It reads like gibberish composed by an AI to scam people with no technical background into thinking something very technical has been said. It’s a bunch of screenshots of DNS lookups and SpiderFoot scans connected by pure non-sequitur dream logic.
TL;DR: “I am a top-secret 1337 haxx0r. I did a whois lookup of Domion Voting. LinkedIn says they have employees in Serbia. Banana Cream Lobster Monkey. Therefore: ILLUMINATI CONFIRMED.”
I seriously cannot get over the fact that someone tried to submit this insane free association exercise to a court. As an “expert witness” affidavit!
Lemme just give you a taste of how utterly batshit this is. With no explanation or connection to anything else in the affidavit, “Spyder” notes that the progressive group Indivisible—which has nothing to do with ANY of this—has a subdomain called “scorecard.”
“Spyder” thinks this “evidences the use of Scorecard software” by the progressive group. He doesn’t explain what any of this is supposed to mean, but “Scorecard” is part of another online conspiracy theory, and is supposed to be the codename of some evil vote rigging program.
Now, Indivisible DOES have a subdomain called “scorecard”. You can visit it. It’s... a political scorecard like you find on a million advocacy websites comparing Joe Biden and Donald Trump. https://scorecard.indivisible.org 
Now, he doesn’t explain any of this. It’s just dropped in there without context as if the court is supposed to know what any of this means. But the idea seems to be (1) Crazy people on the Internet have a conspiracy theory about something called “scorecard”...
(2) A progressive website used the word “scorecard” to describe... a political scorecard. Therefore (3) Crazy people on the Internet’s conspiracy theory is proven. Or something. This is their “cybersecurity expert”.
I picked this example because you don’t need any technical background to see that it’s totally absurd. But it’s almost all the same level of fever dream nonsense; some of it just has IP addresses in it. The only thing it manages to prove is that the author is mentally unwell.
There’s one semi-coherent, semi-relevant claim I think I extracted from this rambling delerium: “Spyder” claims he found login credentials for some Dominon employees by scraping their site and “on TOR nodes” (I assume he means onion sites?)...
If that’s true—and given how amateurish and frankly deranged the rest of the document is, I would *absolutely not assume it is true*—it would be sort of embarassing for Dominion. It might mean an attacker could access some part of Dominion’s own network.
But would still have exactly nothing to do with any claim about voting machines or tabulation software being compromised. It’s like thinking somone who hacked NORAD’s public website must be able to launch nuclear missiles. That’s not how anything works.
Anyway. The thing is a farce. It does not read remotely like the work of anyone with any serious expertise in data forensics or cybersecurity. It reads like a 12 year old with ADHD watched too many episodes of Mr. Robot and learned how to do a WhoIs lookup.
I can’t help myself, another gem: A programmer who in 2012 wrote some code for a project sponsored by Facebook currently works at the Consumer Financial Protection Bureau. What does this have to do with election security? Or... anything? IT’S ALL CONNECTED! CYBER! WHEE! https://twitter.com/atleebreland/status/1336390146351099907
I’m dwelling on this because *they submitted this to a court*. It’s not like this is a real analysis that’s flawed in some subtle way. It’s obviously, hilariously bonkers gobbledygook. It’s word salad. It’s a guy saying he’s fluent in Japanese & then shouting “Yamaha! Sushi!”
They’re not even TRYING to make it look serious. But somehow people whose eyes glaze over as soon as you say “DNS” look at this and think it’s some kind of real evidence of something. And then they give these charlatans money.
It’s somehow more offensive that the con is so lazy. It’s like those Nigerian scam e-mails deliberately written to be so obviously fake that only the hopelessly gullible respond, & the scammers don’t waste time on anyone who might catch on before handing over their bank info.
“Spyder” claims to have “extensive experience as a white hat hacker used by some of the top election specialists in the world.” I will eat my left shoe if that’s true. It is inconceivable that a real infosec professional could have written something this childishly inept.
The developer of the SpiderFoot OSINT tool “Spyder” used, @binarypool, wrote a good dissection of some of the other nonsense, though his tone is so gentle that I’m not sure it adequately conveys how thoroughly silly & amateurish the whole thing is. https://medium.com/@micallst/misusing-osint-to-claim-election-fraud-cfb89c858c3a
I guess I should say a little about the main “argument”—it’s obviously a joke to technical folks, but maybe not to less-technical folks. Basically this kid looks at some publicly available data concerning Dominion Voting’s *public facing website*...
...which it’s worth bearing in mind is not necessarly the same thing as their internal corporate network, and definitely not the same thing as voting machines or state-run election systems.
The core argument—and yes, this is really what it comes down to—is that various domains containing “dominon voting” or related phrases appear to be registered and hosted abroad, including places like Iran & China. This is meaningless.
It’s not particularly surprising that a company that does global business would have domains in other countries, but it’s also not even clear all the ones he cites are actually linked to Dominon Voting. Either way, it... just doesn’t prove anything about anything.
“Spyder” then breezily jumps to an assertion that Dominon was “certainly compromised by rogue actors,” which... makes no sense. It’s literally the logical equivalent of “I found a Chinese website with the word ‘apple’ in it, therefore China has hacked your iPhone.”
Finally we get a totally out-of-left-field assertion about foreign actors being able to “monitor and manipulate elections,” which is a million miles from anything the affidavit has even *attempted* to demonstrate.
None of this sub-Clouseau sleuthing comes within a country mile of showing that Iran or China or anyone has penetrated Dominion’s network. But let’s just be kind and stipulate that, arguendo. China tries to hack lots of companies, and often succeeds. So hey, maybe.
That still wouldn’t let them “monitor and manipulate elections.” North Korea hacked Sony; that doesn’t mean they can magically make Kim Jong Un the protagonist of every Playstation game.
Critical systems are not designed like Star Wars droids, where you take out the master ship & they all suddenly explode. Election systems are run by states and counties. Most of the equipment is not networked. Updates are vetted by state & federal authorities.
In short: Even if we pretend little Timmy’s hacker dress-up play had *actually demonstrated* that China or whoever hacked Dominion at some point, which it emphatically does not, that would still be a bazillion miles from showing they could (let alone did) affect election results.
There are a ton of reasons that would be massively harder than just penetrating the network, but let’s pick one that requires no tech jargon to explain: You can’t hack paper, and the states where these suits are filed all use voter-verifiable paper ballots.
So pretend someone hacks Dominion, though there’s no evidence for that. And THEN pretend that via dark sorcery they bypass every layer of review & security to inject malicious code into a distro actually installed by governments, for which there’s really, really no evidence.
Any shenanigans in the machine are still going to show up as soon as they check the tally against the paper. All these states do risk-limiting audits. Georgia just did MULTIPLE manual recounts.
The affidavit never really talks about ELECTION SYSTEMS at all. It talks about websites. It fails hilariously to prove what it tries to prove about websites. But it DOESN’T EVEN TRY to prove the thing we’d actually care about—that an election system was compromised.
And this is the best they can do. This is the caliber of the “irrefutable evidence” they keep promising. Absolute gibberish that doesn’t pass the laugh test. Gibberish so bad I doubt it’s even supposed to. It’s there to mystify tech ignorant supporters & keep donations flowing.
You can follow @normative.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:

By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.