Coreco Ja’Qan Pearson, et al v Brian Kemp, et al was filed by 4 attorneys, including Sidney Powell and L. Lin Wood, on November 25th, 2020 in the Northern District Court of Georgia. A PDF copy of the filing is available below:
Donna Kurling v Brad Raffensperger (1:17-cv-2989-AT) was filed in the United States District Court for Northern Georgia. On October 11th, 2020, the Court issued a 147-page opinion/Order that outlined severe and systemic issues with Georgia’s use of Dominion voting machines. The decision outlines why Dominion is at the center of various election lawsuits.
The Dominion voting machines and software is not able to be audited. The machines have optical scanners that wrongfully don’t count valid ballots. Multiple cybersecurity experts, including a former NSA cybersecurity employee and a Princeton Professor, outlined problems with the Dominion machines and software, such as:
- Valid ballots were not recognized by the scanning software (7% of ballots were improperly not counted in a detailed evaluation of the software and hardware issues)
- The voting machines and software were not encrypted
- Machines would be remotely accessed
- Machines had Android software installed that was created by a third-party
- The default scanner settings led to valued votes not being counted
- The Defendants lacked testimony from cybersecurity experts that tested the Dominion machines and software
- The QR barcode-based BMD voting system is incapable of being meaningfully audited for a variety of reasons
- Dominion Voting Services Executive Dr. Commer
Excerpts and quotes from the decision:
Defendants failed to present independent experts to address issues raised by the Plaintiff. Plaintiff’s presented multiple independent, highly credible cybersecurity experts (Page 22-24):
“Thus, the State Defendants did not present any independent cybersecurity expert to directly address the cybersecurity issues and risk vulnerabilities of Dominions’ QR code voting system raised by Plaintiffs. Instead, State Defendants relied on Dr. Coomer’s testimony, to address – based on his professional experience – some of the significant cybersecurity issues raised by Plaintiffs…
Plaintiffs’ substantive evidence regarding the Defendants’ implementation or usage of the BMDs, scanner/tabulators, and audits is the most complex, expect intense evidence presented in this case. Indeed, this array of experts and subject matter specialists provided a huge volume of significant evidence regarding the security risks and deficits in the system as implemented both in witness declarations and live testimony at the preliminary injunction hearing. As authorized discovery only commenced shortly before the preliminary injunction hearing, no expert or other depositions had been conducted.
While Plaintiffs’ experts provided illuminating evidence, this evidence still had its own constraints. First, security information from the Secretary of State’s office was limited. The Secretary of State’s response to Plaintiffs’ authorized expedited discovery requests indicated that its cybersecurity consultant, Fortalice Solutions, had not generated any consulting studies, audits, or assessments of data system security issues since August 1, 2019 when the State commenced its early work on implementation of the Dominion system, other than a November 2019 report requested by Defendants’ counsel and withheld based on attorney work product privilege. (See September 2, 2020 Order, Doc. 858 (approving nondisclosure based on assertion of privilege and in turn, granting on limited terms Plaintiffs’ request for inspection of BMD equipment); see also, August 15, 2019 Order, Doc. 579 at 73-90 (discussing the focus of Fortalice evaluations of security and software issues prior to August 2019).)
Second, while some of Plaintiffs’ experts had accessed other related BMD models and Dominion software previously, the specific BMD model and software variation (along with the optical scanners/tabulators programed with Dominion’s proprietary software) used in Georgia was not accessible to the Plaintiffs and their cybersecurity expert, Dr. Halderman, until Friday, September 4, 2020 at 5:30 p.m. – and then, only by Court Order.26 This was just days before the preliminary injunction hearing commenced on September 10, 2020. Upon the Plaintiffs’ filing of a discovery dispute notice regarding their access issue, the Court ordered the swift production of a BMD and related ImageCast precinct scanner for Plaintiffs’ expert’s testing and assessment, subject to various confidentiality provisions and other terms.27 (As the Dominion system uses an off-the-shelf printer, the Plaintiffs provided their own new printer of the same model used by the Defendants.)
