We fixed the keg said:

---

eric76 said:

---

Walking back nothing.

One size does not fit all.

sudo ksh

---

Yes, you did. This is not about "one size does not fit all", it is 100% about sharing an account between 2 or more users with admin rights is poor IT practice. Doing so around such highly sensitive personal data, and on systems being used for Local, State, and Federal elections is GROSS NEGLIGENCE. It is not just some 'ho-hum', 'well shucks' maybe it isn't necessary thing.

So the fact you attempted to marginalize, then say it somehow may not be necessary in this application, and then start discussing SUDO vs DOAS, you are deflecting and walking back. Either it is necessary and wasn't done, then admit the "so called auditors" were right, or continue with the it isn't needed and be wrong.

---

sudo ksh
sudo bash
sudo sh
sudo ksh

Take your pick.

If you don't like any of those, there are many more shells as well.

You could probably even write your own shell and do a sudo /home/eric76/agsh.

Watermelon Man said:

---

I get confused about all of this talk on routers, logs, sudos and the like.

It seems to me that the computers, Dominion equipment, etc..., were just used to count and tabulate the ballots. These were hand counted and hand tabulated and resulted in numbers very similar to those achieved with the use of the computers and Dominion equipment. If this is the case, then this equipment did what it was supposed to do and did not affect the result. All this computer stuff is just obfuscation and misdirection.

---

You are not entirely wrong here. The equipment, as designed, is supposed to do just that, collect, tabulate, and store voting information (crazy over-simplification).

These devices were not supposed to be connected to external networks, but they were. The voting networks were not supposed to have other devices connected to it, but there were (personal laptops, phones, other PC's, etc). The software on these systems is supposed to be carefully controlled, but it wasn't. Combine this with poor security practices like shared admin accounts and users sharing the same usernames or users with blank passwords, and you have a voting system which was no longer secure.

All the tech talk is pulling evidence of (1) what all was done that was wrong, and (2) see if any of those led to the systems being compromised or a target for fraud. There are a number of documentaries out there, funny enough, most were done around the 2016 election by people who are squealing about "fake audits", "conspiracy nuts", and "undermining elections" today. The Great Hack is one and I think it is on Netflix if you want a deeper look.

You are proving his point.

Quote:

---

We may have been ahead of the curve since we were not given the option of having AT&T manage our FlexWare device, but it is clear that AT&T does not manage all Flexware devices.

---

Rhetorical question: So, if they don't manage the device, why do you give them a login to it?

aTmAg said:

---

You are proving his point.

---

His "I use sudo so I am secure"?

We fixed the keg said:

---

Quote:

---

We may have been ahead of the curve since we were not given the option of having AT&T manage our FlexWare device, but it is clear that AT&T does not manage all Flexware devices.

---

Rhetorical question: So, if they don't manage the device, why do you give them a login to it?

---

There are some things that they have to do on it. Also, if the connection drops, they connect to it out of band to be able to do remote testing.

Quote:

---

sudo ksh
sudo bash
sudo sh
sudo ksh

Take your pick.

If you don't like any of those, there are many more shells as well.

You could probably even write your own shell and do a sudo /home/eric76/agsh.

---

^^^^^ Some Grade A - Jack Handey ^^^^^

"Sometimes I think you have to march right in and demand your rights, even if you don't know what your rights are, or who the person is you're talking to. Then on the way out, slam the door."

eric76 said:

---

aTmAg said:

---

You are proving his point.

---

His "I use sudo so I am secure"?

---

Watermelon Man said:

---

We fixed the keg said:

---

Watermelon Man said:

---

I get confused about all of this talk on routers, logs, sudos and the like.

It seems to me that the computers, Dominion equipment, etc..., were just used to count and tabulate the ballots. These were hand counted and hand tabulated and resulted in numbers very similar to those achieved with the use of the computers and Dominion equipment. If this is the case, then this equipment did what it was supposed to do and did not affect the result. All this computer stuff is just obfuscation and misdirection.

