How I Won $5 Million From the MyPillow Guy and Saved Democracy
You may have read a little about it. In the summer of 2021, Lindell announced that he was going to hold a “Cyber Symposium” in Sioux Falls, S.D., to release data that proved that U.S. voting machines were hacked by China. He said he would even pay $5 million to anyone who could disprove his data.
Right away, friends started calling to ask me if I was planning to go. After all, I invented the field of software forensics, the science of analyzing software source code for intellectual property infringement or theft. Still, I wasn’t sure. There are a lot of experts that could analyze data. And no one in their right mind would offer $5 million if the data wasn’t real and verified, right? Anyway, the symposium ran three days — not nearly long enough to analyze and verify any data.
But I’m also a tournament poker player. I love a good challenge. And as the calls and emails kept coming in, I started to think, I should go, just to be there when history was made. I voted for Trump twice. If Lindell’s data was correct, maybe a presidential election would be overturned. I’d at least get to meet some really interesting people. So I flew to Sioux Falls.
At the symposium, I saw the competition, about 40 or 50 of them. Some were highly qualified hackers and experienced cyber experts like me. Others were just interested parties with some experience in information technology.
We gathered in two small rooms that looked like stark public-school classrooms. After introducing ourselves, we began downloading Lindell’s Holy Grail — his “proof of election fraud” that came from an unspecified source — which consisted of seven files comprising over 23 gigabytes of data.
Two of the files were generic information about voting machines. Another file was a meaningless one minute, 20 second silent video of a computer screen showing some unknown program being debugged. A fourth file was a 23 gigabyte binary file containing ones and zeroes, allegedly containing packet capture data, or “PCAPs.”
If you’re not familiar with any of that language, packets are the small chunks of information that are sent over a network like the Internet and then reassembled at the receiving end as pictures of your grandkids or cute cat movies from YouTube. PCAPs are records of those packets as they flew around a network.
In numerous interviews, Lindell had claimed that his data showed packet captures of votes flowing outside the U.S. to China where they were modified to switch votes from Trump to Biden, and then sent back to U.S. voting machines.
We used a variety of forensic tools designed to understand and analyze PCAPs, but found this mysterious file didn’t contain any of the 37 standard PCAP formats. I even used the CodeSuite forensics tool I had developed to try to gain any information from the file. Nada.
So I decided to focus on the three remaining files, which were simple text files that could be opened up with any text editor like Notepad that comes preinstalled on every Windows computer. The contents were text representations of hex numbers, which are base 16 numbers used by computers as opposed to base 10 numbers, decimal, used by people.
I started with the ominously named file Chinese_SourceIP_HEX.txt. Having programmed computers for about 50 years, I recognized that each of these hex numbers seemed to represent a code for alphanumeric characters known as ASCII code. So I took a software tool I’d written years ago and ran this text file through it to turn the text representation of numbers into actual numbers.
Next, I opened the resulting file in the Notepad text editor. Sure enough, I saw letters and numbers representing some other kind of code — Rich Text Format code, a very old and simple way of coding word processor documents. (It turns out that it’s sometimes good to be old, wise, and experienced like me.)
I opened this converted file with Microsoft Word and… voila… a table with hundreds of rows of numbers appeared — numbers that looked like IP addresses (that is, the numbers associated with devices connected to a network).
With no other information, they were about as meaningful as a list of random words. At that point, it was obvious that the data in these text files were not anything related to the 2020 election. That’s when I knew I had stumbled onto the key. Not the key to showing election fraud, but the key to showing Lindell’s nonsense.
I repeated the same process on the other text files and found even stranger stuff. These files were also obfuscated word processor documents, but contained thousands of lines of gibberish — nothing more than random characters and numbers.
My eureka moment had arrived. While everyone else was looking at the sky, I had found the golden ticket on the ground; while they were trying to find packet data in the files, the truth was that it wasn’t packet data at all. I said something out loud like, “I’m going to take this back to my hotel room and work on it there,” to no one in particular. I quietly and deliberately packed up my laptop and strolled out of the room and out of the venue. On the way back to the hotel, I called my wife. “Start thinking about what you want to do with 5 million dollars,” I told her.
Back in my room, I wrote up my report and registered a copy online with the U.S. Copyright Office as proof that I had written it by the contest deadline. Just in case.
But Lindell’s game wasn’t over yet. The next day, a little before noon, I strolled into the cyber workroom and found everyone still going at it. It turns out there was more data to analyze — Lindell had given us about 50 gigabytes of additional data to plow through. There were four new files, but when I looked at them, they were essentially the same types as the first day’s files except with a spreadsheet containing 121,128 lines of generic information about internet service providers around the world plus their locations, their latitudes and longitudes, their IP addresses, and other miscellaneous information. I determined that nothing in the file was related to the 2020 presidential election, and wondered what my competitors were seeing.
Then came another giant batch of 509 files, comprising many more gigabytes. This was how Lindell planned to keep anyone from winning the challenge, I figured. Just inundate us with files and not nearly enough time to analyze them. That $5 million suddenly seemed to have slipped through my fingers in a way that felt very unfair.
But I had come too far to give up. On the third and final day of the symposium, an idea hit me. I decided to scan the file modification dates for all of the latest files we’d been given and, lo and behold, most of the dates were August 2021, right before the symposium.
In other words, the data were obviously modified right before we examined them. They could not possibly accurately represent data from the November 2020 election.
My flight was leaving early that evening, so I needed to be quick. I ran back to the hotel, added this new information to my report, double checked it, triple checked it, and saved it onto a flash drive. I hurriedly packed my things, rushed to the symposium as it was ending, handed my report on a flash drive to an official-looking person, and ran out to the Uber or Lyft waiting for me by the door. I made it to the airport just in time for my flight home to Vegas.
I guess the rest is history, as they say. I never talked to Lindell after the symposium; he never responded to my findings. So I hired great lawyers at Bailey Glasser and filed an arbitration lawsuit against him. It dragged on for a year and a half, during which his law firm quit and he hired a new one. During the leadup to the hearing with the three-person arbitration panel, his witnesses gave conflicting answers to critical questions like “What exactly was in the data you provided to the experts and how was it related to the November 2020 U.S. presidential election?”