Maricopa County Audit -- See Staff Note in OP

30,204 Views | 362 Replies | Last: 10 mo ago by Funky Winkerbean
eric76
How long do you want to ignore this user?
AG
We fixed the keg said:


Quote:

While it would be nice for the election machines themselves to have the security updates and virus definitions applied and up to date, that would pretty much require them being connected to the Internet. If they cannot be connected to the Internet, then they would have to have those through a thumb drive or something. Does Microsoft distribute updates on a thumb drive? Does any antivirus company distribute their virus definitions on a thumb drive? Even if they could download the security updates and virus definitions to a thumb drive, applying the definitions increases the risk since the thumb drive itself could have been compromised. I can certainly understand why the computers were unpatched and the virus definitions had not been updated. Them not being patched on a computer that is only used on a stand alone network, if any network at all, is not that much of a cause for concern.

* You can update patches and virus scanning software on machines not connected to the Internet, but it is not as critical if (and wait for it) (1) they are not connected to any external network, and (2) unauthorized devices and/or non-election, non-certified code is not allowed on the network or the voting systems. Now, if all the other guidelines are followed, this would not be as big of a risk and you should have this documented in acceptable procedures.


Yep. It is not the serious issue that the so-called auditors made it out to be in their presentation.

Quote:

Quote:

The part about the logs being rolled over does need more explanation. That there were additional log entries is not, in and of itself, indicative of any wrongdoing.

* …and you continue to go off the rails. (1) a subpoena was issued to secure among many things, log files, (2) someone loaded a script on a machine and executed the script over 30,000 times to other machine(s) which was identified to magically be the number to "roll" the logs. Any legitimate reason to clear the log file would dictate the user log on directly to that machine and clear the logs, not to be running destructive scripts from a different machine with bogus requests. If you, in any way think this is acceptable, I pray for the company you work for and the equipment they let you near.


YOU are the one off the rails. If they did not have access to these logs, then how could they have known that they rolled over?

The subpoena was for routers and their log files.

As I said, we need more information about the rolling over. There are a number of possibilites, some of which would be nefarious and some would not be nefarious. To just jump to the conclusion that the intention was to roll over the log files is absurd.


Quote:

Quote:

They brought out an issue regarding username and password information. For a purpose such as this, it seems reasonable on the surface that each person logging into the machines have his own username and password, but that is not necessarily an issue for reasons of practicality. We should keep in mind that what is best practice for a situation in a corporate or university environment in which many different people may connect to servers on an as needed basis for a number of different purpose is not necessarily the same for a set of occasionally used single purpose machines not on a general network with limited access to them.

* It most certainly is an issue, a major issue. You have no way to control access nor log 'who did what' when you share usernames or passwords. This is one of the most basic procedures of IT security and best practices. WOW!


Yeah, this is one of the most basic procedures of IT security and best practices for shared computers on shared networks with many users. Can you provide citations to where it says that for devices used sporadically and which are never connected to anything more than a LAN require a separate username for everyone who might need to have access to it?
BigJim49 AustinNowDallas
How long do you want to ignore this user?
AG
So with all the fraud, we still do not know what the vote count should be !

What a waste of time !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
We fixed the keg
How long do you want to ignore this user?
AG
Quote:


It appears that the so-called auditors were including machines not used in the voting process that were intended to be on the Internet.

So yes, we do need more detail about which computers were ACTUALLY used in the voting process that are not to be on the Internet. Were any of the voting machines connected to the Internet?
Quote:

Just maybe REWEB1601 was not a Dominion machine.

The quesiton is why the presenters would devote time to talking about a non-election machine used as a web server other than as an attempt to pull the wool over your eyes.



Page 89 of this doc

1) Dominion software was installed on REWEB1601.
2) REWEB1601 was on the non-air-gapped election network and connected to the Internet

So, yeah, we sure the hell do need to know why this server was on the election network. If it wasn't used for the election (as you are pitching) then why was it there, why was Dominion software loaded on it, and why was it connected to the Internet?