---

You are not entirely wrong here. The equipment, as designed, is supposed to do just that, collect, tabulate, and store voting information (crazy over-simplification).

These devices were not supposed to be connected to external networks, but they were. The voting networks were n819 CR 251 Carrollton, MSot supposed to have other devices connected to it, but there were (personal laptops, phones, other PC's, etc). The software on these systems is supposed to be carefully controlled, but it wasn't. Combine this with poor security practices like s819 CR 251 Carrollton, MS819 CR 251 Carrollton, MShared admin accounts and users sharing the same usernames or users with blank passwords, and you have a voting system which was no longer secure.

All the tech talk is pulling evidence of (1) what all was done that was wrong, and (2) see if any of those led to the systems being compromised or a target for fraud. There are a number of documentaries out there, funny enough, most were done around the 2016 election by people who are squealing about "fake audits", "conspiracy nuts", and "undermining elections" today. The Great Hack is one and I think it is on Netflix if you want a deeper look.

---

I'm sorry, but if the ballot counts are correct, then the ballot counts are correct. Whether or not security practices written, administered, and managed by the Republican party members that make up the Maricopa County Election Committee seems to me to be more noise.

---

Garbage in, Garbage out. The results are still garbage.

Quote:

---

To my understanding, NDAs expired once the Arizona State Senate's report went public this afternoon.

I'm therefore authorized to share my observations as a volunteer at the Maricopa County 2020 election audit.

---

Long thread on the processes he observed HERE

aTmAg said:

---

eric76 said:

---

aTmAg said:

---

You are proving his point.

---

His "I use sudo so I am secure"?

---

That you are ignoring the meat of the argument with distraction attempts.

---

I'm not saying that disabling root logins doesn't have its place in a great many cases. What I am saying is that what is most appropriate is not the same in every case.

It takes thought to deal with security issues instead of just checking boxes.

Quote:

---

I'm sorry, but if the ballot counts are correct, then the ballot counts are correct. Whether or not security practices written, administered, and managed by the Republican party members that make up the Maricopa County Election Committee seems to me to be more noise.

---

In this case, what is correct is in question. The only thing they have confirmed is the totals provided by MCBoE were close to the totals confirmed by the audit.

What is in question are those totals included:

• 27,807 ballots cast by people who had moved prior to the election
• 284,412 ballots which couldn't be validated due to corrupt or missing images
• 17,162 unique ballots which had been duplicated 2, 3, and 4 times for a total of 34,448 votes
• Maricopa reported 587 ballots with bad/missing signatures, audit found 2,580
• 6,545 more mail in ballots were reported by MCBoE than counted by audit
• 9,589 more main in ballot envelopes were received for the signature verification than the audit had images for (this was represented as more ballots came in than were sent by Runbeck who had the image count - I cannot find enough data on this one, so it might make sense to leave this off pending more info)

....and these are all for a result decided by less than 11,000 votes. So, yes, the total MCBoE gave the auditors was close to the hand count, but those in the list were not further validated to determine (1) if they are legitimate votes, (2) if there votes were correctly applied, and (3) would those totals have changed the outcome for any of the candidates.

EDIT TO ADD: Performing a forensic, technical audit is what would be needed to attempt to determine how the 284,000+ ballots without supporting documentation could have been added/tabulated.

Ballot counts and actual human votes are two different things. That's what this is all about. Figured you'd know that.

Quote:

---

I'm not saying that disabling root logins doesn't have its place in a great many cases. What I am saying is that what is most appropriate is not the same in every case.

It takes thought to deal with security issues instead of just checking boxes.

---

One. More. Try.


In this case, and specifically this case, are the Local, State, and Federal elections in Arizona, AND the security of ~2 million voter's private information worthy enough of standard security practices. (the answer is YES)

Again, the conversation is not what is acceptable in every scenario, but what should be done when dealing with highly sensitive and critical data, in this SPECIFIC case, the election.

