Recent court testimony in Georgia has unveiled alarming security vulnerabilities in Dominion Voting Systems, raising serious concerns about the integrity of elections. Cybersecurity experts Clay Parikh and Ben Cotton provided compelling evidence that these flaws could allow for manipulation of election results without the need for advanced decryption methods. As the case progresses to the Georgia Supreme Court, the implications of these revelations could significantly impact public trust in electoral processes nationwide.
TPV: Dominion Voting Systems encryption keys can be exploited to decrypt and change elections results, according to bombshell court testimony in a Georgia court which has called into question the integrity of past and future elections.
Garland Favorito, co-founder of VoterGA, summarized the court testimony from a hearing at the Georgia State Election Board on October 8th. The testimony was originally given by cybersecurity experts Clay Parikh and Ben Cotton in the case of DeKalb Republican Party vs. Raffensperger in Fulton Superior Court.
“Clay Parikh demonstrated in court that you could change the votes without even needing decryption,” Favorito said in an interview.
Favorito further detailed the testimony of Parikh and Cotton in a video summary, highlighting the security weaknesses in Dominion Voting Systems, both in Georgia and across the country.
The experts analyzed four authenticated county election databases, legally obtained through Open Records Requests filed by VoterGA. Their findings revealed severe security flaws in Dominion systems, including:
- All Dominion systems worldwide communicate via a common X.509 certificate, exposing them to potential coordinated breaches.
- A key admin account password is hard-coded and publicly known, making it easily exploitable.
- Generic, non-user-specific passwords defeat any efforts to audit system updates.
- Instead of secure hashing, passwords are encrypted, making them less secure.
- Encryption keys are stored in clear text within database tables, allowing easy access to decrypt passwords and tamper with election results.
- Malware could potentially flip votes without even decrypting election files.
Remote Access and Tampered Files
Ben Cotton testified that Dominion accessed several county servers remotely during the 2020 General Election and the 2021 U.S. Senate runoff in Georgia.
He also analyzed a county election management server and discovered it had been connected to an internet mail site, raising further concerns about external access.
More alarmingly, Cotton revealed that nearly 3,000 executable program files were modified on the server since its original installation in 2019, including the presence of an uncertified compiler. This could allow malicious actors to introduce malware and bypass election security measures.
As a result of their findings, Parikh and Cotton concluded that Dominion’s system cannot meet the guidelines for Election Assistance Commission (EAC) certification. They do not meet minimum encryption key storage standards, rendering the system “unsafe and impracticable” for use, as required by state certification laws.
Despite these revelations, Fulton Superior Court Judge Scott McAfee determined that certification is a one-time event and is not subject to ongoing review. The case is now heading to the Georgia Supreme Court, where the security of Georgia’s election systems will face further scrutiny.
You can watch the full courtroom testimony below: