Oregon's Voting System Is Being Absolutely Raped, With Country Wide Implications - Ted Wheeler's Vote Was Change to Trump

  • We are being DDoS attacked still and 12,000 people are reading about incest. Expect weird errors. Most should go away by refreshing. Registration and password reset emails are unavailable due to a DDoS attack on the email server.

crocodilian

K. K. K.an't Edit Posts
True & Honest Fan
kiwifarms.net
Just to demonstrate my above point, here are five states' worth of voting data including names, birth dates and whatever else you would need to make use of this breach. Obviously if this breach is exactly as dangerous as described, don't tamper with federal websites.

Vulnerable federal websites
Kansas: https://myvoteinfo.voteks.org/VoterView
Virginia: https://vote.sos.ri.gov/Home/UpdateVoterRecord?ActiveFlag=0
Wisconsin: https://myvote.wi.gov/en-us/MyVoterInfo
Minnesota: https://mnvotes.sos.state.mn.us/VoterStatus.aspx
According to /pol/ screenshots, possibly California?

Voter database leaks
https://raidforums.com/Thread-Kansas-2018-Voter-Database-Leaked-Download
https://raidforums.com/Thread-California-Birth-Index-1905-1995-Leaked-Download
https://raidforums.com/Thread-Washington-2018-Voter-Database-Leaked-Download
https://raidforums.com/Thread-Washington-Voter-Database-Leaked-Download
https://raidforums.com/Thread-Oregon-2018-Voter-Database-Leaked-Download
 

crocodilian

K. K. K.an't Edit Posts
True & Honest Fan
kiwifarms.net
The targeted individual's replacement ballot appears to cancel any prior-submitted ballot, even those sent by mail:

1603009561178.png

After which a replacement ballot will be provided, complete with all prior voter registration data pre-filled in:

1603009498953.png

(No idea if submitting this, somehow, will actually change their vote. But it does cancel the original one, according to the site.)

If the attacker feels inclined, it appears possible to change the registered voter's personal information:

1603008826152.jpg
 

mr.moon1488

True & Honest Fan
kiwifarms.net
But you'd have to do that on a large scale to have any effect and doing so would be difficult given that you have to verify. Right in that screenshot, and as I pointed out in previous posts, you need either, the persons DMV number, the last 4 of their social, or sending in one of those listed items. Some easier to obtain than others, but still.

Doing this on a few people, sure, but on a mass scale, you'd need a large team of people working on this. With less than a month to go, thousands of people suddenly doing this would likely attract some attention.
> the last 4 of their social
A lot of employers and schools use this for identification along with your DOB and full name. If that's really all it requires then in theory anyone with access to a database storing such info in Oregon can change the votes of anyone in said database. As for the effect, I doubt they could change an election since the state is mostly comprised of drug addicts and hipsters anyway, but it could throw it into such a huge doubt that you'd have to cancel any elections there and restart from scratch. The University of Oregon alone has about 23,000 students. If their info got leaked online and only a fraction of them had their votes changed, that would be ample justification to hold new elections.
 

Sithis

Dread Lord of the Void
kiwifarms.net
Ah goddamnit. Using voter info is one of the secrets of successful doxing and this shit just might make a big enough outcry to get that info restricted on a nationwide level. Currently some counties require SSN or something else so you can't just get info with a name, but in a lot of the US if you have someone's name and city, even if they're unlisted in the whitepages, you can find them through voter rolls.

Don't do this of course, I don't know what I'm talking about.
 

Overly Serious

kiwifarms.net
I just skimmed the thread and didn't even see any.

The "Update Registration" button takes you to a page that wants your Oregon DMV number. If you don't have that, it asks for the last four of your social. I didn't go beyond that since I don't have that info.

So it's not as easy as just knowing their name and DOB.

Edit - You can select that you don't have a social and then it takes you to a page saying:

View attachment 1669669

You can proceed to the next page and actually change details but it's not going to take affect until you provide the above.

I was thinking this had to be false until I read your defence of it. The very idea that your SSN is a suitable password that means this car-crash isn't an issue is staggering. You can't be serious.

But I'm having trouble believing this is real. Surely no State could be this dumb. And I'm a long-time critic of electronic voting / tallying. But this is beyond anything I could imagine. This is worse than watching that guy in Brazil hack voting machines with a Pringles can (a semi-dumb stunt but effective in communicating issues to normies). This is beyond inept. This is criminal if this is real. If this is real why is this not headline news on every station and paper in America. This is an open invitation to every low-level DMV, Healthcare employee, council worker, employer and literally anyone else with access to DoBs and SSNs of Oregonians to change the election results.