Relevant Footnotes: (Dr. Coomer previously served as Vice President of U.S. Engineering for Dominion and prior to that was the Vice President of Research and Development for Sequoia Voting Systems. He has worked in product development for election systems since 2005. He obtained his Masters degree and Ph.D. in nuclear physics and plasma physics from the University of California, Berkeley and a bachelor of science degree in engineering physics from Rensselaer Polytechnic Institute. (Tr. Vol. II at 99-100.) He additionally testified that he had designed the vote adjudication system used by Dominion, had written code for various election components, and provides primary election support for major Dominion customers).
(Additionally, witness declarations and testimony given in connection with earlier preliminary injunction motions was available for consideration to the extent that it was relevant and filed in the record. 25 The Court’s August 15, 2019 Order provided this explicit remedial relief: “The Secretary of State’s Office should work with its consulting cybersecurity firm to conduct an in-depth review and formal assessment of issues relating to exposure and accuracy of the voter registration database discussed here as well as those related issues that will migrate over to the State’s database or its new vendor’s handling of the EPoll voter database.” (Doc. 579 at 150.)”
Evidence Voting System Vulnerable to Cyberattacks (Page 25):
“Evidence presented in this case overall indicates the possibility generally of hacking or malware attacks occurring in voting systems and this particular system through a variety of routes – whether through physical access and use of a USB flash drive or another form of mini-computer, or connection with the internet. As discussed in the declarations and testimony of the proffered national cybersecurity experts in this case, a broad consensus now exists among the nation’s cybersecurity experts recognizing the capacity for the unobserved injection of malware into computer systems to circumvent and access key codes and hash values to generate fraudulent codes and data.
Voting Machine Lacks Auditable Ballot Record (Page 26-28):
Expert witnesses demonstrated that if a voting machine system is subject to a cyberattack or exposed to malware, the breach could be detected. But the ballot records and system data could not be corrected or audited:
“In these experts’ views, these risk issues are in play in the operation of Dominion’s Democracy Suite 5.5-A GA, and take on greater significance because the system is one that does not provide a verifiable and auditable ballot record because it relies on the QR code for vote tabulation and that code itself cannot be read and verified by the voter.
Hacking alterations of the barcodes and/or predicate text, security keys, or hash values renders tracing or auditing of the fraudulent change in voting data difficult or impossible in their viewpoint – and in turn impacts the capacity to conduct appropriate auditing of ballot data or to implement corrective “re-count” measures.
And while some attacks can be detected, their results often are not susceptible to full correction.
For all these reasons, Dr. Halderman and Plaintiffs’ other cybersecurity expert witnesses testified that heightened proactive protection measures are needed beyond what the current Dominion system as implemented in Georgia provides alternatively, are simply not feasible given the system’s central reliance on a humanly unverifiable QR code.
Plaintiffs’ voluminous expert testimony describes an interrelated range of systemic software and operational practices that define and impact the functioning of the voting system
Defendants Expert witness who changed their testimony, Dominion Voting System is NOT Encrypted (Page 33):
“In his first affidavit, Mr. Cobb stated that the BMD printed ballot’s QR codes are signed and encrypted. (Doc. 821-6 at 4.) When Plaintiffs’ experts disputed this encryption claim, Mr. Cobb in his second affidavit pointed to Dominion’s own documentation as the source of his prior statement that the encoded QR codes and digital signature were encrypted.37 And at the injunction hearing, Mr. Cobb conceded that he accepted such representations on face value rather than on any testing that he had actually done. (Tr. Vol. II at 243.) The evidence plainly contradicts any contention that the QR codes or digital signatures are encrypted here, as ultimately conceded by Mr. Cobb and expressly acknowledged later by Dr. Coomer during his testimony.”
One of the Defendant’s expert witnesses had no training or expertise in cybersecurity despite contesting testimony submitted by the Plaintiffs’ multiple cybersecurity experts (Page 34) :
“Mr. Cobb’s first affidavit discloses that Pro V&V did not itself conduct any form of penetration or security testing of the 5.5-A software version specifically to be used in Georgia (certified by Dominion in August 2019) but relied on another company’s security testing of earlier versions of the Dominion Democracy Suite software.39 (Doc. 865-1 at 5; Tr. Vol. II, at 233.)