The "so called auditors" were auditing devices on the election network....at least those not withheld by MCBE.

We fixed the keg
How long do you want to ignore this user?
AG
Quote:

All my servers run OpenBSD where doas is preferred over sudo.
and this changes the hardening practice of disabling login access by the root user how?

Hint: IT DOESN'T
eric76
How long do you want to ignore this user?
AG
We fixed the keg said:


Quote:

(I may have something more to say about this issue, but unless I can find a transcript, I'll have to go back and try to find where they talked about a certain point in the presentation.)

* I almost can't wait to read whatever else you come up with because you are batting .000 so far.


For what it's worth, it looks like I'll have to listen to the entire part of that portion of the presentation to find it. I may not bother.

Quote:

Quote:

This part of the presentation bothered me more when watching the presentation than it does now after having a day to think about it. Suppose that you have 1,000 voting machines sitting in storage between elections and you hire a new employee who might need to logon to the machines at some point. Do you take each machine out of storage, one at a time, and start them up so that you can add a username and password for that employee? Of course not. That would be a nightmare. Also, when an employee leaves or is moved to another department, then would you have to take them out of storage, one at a time, and start them up to remove his access.

* Dominion delivers two flavors of their system but both include the voting equipment, switches, and a Dell server responsible for DHCP, database services, device/printer management, and "wait for it" AD for authentication services. These machines were not brought out of storage and put back in…. once they were pulled from storage, they were setup as they should be used during the election, and then handed over to Pro V&V and SLI Compliance to certify. So, even though you haven't been paying attention to the research provided months ago, you still missed the boat and have come up with a ridiculous hypothetical in an attempt to make a point.

I don't get it. Are you trying to claim that after Dominion delivers the equipment to Maricopa County, everything is setup and left set up for use during the election? I can see that they might be able to do this with those portions used in their own facilities, but I cannot imagine how they can do this at all the polling places. Do they keep a 24 hour guard on every polling place year round to make sure that nobody messes with the voting machines?

Quote:


Quote:

It's not like it would be reasonable to suspect that the election machines are all sitting in a big room, plugged in and running, and ready for someone to walk up and start logging into them.

* It is not just reasonable, but how they were situated so they could be certified and then used for the election. I would also be shocked if in Dominion's own process, once these machines are joined to the network and authenticated, the default admin user and password are to be deleted, changed, or disabled.

Quote:

Looking at it this way, it seems that it might be better to keep a log of who has access to the machine at what time and their purpose for needing the access. They said in the presentation that there is a video of an employee on the machine. so that would certainly help.

* All handled by Active Directory and available for auditing when (1) used and (2) not deleted.


Active Directory would do it. If the machines were only on a LAN, do they have a separate Active Directory server for that LAN? How about for those voting machines at various precincts that were not on the LAN?

Quote:

Quote:

Also, there are certainly situations in which people do legitimately share usernames and logins for other purposes. For example, on our external router provided by AT&T, there is one login for AT&T to use with their own password and one login for me to use with my password. I have downloaded the configuration of that router and have seen the login entry (the password itself is encrypted). It would be silly to expect everyone at AT&T who might need to access the router to have their own username and password on the router.

* Not remotely a valid argument, you should not have split management on ANY of your edge network devices. This is something which only makes sense when AT&T is providing mee-maw access to the Internet from her house. In the business world, a circuit comes into a provider managed device which you should never have access to and they hand off to your router, which they should never have login access to. Then, they provide you configuration information for how to setup your router.


Actually, not. Ever hear of AT&T's Flexware devices? Those are not for home use by any stretch of the imagination.

Quote:

Quote:


Historically, on UNIX machines it has been normal to have one shared username at the most privileged level -- root. If you needed to grant someone access to the machine for things like configuration, adding and removing users, ..., then you gave them the root password and they logged on as root.

The sudo package can kind of get around this depending on the settings. You identify which users need access to root in a configuration file (if I remember correctly, /etc/sudoers) and the type of access. One option is to require them to enter the root password for every command they enter. Another option is to require no password. You can also limit particular users to certain commands.
* Again, WOW. Access to login as root is one of the very first things you disable. Root can exist and run services but shouldn't be used as a means to SSH or login at the console. The reason SUDO exists.