It is that simple. Do you give a **** about the data? Yes. Then how do we best protect it. Before we even get to something more complex like disabling login access for the "root" user....you have to justify why, in all that is holy, are people sharing admin accounts and have accounts without passwords? Oi Vey.

Quote:

---

Mathematician Bobby Piton supplied Liz Harris, the Director of Citizens Investigation, and We The People AZ Alliance, a random sample of 3,900 questionable AZ voter names to check for residency from the latest election in Arizona. This list represented all 5 categories of voters (Republican, Democrat, etc.).

Bobby Piton testified in the AZ State hearing in late November about ghost voters and other anomalies. He was banned by Twitter during his compelling testimony. He has spent over 400 hours researching abnormalities with voter names and registrations.

Liz Harris then rounded up several hundred patriot volunteers who knocked on these doors looking to find what Piton calls "phantom sleeper" and suspicious Undefined or "U" voters. They are not eligible to vote for a variety of reasons. He estimated there are 160,000 to 400,000 of these illegal voters in Arizona. The team were able to visit 1,000 of the addresses in person and were often harassed or threatened by the residents. They found 539 voters DID NOT LIVE at these addresses. Additional results are below.

---

Quote:

---

Investigation Finds Votes Cast by:

• Voters that are dead, verified no longer at that address
• Several with the actual name "Unknown Voter"
• Registered at commercial addresses, especially Church's Chicken
• Non-U.S. Citizens who denied voting
• Felons who stated they can't vote, others in jail for years
• Out of State residents who just don't live in Arizona
• Registered using Schools, car lots, and sports arena's addresses
• 65 using the AZ Tabulation Center & Recorders Office as their address
• Vacant lots at elderly villages (55 & over) and undeveloped properties
• Wilderness addresses on Bureau of Land Management & State Trust land
• Abandoned homes completely unlivable or boarded up
• Street names that just do not exist in any Arizona records

---

Quote:

---

They found most AZ residents are horrified that a stranger or strangers have registered to vote using their home address. Several homeowners received multiple ballots (3, 4, 5), with one who received 20 ballots at their home. One business address received 200 ballots and another AZ address is used by 2,012 people who registered to vote. Within the first few days the Citizens Investigation had a couple hundred affidavits that 2020 votes were not associated with their registered address. Among other things, Piton found one corner lot has 1,500 registered voters and the lot next to it has 1,000. It's beyond suspicious that 2,500 voters are registered to such a small area of land.

---

Link

eric76 said:

---

aTmAg said:

---

eric76 said:

---

aTmAg said:

---

You are proving his point.

---

His "I use sudo so I am secure"?

---

That you are ignoring the meat of the argument with distraction attempts.

---

I'm not saying that disabling root logins doesn't have its place in a great many cases. What I am saying is that what is most appropriate is not the same in every case.

It takes thought to deal with security issues instead of just checking boxes.

---

You are trying to distract from all this valid points by going down the BS root login rabbit hole.

(And you are not going to impress me with nerd talk. I do this stuff for a living. Not sure why you keep trying.)

We fixed the keg said:

---

Quote:

---

While it would be nice for the election machines themselves to have the security updates and virus definitions applied and up to date, that would pretty much require them being connected to the Internet. If they cannot be connected to the Internet, then they would have to have those through a thumb drive or something. Does Microsoft distribute updates on a thumb drive? Does any antivirus company distribute their virus definitions on a thumb drive? Even if they could download the security updates and virus definitions to a thumb drive, applying the definitions increases the risk since the thumb drive itself could have been compromised. I can certainly understand why the computers were unpatched and the virus definitions had not been updated. Them not being patched on a computer that is only used on a stand alone network, if any network at all, is not that much of a cause for concern.

---

* You can update patches and virus scanning software on machines not connected to the Internet, but it is not as critical if (and wait for it) (1) they are not connected to any external network, and (2) unauthorized devices and/or non-election, non-certified code is not allowed on the network or the voting systems. Now, if all the other guidelines are followed, this would not be as big of a risk and you should have this documented in acceptable procedures.

