We've Been SPLC'd!
With Recycled Votes in the Cloud... Plus a Recorded Plea for California!
Southern Poverty: How They Manage to Feed All Those Kids
One of the most puzzling things following Donald Trump’s election in 2016 was a nationwide uptick in white rage incidents—Charlottesville, El Paso, Buffalo, January 6th— and the emergence of hate groups such as KKK, National Alliance, American Nazi Party, Unite the Right, Patriot Front, Blood Tribe, and Proud Boys in counter-protests and clashes in cities and on campuses.
Puzzling because these Domestic Violent Extremist groups were believed to be either mostly defunct or on life-support by those who would know—friends, pundits, pollsters, and office-holders who had spent lifetimes in conservative politics without once running into these guys.
And yet here we suddenly were in Jim Crow 2.0, announced President Biden, with FBI Director Christopher Wray and DHS repeatedly testifying during the 2021-24 period that these recycled white supremacists posed our most lethal domestic terror threat, as trusted sources like the Southern Poverty Law Center (SPLC), were telling us.
Only to learn from a federal indictment unsealed last month that the same SPLC was funding white supremacy—through the same groups it claimed to be watchdogging.
No wonder the math wasn’t math-ing. We were being SPLC’d.
Chaos & Chrime Beat Charisma & Chommon Sense Every Time
We’ve been witnessing similarly puzzling election results since 2020—where polls showed a close race or a lean toward the Republican candidate, but at the last minute (or afterward) the Democrat ultimately won, often by a comfortable margin:
2022 Arizona Governor: Katie Hobbs (D) defeated Kari Lake (R). Many late polls showed Lake leading (e.g., +3 in one final poll) or the race as a toss-up with a slight Republican edge. Hobbs won by ~0.6% (about 17,000 votes). Lake was a Trump-endorsed candidate who emphasized election integrity. The glaring conflicts of interest in having Hobbs, as Arizona Secretary of State overseeing her own election to the state’s highest office were not put to rest by stories of polling stations in reliably Republican precincts suddenly going offline.
2022 Pennsylvania U.S. Senate: John Fetterman (D) defeated Dr. Mehmet Oz (R). The race was highly competitive. Some final polls showed Oz leading narrowly (e.g., +2 in one Emerson poll), while others had it tied or slight Fetterman edge. Fetterman won by a surprising 5%, a key flip that helped Democrats retain Senate control.
2022 House/Senate Red-less Wave: Democrats held or won several competitive seats where Republicans were expected to make big gains (e.g., in Pennsylvania, Michigan, and some Western districts). Overall, the anticipated large Republican “red wave” did not materialize; Republicans narrowly took the House but underperformed expectations.
2025 Gubernatorial Elections: Democrats won key gubernatorial races in Virginia and New Jersey against better positioned Republican candidates.
In Virginia, Abigail Spanberger, a former US representative and CIA Case Officer could muster only a soul-less Deep State stare as she was skewered by Lt Governor Winsome Sears for refusing to repudiate Attorney General candidate Jay Jones’s violent rhetoric about murdering his opponent and his family. “Abigail? You have nothing to say, Abigail? What if he said it about your three children? Is that when you would say he should get out of the race?” The clip went viral. Spanberger went on to trounce Sears by over 15%, while Jones went on to win his race for Attorney General.
In New Jersey, Rebecca “Mikie” Sherrill—who became a Navy helicopter pilot after being caught in a cheating scandal at the US Naval Academy, then played dumb when asked to explain how in seven years in Congress she increased her net worth by $7 million— ran on the same platform as her predecessor, the tone-deaf Phil Murphy who famously said if high taxes are your issue, maybe New Jersey is not your state. And beat Jack Ciatarelli who had much better name recognition and a common sense message by 14.4% (479,000 votes)—far better than she was polling—with the AP calling it a night ninety minutes after the polls closed. Compare that to the incumbent Murphy’s own razor-thin victory over Ciatarelli in 2021 by 80,000 mail-in ballots that trickled in over the next ten days.
The pundits have long since weighed in, but to the naked eye the optics are clear—Republicans with experience, name recognition, charisma, leadership skills and common sense lose to Democrats running on recycled Bolshevism: open borders, sanctuary cities, punitive taxes, cashless bail, sharia law, child castration, boys in girls sports, and Soros prosecutors. It’s like running a movie star against a small soap dish and the soap dish wins every time. And in Pennsylvania that was literally the case.
