The Doug Gold Reports

The mood at the table was slowly warming up. Going through files and data about election fraud was starting to feel like work. Detective work, but work just the same. All the while, Gerald and Miranda were much more interested in the bigger perspectives. What was at stake? What was going one?

G: “I repeat, the judge’s opinion that Tina Peters is privileged and an attention seeker probably has some degree of truth to it.”

M: “I prefer a different label. The duty of the devout. I think Tina Peters must be understood as one single piece in a puzzle, a piece which exhibits the same colouring as the entire picture. America is still a very religious place. Flashing your christianity has become somewhat improper on the largest media outlets like Fox, but dig one foot deeper, and it becomes clear that christian emotions run deep. It is part of the liquid sidewalk they all walk on. God is always stirring and moving above their heads. If society turns into Sodom and Gomorrah, the earth will be condemned for your inequities, for your silent acquiescence.”

G: “You are saying that somehow this is more genuine than a poor biblical excuse for forcing through your own preferences?”

M: “Yes, you can see that, can’t you? The sudden shifts in morals test their faith.”

G: “Perhaps. What are you finding so far, Christine?”

C: “This Doug Gold is very thorough and very sober and down to earth. He is lucid and speaks in clear language that we can all understand. Still going through report number 2. He points out vulnerabilities which frankly should have been taken seriously.”

G: “But you agree that the hand recount — assuming the physical chain of custody was unbroken — would have indicated that no such interference had taken place?”

C: “If you refer to judge Matthew Barrett’s somewhat blunt dismissal of the notion that this was a problem, I would say that Tina Peters’ motive may have been more concerned that election fraud was going on, but she would have been professionally correct in a different concern, namely as Doug Gold points out, the risk of foreign adversaries.”

M: “I see what you mean. In the handing out of roles, Tina Peters was assigned, and surely also picked, the role of the “Biden-stole-the-election” attitude. But it would have been within her scope of her job description to worry about the insecure systems enough that she out of concern with its integrity could be defended in her actions.”

G: “In lieu of that, judge Matthew’s lack of concern about national security is worrying. He argues that Tina Peters should not sow distrust in the system, but Doug Gold’s report indicates exactly that: That we cannot trust the system, only the hand count. That’s a point worthy of mention.”

M: “A case of perversion of the real subject of the discussion. That unfortunately happens a lot.”

C: “I am bewildered why the NSA really has not shown any reaction. Not to suggest anything nefarious on their part, just the observation that we are pouring millions into cybersecurity, but this election server is just slammed into a room with full connectivity and all guards down. Apparently the SQL database server was open for remote connections. Usually you have the database accepting only local connections and a local frontend application which has exclusive access to the sensitive resource that a database is, all in one computer. I doubt the intention is that all client computers in the system can access the central database directly. If that was the design, it wouldn’t be very tight.”

G: “I like how honest he is, this Doug. He is very factual, very open about how to understand the conclusions. He provides lots of explanations. I am learning a lot. On top of that, there are all his anecdotes from his past.”

Absent a full forensic examination of all network and computing devices, it can be challenging to factually conclude that connection to the global Internet was, or was not, present and in operation.

C: “Unless the developers at dominion can come up with a really stellar explanation to all the security oversights listed, I say Doug is correct in stating this system should not have been certified.

I am not sure about the section on the SQL server using a self signed certificate. The server should have a CA signed certificate so the client can be reasonably certain they are talking with the correct server. Otherwise a man in the middle can eavesdrop or pervert the data underway. Usually the server blindly trusts the connected user anyway, once they have authenticated. Perhaps the issue is that a client computer will connect, authenticate, but to the man in the middle instead of the actual server. Then the MITM can simply piggyback on the existing connection and get to see all sorts of things.”

G: “Even I can see that simple using passwords alone is not enough.”

The Mesa County EMS was protected by only a (Windows authentication) password, […] The use of a password alone is not secure; this fact is taught routinely in training for the board certification

C: “See here:”

I accessed the EMS server with and without a password. I was able to guess the password, and separately used a well-known password bypass technique, both methods were successful.