Dr. Coomer testified that there is a difference between the 5.5 and 5.5-A Dominion Democracy Suite versions – a change to the ICX software that was not deemed de minimis. (Tr. Vol. II at 138.) Pro V&V’s assessment of the modified software version in November 2019 (“5.5.A GA” update) (classified as de minimis) was performed by an employee no longer with the company.
Mr. Cobb’s affidavit did not indicate that he actually had personal familiarity with that specific testing or actually any specific testing, as he testified he did not engage in this type of activity. (Tr. Vol. II at 243.) At the injunction hearing, he indicated that Pro V&V had never tried or tested alteration of the QR code in Dominion version 5.5-A, though he had previously declared in effect that this could not be done. (Tr. Vol. II at 238.)
While Mr. Cobb’s affidavits addressed cybersecurity matters and criticisms of Plaintiffs’ cybersecurity and engineering expert affidavits, he was candid in his testimony at the injunction hearing that he actually had no specific expertise in cybersecurity testing.
A cybersecurity expert that previously worked for the National Security Agency, Ernst & Young, and Honeywell International shared the following:
“Liu reviewed the architecture and documentation regarding this specific BMD system (including certification documentation) and considered the outdated Android operating system and principles of how relevant checksum software works, his knowledge of applicable technology and software principles and cybersecurity vulnerabilities. (Id. at 63-67.) He also considered the system’s use of USB devices and portals which in his view generally are “fraught with security concerns.” (Id. at 69-70.) Liu concluded that in his view, the design of the security of the BMD system is not secure and “require[s] a more in-depth review.”
Additionally, the Dominion BMD system was not encrypted (Page 36):
“Mr. Liu addressed head-on the inaccuracy of any contention that the QR code or signature utilized in the Dominion BMD system in Georgia is encrypted. Mr. Liu testified at the injunction hearing that based on his and his firm’s examination of the QR codes, the codes were not encrypted. “And the process that we undertook to perform the verification was to develop code that read the QR code. Wherein, we were able to extract the raw data and determine . . . whether or not it was encrypted. And our conclusion was that it was not.”
The Dominion systems used in Georgia were using an Android operating system not written by Dominion (Page 40):
“Finally, Dr. Coomer’s affidavit represents that “the BMD has no physical component that would allow for wireless transmissions.”46 (Id.) Dr. Coomer acknowledged on cross examination, however, that the Democracy Suite software works on an Android operating system that is separate from the software and hardware, and that is not written by Dominion. (Tr. Vol. II at 86-87.) He further acknowledged the potential for compromise of the operating system, by exploiting a vulnerability, that could allow a hacker to take over the voting machine and compromise the security of the voting system software.”
Additional cybersecurity experts discussed vulnerabilities in the Dominion voting machines used in Georgia, which included gaming applications being installed on voting machines and the ability for machines to be remotely accessed (Page 42):
“He found that in the two-county election offices he visited, election servers enabled unsafe remote access to the system through a variety of means, extending from frequent use of flash drives and accessing of the internet to the use of outside unauthorized applications (such as game programs) residing on election management and tabulation servers and other practices. Mr. Hursti testified that these practices drive a hole through the essential cybersecurity foundation requirement of maintaining a “hardened”48 server (and associated computers) as well as air-gapped secure protection of the system. Without these basic protections, malware can far more easily penetrate the server and the operative BMD system software in turn. Hursti found that in one of the counties, server logs were not regularly recording or updated in full and that Dominion’s technical staff maintained control over the logs and made deletions in portions of the logs. Yet secure and complete logs, Hursti testified, are essential as the most basic feature of system security as they provide the detailed activity trail necessary for the identification of security threats and server activity and are required for purposes of conducting a sound audit.
