials take cybersecurity seriously. Our current system hasn’t even updated antivirus updates and patches for over 4 ½ years. Our state Legislative and Audit Council stated in their report of January 24 that cybersecurity had not been prioritized nor had funds that were provided by HAVA money been spent to upgrade security. If our SC State Elections board is serious about securing our vote, they need to take action and provide more transparency to our citizens. Not having an emergency backup plan would be a dereliction of duty. Our legislators also need to take this seriously and sound the alarm and partner with citizens to make the necessary changes in our law and our processes and procedures to enhance confidence in our system.

      Special thanks to guest contributor cyber expert Julie Baker for her expertise and assistance with this post.

      An appeal to the RNC
      SC General Election Day Nov 5th, 2024
      Years
      0
      :
      Months
      0
      :
      Days
      0
      :
      Hrs
      0
      :
      Mins
      0
      :
      Secs
      0

      Laura Downing a forensic auditor and election investigator penned the letter below to the RNC to share her concerns about election integrity in South Carolina and the nation. Here are some of her salient points:

      • All states need to ensure that no ineligible voters especially illegal immigrants are registered to vote. How can we be assured that our rolls are clean?
      • Transparency must be increased by providing key data and reports to citizens and inexpensive voter rolls as well as the ability for poll observers to have full access to all stages of the eleciton process. For example, currently observers aren’t even allowed to view the ballots during the hand-count audits so how can they confirm that the count is correct if it is not done publically like our constituion calls for.
      • Third party vendors should be eliminated where possible as they aren’t subject to citizen FOIA (Freedom of Information Act) requests.
      • Ideally electronic voting should be replaced with handmarked, handcounted paper ballots.

      Read the full letter below:

      Why election transparency is important
      SC General Election Day Nov 5th, 2024
      Years
      0
      :
      Months
      0
      :
      Days
      0
      :
      Hrs
      0
      :
      Mins
      0
      :
      Secs
      0

      Why can’t our state allow access to records to help enhance confidence?

      According to Rasmussen, approximately 66% of likely voters don’t trust our electronic voting systems.  Could this be the reason for our state’s abysmal turnout in the primary of roughly 13%?

      This should concern every election official and legislator. Instead, they excoriate those who question the elections and who request information to confirm the validity of the election process. To wit, our own SC Election Commission is still trying to sue SC Safe Elections, our grassroots group, for daring to ask for information about the 2020 election (namely Cast Vote Records). They won’t give up on their counterclaim that basically wants to prevent us from obtaining, via the South Carolina Freedom of Information Act, ANY information from the 2020 election as well as pay thousands of dollars of their legal costs. This is harassment in the form of overzealous lawyers spending our tax dollars to punish citizens for requesting records that help us validate our elections. We certainly hope that Judge Coble sees this for what it is and either dismisses (again) their counterclaim; or better yet, awards us our legal fees and admonishes the otehr side for their brute force tactics.

      Dr. Daugherity, one of our expert witnesses, wrote an excellent article, “Balancing Ballot Secrecy Versus Transparency”, that succinctly underscores the importance of Cast Vote Records.  In this must-read article, he provides the history of the secret ballot and emphasizes the importance of voter transparency. It is essential that states not only comply with our federal and state laws but that they also provide access to these records to ensure increased confidence in our election results.

      He states:

      “Every CPA or financial officer knows what is necessary for a complete and verifiable audit—physical security, inventory, chain of custody, separation of duties, a complete audit trail, and so on. In everyday language, there must be sufficient data to reconstruct and trace all transactions, in effect to be able to make a “movie” after the fact of everything that happened before, during, and after an election.”

      When our election officials ask us to trust the system but don’t provide key reports and records it only foments distrust and suspicion. See the article below: