Letter to Investigators Individual copies of this letter were sent to:  Hon. Loretta Lynch, Attorney General Hon. Jeh Johnson, Secretary of Homeland Security Hon. James Clapper, Director of National Intelligence Hon. John Brennan, Director, Central Intelligence Agency Hon. James Comey, Director, Federal Bureau of Investigation as well as aides to Senators and Members of Congress on committees that are investigating Russian interference in the election:  

We are a group of independent election forensic investigators, election monitors, data analysts, and election integrity advocates who have been examining and analyzing the 2016 election. We are writing to you to share our views regarding the importance of including certain systemic vulnerabilities in the scope of your investigation, and to offer our resources to assist with your investigative work.

Reports of Russian meddling in the U.S. Presidential election have brought awareness to security vulnerabilities in our email services and governmental servers. Still unknown to most of the public, however, are the significant vulnerabilities in our voting and vote counting systems that can be exploited by unauthorized parties working from outside or inside the elections infrastructure.  

Mindful of the applicable timeframes, we nonetheless believe that the 2016 election and the current state of our voting system call out for an investigation of sufficiently broad scope to encompass the full array of vulnerabilities to error and manipulation, and any evidence of their exploitation.

We understand that the task you have been assigned is difficult and complex.  We wish to be of service and to recommend colleagues who have particular areas of expertise.  We believe that such expertise would be of great value to you in ferreting out and interpreting the pertinent evidence and arriving at valid conclusions.

We have compiled a list of the most flagrant security vulnerabilities, stones that must not be left unturned in the investigation of interference with this year’s elections.   

1. Despite numerous denials, the voting machines in many counties and municipalities are connected over networks including the Internet. This has been true for many years.

Most recently, wireless cellular connectivity was introduced as an option on ES&S optical scanner model DS200. When it is time for the local remote “desktop” DS200 to send its totals to the larger regional machine that aggregates the totals from all the smaller local machines, in order to access the aggregator it opens up to the Internet to convey vote totals and is wide open to hacking.

1. There are an estimated 26,500 DS200s in use in over 25 states, although it is possible not all are equipped with the cellular connectivity.  

2. It is also possible other manufacturers now provide the capacity for cellular modem connectivity.

1. Programming done off-site is often loaded into the machines by phone modems (where data can be intercepted). Data can be transmitted bidirectionally throughout an election.

3. Virtual Private Networks (VPNs) are not protected enough for something as important as our elections. A precinct can connect to the central system via VPN, making the central system (aggregator) dangerously vulnerable.  As with the cellular connections to the central systems as mentioned above, where there is lax security any garden-variety hacker could get in.  Even a central tabulator with the most robust security measures available would still be vulnerable to a government-resourced attack.
    

4. GEMS (Global Election Management System) software is a widely-used Microsoft Windows-based election management and tabulation software system. Since its early introduction into central tabulating equipment by Diebold, and living on with the subsequent owners of that company, GEMS has been found over and over again to have security holes that allow rigging of elections.  As early as 2005, one such hack was demonstrated on national television. Election security experts have never considered the GEMS system safe: anyone with a Windows computer and even an elementary understanding of the software can hack into the GEMS system and change election outcomes.

5. Additional potential for malicious configuration has been introduced into some software by configuration that permits the fractionalization of individual votes: this has been dubbed “fraction magic.” It is believed that over 5000 subcontractors and middlemen have access to perform this for any or all clients. For an excellent eight-part series that explains this exploit, see http://blackboxvoting.org/fraction-magic-1/ 

6. Hosting voter registration lists on the Internet leaves them wide open to unauthorized access and manipulation. (See http://blackboxvoting.org/voter-data-breaches/)  

Access to unscrubbed memory cards, audit logs and any available ballot images, as well as a thorough examination and analysis of ballot-reading and tabulation code, would of course be critical to any investigation of these vulnerabilities and their possible exploitation.

In both the primary and general elections of 2016, we have seen numerous red flags that would indicate that an election may have been manipulated, including:

• Marked disparities between exit poll results and vote totals, well outside the margin of error of the exit polls and disproportionately concentrated in key battleground states

• Significant anomalous data revealed by county- and precinct-level vote-count and vote-share analyses

• Vote-share patterns correlating strongly with, and seemingly dependent upon, type of voting equipment used

• Withholding and destruction of evidentiary materials

• Imposition of obstacles to block both recount efforts and independent investigation.

Reports of election problems available from multiple sources can provide clues about manipulation and system failures. We would be happy to provide details directly to the investigative team.

In conclusion, we are fully aware of the dangers inherent in undermining public trust in our election process. We ask, however, whether it is not ultimately a graver danger for the public to continue to trust an election process that is not remotely worthy of that trust--one that is unverifiable and vulnerable to interference by malicious forces, whether from outside or within our borders?

If you judge that our expertise can be of further service, please contact us at any stage.  

Respectfully,

John Brakey

Sally Castleman

Emily Levy

Warren Linney

Michael Polsinelli

Jonathan Simon

cc: Elections Assistance Commission

Federal Elections Commission

Senate Committee on Homeland Security

Senate Committee on Intelligence

House Committee on Homeland Security

House Permanent Select Committee on Intelligence

Christian Science Monitor

CNN

Los Angeles Times

New York Times

USA Today

Washington Post