Mesa County forensic investigations documented that the Election Management System (EMS) server and vote tabulation database could be accessed, altered, and manipulated using admin credentials and standard database utilities—such as SQL Server Management Studio, which acts as an internal “utility tool” analogous to the SAES. This provided the capability to inject or bulk alter voting data outside standard channels, bypassing normal machine workflow and detection, enabling large-scale undetectable manipulation.

Mesa County’s forensic analysis identified unauthorized creation of new adjudication and tabulation databases during ongoing elections, followed by the digital reloading of tens of thousands of ballot records. This process made the original voter intent unrecoverable, and allowed for selective reprocessing and potential injection of new records, invisible to ordinary officials or observers. The whistleblower described the use of Smartmatic’s “SAES data utility” to emulate voting machines, inject votes, and manipulate results by selectively processing or transmitting data without detection in Venezuela. Both described the use of system tools or utilities built for legitimate testing, but repurposed or misused to subvert election integrity, and both noted resulting broken chains of custody for thousands of ballots

Mesa County reports found critical system audit logs were set to small sizes and configured to auto-overwrite as new entries were generated, leading to erasure of election event records during counting and tabulation. The Venezuelan official testified that similar log-overwriting was configured in the Dominion system in the U.S., so that once the log filled, new data would erase previous information, making post-election audits impossible. In Venezuela, they often used a dedicated server to aggregate logs but noted that, in practice, no one would check those logs, negating auditability.

Mesa County’s system was found to have 36 wireless devices enabled and network ports open to the world, allowing remote or even wireless alteration of databases using simple tools such as a cell phone, with minimal authentication and no effective firewalling against outside intrusion.

Mesa’s analysis found exposed source code, plain-text passwords, and weak or self-signed encryption that could allow an attacker administrative access to the vote databases and facilitate undetected data manipulation. The Venezuelan testimony highlighted similar problems with Smartmatic—the source code was readable to anyone with access, and passwords were stored in plain text, making breaching the system trivial for insiders or attackers.

The Mesa County database and infrastructure allowed for the digital ballot images to be relinked or altered without modifying the associated audit data, meaning that manipulated digital images could be substituted into the record, with no reliable method for officials to detect changes. Venezuelan testimony confirmed the potential to change digital ballot representations in the database, making the audit of original votes or images effectively impossible—mirroring the manipulation seen in Mesa.

Both sources note that key Smartmatic engineers who built the system in Venezuela now work for Dominion or have advised on U.S. election systems, facilitating the transfer of techniques, vulnerabilities, and software components between Smartmatic, Sequoia, and Dominion.

Reports show vulnerabilities that enable the addition of phantom (non-existent) voters and ballots:

• Adjudication database manipulation and missing hash records for ballot images provided a pathway to introduce ballots in numbers that did not match valid voter registration or chain of custody records.

• Weak system-level authentication and lack of integrity audits for mail-in ballot batches allowed creation/import of untraceable “new ballots” or adjustment of voter records.

Manipulation of results in Mesa County was facilitated by unrestricted capability to change, overwrite, or re-export results from the EMS and tabulator databases. The forensic team demonstrated the ability to generate “official results” on pre-election days or after polls had closed, often by selectively including or excluding batches—mirroring war room-style direction of result manipulation described for Venezuela.

Auditors in Mesa County were denied full access to all system modules and forensic data; vendor and Secretary of State provided only pre-sanitized or “safe” databases and partial access during investigations, controlling the scope of independent review and obscuring core manipulation mechanisms. The process was tightly controlled, similar to the selective auditing resulting in superficial assurance and deep systemic manipulation cited by the Venezuelan whistleblower.

The Venezuelan whistleblower confirmed that Smartmatic and Dominion equipment, manufactured in China or Taiwan, often came with pre-configured firmware and internal modems, which could be covertly enabled—sometimes outside the control of software settings. This presents a supply chain and remote access threat that is undiscoverable by ordinary administrators or officials.