The report describes vulnerabilities only in a specific version of some ballot-marking devices & software. Few districts even use these kind of ballot-marking devices, and nearly all that do produce a paper ballot for the voter to review before turning it in. These devices have nothing to do with counting/tabulating votes; those are different machines.
All of the vulnerabilities described would have required someone to have physical access to each machine they wanted to affect.
Later on in the mitigations section it says that all the vulnerabilities laid out have been fixed in further updated software/firmware versions that have already been released.
So it's a report about a small-scale problem that has already been fixed that has nothing to do with vote counting infrastructure.
While the statement Major patriot made might be true in a technical sense, using this report as proof of any of the 2020 vote count manipulation theories is a stretch at the least. I would argue it reaches "fake post" territory because the intention is clearly to have people think the government just admitted all of Dominion is insecure, when in reality this is a run-of-the-mill minor bug report.
"The authentication mechanism used by voters to activate a voting session on the tested version of ImageCast X is susceptible to forgery. An attacker could leverage this vulnerability to print an arbitrary number of ballots without authorization."
The fact that the FED is admitting that they COULD defraud is enough to obliterate the "safest election ever" narrative.
I get what you're saying but there are other fail-safes built into elections. Each polling place compares the number of people who show up to the number of ballots they collect. Districts and states as a whole do this too - there is a record of every registered voter who showed up to a polling place, or sent in an absentee or mail ballot. That number of voters is a known quantity.
If there were an 'arbitrary number' of ballots just printed out and added to the stack, there would be a mismatch between the number of ballots they have to count and the number of people who were recorded as voting. That would be noticed and looked into.
So yes it's a vulnerability when viewed in a vacuum but elections aren't run in a vacuum.
You're right, and that's what the canvassing process is there for, and it would catch something like this being used.
In the specific case of Detroit (Wayne County), there was a discrepancy of 433 votes spread out over 179 precincts. That is MUCH more likely explained by sporadic cases of people not signing in correctly, joining the wrong line, entry errors, etc. It's not feasible that this kind of tech vulnerability could be used on that many separate machines in such small numbers to have some kind of real effect.
The report describes vulnerabilities only in a specific version of some ballot-marking devices & software. Few districts even use these kind of ballot-marking devices, and nearly all that do produce a paper ballot for the voter to review before turning it in. These devices have nothing to do with counting/tabulating votes; those are different machines.
All of the vulnerabilities described would have required someone to have physical access to each machine they wanted to affect.
Later on in the mitigations section it says that all the vulnerabilities laid out have been fixed in further updated software/firmware versions that have already been released.
So it's a report about a small-scale problem that has already been fixed that has nothing to do with vote counting infrastructure.
While the statement Major patriot made might be true in a technical sense, using this report as proof of any of the 2020 vote count manipulation theories is a stretch at the least. I would argue it reaches "fake post" territory because the intention is clearly to have people think the government just admitted all of Dominion is insecure, when in reality this is a run-of-the-mill minor bug report.
"The authentication mechanism used by voters to activate a voting session on the tested version of ImageCast X is susceptible to forgery. An attacker could leverage this vulnerability to print an arbitrary number of ballots without authorization."
The fact that the FED is admitting that they COULD defraud is enough to obliterate the "safest election ever" narrative.
I get what you're saying but there are other fail-safes built into elections. Each polling place compares the number of people who show up to the number of ballots they collect. Districts and states as a whole do this too - there is a record of every registered voter who showed up to a polling place, or sent in an absentee or mail ballot. That number of voters is a known quantity.
If there were an 'arbitrary number' of ballots just printed out and added to the stack, there would be a mismatch between the number of ballots they have to count and the number of people who were recorded as voting. That would be noticed and looked into.
So yes it's a vulnerability when viewed in a vacuum but elections aren't run in a vacuum.
You're right, and that's what the canvassing process is there for, and it would catch something like this being used.
In the specific case of Detroit (Wayne County), there was a discrepancy of 433 votes spread out over 179 precincts. That is MUCH more likely explained by sporadic cases of people not signing in correctly, joining the wrong line, entry errors, etc. It's not feasible that this kind of tech vulnerability could be used on that many separate machines in such small numbers to have some kind of real effect.
That they would severely minimize the problem is a GIVEN.