C: “He was able to guess the password? I hope he means he broke it using brute force.”

M: “Another mistake we, the non-technical people, can make is to latch on to loud accusations about an apparently completely untrustworthy deep state, meaning anyone working for the public.”

Even an honest individual could accidentally allow data to be changed without their knowledge in a matter of seconds by innocently attaching a USB flash drive with hidden programming/malware on it.

C: “Haha! … My God…”

When SQL Server Management Studio (SSMS) first starts, connection entries are already pre-filled out.

G: “Fair enough. I think we can safely assume that the trust model of the workers in the building is that unauthorised physical access cannot happen. The machines are off the grid and meant to stay that way. Cameras cover the place so nobody can sneak in and open any programs or figure out passwords.”

C: “That may have been the idea, but in that case people seriously underestimate the stealthiness of hackers. Doug repeatedly mentions that the entire system had many computers with wifi. Some of them sounds like laptops, so imagine someone accidentally enabling the wifi on the laptop to quickly look up some topic. Now the floodgates have opened to a deluge of attacks from outside, completely unnoticed. If we assume that there was a wifi access point and we assume it to have a password similarly easy to guess, or even worse, if one of the computers should ever be moved to a non-secure location temporarily, it takes no time install a root kit and move on from there. Doug also warns that election sites could very well expect more advanced hacker attempts, if a foreign actor should be so inclined. I’m not inclined to think like that. That means you have to distrust even simple USB sticks and whatnot.

This is an interesting thought:”

While these records are required to be retained, they should be maintained off- system, securely archived, inaccessible to the EMS or any user. The presence of prior election databases on the EMS server also offers an extensive and convenient repository for copy and paste modifications of election data, not only for the 2020 election but for any prior listed election as well.

C: “If I can get the old elections, I have sort of an expected profile, so to speak, of the voting habits of the population. I can then modify those data slightly to make it look inconspicuous.”

G: “Hey, even I can figure out how those data are structured. The entire ballot is stored as a simple table.”

C: “And why not? I mean, the working assumption is that this database is a secure resource. Nothing wrong with having a simple stack of papers that everybody can understand as long as it remains at a desk in a room deep within a mountain, guarded by missile defence systems.”

G: “In this case, he got to the central, all-defining table in a few clicks. Of course he can change it to his liking once he has these kind of godlike capabilities.”

By changing only two values in the election database in less than a minute, I have flipped 25,358 votes, completely changing the vote total results in the election database. The change was made using Microsoft SSMS software already residing on the EMS server, without needing to enter any additional password, and without a warning about the risk of changing this information.

C: “Of course we must remind ourselves that Doug takes the place of an adversary who has really gotten behind the security barrier. But I agree with him that I doubt it would have been altogether impossible to get there.”

M: “He is level-headed. He really has his feet on the ground. I also am beginning to like this guy.”

To be explicitly clear, this demonstration is about the lack of security and the access that insecurity and unauthorized software allows, and it is explicitly not about the vote totals in any election from this server. The lack of efficient logging and the destruction of the required log files prevent any assertion to the contrary in this analysis.

C: “But my god those people have had their heads up their arses. They left the SQL server standard port open to connection completely unguarded! This is insane! Doug simply telnet’ed in from any computer on the local net. Again, I will assume a hacker could easily gain access to a computer on the local network.”

The judgement

C: “In light of what we have seen, I really feel it was unfair what judge Barrett said about Tina Peters.”

M: “Matthew Barrett analysed Tina Peters as an attention seeker. He may not have been altogether wrong.”

G: “But that implies this trial was about Tina Peters, not her convictions. When Barrett chose to focus on her personality, he allowed himself to ignore, as Christine points out, the factual basis that lent credence to Tina Peters’ actions. Which is his prerogative, but it definitely means that whenever a person refers to this trial as proof that the allegations against the voting system were dismissed, that person abuses the actual events of the trial to push a different agenda.”

