The Biden administration is urging a federal judge not to issue any form of a report about potential flaws in the Dominion Voting Systems’ equipment used in Georgia, even though both sides in a court case over the machines want at least a version of the report to get out.
Totenberg shipped the full, unredacted report to the Cybersecurity and Infrastructure Agency, which is part of the Biden administration’s Department of Homeland Security, and has indicated she wants to give the public a redacted version of what Halderman wrote, Just the News reported.
Lawyers for the plaintiffs in the case have suggested Totenberg release a redacted version of the report within 30 days of when it was sent to CISA, according to The Associated Press.
However, in a filing last week, CISA attorneys urged that the court hold off giving anything to anybody until the agency decides what should be released based on its Coordinated Vulnerability Disclosure process.
The filing states that “premature disclosure of Dr. Halderman’s report, even in redacted form, could, in the event any vulnerabilities ultimately are identified, assist malicious actors and thereby undermine election security.”
The filing states that CISA will let the court know when that review might be completed, and how much information the public ought to have.
The filing also warns that “CISA typically would not release a report such as Dr. Halderman’s at the conclusion of the CVD process; it would, however, disclose necessary information about any vulnerabilities and associated mitigations.”
Even the idea of releasing a redacted version did not find favor with CISA.
“CISA is particularly concerned about dissemination of potential vulnerabilities—even in redacted form—before CISA and the vendor have been able to address them through appropriate mitigation action. Such premature disclosure increases the risk that malicious actors may be able to exploit any vulnerabilities and threaten election security. CISA respectfully submits that, in order to best promote the security of the nation’s critical infrastructure, any vulnerabilities should be disclosed,” the filing said.
The agency said it will offer a timeline at a later date, but suggested nothing would happen quickly.
“CISA is thus committed to taking these steps expeditiously and will seek to complete the process as promptly as possible. But the timeline also depends on the actions of a range of other actors outside CISA’s control. A 30-day timeline may be impractical in this situation, despite best efforts and prioritization of this work,” the filing said.
“CISA understands the urgency given the upcoming elections in which this voting equipment is presently planned to be used. Yet CISA can neither control how quickly any necessary mitigation measures are developed, made available, and implemented, nor at this time can CISA anticipate with any degree of reasonable certainty how long the process may take,” the filing said.
In the filing, CISA said that part of its review it must “coordinate between and work with the reporting source of the potential vulnerabilities (here, Dr. Halderman) and the vendor (here, Dominion), to analyze the potential vulnerabilities, including the risk they present; develop mitigation measures to mitigate the risk of the potential vulnerabilities, as needed; facilitate sufficient time for affected end users to obtain, test, and apply any recommended mitigation measures prior to full public disclosure of the potential vulnerability; and strive to ensure accurate and objective disclosures by the vendors.”
The report in question is part of a long-running lawsuit that seeks to change Georgia’s system for voting. More importantly, it is a piece of the wider discussion about potential election fraud in the 2020 presidential election.
To date, no one has produced any evidence or documentation that proves the machines were tampered with in 2020. Dominion, which was the target of multiple post-election allegations, has fought back, suing several of those who claimed its machines were part of an election fraud conspiracy.
In its reporting, the Atlanta Journal-Constitution has indicated that the Halderman report, completed last year, describes how someone could, in theory, hack the system to change votes, without saying whether or not this was ever accomplished.
“Georgia voters face an extreme risk that [ballot marking device]-based attacks could manipulate their individual votes and alter election outcomes,” Halderman declared in a signed statement filed with the court last year, as The Daily Beast reported in January.
In a news release posted to the Georgia Secretary of State Office website on Jan. 27, Raffensperger called for releasing the report — to show that its criticisms of the state’s voting methods is unwarranted.
The report is “not an objective, academic study by a non-biased actor. It is assertions by an individual who is paid to espouse opinions supporting the elimination of electronic voting systems to help a lawsuit brought by liberal activists, including one funded by Stacey Abrams’ Fair Fight Action,” the news release stated.
“Sensationalized media articles and misleading reports from paid activists notwithstanding, Georgia’s election system is safe and secure,” Raffensperger said in the release.
The release included a statement from Dominion President and CEO John Paulos, criticizing the Halderman review.
“Security assessments of any system, including voting systems, should always include a holistic approach of all safeguards in place, including procedural and technical safeguards,” Poulus said in the release.
“There is a reason why U.S. voting systems rely on bipartisan election officials, poll-watchers, distributed passwords, access controls, and audit processes,” Poulus said, adding that Halderman’s review “did not take this approach.”
“Dominion supports all efforts to bring real facts and evidence forward to defend the integrity of our machines and the credibility of Georgia’s elections.”