That would depend on the environment and the OS.

For what it's worth, on OpenBSD, sudo is not considered secure and doas is used as an alternate. The only security vulnerability found to date in doas did not affect OpenBSD's implementation at all.

Quote:

Quote:

So, on the surface, it seems like this might be a problem, but I'm not sure that it is when you think about it more carefully.

* Wrong on the surface, and even more wrong when you think about it carefully.

Quote:

What does strike me as a possible problem is that it sounded like they were using the same passwords set by Dominion. Here, the issue is with who determined the passwords. Unless the password used are determined by the proper people at the election board, they should probably change the passwords when they receive the equipment in case Dominion uses the same passwords for multiple customers. I doubt that they do this, though.

* You got one right!

Quote:

This part of the presentation bothered me a lot more watching that portion of the presentation than it does after thinking about it overnight. When watching a presentation, there is no time to think about the issue in more detail. You are going at the presenter's speed, not your own speed. Your options are to either accept what is said or reject it outright, especially when unable to ask questions. This is precisely why I don't like to gather information on weighty matters by video and strongly prefer to read it where I can read at my own pace and take time to gather additional information from other sources or to think about it in more detail.

* Oh, MCBE damn sure should have to respond to all of this, but you need to prepare yourself for the fact that none of what you wrote about is excusable as acceptable process.


Much of what is seen as "acceptable process" is just plain wrong.

Yeah, if this was a large corporation, I would do things differently.
We fixed the keg
How long do you want to ignore this user?
AG
Quote:

Yep. It is not the serious issue that the so-called auditors made it out to be in their presentation.

YOU are the one off the rails. If they did not have access to these logs, then how could they have known that they rolled over?

Holy **** balls!

Destruction of anything under subpoena is about as serious as serious gets.
Quote:

https://www.azleg.gov/ars/13/02809.htm

A Class 6 Felony under Arizona law punishable by 1-2 years in prison per count

Under Federal law it carries up to 20 years per instance.

Quote:

The subpoena was for routers and their log files.

Quote:

As I said, we need more information about the rolling over. There are a number of possibilites, some of which would be nefarious and some would not be nefarious. To just jump to the conclusion that the intention was to roll over the log files is absurd.

Quote:

Yeah, this is one of the most basic procedures of IT security and best practices for shared computers on shared networks with many users. Can you provide citations to where it says that for devices used sporadically and which are never connected to anything more than a LAN require a separate username for everyone who might need to have access to it?
....and if you paid attention to ANYTHING, you could answer your own question. They have and provided evidence the logs contained ONLY entries from after a specific date. The have and provided evidence showing that on that date a script was run from a different machine forcing 30,000+ entries to be entered into the log ON THAT DATE which caused the log to roll. They even have and provided the machine address and video of the individual DOING IT. Seriously man, there aren't words ....

and on the last part.....seriously? Are you seriously trying to build an argument that election equipment would not qualify as important enough to follow basic IT procedures. Good lord man....STOP

and again.....these devices were on a network that was CONNECTED TO THE INTERNET....

BuddysBud
How long do you want to ignore this user?
AG
The vote count was that Biden won the EC vote, the only one that matters.

A more interesting question would be how the findings would affect the Senate race.
cevans_40
How long do you want to ignore this user?
AG
Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.
titan
How long do you want to ignore this user?
S

Yes indeed. And all passing over that this is a criminal regime destroying America and would be even if it had Obama's 2008 numbers.

Agree the impact on the Senate potential is much more interesting.
Albatross Necklace
How long do you want to ignore this user?
cevans_40 said:

Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.
Last page during the game
We fixed the keg
How long do you want to ignore this user?
AG
Quote:


For what it's worth, it looks like I'll have to listen to the entire part of that portion of the presentation to find it. I may not bother.

- Your best idea to date.