Major software issues with Dominion machines occurred during testing in September that caused a column of Senatorial candidates to disappear from the ballot (Page 44):
“In addition to the above issues, approximately two weeks after the last day of the injunction hearing in this case, a new development or crisis (depending on which party’s perspective) was brought to the Court’s attention. Logic and Accuracy testing in at least two counties demonstrated an unpredictable defect or bug in the presentation on the ballot of the 20 candidates for one of Georgia’s U.S. Senate seats. A column of the senatorial candidates erratically would disappear from the ballot. Dominion conducted expedited testing to identify the source of the bug. At first it determined it would have to replace the database system wide across Georgia to address the issue. On the afternoon of September 25, 2020, Chris Harvey, the Director of Elections for the Secretary of State’s Office, issued a written notice to all County election directors regarding a ballot problem that had arisen that might require replacement of the entire voting database. He therefore directed that all county election offices cease Logic & Accuracy testing until further notice. Georgia’s 159 counties thus temporarily halted all Logic and Accuracy testing preparation of voting equipment for the elections. Plaintiffs’ counsel notified the Court over the ensuing weekend of this significant new election system problem. The Court held a phone conference with counsel along with Dr. Coomer regarding the issues raised on September 28th. The Court was at that time advised that Dominion had now determined after further testing that the issue should be addressed by a software modification to run on the ICX BMD Touchscreen voting machines that would have to be installed in each of these BMD voting machines across the state. Meanwhile, Dominion sent a modified version of the software for running the election on the operative ICX BMD Touchscreen voting equipment to Pro V&V for independent testing.
Although as it turns out, Pro V&V had not started their testing of the software modification (or so it seems) aimed at remedying the issue at the time of the September 28th phone call, Dr. Coomer initially advised the Court then that “so the testing lab has already deemed the change de minimis” – an instantaneous conclusion that bears consequences and raises questions, as later discussed here. (Tr., Sept. 28, 2020, Doc. 926 at 38.) Dr. Coomer then responded to the Court’s question of when therefore did the testing actually occur. He further responded that Pro V&V had first analyzed the code change to determine if the change was “de minimis” pursuant to EAC standards and then, based on that finding, would conduct testing, which was proceeding on that day, Monday, September 28th.50 By Tuesday at latest, Pro V&V had given its full approval of the software modification, though it had yet to issue a written testing report. By that Tuesday afternoon or evening (or earlier), Pro V&V had transmitted the modified software to the State Elections Division for review, use, and distribution to counties on Wednesday. (Doc. 928-1.) The State in turn transmitted on Wednesday, September 30th one flash drive to each county elections office for mass reproduction in hundreds of flash drives for installation of replacement software on all BMDs. At the time it was distributed to the counties, the Dominion software modification had not yet been reviewed or approved by the Election Assistance Commission.”
However, Dominion did not in fact submit the software modification for approval to the EAC as a de minimis change until Monday, October 5, 2020 and then re-submitted its engineering change order request on Tuesday evening, October 6, 2020, a day after installation of new software statewide in BMDs across the state’s 159 counties was completed.”
“However, as Pro V&V was never able to reproduce the flickering on/off appearance of one column of the 20 candidate screen on a copy of Douglas’ County’s actual database that first demonstrated the bug, there is no indication that Pro V&V actually identified the root cause of the bug or that Pro V&V actually verified that the new software fixed the bug or fixed it without impacting other portions of the software.”
“The issue before the Court, though, is not whether any particular set of procedures is in full compliance with state law or a mere error in judgment by the Secretary of State’s Office. Voters do not have a First or Fourteenth Amendment constitutional right to perfect implementation of state statutory provisions guiding election preparations and operations. But they do have the right to cast a ballot vote that is properly counted on machinery that is not compromised or that produces unreliable results.”
Expert witnesses provided testimony that the Dominion BMDs could not be audited (Pages 60-65):
“Plaintiffs assert that the Dominion BMDs should not be used in Georgia’s elections because unlike hand-marked paper ballots the BMDs are unauditable. “
“Dr. Stark’s affidavits and hearing testimony address the impossibility of conducting a reliable audit of ballots and voting totals derived from QR codes for purposes of verifying the accuracy or integrity of election results or processes. In Dr. Stark’s view, the risk-limiting audit methodology cannot be properly utilized to assess the accuracy of election results in the context of a BMD system where ballots are tabulated based on a humanly non-readable QR code that is not voter verifiable and where the computer voting system is vulnerable to data hacking or manipulation that can alter votes cast in untraceable ways – including in the votes actually shown on the ballots that are audited….