M: “My feelings towards Barretts judgements are frankly mixed. In his ruling, he expresses many notions as to the nature of Tina Peters motives. Listen to this:”

Ms. Peters, you are a privileged person. You are as privileged as they come, and you use that privilege to obtain power, a following, and fame. And to be sure, there’s no doubt in my mind that that was exactly what you wanted and it defies all sense of common sense to believe when you suggested to me a few moments ago that you didn’t want this attention. No, you crave it, ma'am, and there is no one in this courtroom who would consider that to be anything other than the absolute truth.

M: “Those are very strong words. He talks from a place where civil servants perform their duty without blogging or tweeting about it. But what about politicians? Aren’t they in the business of responding to popular demands by a combination of effort and two-way communication? Many politicians are precisely driven by the enthusiasm of the crowd. In that context, Ms. Peters’ real guilt is that she listened to one crowd and not the other. She didn’t remain neutral.”

G: “Then he goes on to link the case to trends in society which he clearly don’t like:”

But to get to the point of what it is that you did here, it’s my impression distinctly that you never took your job of clerking particularly seriously. You didn’t complete the certification, one scandal after another followed you in your time as the clerk, and ultimately, it was a belief that the echo chamber in which you live couldn’t be wrong, among other things, that led you to do what you did here.

This thought process, unfortunately, seems to consume so many in our country, regardless of race, gender, political affiliation, or the like, that what it is we hear and think can't possibly be wrong.

G: “Okay, so, we have a person who takes on a job of public duty, but is ultimately only really animated through being the centre of attention. Then what? Is it by chance that she becomes an advocate for the stolen election hypothesis?”

M: “Maybe so, Gerald. She could have gained equal fame by publicly standing up to the deniers. Perhaps she was enamoured by the possibility of participating in something of historical proportions. She could have been the one that tilted the scales of the American future.”

G: “I will make a bold statement: Today we know that if she had succeeded, she would have prevented the loss of a million Russian and Ukrainian soldiers.

The judge emphasises the bigger aspect of the case as he sees it:”

In your world, it’s all about you. But at bottom, this case was about your corrupt conduct and how no one is above the law. No one in this country has absolute power. Your position as a clerk and recorder, a constitutional position, does not provide you with a means by which to do your own investigation, to not listen to the judiciary, to not listen to the executives higher than you, to not listen to the legislature who sets the law as it may be. This is nonsense. Our system of government can't function when people in government think that somehow, some way, the power they’ve been given is absolute in all respects. And that’s where you fell.

C: “But all those conclusions… Should they not be put in some kind of perspective?”

M: “What do you mean?”

C: “Well, for starters, the very problem of the reports which quite accurately points out that perhaps the election wasn’t stolen, but the election system was exceedingly poorly set up! A sixteen year old kid could have changed that election. Had it not been for Tina Peters, we would not have known any of that. Matthew Barrett presents this as:”

There are many things in my mind that are crystal clear about this case. You are no hero, you abused your position, and you’re a charlatan who used and is still using your prior position in office to peddle a snake oil that's been proven to be junk time and time again.

M: “Let’s work with that angle. The bench holds a view that no election fraud took place, and clearly conflates that with whether the integrity of the election is sound. But those are different questions. The problem with sounding the alarm as Doug Gold does in showing the possibility of interference and actually trying to sell the idea that fraud did take place is that the latter joins the mighty bandwagon of the stolen election, which Barrett depicts as detrimental to the trust in government he deems essential for the country’s cohesion.”

Every effort to undermine the integrity of our elections and public’s trust in our institutions has been made by you. You’ve done it from that lectern the voting public provided you with. Everything you’ve done has been done to retain control, influence. The damage is immeasurable. And every time it gets refuted, every time it's shown to be false, just another tail is weaved.

G: “We have seen those tails weaved. Doug’s arguments are rock solid sound. Not damning like the claim of sheer fraud and corruption, but solid. But these people can’t tell the end of a hammer from the handle, and ends up saying something stupid. That comes across as a lie, not ignorance, which is how it should have been branded.”