---

The election machines were supposed to be sealed and not have any modifications for some period of time before the election. At least 30 days prior in the states I looked at a while back. Many of the areas that are under scrutiny now were getting machines at the last minute without the required 30 day period.

If anybody was updating the machines with Thumb drives around the date of the election (before, during or after) then they were most assuredly up to no good.

eric76 said:

---

We fixed the keg said:

---

Quote:

---

Who destroyed anything under subpoena? Can you back up those claims?

---

Quote:

---

The web server was obviously on the Internet. After all, that was the purpose.

As for the logs rolling, we do not know the intentions. It might have been intentional. It might not have been intentional.

---

Before we get to the subpoena(s), yes plural, there have been three issued and essentially ignored, let's look at Arizona and Federal Law.

MCBoE is supposed to maintain ALL election material for 22 months in case of Federal law and 24 months in case of State law. It has only been 10 months.

Federal statute: 52 USC 20701
State statutes: A.R.S. 16-624 and A.R.S. 16-625

So the MCBoE is in violation of State and Federal law by not retaining this data. Now to the subpoena(s)

December 2020 subpoena
January 2021 subpoena
August 2021 subpoena

The senate first subpoena was ignored through "cute" bull**** maneuvering when the MCBoE basically just ignored it because their terms were ending and a new term would begin in January. That is why the senate waited for the new term to start and immediately resubmitted January 13, 2021.

The MCBoE continued to ignore the subpoena and the Senate filed with the court. Judge Thompson in February, ruled the MCBoE had to comply with the subpoena. After the judges ruling is when the "so called auditors" captured proof of malfeasance.

Audit Report Volume III



Running a script is an "intentional act" and running it 37,686 is evidence the user was purposely "rolling" the logs. This was done after Judge Thompson ruled data must be preserved and MCBoE must comply. The individual has now broken State law, Federal law, and defied a subpoena/judges orders.

As to the web server, I am not sure why you struggle to understand this part. No devices with access to the Dominion Democracy Suite are supposed to be connected to an external network. This means "NO" to ANY other networks including, and especially, the Internet. This is against the manufactures guidelines, it is against the State's guidelines, and it invalidates the certification.

Here is an example of a Pro V&V Certification.

Page 9 is pretty clear.



WAN? "NO"
LAN? "TCP/IP Client/Server only"

No mention of routers, web servers, etc. After all we have witnessed, I find it laughable to see FIPS mentioned in the document......Federal Information Processing Standard accreditation (FIPS) when you have people sharing an admin account. It is like putting a reinforced steel vault door to enter your house when there is an open window to the right and left of it.

---

He must have wore his little fingers to the bone running it that many times.

---

I am not a computer expert, however as I understand it if you write a script it is a one time event, then the script enters the username leaving the password blank, cycles again until the script ends.

Was your reference to wearing his little fingers to the bone referring to something else?

Why are we even talking Linux or derivatives? It is my understanding that all of the systems dominion uses that have an operating system use some flavor of Windows.

Quote:

---

Long thread on the processes he observed HERE

---

Quote:

---

• I witnessed ballots that were machine-marked for Joe Biden, presumably using a printer.
• I witnessed batches of Federal-only provisional ballots skewing significantly in Joe Biden's favor.
• I witnessed ballot batch totals differ from the number reported by Maricopa County election officials.
• I witnessed ballots of a non-standard shape and size that did not fit in the photo jigs.
• I overheard audit staff and volunteers discussing thousands of military ballots that were Xeroxed (machine copied or printed) for Joe Biden.
• On my next shift, I witnessed hundreds of military ballots that appeared to be Xeroxed or computer-populated for Joe Biden.
• I witnessed batches of military ballots skewing approximately 95% in Joe Biden's favor. I calculated this by observing and mentally tallying a single PE station for a sample of 300 consecutive ballots.
• I was told by Congressional Candidate for AZ 7 and audit volunteer, Jeff Zink, that Chinese characters were found printed on a subset of ballots.
• I was told by a volunteer that ballots with inconsistent paper type were identified.
• I was told by a volunteer that a box of ballots containing a 100% count for Joe Biden was identified.
• I was told by a volunteer that consistent patterns were identified throughout entire batches. For example: Biden, Biden, Biden, Trump, Biden, Biden, Biden, Trump.
• I was told by a volunteer that "pristine ballots," i.e. no folds, were identified.

