Our mission is to discover, analyze, and report on organized attempts to deceive the public, invade privacy, and manipulate opinion in the interest of political gain.
We strive to report our findings accurately while making our complex findings easy to understand.
Our specific goals are:
- Advocating for free and fair elections by exposing instances of election fraud and voter data manipulation.
- Exposing attempts to steal private information by hijacking electronic communication systems and devices
- Uncovering and shutting down organized social media manipulation and paid propaganda disguised as “grassroots” social movements
Our primary goal is advocating for free and fair elections by exposing the severe vulnerabilities in our current system, including our voter registration records and the electronic transmission and unverifyable off-site tallying of votes.
- Voter Registration Data Analysis
This is currently our focus. We have been working with seven sets of voter registration data from before the November 2016 election to the present, and have found some very alarming patterns – especially when tracking specific records over time. We currently have two or more data snapshots from seven states, includng Pennsylvania.
We obtained our Pennsylvania data first, and so far the bulk of our work has involved that state’s analysis. Some of those findings we have made public, here. Many of our disturbing research results have been corroborated by voters and pollworkers who were affected.
Additionally we have done research and reporting about various ways that a voter registration database could be accessed by bad actors and about questions we have about the voters whose names were missing from the Los Angeles poll books for the June 2018 primary.
We are looking for funding in order to focus full-time effort on our voter registration research. It is urgent that this work be well underway before the November 2018 mid-term election.
- Election Data Analysis
We have examined general election returns for over 100 races from 2016 and 2017 state by state and county by county. In doing so we have verified that as reported by others there is a persistent unexplained bias for the Republican candidate in larger precincts. We have also pinpointed and created visualizations for numerous unexplained discrepancies between races in the same election and between election outcome and political persuasion as manifested by voter registration.
Details of this analysis can be found votesleuth.org.
Additionally, we have produced multiple Twitter threads and Medium articles highlighting these discrepancies:
Medium Article: So We Are Supposed to Believe
Medium Article: Pennsylvania – How the Hell did Trump Win?
Twitter Thread: Pennsylvania Data
Twitter Thread: Ohio Data
Twitter Thread: Wisconsin Data
Twitter Thread: Michigan Data
Twitter Thread: North Carolina Data
Twitter Thread: North Carolina Judicial Race Data
- Curating and Responding to Reports of Difficulties at the Polls
Via Mike’s Twitter feed, we have access to thousands of voters. When we hear reports of problems at the polls we ask affected individuals to privately describe the details of their problems. We are curating these reports.
- Voter’s Toolkit
We have put together an online Voter’s Toolkit with information about registering to vote, checking registration, carpooling to the polls, and state-specific information about deadlines and voting requirements.
Our team includes information security experts who have researched various intrusions of privacy and possible communication channels. Some of our work includes:
- Trump Subdomain Analysis
A Twitter user pointed us toward an interesting piece of information. Hundreds of odd subdomains had been set up under Trump Organization domain names. Subdomains can only be set up by someone with access to the DNS records for that domain. In the case of the Trump domains that must have been someone with access to the Trump GoDaddy account. A subdomain can be assigned an “A Record” in the DNS records that sends users to a different server from the one used by the main domain. For instance we could set up a subdomain called blog.unhackthevote.com that redirected visitors to a blog hosted at WordPress.com.
The Trump subdomains we investigated were NOT normal. They had odd random names, like bffhg.donaldtrump.com. More alarmingly, the server they redirected visitors too was apparently situated in Moscow.
Withing a few days of our reporting, all the subdomain records were deleted.
- Devin Nunes Server
A colleague pointed us to an interesting blog post about apparent Russian malware that had been found on the campaign website of Congressman Devin Nunes. The author of the blog post notified the Nunes campaign of these vulnerabilities on May 19, 2017. Shortly thereafter, it seemed as if the problem had been resolved. But was it?