C: “But we don’t have to weave tails. A bunch of hopeful people tries to regain control over their fortunes by disclosing what they are absolutely certain amounts to sheer abuse of power on part of the current holders of office. Whatever their motives, they stumble upon a case of very poor security which opens the door for the indisputable truth that if fraud had occurred, it would be difficult to establish that fact. "

M: “Except when the paper trail allows for a recount. Remember, the hand count confirmed the Dominion machine’s report.”

G: “To claim fraud that is invisible from paper audit, you would have to distrust the chain of custody completely. This trial at least is not about that.”

C: “I know. The stolen election claim is what the judge sees as »snake oil«. I think the whole national business clouds his judgements as well as Tina Peters’.”

G: “I tend to agree. As you were about to say: Out of chance Tina Peters stumbled upon something she probably hoped she could use as a way to combat what half the country views as corrupt officials and politicians. In the end she couldn’t, but if she hadn’t tried, nobody else would have discovered the security problems. Everyone seems to hold on to a belief that hurts their country. Judge Barrett too.”

M: “My god, this is really beyond belief! Just look at some of the things that go on during this conversation. Few hours earlier comes Dallas Shroeder, a republican and former Country Clerk and Recorder, defends Tina in this testimony:”

Dallas Schroeder: There was no help from the Colorado County Clerk’s Association. Their continued mantra was that any allegation had already been debunked with no evidence of such debunking.

Judge Barrett: And that the hand count was identical or there was just no difference between what the machines calculated and what the hand count showed.

Dallas Schroeder: Yes, I’m familiar with the process there.

But that would have been after the system configuration that was used in the images that Clerk Peter used after that trusted bill for a new system that was a new configuration that was placed on the system.

Judge Barrett: So what?

Dallas Schroeder: We don’t know what the original one was. So to have that information is vital to the integrity of the election.

Judge Barrett: The numbers were the same.

Dallas Schroeder: I understand. We’ve done hand counts in Elbert County as well and done that as well. But the point is, if we want to really evaluate what the system is doing, we have a clean copy of an image that the secretary is unwilling to look at.

Judge Barrett: You want to evaluate it in a clearer way than actually going back and looking at what the machine told you the results were and then counting the ballots yourself?

Dallas Schroeder: I think it makes sense that we have the opportunity to see everything that’s going on within the system.

C: “What a weak answer, that last one! Why on earth does he let himself be bullied like this?! Either they don’t understand what is going on, or they are intimidated by the non-friendly judge.”

G: “He should have said: Judge! I respect your focus on the hand count, but I am entitled to have put on public record, when everybody else seem to miss the major point here, that this equipment is utterly unprotected and completely open to tampering. Let the court note that I for one do see it. What does the hand count matter in that regard? That we were lucky that nothing happened this time? That the fact that the back door was left open should be forgotten, since apparently nothing was stolen? Tina Peters put her finger on a disaster of a security issue brought about by rank amateurs, and I want the world to bear witness to the fact that I recognise it as such.”

Christina cracked with laughter. “You tell them brother!”

M: “But I also like judge Barrett’s soberness in this matter. He does succeed in cutting through a lot of lacklustre theories by asking a very simple question: Have you actually proven anything. Simply recount the paper ballots. And there is no doubt that Tina Peters was caught up in something that got out of hand.”

Cody Davis

[…] while Mrs. Peters traveled the country on her elections tours, she continued to receive her salary for 16 months despite being absent from her duties.

C: “However much judge Barrett tries to cut through and simplify, the pus beneath the skin gushes out:”

Douglas G. Frank

When confronted with systemic problems and fraud in their elections, most officials panic. They are afraid to speak up or ask difficult questions to their state officials. They say, “I don’t want to be Tina Petered.

M: “It ends up in an existential underbelly, doesn’t it. A place full of shadows and few you can trust.”