Unlike voting systems using optical scan hand-marked paper ballots, BMD based voting systems are not strongly software independent. (Stark Suppl. Decl., Doc. 640-1 at 42 ¶ 10.) According to Dr. Stark, a BMD “by its nature, erases all direct evidence of voter intent.” (Tr. Vol. I at 46.) There is no way to tell from a BMD printout what the voter actually saw on the screen, what the voter did with the device, or what the voter heard through the audio interface. (Id.) For this reason, there is no way to establish that a BMD printout is a trustworthy record of what the BMD displayed to the voter or what the voter expressed to the BMD.”
Voting system could not be audited if exposed to malware (Page 67):
Dr. Halderman has explained the many ways a BMD could be maliciously programed or otherwise malfunction such that the ballot printed by the BMD does not match the voter’s intended selections. He also attests that “if voters do not reliably detect when their paper ballots are wrong, no amount of post-election auditing can detect or correct the problem.”
“Between November 2018 and March 2019, Dr. Appel conducted a research collaboration with Dr. DeMillo of Georgia Tech and Dr. Stark, leading to the publication of a joint paper, Ballot Marking Devices (BMDs) Cannot Assure the Will of the Voters. After analyzing the consequences of a study of whether voters review ballot cards produced by BMDs, their research concluded: Risk-limiting audits of a trustworthy paper trail can check whether errors in tabulating the votes as recorded altered election outcomes, but there is no way to check whether errors in how BMDs record expressed votes altered election outcomes. The outcomes of elections conducted on current BMDs therefore cannot be confirmed by audits.
“According to Dr. Stark – whose opinions are affirmed by other experts – audits of BMD-marked ballot printouts cannot reliably detect whether malfunctioning BMDs printed the wrong votes or omitted votes or printed extra votes (whether due to bugs, configuration errors, or hacking).67 And “this is true even if the malfunctions were severe enough to make losing candidates appear to win.” (Id. ¶ 5.) Dr. Stark testified that “[t]here is no audit procedure that can be conducted on the output of ballot-marking devices to confirm that the outcome of a contest is correct in the sense that it reflects what the voters actually did on the BMD or saw on the screen or heard through the audio.” (Tr. Vol. I at 68.) “[U]nless virtually every voter diligently checks the printout before casting it, there is no reason to believe that an accurate tabulation of BMD printouts will show who really won.” (Stark Suppl. Decl., Doc. 680-1 ¶ 13”
An expert witness ran the same ballot through Dominion’s machine multiple times. The machine gave different results (Page 104). Additional tests showed issues with hardware and software:
“During the court-authorized testing of the Dominion equipment supplied by Fulton County, Coalition member Jeanne Dufort marked and scanned a series of test ballots to see how the marks were interpreted and tabulated by the scanner. To replicate the various ways voters might feed paper ballots into the scanner, Dufort scanned the same ballot multiple times “top side up, top first and then bottom first, and bottom side up, top first, and then bottom first to see if it made
The 5 ballot images shown below depict actual unadjudicated ballot images from Fulton County’s August 11, 2020 election, showing the ICC scanner interpreted as a “blank contest” several voter marks that indicate a clear visible selection for the candidateany difference in how the scanner saw the vote.” (Id. at 178.)
As Dufort described at the September 10 hearing, the test ballot “had five contests on it. Three were races, and two were questions. When I put it through, the first thing I did was put it through each of the four possible ways to feed it. And each time, I got a different message from the scanner. It would return it with an error saying there were ambiguous marks, but it never pointed out the same ambiguous marks.” (Id. at 179.) More specifically, she testified that “the first time when we put it in face up like you see first, it told us that one SPLOST race, one of the contests on the backside, was ambiguous. The second time when I put it in bottom first, it told me that the liquor sale vote was what was ambiguous and it didn’t tell me anything about the SPLOST. The third time when I turned it over and put it backside facing up top end, it told me the SPLOST and one of the judge races was ambiguous. Then the fourth time when I put it backside bottom in, it told me the SPLOST and the liquor sales was in there.” (Id.) Each of the four times Dufort fed the same ballot through the scanner, she got four different responses from the scanner. (Id. at 179- 80.)