Once again, the math is not math-ing.
Are we being SPLC’d?
A Jersey State of Mind
While I can only speculate from afar upon Arizona, Pennsylvania, and Virginia, I’ve got enough experience with major breaches (OPM, Continental Pipeline, Solar Winds, Equifax), and enough Jersey sense—from working on its electronic voting system, to working on election security for its most densely populated county, to working on a breach that threatened to bring down the State’s entire court system, to working as a precinct volunteer on Election Day— to be able to venture an educated guess at what’s going on here:
Election outcomes have been automated to identify uncast votes for a ballot-on-demand operation that delivers the margin of victory in must-win races to the candidate whose party controls the machine.
Because we’ve now got a regime in Trenton that clearly sees itself as untouchable— drunk on its own power, codifying every DEI notion however half-baked into law, and turning the Garden State into a banana republic running on Stage-4 TDS.
Just last week the party that campaigned on making the state affordable announced they would not enforce a gasoline tax holiday President Trump was trying to enact in time for Memorial Day. Because it’s better that all the people suffer than for Mikie to let Trump make life more affordable for even one Jersey voter. Because if high taxes are your issue, hey, maybe New Jersey is not your state.
So how could a Fraud-o-Mation of this scale possibly work?
Authorized Access
One of my many roles in cybersecurity was as a white hat, or ethical hacker. This is where you see how easily a system can be breached—through penetration testing, vulnerability assessments, social engineering, code reviews, etc.
Any system is most easily compromised at its gaps. The gaps in a house are where there is a connection between two planes of dissimilar material—doors, windows, skylights, keypads. The gaps in a computer system are things like its physical ports, its network connections, its passwords, or commands it responds to.
Election security is all about preventing tampering with the gaps—the machines, the databases, and the ballots. Voting Management System (VMS) providers make a big deal about how foolproof and locked down their machines are to external hacking and spoofing— through things like multi-level 2FA, role-based access, single-user accounts, airgap technology, Albert sensor integration, activity logging, etc.
And it’s true. Architected by certified engineers for a layered, defense-in-depth strategy, you’ve got an externally bulletproof design, and all kinds of internal tripwires in the event of unauthorized access.
But how about authorized access? By the guys nobody would ever suspect? Because we are dealing with the New Jersey governorship, widely acknowledged to be the most powerful in the land. And with vast power comes vast temptation to cling to that power. Especially when we remember that New Jersey is one of only nine states where the Secretary of State—the office that runs elections— is chosen by and serves at the pleasure of the governor.
So let’s say you’re the New Jersey Secretary of State, and you get a request from the governor’s chief of staff for the most innocuous form of access to the state voter rolls—not to change or delete anything, just read-only permission— for the purpose of reporting to the boss on overall registration trends and predictions?
Are you going to say no?
Or let’s say you’re one of New Jersey’s VMS vendors whose software hooks into the State’s voter databases. You’re waiting for that big annual contract renewal order you committed to your boss by June 30—end of the State fiscal year. Things are getting down to the wire, when suddenly the procurement contracting officer calls with a change request. Your stomach sinks at the thought of the review process restarting. No worries, she says. They’ve pre-approved an extra license with read-only privileges for State Cyber Command. It’s for a new requirement coming down from CISA. “If you can keep the total price the same, I can have the order over to you in fifteen minutes!”
Are you going to say no?
Because a yes is all it could take to compromise an election.
Did All-Read, No-Write Make Jack a Two-Time Loser?
The above schematic (Defending Our Democracy) is a high-level architecture showing how read-only feeds— either through VMS API calls, and/or through a direct administrator account with minimal permissions— could send outputs of routine database queries to a black-box system sitting on a cloud platform. That black-box runs a Margin of Victory (MOV) algorithm designed to determine which no-shows’ (voters who do not show up either in-person or by mail-in ballot) votes to recycle into enough mail-in ballots through a Ballot on Demand (BOD) operation to deliver the winning number of votes for the machine candidate.
