By MICHAEL W. DOMINOWSKI
Election 2016 smells like it was stolen. The improbable outcome and the lingering doubts about the integrity of the balloting have seriously damaged America’s confidence in its election process, and the Electoral College itself.
We know the Russian government was actively meddling in the election. Even if someday that claim proves to be untrue, the damage is done. Without a credible investigation, Americans can never again be confident that their election system, and the Electoral College itself, is not being manipulated.
The distrust does not flow from fake news or crazy unfounded conspiracy theories. The notion that the election was stolen rests on solid and plausible possibilities which could fairly easily be confirmed or debunked.
Invitation to fraud
Electronic voting machines are natural suspects in a massive election fraud scheme. But voting machines doubtless do not have an Internet connection, so how could hackers from a distant land have broken in?
Distance means nothing on the Internet, but a direct connection to the voting machines is not necessary for hackers.
A path to the Internet might have actually been an impediment to them because such a connection implies the existence of a file server with security software, activity logs, multiple passwords and authority levels, and access history – things the hackers would have had to evade or somehow disguise, to avoid being unmasked.
Because they are by far the most vulnerable to chicanery, the primary suspects in a voting fraud investigation would have to be the Direct Recording Entry (DRE) voting machines, which use no paper ballots and provide no paper trail.
For example, the voting districts in the Miami-Dade- Gold Coast counties, and the greater Philadelphia area (places big enough to sway their state’s Electoral College votes, and where Hillary Clinton’s early-voting lead was mathematically impossible to surmount), primarily use DRE units.
DRE machines typically run on the unpatched, wholly insecure and long obsolete Windows XP operating system. Since access to the machines is restricted and they are never connected to the Internet, they probably all have a default password – or no password at all. But even that is not where the problem lies.
“The people who cast the votes decide nothing. The people who count the votes decide everything.”
— Attributed to Joseph Stalin
Before the election, ballots for each district are loaded into machines to be used in that district. The process probably involves either a local area network (not the Internet) or technicians physically visiting each machine and using a USB flash drive, a CD or another computer to perform the ballot upload.
Once the ballots are uploaded, the technician briefly tests the software to make sure ballots entered are properly counted.
DRE voting machines do not use paper ballots, so there is no paper trail and, therefore, no way to perform an accurate recount.
Before they are loaded into the DRE machines, the ballots (think of them as master files or source files) are created on a computer somewhere and stored there, or on another machine, until they are needed.
This is where the greatest vulnerability lies.
Electoral College is an easy target
Ballots for each voting district are different (different candidates, etc.) and each ballot would have a unique name, so technicians doing the loading can tell which ones to use. The naming convention would be readily apparent to hackers, too. That would make it easy to target which files should get the malicious code.
If a certain few of the ballot files, the ones to be used in the greatest population centers, can be compromised, the election outcome can be manipulated.
Note that the hackers are trying to game the “winner take all” Electoral College system, not the meaningless popular vote.
In a close election, swinging just one large state might provide enough Electoral College votes to elect the intruder’s preferred candidate.
This election result where the winner of the popular vote – by at least 2.7 million ballots – loses the election is the very thing the Electoral College system was created to prevent.
Electronic balloting, with its inherent vulnerabilities and potential for mischief, stands the Electoral College on its head. The supposed (and illusory) strength of our Electoral College system would be used against us.
Difficult to detect
The ballot files might be infected with hidden code. Hiding code is preposterously easy. The XP system allows you to simply mark it as hidden. The possibilities for hackers to break into such an insecure system beggar the imagination.
Once an entry point is gained, loading the malicious code would be no problem. Anti-virus software, if there is any, would not detect it because the code does not have a malware signature; it looks harmless.
Unlike most malware, the malicious code would use commonly available operating system resources. It would not be a formal “program,” but a snippet of code. It would be readily erasable. It would not try to capture keystrokes or data, or hijack a network, and would be deliberately (if unwittingly) entered by someone with administrator-level authority. One infected USB flash drive could conceivably get the job done.
The code, in this scenario, could do a simple Boolean line compare – let’s provocatively say Candidate Clinton vs. Candidate Trump. The “if/then” compare function would automatically adjust the Candidate Trump line to always be, for argument’s sake, one percent greater than the Candidate Clinton line.
In this example, no matter how many votes were cast for Candidate Clinton, the Candidate Trump tally would always be one percent greater. That is enough to skew the overall results, but not close enough to trigger automatic recounts.
This approach could result in more votes being cast than the number of registered voters. That would raise a flag, but given the usual low voter turnouts, it is not likely to happen.
Again, it wouldn’t matter if the results raised eyebrows because on a DRE machine, no accurate recount is possible.
Using the computer’s clock, the malicious code could include a “cron” function – a time-based scheduler built into the operating system – that would activate the script just before voting began. That means the aforementioned technician’s test would not have discovered it. When the polls close, that same cron job could automatically delete the malicious code.
Computers are really good at doing this stuff, and no serious programmer would find it difficult to write this sort of code.
Where’s the proof?
Did this actually happen? Proof, one way or the other, does indeed exist. It is on the hard drives of the suspect DRE machines. A forensic examination of at least some of those disk drives would reveal the truth or falsity of the claim.
Despite what Republican “investigators” led us to believe in the Great Bogus Hillary Clinton E-Mail Server Scandal, files can never really be “wiped,” erased or eradicated from a computer disk drive – even if the disk is reformatted and repeatedly written over. The “erasing” process actually involves only changing a file bit in an effort to make it unreadable by the computer.
Forensic software – think of it as an “undo” key on steroids – can peel back the erasure attempts, the reformat efforts and the obfuscatory overwrites until the original contents are revealed.
There is no way to truly obliterate a file on a computer disk drive, short of physically destroying the disk itself.
Far from farfetched
The stealthy infection of secure computers that are not connected to the Internet is nothing new. In fact it is a staple of the ongoing, and all but invisible, international cyber cold war that has been raging for years.
Arguably the most famous example of sabotage to an off-the-Internet system is the so-called “Stuxnet” intrusion. Stuxnet is the name of a software worm that nearly brought down Iran’s uranium enrichment operation. Stuxnet was introduced to the Iranian computers via a compromised USB flash drive and went undetected for at least a year.
Whether Election 2016 was really sabotaged by hackers is no longer the main point.
No greater loss
Those who benefited from the sabotage, the “winners,” have no interest in examining the intrusion, lest the probe cast doubt on the authenticity of their victory. So we may never know for sure if the Electoral College system was actually gamed.
Unless and until a credible investigation proves otherwise, Americans can never fully trust their election system. Leaving this issue carelessly unexamined makes a mockery of all that America has stood for.
That lingering and possibly well-placed doubt will lead to even less participation in elections and a strengthening of the incipient fascist state. The American republic of our forefathers – the America we have always known and loved – will have been lost, perhaps forever.
Michael W. Dominowski is the editor of Not For Hire Media.