And it's not just Oregon? Do we know what other States are affected and what the company involved that produced this system is?

Fake news. I have a family member in Oregon. I totally didn't just log into that page using their info.
You can't submit a ballot through this page. The "Mark my ballot" is just a way to do a mock marking and then you can print out a summary. It's not the same thing as a real ballot. You can't change someone's vote.
If it works the way described and those screenshots are genuine, I'd give it an afternoon before I could write a script that would go through every entry from a DB of names, DoBs and SSNs, load each in turn and check to see if they were registered for my party or not and cancel their vote if they weren't. If they have some controls in place to detect suspicious activity by IP address it might slow me down a little but wouldn't be something I couldn't overcome (and based on this I doubt they do). If this is all real then this is a security hole of Godzilla-like proportions.
 

Feline Supremacist

I am a Dog-Exclusionary Radical Felinist
True & Honest Fan
kiwifarms.net
I was thinking this had to be false until I read your defence of it. The very idea that your SSN is a suitable password that means this car-crash isn't an issue is staggering. You can't be serious.

But I'm having trouble believing this is real. Surely no State could be this dumb. And I'm a long-time critic of electronic voting / tallying. But this is beyond anything I could imagine. This is worse than watching that guy in Brazil hack voting machines with a Pringles can (a semi-dumb stunt but effective in communicating issues to normies). This is beyond inept. This is criminal if this is real. If this is real why is this not headline news on every station and paper in America. This is an open invitation to every low-level DMV, Healthcare employee, council worker, employer and literally anyone else with access to DoBs and SSNs of Oregonians to change the election results.

And it's not just Oregon? Do we know what other States are affected and what the company involved that produced this system is?


If it works the way described and those screenshots are genuine, I'd give it an afternoon before I could write a script that would go through every entry from a DB of names, DoBs and SSNs, load each in turn and check to see if they were registered for my party or not and cancel their vote if they weren't. If they have some controls in place to detect suspicious activity by IP address it might slow me down a little but wouldn't be something I couldn't overcome (and based on this I doubt they do). If this is all real then this is a security hole of Godzilla-like proportions.
Here's a screencap of the WA voting portal. It certainly looks like mucking around will cancel a previous ballot that was mailed.

WA Online voting portal.png
 

Overly Serious

kiwifarms.net
So first Russian votes steal Hilary's election and now Kiwi Farms will steal Biden's? Truly dark times :(

Looks like if this is true, it's a matter of cancelling votes rather than stealing them. And as Oregon is dumb enough to record people's voting and party allegiance, identifying whose votes you'd want to cancel is near trivial.

Could we be about to see the "lowest" turn out in Oregon's history as factions go MAD on each other?
 

HumanHive

Human Behavior is Retarded Behavior
kiwifarms.net
Looks like if this is true, it's a matter of cancelling votes rather than stealing them. And as Oregon is dumb enough to record people's voting and party allegiance, identifying whose votes you'd want to cancel is near trivial.

Could we be about to see the "lowest" turn out in Oregon's history as factions go MAD on each other?
They may just shut down the whole networked system by Monday. If they don’t have backups, this could get crazy.
“We don’t know what was changed, how much was changed, and what it was changed to.”
 

Overly Serious

kiwifarms.net
They may just shut down the whole networked system by Monday. If they don’t have backups, this could get crazy.
“We don’t know what was changed, how much was changed, and what it was changed to.”

"It's not the voting that matters, but the counting."
-Kate Brown (D), probably.

EDIT: Found the answer to my question. Apparently a company named OmniBallot is responsible for voting tech in Oregon and four other states. https://arstechnica.com/tech-policy...ting-tech-used-in-5-states-is-fatally-flawed/ I don't know if they're directly responsible for this process and website, but seems probable.
 

HumanHive

Human Behavior is Retarded Behavior
kiwifarms.net
You'd think this would make these progressives change their mind about mass mail-in voting, or voting online. But no, they'll double-down and push for voting via text like on American Idol.

"TEXT: 'Biden' to 35849"
It’s all designed to punt us to the next system. Hanging chads were a meme which eroded faith on physical voting, touch screens are a no-no because corona-chan, and now mail in ballots are - guess what - easily invalidated with the push of a button.
Forget vote by phone, they won’t even hold an election at all.
 

Distant Stare

Orbital Drop Shock Troopers
kiwifarms.net
There’s no way they can fix this in time.
I wonder if everyone who has voted so far will have to vote again

Realistically, nothing is going to change. They will just check to see how many votes have been screwed with and contact those people affected. It will the news on CNN as "Far-Right Trolls Spread Instructions on How to Hack the Election". But nothing worse than that.
 
Last edited:
Top