I don't get it. Are you trying to claim that after Dominion delivers the equipment to Maricopa County, everything is setup and left set up for use during the election? I can see that they might be able to do this with those portions used in their own facilities, but I cannot imagine how they can do this at all the polling places. Do they keep a 24 hour guard on every polling place year round to make sure that nobody messes with the voting machines?

- Stating what has been provided. (1) MCBE bought equipment. (2) Equipment gets delivered, (3) Equipment gets setup and configured for the election, (4) Pro V&V and SLI Compliance brought in to certify equipment is ready and configured defined, and (5) Equipment is certified and elections can be run on the equipment. Did you actually think they certified everything and then put it all back in a box and into storage?

Actually, not. Ever hear of AT&T's Flexware devices? Those are not for home use by any stretch of the imagination.

- Why again would you bring a managed software-defined WAN product into a conversation about an air-gapped network. By Arizona's own rules they shouldn't have managed services,


That would depend on the environment and the OS.

For what it's worth, on OpenBSD, sudo is not considered secure and doas is used as an alternate. The only security vulnerability found to date in doas did not affect OpenBSD's implementation at all.

- No, it wouldn't. Go through a PCI-DSS audit and make the same statement, but make sure you have alternate employment options first. Hooray for BSD, but the point remains the same.....and laugh. let me make an argument that it is ok to login as root and then use as my defense, one software is more secure than another to do that. If it is OK, why would you even need SUDO or DOAS?


Much of what is seen as "acceptable process" is just plain wrong.

Yeah, if this was a large corporation, I would do things differently.

- So state and federal elections aren't worthy of the same security practices as a large corporation? I guess you are right....we are only talking about the election of officials to run the entire country.
Fenrir
How long do you want to ignore this user?
Yeah but can you solve a math equation?
Rockdoc
How long do you want to ignore this user?
AG
cevans_40 said:

Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.

Biden is his boy and he'll protect him to the end.
eric76
How long do you want to ignore this user?
AG
We fixed the keg said:

Quote:

All my servers run OpenBSD where doas is preferred over sudo.
and this changes the hardening practice of disabling login access by the root user how?

Hint: IT DOESN'T
There are two reasons to disable root.

1) To keep attackers from being able to log into root. In this case, no access to my routers is available on the Internet except when I enable them for a brief time for a very specific purpose. When I do enable it for a brief time, root access is expressly prohibited over the network (Match LocalAddress - PermitRootLogin no) and (Match Address - PermitRootLogin no).

With sudo, I would have the following options:

A) Without password -- this would give full access to any account with sudo access. If any account with sudo access was compromised, they would gain full control of the computer.

B) With password -- then you would have to enter the root password every time you want to execute a command. With my passwords, the passwords are longer than the typical command and so this would become real bothersome quickly.

At least with doas, the user would enter his own password and not the root password.

C) Specify which specific commands a user may enter. This could quickly turn into a nightmare. Sure, if you have a user who needs to have access to only a limited number of commands, it would work. But for a user who pretty much needs to execute any command, this would take a while.

2) To separate the users and log their actions. Logging the actions, to me, would be the main reason to use sudo. I can definitely see why this would be good in a large environment.

---

Note that if the person has access to the console (in my typical case, they would have to plug the monitor into the computer they wanted to access since my main computers have no console device attached full time. Once they did that, they could bring the machine down (i.e. unplug it since they don't know the password to root) and boot it back up into single user mode. From there, they can change whatever they wish including the passwords.

Anyway, besides the above two reasons, are there any other reasons to disable root logins?
eric76
How long do you want to ignore this user?
AG
We fixed the keg said:

Quote:

Yep. It is not the serious issue that the so-called auditors made it out to be in their presentation.

YOU are the one off the rails. If they did not have access to these logs, then how could they have known that they rolled over?

Holy **** balls!

Destruction of anything under subpoena is about as serious as serious gets.
Quote:

https://www.azleg.gov/ars/13/02809.htm

A Class 6 Felony under Arizona law punishable by 1-2 years in prison per count

Under Federal law it carries up to 20 years per instance.

