Finally! Forensic Election Audit in Maricopa County (AZ) Begins Next Week

originally posted by: bloodymarvelous
It does seem highly unlikely that Cyber Ninjas is going to share that router information with anybody. What possible motive would exist?

That is actually totally irrelevant.

The only relevant datum that anyone needs to understand is, there is nothing contained within these routers/router images that could be used to identify anyone. Nothing. They contain routing tables (IP address mappings), and however much traffic logs they are either physically capable of holding or configured to hold, which usually isn't that much. Serious routers will have only minimal internal logging capability, and will overwrite older data with newer data when their internal logging capabilities are exceeded.

Routers like these are always - always - configured to send their logs to a log server (like Splunk) for permanent storage. Unless of course they are being managed by criminals with something to hide (or incompetent boobs).

The most important logs will be the Splunk logs (in this case, because apparently that is what was being used in Maricopa County), because those should contain everything - but still will not contain anything that would/should be of concern to the Sheriff or the County - again, unless they are criminals with something to hide.

originally posted by: alphabetaone
a reply to: carewemust
Arpaio.... the Lawman who didn't understand law enough to realize that accepting a pardon was an admission of his crimes.

Nopey dopey.

It can just as easily be a way to eliminate being persecuted by witch hunter asshats like the demwiths who hounded Trump for his entire first term.

Can't wait for his second. Hopefully he'll invoke National Security and fire 95+% of all federal employees in all federal agencies.

originally posted by: nemonimity
a reply to: bloodymarvelous

The other issue with the routers is that they are infrastructure routers for the county not just for the election, they have info for everyone who has connected through them. So police, the public, government officials, minors. There's personal information, private information, government information, banking info health services info.. It's not just specific to the election or the voting machines.

False premise much?

Don't talk about something that you obviously know nothing about.

Routers don't contain anything like what you describe.

They only contain routing tables/information (IP addresses/mappings), and traffic logs (what IP connected and when, and what it connected to, and how much data was transferred, etc).

There is absolutely zero personally identifying information. ZERO.

Just handing over all that info to a private organization would be a violation of any number of statutes and regulations which Maricopa stated in there denial of the request. I'm sure that's why they were so flippant in their denial of the subpoena, they knew if it went to a higher court, handing over the devices them selves with all that data would be struck down and they would be in the clear.

Well, since your initial premise is totally and completely fake nonsense based on pure ignorance of the subject matter, that makes this conclusion laughable.

originally posted by: nemonimity
a reply to: Boadicea
I know many here have their hearts set on specific outcomes and feel that the election audit should trump any other existing laws but they don't, each law exists within a framework of other laws instead of a vacuum.

Yes... and these laws were reviewed and argued when the County challenged the lawful subpoenas in court, and the Judge found that the subpoenas were lawful and the demanded information - THE ROUTERS - were well within their power of review.

So, your 'legal argument' is null and void when you first made it.

originally posted by: alphabetaone
originally posted by: Boadicea
As he pointed out here

"There's personal information, private information, government information, banking info health services info"

snip...

Unless of course, you are suggesting that your and countless others' personal information should be dealt with so flippantly and just let any idiot have it.

Since the routers do not contain any personally identifying information, government information, banking or health services information, etc, this ridiculously tiring argument is null and void on its face, and anyone who continues to make it is simply displaying their ignorance to anyone who reads their naive yammering.

THIS, is likely why the sheriff said nope.

Since your argument is demonstrably false on its face, the only real reason would be, the Sheriff is hiding some serious evidence of seriously criminal behavior.

originally posted by: bloodymarvelous
Yes, but the routers don't record any of the information you're listing off here. Just which computer connected to which other computer or IP address.

Almost, but not quite...

The data is there that might allow someone to discover the who, or which computer, accessed something, but...

It would require subpoenas to the ISPs involved, to match the IP address to a subscriber.

So. no, the forensic tech wouldn't be able to even identity who, only an IP address.

If you send your bank account number through the router, and then a forensic computer tech digs through the data, they won't be able to find out what your bank account number was.

Correct...

They'll know when and where you sent the data from and when and where it arrived.

Almost - they'll know when an IP address connected, but they would only be able to identify who the IP address belongs to (the ISP), not the ISPs customer who is using it.

I guess if it were sent from or to a banking website, then maybe they'll know where you bank at.

Only if they subpoenaed the information from the banks ISP.

a reply to: tanstaafl

You are wrong, request logging has been a part of modern routers for years.

I don't know where you get your information but you should try googling information when you don't have it.

www.google.com... wwYcOABqmm0PEPgJacyAU&oq=request+logging&gs_lcp=ChNtb2JpbGUtZ3dzLXdpei1zZXJwEAEYADIECCMQJzIECAAQQzIGCAAQBxAeMgYIABAHEB4yBggAEAcQHjIGCAAQBxAeMgYIABAHEB 4yBggAEAcQHjoGCAAQCBAeOgUIABCGA1DJ5QFY8ucBYJb3AWgAcAB4AIABnAGIAYQGkgEDNi4ymAEAoAEBwAEB&sclient=mobile-gws-wiz-serp

www.google.com...:1630584951445&q=personal+data+that+can+be+visible+in+a +router%27s+logs&spell=1&sa=X&ved=2ahUKEwjPzLmmouDyAhVhCjQIHRMPBSsQBSgAegQIARAC&biw=412&bih=737

www.guru99.com...


Just so everyone is slightly clearer on router vs switch because you are describing the latter. If you really want to know the data a router can log look up the specs of an enterprise cisco device.

Frankly it's stupid you didn't even bother with a simple search before jumping on that soap box.

originally posted by: alphabetaone
originally posted by: bloodymarvelous
"The routers won't have any of those things."

Correct.

Moving the goalposts again. Yay!

