A 96-page report, Security Analysis of Georgia’s ImageCast X Ballot Marking Devices, authored by J. Alex Halderman and Professor Drew Springall, has been released by the U.S. District Court for the Northern District of Georgia, demonstrating numerous security problems affecting Dominion voting equipment used in Georgia and other states. The report, part of a voting-rights lawsuit, discovered vulnerabilities in practically every part of the system that is exposed to potential attackers. The most critical problem found is an arbitrary-code-execution vulnerability that can be exploited to spread malware from a county’s central election management system to every ballot marking device (BMD) in the jurisdiction. The report stated that despite Georgia’s Secretary of State Brad Raffensperger being aware of the problems for two years, the state will not install Dominion’s security update until after the 2024 Presidential election. The report also warned that while there is currently no evidence of the vulnerabilities being exploited, there is a serious risk that they will be used in future elections. The report highlighted the need for further enhancements to the software engineering, testing, and certification processes for US voting equipment and the importance of conducting rigorous post-election audits of every major electoral contest. The ImageCast X is used in
https://freedom-to-tinker.com/2023/06/14/security-analysis-of-the-dominion-imagecast-x/