Who destroyed anything under subpoena? Can you back up those claims?
Quote:


Quote:

The subpoena was for routers and their log files.

Quote:

As I said, we need more information about the rolling over. There are a number of possibilites, some of which would be nefarious and some would not be nefarious. To just jump to the conclusion that the intention was to roll over the log files is absurd.

Quote:

Yeah, this is one of the most basic procedures of IT security and best practices for shared computers on shared networks with many users. Can you provide citations to where it says that for devices used sporadically and which are never connected to anything more than a LAN require a separate username for everyone who might need to have access to it?
....and if you paid attention to ANYTHING, you could answer your own question. They have and provided evidence the logs contained ONLY entries from after a specific date. The have and provided evidence showing that on that date a script was run from a different machine forcing 30,000+ entries to be entered into the log ON THAT DATE which caused the log to roll. They even have and provided the machine address and video of the individual DOING IT. Seriously man, there aren't words ....

and on the last part.....seriously? Are you seriously trying to build an argument that election equipment would not qualify as important enough to follow basic IT procedures. Good lord man....STOP

and again.....these devices were on a network that was CONNECTED TO THE INTERNET....
The web server was obviously on the Internet. After all, that was the purpose.

As for the logs rolling, we do not know the intentions. It might have been intentional. It might not have been intentional.
eric76
How long do you want to ignore this user?
AG
Albatross Necklace said:

cevans_40 said:

Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.
Last page during the game
I had forgotten what time the game started and so I missed the first half.
Philip J Fry
How long do you want to ignore this user?
AG
So did the offense.
eric76
How long do you want to ignore this user?
AG
Reptitively inserting quotes is a pain in the neck, isn't it?

Quote:

Actually, not. Ever hear of AT&T's Flexware devices? Those are not for home use by any stretch of the imagination.

Quote:

- Why again would you bring a managed software-defined WAN product into a conversation about an air-gapped network. By Arizona's own rules they shouldn't have managed services,

What? Managed? Since when?

At the time of our last upgrade, they would manage Cisco Routers, but not Flexware Devices.

Don't forget that you were the one who claimed that I would only have my own login into the external router if it was a home network type device.
eric76
How long do you want to ignore this user?
AG
Rockdoc said:

cevans_40 said:

Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.

Biden is his boy and he'll protect him to the end.
Yours, not mine.
will25u
How long do you want to ignore this user?
The logs rolling, there was 30,000 login attempts using a blank password.

I don't see any plausible legitimate reason for this. If you know of one, please let me know. But they also know who did it by matching up times and video.

Also the equipment is supposed to keep all information for 22 months. After rolling the logs, and only being able to see back until, I think, February of 2021 /= 22 months.
Rockdoc
How long do you want to ignore this user?
AG
eric76 said:

Rockdoc said:

cevans_40 said:

Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.

Biden is his boy and he'll protect him to the end.
Yours, not mine.

Your posting history says otherwise and everybody knows it.
eric76
How long do you want to ignore this user?
AG
will25u said:

The logs rolling, there was 30,000 login attempts using a blank password.

I don't see any plausible legitimate reason for this. If you know of one, please let me know. But they also know who did it by matching up times and video.

Also the equipment is supposed to keep all information for 22 months. After rolling the logs, and only being able to see back until, I think, February of 2021 /= 22 months.
Might it be possible for someone to have connected that machine to a local network and given an IP address that some other device had been trying to log into for months or years but couldn't because there was nothing there with that IP address?
eric76
How long do you want to ignore this user?
AG
Rockdoc said:

eric76 said:

Rockdoc said:

cevans_40 said:

Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.

Biden is his boy and he'll protect him to the end.
Yours, not mine.

Your posting history says otherwise and everybody knows it.
Bull*****
Rockdoc
How long do you want to ignore this user?
AG
eric76 said:

Rockdoc said:

eric76 said:

Rockdoc said:

cevans_40 said:

Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.

Biden is his boy and he'll protect him to the end.
Yours, not mine.