Three changes to the New Jersey voting landscape make this possible:
1. No-Excuse Mail-in Ballots (Vote-by-Mail)
This allowed any registered voter to request and cast a ballot by mail for any reason (no excuse required, such as being away, ill, or disabled). In 2020 (during the COVID-19 pandemic), the state dramatically expanded and promoted mail-in voting. It effectively became the primary method for many voters that year. In 2021, the system became permanent with mail-in ballot applications sent automatically to voters. Those who applied received a double-envelope, with barcodes for tracking and signature verification.
2. In-Person Early Voting
Allows voters to cast ballots in person on voting machines up to nine days before Election Day. Voters can go to any early voting site in their county (not just their home precinct).
3. Electronic Poll Books (e-Pollbooks)
Digital tablets or devices replaced traditional paper poll books, allowing poll workers to quickly look up voter registration, check in voters electronically, capture signatures digitally, update voter history in real or near real time, and prevent double voting more effectively, especially during early voting.
While the Murphy administration hailed these changes as modernizing elections and increasing access/turnout, critics argued that hasty rollout and heavy emphasis on mail-in voting increased risks of fraud, weakened chain-of-custody, and created a structural advantage for Democrats in close races—witnessed in an old school “come-from-behind” mail-in dump, and a count that dragged on for ten days before Ciatarelli conceded.
What has been overlooked is how these three changes overlap to provide a read-only observer—via direct feed or vendor API— with unprecedented real-time visibility into vote tally breakdown. Allowing corrupt actors using predictive analytics to inject enough unused (uncast) votes via a ballot- on-demand operation to influence the outcome as follows:
Recycling a Margin of Victory
The above schematic reconfigures “Defending Our Democracy” to show the granularity of data that a direct or third-party read-only access to the voter registration databases could present to the MOV algorithm during the election cycle.
The slices of the pie represent various voter dispositions, with grey slices showing uncast votes that the algorithm would be targeting for recycling in favor of the machine candidate. The following is a rudimentary gap analysis of the three changes introduced in the 2021 election:
The e-pollbooks keep track of those who vote in person, and those who are supposed to but don’t. And they prevent those who have already voted from double-voting. This is where I first caught a potential glimpse of the Margin of Victory algorithm at work. People would show up ready to vote, only to be told they had already submitted mail-in ballots—which they swore they had never requested or received. This understandably got them pretty agitated when nobody could explain what had happened. The only thing all these people had in common was they hadn’t voted in a while. All you could do was give them a provisional ballot—which got counted after everything else was said and done— and tell them to straighten it out with the County Clerk. But it made me wonder:
How many more serial no-shows were getting their votes recycled into the total… in favor of you-know-who?
Early voting data provides a daily tally which, compared against e-pollbook checklists, equips a read-only observer with extraordinary line of sight to the goal. By Election Day you know not just who’s ahead, but how many Republicans and Democrats have voted, how independents are breaking, whether you’ve got enough in-person voters left to get your candidate over the line and—if not, where to pull the mail-ins from.
Ballot-on-Demand Mail-Ins. Of the four slices of the registered voter population to be mined by the MOV algorithm for recycling nonperforming ballots in favor of the machine candidate—(In-Person No-Shows, Mail-In Not Returned, Non-Citizen, Dead)— In-Person No Shows will likely be the most volatile, as discussed previously. Mail-In Not Received will need to wait until just before the six-day grace period for mail-in ballot receipt expires. Making Dead and Non-Citizen voters the first line of defense in a close contest. And if a New Jersey governor can obtain read-only access to voter databases from a secretary of state who serves at his/her pleasure, it’s not going to a stretch to get access to motor voter records from the DMV, or for death records from Office of Vital Statistics—both of whose heads also serve at the governor’s pleasure—cross check these against voter registration, and order the secretary of state make no purges of the voter database until after the election.
Thus, you could easily have a race with Mikie Sherill and Jack Ciatarelli looking like a photo finish, but Mikie blows Jack out of the water with an Early Vote lead and a mail-in tsunami for a 14.4% “landslide,” “a mandate,” “the highest voter participation ever”…
Maybe because 15% of those votes were SPLC’d—recycled—from non-performing voters in the database?
Jersey As The Garden Standard
Couldn’t possibly happen to a New Jersey Secretary of State?
It just happened to another unimpeachable custodian of public’s trust, Southern Poverty Law Center. And it was going on for years right under our noses. At the gold standard.