---

All from just one observer.....and he is willing to attest to it under threat of perjury.

Quote:

---

Everything I've written above is accurate to the absolute best of my recollection. I would have no issue signing an affidavit swearing the same.

---

Yeah, and this one pisses me off as well

Quote:

---

I cannot adequately describe the anger and frustration I felt, for example, watching a senior-aged veteran photograph hundreds of fraudulent military ballots counted for Joe Biden.

---

I'm just glad the NDA's are expired and those volunteers can tell what they saw. Hope many of them kept a day by day journal of what they observed.

will25u said:

---

Why are we even talking Linux or derivatives? It is my understanding that all of the systems dominion uses that have an operating system use some flavor of Windows.

---

Almost all, there were a few (ICX, firmware) that were Android or uClinux. To your point, yes, all pointless distraction to the original point.

TLDR version: OP tried to marginalize and provide insane explanations as to how it could be just fine for multiple people to share an account with admin privileges. The claim was ridiculous enough, but then was followed up with even more insane claims.

I have said this before, but I hope someone else in his company is in charge and this individual is not responsible for his company's IT or data.

aggiehawg said:

---

I'm just glad the NDA's are expired and those volunteers can tell what they saw. Hope many of them kept a day by day journal of what they observed.

---

Same here, but I irritated this weren't more prominent in yesterday's report. It doesn't look like it happened, but I would have thought a debrief of the auditors would have been a part of the audit. Maybe a third party can pull one together.

captkirk said:

---

BREAKING—#AZ election audit findings have been referred for CRIMINAL investigation.

— Tricia Flanagan (R-NJ) (@NewDayForNJ) September 25, 2021

---

Who's going to investigate, the FBI? Lol! Yeah, they'll get on it right after they finish hunter's laptop.

They've become a punchline to a joke. Sad!

Is there a good link to a summary of the audit. It's really hard to read through this thread with Eric crapping all over everything.

Let me point out some limited knowledge of what I have seen here in my county in GA. Let me also preface this as I work in IT for the county as well.

I don't normally work with the board of elections, so I don't know much of the behinds the scene processes with Dominion(the whole state uses Dominion).

Here is what I know:

Machines are stored with board of elections while not in use. They are distributed to the locations a a day(or more) before the elections.

We have a building that I go to frequently that is also a polling station, but I am not sure how many days before I remember seeing the equipment at that location. Also this location is a county location with security.

They are set up the day prior to the election, so they are probably delivered the previous week/weekend.

When I went to vote in my city, the pill workers were having trouble getting the election "started" on the voting machines. It took them an hour to finally figure out how to do it. You have to insert a certain card into the machines to get them up and running in election day, and they could not find the card. Not to mention I believe everyone at my location was a volunteer. There may have been one temporary BOE election worker there.

There ARE laptops at the first stations that are connected to the internet(I believe). These are where the polling station checks your ID and verifies eligibility to vote withe the states voter database.

I did also see that there was a hub or small switch that all the laptops were connected to at the first station. And I believe it was plugged into a wall jack.

(Again, I could be wrong about this part since I don't directly work with the BOE department. )

They program a card with a chip on it(similar to a debit card) that holds your ballot information for the voting booth to read. After that, you.vote, it prints out a paper with your ballot and QR code, then you put the ballot in the counting machine which also stores your paper ballot.

So that is my limited information on the actual voting system at a polling location.

Sully Dog said:

---

Is there a good link to a summary of the audit. It's really hard to read through this thread with Eric crapping all over everything.

