Voter Fraud in Minnesota

There is literally no other way to say it; I believe I’ve found evidence of probable voter fraud in Minnesota through rigged machines. Possibly the entire primary was faked.

My Iowa article was flaky, I apologize. This one is not.

Simple summary, I’ve found evidence that I believe points to rigged machines casting votes according to numbers decided before polls even opened, which gave Rubio his win. I really hope I’m wrong, and can post that this was all a mistake. Read on for details.

Malayan Water Monitors

Our story, like most good digs, begins with someone making a very small, yet very important blunder. Namely, when the Minnesota GOP released results as a PDF, someone forgot to change some HTML attributes.

Quite a few people on /r/the_donald and in various IRC channels started speculating that Operation MWM could also stand for Marco Wins Minnesota. When I first heard that, I was willing to put this on the board of “stupid conspiracy theories”, but apparently the same intern who can’t figure out a <title> tag has never heard of a robots.txt file, because a ton of these PDF’s were indexed by Google.

Totally not sketchy AT ALL, guys.

To the MN GOP’s credit, they must have updated robots.txt, because now my search gives me nothing but lizards. (IRC people are telling me it was something other than robots.txt, which is unchanged, but I’m sure it’s something similar, because the results are no longer there.) But it’s a bit too late for that when I downloaded all of them. You can grab them off possibly my favorite file host, the wonderfully named (Yes, yes, I know.)

So here you can see results for 11% of the vote in,34% of the vote in, 70% in, and 88% in. Some playing around with URL parameters also got me 53% and 92%. In the event that the MN GOP doesn’t get around to actually scrubbing incriminating evidence from their servers (come on, even Hillary managed to do this), the evidence is also available on their site, at addresses like (Archive to prove URL validity, just in case.) Wordpress, guys, seriously? You’re running an election on Wordpress, do you have any idea how insecure that is. Almost as insecure as leaving falsified records indexable by a search engine — oh, wait, you did that, too.

Now, some of you may be asking me why the hell I’m making a big deal out of election results posted on a party’s website. After all, that’s basically the point of Super Tuesday, and it was my question, too. Until I noticed that the Wordpress URL contained the string “/2016/02/”. That means that these files, including the 92% turnout one, were all uploaded in February.

Super Tuesday is on the first day of March.

The game is so afoot. I suppose the MN GOP could be putting March results in a February directory for… some reason? Possibly to bait suckers like me? So I fired up my friend the UNIX shell and decided to do some digging on the PDF’s themselves. Yes, I am aware that mdls is the wrong tool, I’m an idiot, please stop sending me emails. I’m now using XPdf.

I use all green, ’cause I’m a 1337 hacker.

Well, that’s bizarre. Why would a posted file purporting to show results released on the 1st and 2nd be created that late? My guess is that they hurriedly re-uploaded the file or changed the metadata. Sloppy, sloppy! Even if this is just a late upload, that story doesn’t jam well, especially when you don’t do the same thing with the date management system on your own website.

If the default bookmarks didn’t give it away, Chromium is not my default browser. Archive link here.

Yes, that is a link to accurate Super Tuesday results, at 96% turnout, tagged as being posted on the 29th of February, a full 24 hours before votes were counted. Nice going, guys. Guess Wordpress really worked out for you.

This evidence should be enough to trigger a full scale investigation, in my opinion, with all the altered dates and sketchy names, but, in the words of my 5-word summary of Russian history, “and then, things got worse.”

(Please don’t hurt me, Russia, I love your country…)

“Steve” and Korelogic

The hard part of the article is done, and this is where things start to stray into conjecture resting on some very shifty assumptions regarding email addresses and similar looking faces. Please bear that in mind.

So, back on MN GOP’s website, there’s an embedded YouTube video explaining how to caucus. Pretty basic stuff, but there’s something in the background that’s important.

I respect some anonymity — even for videos with spelling mistakes in the title.

That email address is pretty generic, so I had to sift through a lot of crap, although I found a suspiciously similar face on a profile on a 3D modeling forum, not that it matters much. (I include it because it establishes that this is not a temporary email address — it’s existed for at least 3 years, likely by the same person). What does matter, though are some of these questions asked by our mysterious “Steve” that appear to deal with low level coding and DB management. (Not only are these pertinent to voting machines, which literally just manage embedded DB’s, but I have reason to believe this is the same person. Read on.)

I feel you, man. Trawling for answers to undebuggable PostgreSQL queries SUCKS. Take my programmer hug. And an archive.

He asks a question from here on another forum as well, again, not that it matters.

What does matter is that KoreLogic, the company running this forum, is a well known cyber-security contractor, and no unfamiliar name to me, I watch talks where their researchers present and I’ve seen their name on paper. Which is why I felt so uneasy about them for some reason. I put out a request on a netsec related IRC I lurk, and sure enough, someone got back to me with a ringer very quickly, in the form of a presentation (including DARPA) about gaining access to systems through their source control systems. Don’t get me wrong, I adore exploits like this. Finding them is one of my favorite hobbies. But I do not want that shit anywhere near my democracy.

I don’t even have to write up an indictment, KoreLogic does that for me!

They have a way with words that I don’t, but they’re exactly right. You control the code, you control what your target does, you can inject exploits, back doors, anything. You basically have your hand in the machine while people cast votes. And who was one of KoreLogic’s first successful pentests?

Welp, I’m screwed. I fully expect to be nabbed by Medium’s Git repos in a few days.

Oh, sweet Celestia. For those of you who don’t know, Diebold makes election machines. They also have a corrupt CEO who donated to one of the candidates in the ballot box he was holding and then got nabbed for insider trading. They also have a history of controversy like you wouldn’t believe.

There were some intrepid conspiracy theorists on Reddit trying to link Minnesota’s large Somali population with some Somalian-sounding names on a 2010 CTF contest wordlist on KoreLogic’s website, but I leave that kind of an insanity as an exercise to those with tighter tinfoil hats than mine. Let’s stick to the realm of possibility.

Now, I don’t know how many caucuses use machines or how the votes are counted, or how many steps it takes to get from a caucus ballot to a computerized result, but I assume there’s a machine somewhere along the way. My primary cause for concern here is that Minnesota’s secretary of state asked for new voting machines this year, and Diebold likely picked up the contract. So that means 1 of 2 things:

  1. Minnesota had new machines installed by a company working closely with a data security firm with links to the caucus process. Even if the email link is invalid, Diebold is heavily indebted to certain parts of the GOP. Rubio suspiciously wins on these machines despite polling indicating an 11 point Trump lead.
  2. Minnesota is running 15-year old voting machines shot through with vulnerabilities. Even if the email address link isn’t valid, we know there’s an active exploit that allows jimmying with votes.

All this points to a very good reason why the MN GOP could predict results accurately before anyone even voted.

If you’re going to take anything away from this article, please take away the hard evidence. I know it’s fun to run around blaming Diebold, or a potentially innocent caucus employee, but that’s not what this article is about. It’s about that I think that this warrants a huge investigation. And I want this to be brought to the attention of as many people as possible. Please, tweet it out, share it, I think that we’re on the verge of discovering something yuuuuuge, as a certain someone would say. All I can say is I hope and pray that there’s another explanation.

I believe that the votes cast in Minnesota’s GOP primary were fake.