But you have no evidence! cries the defender of the status quo.
Of course not. I am not inside any vote recycling operation, nor do I work for the state office of information technology. If I did, I would be in Federal witness protection, not writing this.
All I am doing is drawing from recent real life to show why, when a trusted system’s output consistently does not equal input—when the math doesn’t math—you check it.
And if it’s critical infrastructure like a voting system or your bank account, you don’t wait for it to be breached. You continuously probe the gaps for weakness, and layer those gaps with defense-in-depth protections.
So the appropriate cybersecure, white-hat response is not to take offense, hurl insults or make assertions, but to answer the following questions:
Have these gaps in the new voting system architecture been subjected to a full statewide penetration testing, and what were the results?
Have election database service accounts been fully audited for all admin rights, owners, contractors, clearances, and activity, and what were the findings?
Have all VMS service accounts been audited for all admin rights, owners, contractors, clearances, and activity, and did they comply?
Have all state-owned cloud service provider accounts been audited for connectors to out-of-scope, non-compliant parties, and what was discovered?
As far as we can tell, the answer is no. New Jersey does not appear to have released a single, comprehensive, statewide election system security audit (e.g., full pen test of all voting equipment and infrastructure) in the public domain recently.
Ongoing cybersecurity vigilance includes
Monitoring via passive Albert sensors (IDS)
Collaboration with CISA for vulnerability assessments and threat monitoring.
Regular reviews of voter registration systems, e-pollbooks, and election management systems.
The above are activities overseen by State cybersecurity and focused on attempts by external unauthorized (i.e. threat) actors to breach, compromise, or alter election infrastructure. Internal authorized actors who are not breaching or changing conforming behaviors of State-owned systems likely fall out of mission scope.
Bottom line: the most recent formal audit of the election system itself was the 2% post-election tabulation audit following the November 2025 General Election.
So until New Jersey publishes a security audit addressing above risks of its new election system, we must assume these gaps remain open to corrupt actors to exploit and manipulate, and that election outcomes are potentially exposed to SPLC-style schemes as described above.
California As The Golden Standard
I mentioned that there are currently nine states where the governor appoints the secretary of state. They are:
Delaware
Florida
Maryland
New Jersey
New York
Oklahoma
Pennsylvania
Texas
Virginia
Funny, my Top Ten states by number of subscribers are
California
Texas
Florida
New York
Pennsylvania
Georgia
Arizona
Michigan
Virginia
New Jersey
This list includes the six largest states by number of electoral college votes whose secretaries of state are governor-appointed. And the rest have seen their share of election shenanigans. My ask is simple:
If what you’re reading here is resonating, please share. Let’s demand better statewide audits that expose corrupt authorized access to and interference in our election outcomes. Stop SPLC-ing our democracy!
And if you are in California, where the largest number of my readers reside, I have a special request for you:
This woman, Dr. Shirley Weber, has been your Secretary of State since her appointment by Governor Gavin Newsom in late 2020, and is up for re-election to a second full term.
Vote her out.
She is a COVID tyrant, and a regime tool. She oversaw permanent implementation of universal vote-by-mail, managed the 2021 gubernatorial recall election against her champion Gavin Newsom, fought off Federal attempts to assure compliance with voter roll maintenance and non-citizen voting concerns, opposed voter ID laws, and enthusiastically welcomed convicted felons back into the franchise.
Inclusion was always her top of mind, security always an afterthought. If you want to find a way to vote in California, you’ve got no better friend than Shirley Weber. And if Gavin Newsom needs to “break the glass” as he put it, to make sure Spencer Pratt and Steve Hilton do not win—ever, Shirley Weber will surely have his back.
And please share this, because if the math does not math in the Golden State on June 2, there could be an Algorithm In The Sky behind all those dead people and asylum seekers hiding in plain sight.
And if you see something, say something to this woman, Harmeet Dhillon. She’ll have your back.
Assistant Attorney General for the Civil Rights Division, Harmeet K. Dhillon
Harvey Oxenhorn, is a former cybersecurity consultant, founder of Malwords Weekly, and author of the upcoming book, Her Lost Boys: The Eternal Life of Ginevra de’ Benci (1520-2020). Follow him on X @HarvOxenhorn, and on Facebook and Instagram @Gatsby’s Angel