Dufort repeated the experiment again, this time feeding the ballot in the same direction five separate times and still each time she got a different response from the scanner..”
The Plaintiffs focused on preventing disenfranchisement, as the Dominion voting machine settings could result in valid ballots uncounted. The Plaintiffs wanted humans to double-check decisions made by Dominions machines/software:
“According to their motion, the full problem with the ballot scanners will not be solved by the State’s new rule, but it can be solved by restraining the State from requiring scanner settings that automatically discard any degree of perceptible voter markings. In response, the State Defendants assert that Plaintiffs do not propose any solution beyond ensuring every single stray mark on every hand-marked ballot is reviewed by a human.”
Conclusions (Pages 125-130):
“For the reasons that follow, the court will not grant the requested relief for the November general election based on pragmatic timing considerations where absentee voting has already begun and alteration of the scanner settings would require changes to the election system database and would result in disruption of the ongoing administration of the election by the State and the Counties. Instead, the Court has directed the State to itself explore and determine whether a solution exists for the discounting of votes resulting from system deficiencies in the tabulator/scanning and the potential implementation of remedial measures in time for any runoffs in January 2021.
There is no question that the default scanner settings used in elections conducted to date on the Dominion system caused certain voter marks to register as blank and therefore prevented some valid votes on hand-marked ballots from being counted….It is also evident that the State’s adjustment of the Dominion default settings (used to date) pursuant to the SEB’s newly promulgated regulation will not cause the scanner software to capture all perceptible ballot vote markings and count them as votes in the upcoming November election. (See Defs.’ Ex. 4 at 6, Doc. 887-4 at 7) (noting that even after the adjustment, 7 out of 100 test ballots were seen by the ICC as completely blank though voter markings could be discerned upon physical human review). As evidenced by the Fulton County ballots shown in Plaintiffs’ Exhibit 7, the result is that some votes are not recorded by the scanners and are not counted. Under the current procedures used with the Dominion system, these votes escape any review before being rejected – resulting in irreversible voter disenfranchisement.
It appears that prior to the use of the Dominion system and introduction of the adjudication software, no voter’s ballot choices were getting kicked out based on their visible designations of candidate choices with an X or check mark, as these markings are recognized under Georgia’s Election Code as clear manifestations of voter intent. These circumstances are quite troubling and present an opportunity to potentially disenfranchise older voters in particular – based on their historical experience voting under the State’s prior systems – at a greater percentage than younger voters.”
To echo the late Congressman John Lewis, “The vote is precious. It is the most powerful non-violent tool we have in a democratic society, and we must use it.” As this Court has repeatedly recognized in this case, “[t]he right to vote freely for the candidate of one’s choice is of the essence of a democratic society, and any restrictions on that right strike at the heart of representative government.”
“The burden on voters to read and follow the instructions for marking their absentee, provisional, or emergency ballots is minimal.90 The burden to do so in a manner consistent with the regulation’s adopted scanner settings to ensure their vote is automatically accepted by the scanner software is a different matter. Certain well-informed voters may be aware of this new regulation adopted just weeks ago. Other voters may have read recent news articles documenting the problems with Georgia’s scanners in failing to recognize certain types of voter markings during the June primary elections. The average voter, however, is likely unaware that their failure to adequately darken the oval to a certain percentage may cause their vote to be rejected by the scanner and in turn, not counted.”
However, there is no evidence in the record of any burden on the Counties were the Court to grant some form of relief to address the ballot scanner settings. No evidence has been presented from any county election official to support Mr. Harvey’s supposition that changes to the scanner, tabulation, and adjudication software to ensure that all perceptible votes written on mailed and hand marked paper ballots are either counted as votes or flagged for human review by a Vote Review Panel would create an undue administrative burden on county officials and would “result in delays of finalizing results, certifying results, and conducting audits.” And notably, Fulton County’s response to Plaintiffs’ motion is silent on the issue of the ballot scanner settings.”