---

Reading this thread, that started with a crap OP, reminds me of the old cliche, "never argue with stupid, it will only drag you down to it's level and beat you with experience".

richardag said:

---

eric76 said:

---

We fixed the keg said:

---

Quote:

---

Who destroyed anything under subpoena? Can you back up those claims?

---

Quote:

---

The web server was obviously on the Internet. After all, that was the purpose.

As for the logs rolling, we do not know the intentions. It might have been intentional. It might not have been intentional.

---

Before we get to the subpoena(s), yes plural, there have been three issued and essentially ignored, let's look at Arizona and Federal Law.

MCBoE is supposed to maintain ALL election material for 22 months in case of Federal law and 24 months in case of State law. It has only been 10 months.

Federal statute: 52 USC 20701
State statutes: A.R.S. 16-624 and A.R.S. 16-625

So the MCBoE is in violation of State and Federal law by not retaining this data. Now to the subpoena(s)

December 2020 subpoena
January 2021 subpoena
August 2021 subpoena

The senate first subpoena was ignored through "cute" bull**** maneuvering when the MCBoE basically just ignored it because their terms were ending and a new term would begin in January. That is why the senate waited for the new term to start and immediately resubmitted January 13, 2021.

The MCBoE continued to ignore the subpoena and the Senate filed with the court. Judge Thompson in February, ruled the MCBoE had to comply with the subpoena. After the judges ruling is when the "so called auditors" captured proof of malfeasance.

Audit Report Volume III



Running a script is an "intentional act" and running it 37,686 is evidence the user was purposely "rolling" the logs. This was done after Judge Thompson ruled data must be preserved and MCBoE must comply. The individual has now broken State law, Federal law, and defied a subpoena/judges orders.

As to the web server, I am not sure why you struggle to understand this part. No devices with access to the Dominion Democracy Suite are supposed to be connected to an external network. This means "NO" to ANY other networks including, and especially, the Internet. This is against the manufactures guidelines, it is against the State's guidelines, and it invalidates the certification.

Here is an example of a Pro V&V Certification.

Page 9 is pretty clear.



WAN? "NO"
LAN? "TCP/IP Client/Server only"

No mention of routers, web servers, etc. After all we have witnessed, I find it laughable to see FIPS mentioned in the document......Federal Information Processing Standard accreditation (FIPS) when you have people sharing an admin account. It is like putting a reinforced steel vault door to enter your house when there is an open window to the right and left of it.

---

He must have wore his little fingers to the bone running it that many times.

---

I am not a computer expert, however as I understand it if you write a script it is a one time event, then the script enters the username leaving the password blank, cycles again until the script ends.

Was your reference to wearing his little fingers to the bone referring to something else?

---

It's EASY to write a script to run in a loop. Trivial. The fact that he said that indicates he is not arguing in good faith. But I'm sure the board knew that already.

Sully Dog said:

---

Is there a good link to a summary of the audit. It's really hard to read through this thread with Eric crapping all over everything.

---

Breitbart News has a good summary today !

Sully Dog said:

---

Is there a good link to a summary of the audit. It's really hard to read through this thread with Eric crapping all over everything.

---

Sort of.... All of the info can be found here.

https://www.azsenaterepublicans.com/audit

The presentations / power point hit the big points. There is one for Cyber Ninjas, one for Dr. Shiva, and for Ben Cotton.

Again, I want to thank you for all of your help in explaining the computer stuff to me. Have really been a godsend with you walking me through everything.

aggiehawg said:

---

Again, I want to thank you for all of your help in explaining the computer stuff to me. Have really been a godsend with you walking me through everything.

---

It has been a double edged sword as it adds a lot of noise for those wanting to keep the thread on point, for that I apologize. One of my weaknesses is my tolerance bar is pretty low for the generic IT person being over his/her skis. Especially when I have to identify and remediate things done by people with just enough knowledge to be dangerous. That said, thank you and to the other posters bringing all of the facts and details.