G: “But it will have to end like that when technology becomes so advanced that most people don’t know what is going on beneath the surface. This is where Doug Gold’s report is very refreshing. If you take your time to read it.”

M: “That’s the flip side of the Tina Peter’s case: It gets to represent the victory of Democratic virtue over Republican election fraud hysteria, but in reality it is about this woman who is clearly in shambles!”

I was in two rear end collisions in ‘84 and 2010. It was pretty severe. I was diagnosed with fibromyalgia, I don’t know if you can zoom in a little bit, and chronic fatigue as a result. And I had to stop working for the airlines in 1995. I was up all night because I was in bed all day, I couldn’t sleep. I couldn’t control these symptoms until I got, believe it or not, a magnetic mattress of which I still sleep on. I will not have that at the Department of Corrections. Also, I had lung cancer and had surgery in 2016,

Gerald sat and chewed for a second. Conflicting principles bothered him.

G: “So on one hand: If you punish deviation from duty, you get obedient sheep that neglects a higher duty: Speaking out when the system becomes crooked. On the other hand, if you reward people for failing their duties, the country will come surely come apart. It is important to revolt against a crooked system, and it is equally important to observe your duties.”

M: “Do you need us for that conversation? Seems like you are doing fine without us.”

Gerald cleared his throat.

G: “Speaking of gold… how is it going with that second report, Christine?”

Gerald and Miranda both looked at Christine who was once again absorbed in the report. They noticed the tingle in her eyes. She was in love. A good guess would be one of Doug Gold’s many anecdotes from the history of hacking and espionage.

G: “Christine, you are salivating.”

She embarrassedly looked up with a grin.

C: “I’m almost done. Doug focusses in this second report on whether Dominion lives up to the certification demands (which they don’t) and on how easy it is to access their system with a very few tools, once network connection can be established.”

Nearly every point of examination has revealed the most serious deficiencies in both security and configuration.

[…]

This DVS election system has been shown non-compliant with the law and has been shown to be uncertifiable. The use of this system in an election was itself a breach of law, and more importantly a breach of public trust with reckless disregard for the right of a free people to choose their government.

C: “The server itself probably didn’t have a wifi card, but we don’t know for sure. They can see that the entire system was ordered with many wifi units and at least one wifi-enabled printer, possibly indicating a wifi-aware environment. And if anyone surreptitiously plugs a USB wifi dongle into one of the Dominion computers in the network, then he demonstrates that all it takes is an iPhone, a port scanner app, an SQL server client app and a little patience in a nearby parking lot to change the election results. Until of course you look at the paper trail.”

Updated timeline:

2017 - May 17

Microsoft SQL Server Management Studio Software (“SSMS”) must have been installed as part of the future D-Suite 5.11-CO upgrade on Dominion’s own production image.

2019

EMS system upgraded to D-Suite 5.11-CO

2020 - Nov 03

Colorado Presidential Election held.

2021 - May 23

First forensic image made

2021 - May 26

EMS system upgraded to D-Suite 5.13-CO

2021 - May 26

Second forensic image made”

Mesa Report #2

Main themes:

• The certification process itself must be flawed since this machine was certified, but should not have been.
• The possibility of nefarious access combined with the obliteration of log files during update means unauthorised changes may have happened, we will never know now that the log files have been lost.

Findings:

• Uncertified software installed: Microsoft SQL Server Management Studio. God help them if anything should have gained access to the central computer.
• Windows Firewall present but allowed ALL IPs!
• Reuse of passwords and accounts on many machines.
• Self signed certificate for TCP access to SQL Server.
• WiFi connectivity on many machines with WPA2 security which may, may not, be patched. Hacker’s success depends on specific product, patching, physical access etc.

Odd ends:

• Wouldn’t the forensic image before the update preserve the old log files or at least some of them?
• How can Doug know from a forensic image of one computer what was happening on all the other network connected computers, printers, NAS etc.?

M: “Very well. One more report to go.”

/ПРИЗРАК