Your posting history says otherwise and everybody knows it.
Bull*****

No, it's true. Trust me!
Albatross Necklace
How long do you want to ignore this user?
eric76 said:

Albatross Necklace said:

cevans_40 said:

Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.
Last page during the game
I had forgotten what time the game started and so I missed the first half.
and that explains why you had 20 posts during the second half at 5 pm?

You're very bad at lying.
eric76
How long do you want to ignore this user?
AG
Albatross Necklace said:

eric76 said:

Albatross Necklace said:

cevans_40 said:

Good lord, 9 pages of concerned moderate defending the election as if it's his mother's honor.

That's some type of devotion to the swamp.
Last page during the game
I had forgotten what time the game started and so I missed the first half.
and that explains why you had 20 posts during the second half at 5 pm?

You're very bad at lying.
I have no idea how good or bad I am at lying. In this case, I'm certainly not lying.

It is very rare for me to be riveted to whatever is on the tv. I don't even bother to turn it on most weeks.

If my tv were to quit working, it wouldn't bother me much at all. I probably wouldn't even bother to replace it.
We fixed the keg
How long do you want to ignore this user?
AG
eric76 said:

We fixed the keg said:

Quote:

All my servers run OpenBSD where doas is preferred over sudo.
and this changes the hardening practice of disabling login access by the root user how?

Hint: IT DOESN'T
There are two reasons to disable root.

1) To keep attackers from being able to log into root. In this case, no access to my routers is available on the Internet except when I enable them for a brief time for a very specific purpose. When I do enable it for a brief time, root access is expressly prohibited over the network (Match LocalAddress - PermitRootLogin no) and (Match Address - PermitRootLogin no).

With sudo, I would have the following options:

A) Without password -- this would give full access to any account with sudo access. If any account with sudo access was compromised, they would gain full control of the computer.

B) With password -- then you would have to enter the root password every time you want to execute a command. With my passwords, the passwords are longer than the typical command and so this would become real bothersome quickly.

At least with doas, the user would enter his own password and not the root password.

C) Specify which specific commands a user may enter. This could quickly turn into a nightmare. Sure, if you have a user who needs to have access to only a limited number of commands, it would work. But for a user who pretty much needs to execute any command, this would take a while.

2) To separate the users and log their actions. Logging the actions, to me, would be the main reason to use sudo. I can definitely see why this would be good in a large environment.

---

Note that if the person has access to the console (in my typical case, they would have to plug the monitor into the computer they wanted to access since my main computers have no console device attached full time. Once they did that, they could bring the machine down (i.e. unplug it since they don't know the password to root) and boot it back up into single user mode. From there, they can change whatever they wish including the passwords.

Anyway, besides the above two reasons, are there any other reasons to disable root logins?
I am not sure what the need for the above write-up is. The original comments were in your response attempting to convince the posters on this thread that a shared account/password with is somehow explainable/acceptable. Basically portraying it as a "nothing burger" which was being over-dramatized by the auditors.

The above is basically you walking that back.
eric76
How long do you want to ignore this user?
AG
Walking back nothing.

One size does not fit all.

sudo ksh
We fixed the keg
How long do you want to ignore this user?
AG
Quote:

Who destroyed anything under subpoena? Can you back up those claims?
Quote:

The web server was obviously on the Internet. After all, that was the purpose.

As for the logs rolling, we do not know the intentions. It might have been intentional. It might not have been intentional.
Before we get to the subpoena(s), yes plural, there have been three issued and essentially ignored, let's look at Arizona and Federal Law.

MCBoE is supposed to maintain ALL election material for 22 months in case of Federal law and 24 months in case of State law. It has only been 10 months.

Federal statute: 52 USC 20701
State statutes: A.R.S. 16-624 and A.R.S. 16-625

So the MCBoE is in violation of State and Federal law by not retaining this data. Now to the subpoena(s)

December 2020 subpoena
January 2021 subpoena
August 2021 subpoena

The senate first subpoena was ignored through "cute" bull**** maneuvering when the MCBoE basically just ignored it because their terms were ending and a new term would begin in January. That is why the senate waited for the new term to start and immediately resubmitted January 13, 2021.

