NSFW Anon Archived Yes!!! THE ELECTION FRAUD GOES MUCH DEEPER THAN WE THINK! (QRV)
submitted ago by 2860165?
Posted by: 2860165?
Posting time: 2.1 years ago on
Last edit time: never edited.
Archived on: 2/17/2019 10:00:00 AM
Views: 8040
SCP: 215
218 upvotes, 3 downvotes (99% upvoted it)
~91 user(s) here now
Subverse anonymized: usernames are hidden and votes don't count.
NSFW: Yes
Authorized: No
Anon: Yes
Private: No
Type: Default
NSFW Anon Archived Yes!!! THE ELECTION FRAUD GOES MUCH DEEPER THAN WE THINK! (QRV)
submitted ago by 2860165?
view the rest of the comments →
[–] [deleted] 0 points 40 points 40 points (+40|-0) ago (edited ago)
[–] 15104587? 0 points 9 points 9 points (+9|-0) ago (edited ago)
Technically, the CA doesn't hold the keys, they only sign the certificate to attest authenticity. The private key is on the server that generated the key. What could happen though, is the CA could generate a false certificate that can be used in a man-in-the-middle attack.
Now, if the CA offers to generate the public/private key pair for the customer, it requires the CA to "forget" the private key, which is where some shenanigans could occur. It would still require the CA to mount a man-in-the-middle attack between the election polling endpoint and the receiving server in order to use the keys.
In that scenario, if you're talking about the local wifi in the polling location, someone would need to have a device planted in each polling location to use the Mana Toolkit. If you're talking about an election board's server transmitting results to the State's election board, they would need to hack into a device between the two servers. The "easiest" option I see would be planting a device at polling places in fraud-friendly counties.
[–] 15106134? 0 points 6 points 6 points (+6|-0) ago
Anyone else realize that is Cloudflare's entire business model. The ARE the man in the middle.
[–] 15108739? 0 points 5 points 5 points (+5|-0) ago
Didn't Q say look to California?
[–] 15104735? 0 points 3 points 3 points (+3|-0) ago (edited ago)
So basically that means all voting records should be audited to find the difference between intercepted and original ones. The problem is the SSL system is designed on trust to highest authority-in this case the certificate issuing authority. This is by design and we understand why now .
[–] 15106585? 0 points 1 point 1 point (+1|-0) ago
But what hiding place is already installed in every voting location?
Um...the voting machines?
[–] 15104115? ago
They need to use a VPN to secure the data from the CA.