The Cyber Ninjas debunked the response to the Maricopa County audit.
“Maricopa County (MC) continues to purposely mislead Arizonans and the American public about the nature of audit findings, and the impact they had on the 2020 General Election… The following response to their review continues to refute their baseless claims with evidence and citations.”
The Cyber Ninjas 11-page report covers:
23,000 votes from prior addresses
Maricopa County claims that military, student, and snowbird voters were not factored in. When those voters are considered, the number is reduced to 22,000.
-
The Importance of Prayer: How a Christian Gold Company Stands Out by Defending Americans’ Retirement
17,000 duplicate ballot envelopes
Maricopa County claims that curing explains the duplicates. Curing can only potentially explain 2,138 of the duplicates.
Purged EMS database and log files
Maricopa County claims standard archival steps were taken on February 2nd to free drive space. In fact, (1) the files were deleted on February 1st: “If any backups or archives were conducted on February 2nd, the data was already deleted;” (2) “If it was normal to purge data… it would be expected that this would be true for every other election on the EMS Server. However… the data is still present for other past elections;” (3) The drive had more than 2TB of free space available: “There was no technical reason to delete the data before the two audits hired by Maricopa County. In fact, it begs to question what the auditors had to audit if there were no election results when ProV&V arrived on February 2nd.”
Corrupt and missing ballot images
Maricopa “claims that the fact that the ballot images are corrupt or missing from the (EMS) Server is inconsequential, and that ballot images should have been viewed from one of the other drives provided.” However, Maricopa fails to explain why or how the images were corrupted, or why images are missing from that system. “The drive provided wasn’t even in the same folder structure as the NAS directory and it did not have any other resemblance to an official backup…”
165,000 missing pre-adjudicated ballot images
“Furthermore, a review of the drive provided doesn’t include all pre-adjudicated images. The post-adjudicated images on the drive show the expected 2,089,563 images, but the pre-adjudicated images only show 1,923,719 images. The difference of 165,844 appears to be the number of ballots processed by the Election Day ImageCast Precinct 2 tabulators based on the CVR, but it’s unclear why or how these images would be collected in a manner where these images were missing.”
Internet connectivity
Maricopa claims the systems are not connected to the internet and carefully avoids the use of the past tense. “CyFIR’s analysis never stated that the systems were always connected to the internet, but simply stated that there are distinct periods of time where internet connectivity can be validated… CyFIR utilized a tool called HstEx v4 to review the hard drives of all the affected systems for artifacts of internet activity…” The HstEX v4 clearly reveals URLs were visited and the machines had “a pathway to the internet.”
Intentional execution of scripts to ensure that log entries were not retained
Maricopa blames factory settings for the deletion of security log files. In fact, the County had full control and authority to modify default parameters and the retention period should have been set for 22 months.
Furthermore, “the response by Maricopa County does not address the fact that a user leveraging the ems admin account deliberately and purposely executed a script that checked the accounts for duplicate passwords 38,478 times. This deliberate execution of the script occurred over three days, specifically on 2/11/21 there were 462 log entries overwritten, on 3/3/21 there were 37,686 log entries overwritten, and on 4/12/21 there were 330 log entries overwritten. Given that Maricopa County knew that the setting on the log retention was limited to 20MB, the act of executing these scripts had the effect of deliberated ensuring that the Windows security logs covering the dates of the General Election would not be available for review.”
• And more…
Read the full report: Cyber_Ninjas_Response_Maricopa_County_Analysis_of_Senate_Report (1)