RestoreDatabase API Found – Able to Overwrite Voter Database at Runtime (MI)

Dominion, Electronic Voting System Integrity, Established Fact, Fulton County, Livonia, Michigan, Security Negligence, United States, Wayne County / Patrick Colbeck

Established Fact Binary analysis of EPBHostService.exe — the poll book host service deployed to all 44 Livonia precincts on Election Day 2020 — reveals a RestoreDatabase API endpoint capable of overwriting the entire active voter database (EPB.accdb, 79 MB) at runtime. Calling this endpoint during an election would replace all voter check-in records accumulated since […]

RestoreDatabase API Found – Able to Overwrite Voter Database at Runtime (MI) Read More »

Voting System’s Encryption Keys Provided to Counties Unprotected in Plain Text (GA)

Disputed Fact, Dominion, Electronic Voting System Integrity, Fulton County, Georgia, Security Negligence, United States / Patrick Colbeck

Disputed Fact Encryption is used to protect the voting system configuration files, programming, election results, and functions. With the cryptographic encryption keys, the programming, results, and functions can be easily manipulated without detection. Citations Fulton County, GA 2020 General Election Report for Georgia State Election Board, Election Oversight Group, LLC https://drive.google.com/file/d/1UzJ4qX6iBSrFMtkoRnOGIe3q8pzGjkVx/view?usp=drive_link

Voting System’s Encryption Keys Provided to Counties Unprotected in Plain Text (GA) Read More »

EAC security rigor insufficient to secure election systems as critical infrastructure (US)

Disputed Fact, Dominion, Electronic Voting System Integrity, Security Negligence, United States / Patrick Colbeck

Disputed Fact On December 7, 2025, the Chair of the Election Assistance Commission, Donald Palmer, issued a statement designed to give a false sense of security that our electronic voting systems are secure. The Election Crime Bureau responded with a report supported by evidence that asserts that the security safeguards in place for election systems

EAC security rigor insufficient to secure election systems as critical infrastructure (US) Read More »

Dominion iButtons – Hardware Authentication Tokens Retained Exclusively by Vendor, Never Transferred to County (AZ)

Arizona, Dominion, Electronic Voting System Integrity, Established Fact, Security Negligence, United States / Patrick Colbeck

Established Fact Maricopa County did not possess the administrative iButtons – hardware authentication tokens required to configure, validate, and independently access the Dominion tabulation systems it deployed in the 2020 election. These tokens were retained exclusively by Dominion Voting Systems throughout the election cycle. As a consequence, Maricopa County election officials had no independent ability

Dominion iButtons – Hardware Authentication Tokens Retained Exclusively by Vendor, Never Transferred to County (AZ) Read More »

FIDO Key Mismanagement and Private Operative’s Control of Hidden Election-Night Wi-Fi Network (WI)

Dominion, Electronic Voting System Integrity, Established Fact, Security Negligence, United States, Wisconsin / Patrick Colbeck

Established Fact The Wisconsin Elections Commission (WEC) issued 3,137 FIDO (Fast Identity Online) hardware security keys for WisVote database access while admitting it cannot account for how many keys it has actually issued. At least one county received 15 keys after requesting only 2, and was told to hold unused keys “just in case.” Of

FIDO Key Mismanagement and Private Operative’s Control of Hidden Election-Night Wi-Fi Network (WI) Read More »

ESS Installed Remote-Access Software (pcAnywhere) on EMS Systems – Source Code Was Stolen by Hackers (PA)

Dominion, Electronic Voting System Integrity, Established Fact, Pennsylvania, Security Negligence, United States / Patrick Colbeck

Established Fact Election Systems & Software (ESS), the largest U.S. voting machine vendor, admitted in a 2018 letter to Senator Ron Wyden that it had installed pcAnywhere remote-access software on election management systems sold to Pennsylvania and other states between 2000 and 2006 – directly contradicting prior public representations that it had never done so.

ESS Installed Remote-Access Software (pcAnywhere) on EMS Systems – Source Code Was Stolen by Hackers (PA) Read More »

Unauthenticated RDP and VNC Remote Access Protocols Enabled on Certified EMS Workstations (PA)

Dominion, Electronic Voting System Integrity, Established Fact, Fulton County, Pennsylvania, Security Negligence, United States / Patrick Colbeck

Established Fact Forensic imaging of the Dominion Democracy Suite 5.5 server in Fulton County, PA discovered that VNC (Virtual Network Computing) and RDP (Remote Desktop Protocol) protocols were actively enabled on secured election management workstations – creating open remote-access channels that permitted outward data routing to foreign IP addresses without authentication requirement. These misconfigurations nullified

Unauthenticated RDP and VNC Remote Access Protocols Enabled on Certified EMS Workstations (PA) Read More »

Plaintext Master Cryptographic Key, 12-Year-Old Shared Password, and Two Anonymous Remote Logins with Escalated Privileges (MI)

Antrim County, Dominion, Electronic Voting System Integrity, Established Fact, Michigan, Security Negligence, United States / Patrick Colbeck

Established Fact Forensic analysis of the Antrim County EMS revealed that the master cryptographic key used to encrypt all voting results transmitted from tabulators was stored in plaintext in a database table – identical to the vulnerability confirmed in Georgia. Additionally, all users relied on the generic, shared administrative account “EMSADMIN” with a 12-year-old password:

Plaintext Master Cryptographic Key, 12-Year-Old Shared Password, and Two Anonymous Remote Logins with Escalated Privileges (MI) Read More »

Dominion Stored Master Encryption Keys in Plaintext in Election Databases – Confirmed in 5+ Counties (GA)

Dominion, Electronic Voting System Integrity, Established Fact, Georgia, Security Negligence, United States / Patrick Colbeck

Established Fact Independent forensic analysis confirmed that Dominion placed master cryptographic encryption keys unprotected and in plaintext within the same database used to store election data and produce contest results – in direct violation of FIPS 140-2, which requires cryptographic keys to be protected within a cryptographic module. This vulnerability was confirmed in election databases

Dominion Stored Master Encryption Keys in Plaintext in Election Databases – Confirmed in 5+ Counties (GA) Read More »

Unhardened Election Servers – Unauthorized USB Use, Video Games Installed, No NIST Hardening (GA)

Dominion, Electronic Voting System Integrity, Established Fact, Fulton County, Georgia, Security Negligence, United States / Patrick Colbeck

Established Fact Cybersecurity expert Harri Hursti, providing sworn testimony in Curling v. Raffensperger, documented severe operational security failures in Georgia county election offices. EMS and tabulation servers were not hardened according to NIST benchmark guidelines; servers exhibited frequent, untracked use of USB flash drives, and unauthorized software applications – including video games – were installed

Unhardened Election Servers – Unauthorized USB Use, Video Games Installed, No NIST Hardening (GA) Read More »