The MCBoE continued to ignore the subpoena and the Senate filed with the court. Judge Thompson in February, ruled the MCBoE had to comply with the subpoena. After the judges ruling is when the "so called auditors" captured proof of malfeasance.

Audit Report Volume III



Running a script is an "intentional act" and running it 37,686 is evidence the user was purposely "rolling" the logs. This was done after Judge Thompson ruled data must be preserved and MCBoE must comply. The individual has now broken State law, Federal law, and defied a subpoena/judges orders.

As to the web server, I am not sure why you struggle to understand this part. No devices with access to the Dominion Democracy Suite are supposed to be connected to an external network. This means "NO" to ANY other networks including, and especially, the Internet. This is against the manufactures guidelines, it is against the State's guidelines, and it invalidates the certification.

Here is an example of a Pro V&V Certification.

Page 9 is pretty clear.



WAN? "NO"
LAN? "TCP/IP Client/Server only"

No mention of routers, web servers, etc. After all we have witnessed, I find it laughable to see FIPS mentioned in the document......Federal Information Processing Standard accreditation (FIPS) when you have people sharing an admin account. It is like putting a reinforced steel vault door to enter your house when there is an open window to the right and left of it.


We fixed the keg
How long do you want to ignore this user?
AG
Quote:

What? Managed? Since when?

At the time of our last upgrade, they would manage Cisco Routers, but not Flexware Devices.

Don't forget that you were the one who claimed that I would only have my own login into the external router if it was a home network type device.
Again, wholly irrelevant to the discussion and original comments, but yes, AT&T Flexware is a managed service provided to business. Even their website is clear..."Software Defined Networking"...."Network Function Virtualization" these products/offerings are powered and virtualized on hardware you don't own or manage. They provide you a "service" on hardware they "manage." Yes, they are business grade services, but apples to oranges with what this thread/discussion is about.

FYI: You "should not" employ any split managed EDGE. If you have a router/appliance where you and a 3rd party have access, the very next device should be a firewall, or edge, between you and that device that only your business has access to. If you go through compliance audits for PCI, HIPPA, FedRamp, etc. this is common practice.
Watermelon Man
How long do you want to ignore this user?
I get confused about all of this talk on routers, logs, sudos and the like.

It seems to me that the computers, Dominion equipment, etc..., were just used to count and tabulate the ballots. These were hand counted and hand tabulated and resulted in numbers very similar to those achieved with the use of the computers and Dominion equipment. If this is the case, then this equipment did what it was supposed to do and did not affect the result. All this computer stuff is just obfuscation and misdirection.
eric76
How long do you want to ignore this user?
AG
We fixed the keg said:

Quote:

Who destroyed anything under subpoena? Can you back up those claims?
Quote:

The web server was obviously on the Internet. After all, that was the purpose.

As for the logs rolling, we do not know the intentions. It might have been intentional. It might not have been intentional.
Before we get to the subpoena(s), yes plural, there have been three issued and essentially ignored, let's look at Arizona and Federal Law.

MCBoE is supposed to maintain ALL election material for 22 months in case of Federal law and 24 months in case of State law. It has only been 10 months.

Federal statute: 52 USC 20701
State statutes: A.R.S. 16-624 and A.R.S. 16-625

So the MCBoE is in violation of State and Federal law by not retaining this data. Now to the subpoena(s)

December 2020 subpoena
January 2021 subpoena
August 2021 subpoena

The senate first subpoena was ignored through "cute" bull**** maneuvering when the MCBoE basically just ignored it because their terms were ending and a new term would begin in January. That is why the senate waited for the new term to start and immediately resubmitted January 13, 2021.

The MCBoE continued to ignore the subpoena and the Senate filed with the court. Judge Thompson in February, ruled the MCBoE had to comply with the subpoena. After the judges ruling is when the "so called auditors" captured proof of malfeasance.

Audit Report Volume III



Running a script is an "intentional act" and running it 37,686 is evidence the user was purposely "rolling" the logs. This was done after Judge Thompson ruled data must be preserved and MCBoE must comply. The individual has now broken State law, Federal law, and defied a subpoena/judges orders.