Our team discovered that rather than removing the malware from the server, the people who were managing the website simply redirected users to a new server, leaving very a dangerous Trojan Horse virus intact on the server. We reported on our discovery, and on the company behind this website here.
Within a few days of our reporting, the virus-laden files were removed from the server in question.
- Information Security Education for Candidates
We wrote both simple and advanced guidelines for political candidates to help them secure their campaign websites, donor lists, and email communication. These guidelines include practical advice for keeping electronic information private, including the use of VPNs and firewalls, avoiding clicking on links sent in emails, keeping a password vault to safeguard complex passwords, never sharing passwords, and limiting personnel who have access to core information. We shared these guidelines with dozens of candidates before the 2018 primaries.
Social Media Manipulation
As has been widely acknowledged, social media manipulation has had a startling impact on global politics in the past few years. The footmen in the social media propaganda army are automated bots and paid trolls. The work they do is known as “astroturfing” because it intended to make an effort or sentiment appear “grass roots” – as if the noise created by these artificial social media accounts was an natural uprising of flesh and blood humans.
These artificial accounts and the humans who operate them are typically paid for by large, well-funded organizations such as political action committees and certain nation-states.
We firmly believe that there is no “good” kind of social media manipulation. Fighting fire with fire is a short-term dangerous solution. Rather these devious, inflammatory propaganda campaigns must be extinguished with cool level-headed research and reporting.
It is vital to our Democracy that the voices of the people not be lost in the cacophony of paid on-line agitators and automated amplification.
- Twitter Botnets
We have identified and exposed numerous “botnets” (networks of related automated accounts) on Twitter, including:
- Voty Botnet
We discovered an army of propaganda-spreading Twitter bots that were related both by the timing of their tweets and by the newly built “news” websites they link to. Read the whole story here.
- The Anti-Trump #Resistance Botnet
We discovered a group of Twitter bots that impersonated #Resistance accounts and appeared to be attempting to infiltrate the #Resistance movement by following similar accounts. Read the whole story here.
- Reffy Botnet
We discovered a network of over a thousand accounts related to each other by the custom link shorteners that they used. These very prolific accounts had tweeted over 50 million times by the time we discovered and reported on the network. Read the whole story here.
- Russian Jane Austen Botnet
We discovered an amusing group of Russian Twitter accounts that were tweeting disjointed excerpts from Jane Austen novels, with a preference for Sense and Sensibility. We assumed they were up to no good based on the fact that the excerpts were out of context and ungrammatical and the account images were scantiliy clad. We are quite sure they would not have been condoned by the late author. Read the whole story here.
Due to our research, thousands of Twitter users reported these accounts, and each of these bot networks was suspended by Twitter within days of our reporting.
- Voty Botnet
- North Carolina Government Impersonation Accounts
A Twitter account that sometimes tweets in a scripted or automatic manner, and sometimes tweets and responds in the voice of a real human is known as a “cyborg” or a bot/human hybrid. A cyborg account can appear quite legitimate and active, with a high number of retweets mixed in with real human interaction.
Our collaborator Geoff Golberg alerted us to a particularly disruptive network of cyborgs – high follower Twitter accounts that appear to be the official Twitter accounts for counties, states, and even the US itself. These accounts were tweeting decidedly right-wing content. For those that are unaware, this could create the illusion that North Carolina is far more right-leaning than it actually is. This discovery was a fine example of social media manipulation indeed. Read the whole story here.
The less-utilized of these accounts were shut down very quickly by Twitter. The humans behind the high-follower accounts protested loudly and persistently, but after a few weeks of persistent reporting as fraudulent, they were shut down as well.
- The Supreme Court, Religious Fundamentalists, and Twitter Propaganda
Our collaborator @altDIA noticed numerous accounts tweeting the same content – promoting U.S. Supreme Court nominee Brett Cavanaugh. We found this quite concerting, so we investigated. Read the whole story here.