As to the web server, I am not sure why you struggle to understand this part. No devices with access to the Dominion Democracy Suite are supposed to be connected to an external network. This means "NO" to ANY other networks including, and especially, the Internet. This is against the manufactures guidelines, it is against the State's guidelines, and it invalidates the certification.

Here is an example of a Pro V&V Certification.

Page 9 is pretty clear.



WAN? "NO"
LAN? "TCP/IP Client/Server only"

No mention of routers, web servers, etc. After all we have witnessed, I find it laughable to see FIPS mentioned in the document......Federal Information Processing Standard accreditation (FIPS) when you have people sharing an admin account. It is like putting a reinforced steel vault door to enter your house when there is an open window to the right and left of it.



He must have wore his little fingers to the bone running it that many times.
We fixed the keg
How long do you want to ignore this user?
AG
eric76 said:

Walking back nothing.

One size does not fit all.

sudo ksh
Yes, you did. This is not about "one size does not fit all", it is 100% about sharing an account between 2 or more users with admin rights is poor IT practice. Doing so around such highly sensitive personal data, and on systems being used for Local, State, and Federal elections is GROSS NEGLIGENCE. It is not just some 'ho-hum', 'well shucks' maybe it isn't necessary thing.

So the fact you attempted to marginalize, then say it somehow may not be necessary in this application, and then start discussing SUDO vs DOAS, you are deflecting and walking back. Either it is necessary and wasn't done, then admit the "so called auditors" were right, or continue with the it isn't needed and be wrong.
BigRobSA
How long do you want to ignore this user?
Watermelon Man said:

I get confused about all of this talk on routers, logs, sudos and the like.

It seems to me that the computers, Dominion equipment, etc..., were just used to count and tabulate the ballots. These were hand counted and hand tabulated and resulted in numbers very similar to those achieved with the use of the computers and Dominion equipment. If this is the case, then this equipment did what it was supposed to do and did not affect the result. All this computer stuff is just obfuscation and misdirection.


Yes. You're confused.

Having the equipment connected to the internet is bad juju. Paper can be faked and then the computers told how to tabulate. After, everything matches up. But is still not correct.

There is literally no way Trump...whom I dislike as a mediocre, Liberal PotUS...lost in AZ, given a non-rigged election.

All one had to do is visit/reside there before the election and see the lack of support for Biden and monstrously huge support for Trump. The idiocy to believe it was a fair election is tantamount to booger eating.
"The Declaration of Independence and the US Constitution was never designed to restrain the people. It was designed to restrain the government."
eric76
How long do you want to ignore this user?
AG
We fixed the keg said:

Quote:

What? Managed? Since when?

At the time of our last upgrade, they would manage Cisco Routers, but not Flexware Devices.

Don't forget that you were the one who claimed that I would only have my own login into the external router if it was a home network type device.
Again, wholly irrelevant to the discussion and original comments, but yes, AT&T Flexware is a managed service provided to business. Even their website is clear..."Software Defined Networking"...."Network Function Virtualization" these products/offerings are powered and virtualized on hardware you don't own or manage. They provide you a "service" on hardware they "manage." Yes, they are business grade services, but apples to oranges with what this thread/discussion is about.

FYI: You "should not" employ any split managed EDGE. If you have a router/appliance where you and a 3rd party have access, the very next device should be a firewall, or edge, between you and that device that only your business has access to. If you go through compliance audits for PCI, HIPPA, FedRamp, etc. this is common practice.
Our Flexware device is a self-managed router.

From https://www.business.att.com/products/flexware.html

Quote:

AT&T FlexWare offers flexible management options, whether you want a fully managed solution or the ability to manage yourself.
We may have been ahead of the curve since we were not given the option of having AT&T manage our FlexWare device, but it is clear that AT&T does not manage all Flexware devices.
 
×
subscribe Verify your student status
See Subscription Benefits
Trial only available to users who have never subscribed or participated in a previous trial.