You previously made the argument that this information was there.

Now, after being proven wrong, you're trying again.

Why not give it up and just admit you don't know what you're talking about, and leave this discussion to those that do?

But what might it contain? Cached routing tables that show, lets say for argument sake, the route to NCIC for authorities, which may be considered confidential.

Googling as you go... yay.

So what? We aren't talking about publishing this data to the world. The data will only be viewed by those who are lawfully authorized, under strict guidelines against disclosure of any even potentially revealing information.

Or to what doctor a particular individual goes to (stalking anyone?), also encroaching upon their right to privacy if the medical doctor genre can be ascertained, or a health offcial responding to a citizen inquiry...

-sigh- here you go again. That information is not contained within the logs.

Please, just stop, you are only embarrassing yourself.

dont forget the remote IP is also kept in logs.

Don't forget, the remote IP is only an IP. Identifying the source computer (by MAC address) would require a separate court order to the ISP to find out which of their customers/what computer was using it at that precise time.

There are reasons why a POST/GET may divulge any suite of information not intended for public consumption.

-sigh-

In general, POST/GET logs will only show up in web server logs, not in router logs. So, yet again, this information will not be in the routers/router logs.

CAVEAT: Some equipment has multi-use capabilities - for example, my Watchguard perimeter security device is a firewall, but also has routing capabilities. It also contains built-in tools for traffic analysis, that shows destination URLs and other traffic (but NOT POST/GET logs, again, those would generally only show up in web server logs). But that isn't what we are talking about here, and even if it was, it still would not contain any sensitive personally identifying information, only IP addresses.

Now, if they do get ahold of the Splunk logs, the web server logs may also very well be in there, because usually you would use a central logging solution for all logs, that would allow easily searching and correlating related data (e.g., associating web logs with router connection events), but as long as the traffic was encrypted, the data itself would not be there.

Regardless, again, your arguments are inane and ignorant, so please, just stop embarrassing yourself.

One thing I AM for though, is in someone with clearance and the aptitude to actually view the logs for only the relevant connections, being performed

Yes, it is called a forensics audit, being performed by forensics auditors, as duly authorized by the entity (in this case the State Senate) that has the lawful authority to engage in the forensic audit.

originally posted by: alphabetaone
a reply to: Boadicea
It's not a change of heart. I've said this all along. The senate, which i am postulating, does not have the authority to infringe upon individual rights is my contention, no matter what authority they perceive to have. Constitutional protections trumps anything they could vote upon.

And now you're back to claiming that examining router logs will reveal Constitutionally protected 'personal information'...

-sigh-

"So what would this look like? What would proper "clearance" consist of?"

As far as clearance, nothing less than TS clearance.

Rotflmao!!!!

TS clearance? because some personally identifying information might be seen?

L.O.L.

Dude. Just stop. I can't take much more.

originally posted by: nemonimity
a reply to: tanstaafl

You are wrong, request logging has been a part of modern routers for years.

No, I'm not. Request (URL) logging doesn't contain any personally identifying information.

And since most connections are encrypted, they cannot log any even potentially sensitive information.

I already caveated the difference between what modern mixed-use devices can be configured to do, but there is a big question that I don't know the answer to, and that is what are the defaults for all of the different manufacturers devices out there?

Anyway, it is all irrelevant to the ridiculous argument that these logs contain any personally identifying information.

They don't. PERIOD.

From Colorado:

Secretary of State Griswold files suit to remove Mesa County clerk

Colorado’s Secretary of State has filed a lawsuit to remove a rural county’s election clerk who is accused of allowing a security breach of the county’s voting equipment which is currently being investigated by the FBI.

The lawsuit filed Monday in Mesa County district court by Secretary of State Jena Griswold seeks to formally remove Mesa County Clerk Tina Peters as the designated election official and replace her with former Secretary of State Wayne Williams.

Griswold says Peters allowed a non-employee into a software update of election equipment and images of the voting machine’s software were obtained by conspiracy theorists and posted on far-right blogs.

Tina Miller is the County Clerk featured at Mike Lindell's Cyber Symposium:

Mesa County Colorado Clerk Tina Peters Tells Shocking Story on How Her Office Was Raided As She Was En Route to Symposium

Mesa County District launched a criminal investigation against Peters for allegedly posting election system passwords on the internet.

Peters maintains she had nothing to do with the crime she is accused and is being targeted for documenting election fraud in her county.

a reply to: TrulyColorBlind

What is it with people like that? Do they really hate America that much!?

Thanks for your continual saying it loud and proud. Don't stop saying it. We are America and proud of our country.

There are probably as many reasons as there are people who say things like that -- from honest ignorance to flat out gaslighters. It doesn't matter. Truth is the answer. In the simplest words possible, to cut through all the disinfo and misinfo and half-truths and blatant lies and all the other smoke and mirrors.

When the people have the truth, they'll figure it out and the chips will fall where they may.

a reply to: tanstaafl

www.w3.org...#:~:text=15.1%20Personal%20Information,HTTP%20protocol%20to%20other%20sources.

Caveat then deny the caveat?

originally posted by: nemonimity
a reply to: tanstaafl

www.w3.org...#:~:text=15.1%20Personal%20Information,HTTP%20protocol%20to%20other%20sources.

Caveat then deny the caveat?

Could you explain the relevant parts in layperson's terms for the rest of us please?

What does HTTP (hypertext transmission protocol) have to do with the routers? Is the actual text -- including names and emails -- contained on the routers/Splunk logs? How does this provide identifiable information?

Update from Wisconsin:

urbanmilwaukee.com...

With no public hearing or public meetings — using merely a paper ballot distributed by Republican leadership to members’ offices — the committee that sets the Legislature’s agenda voted along party lines 5-3 to hire staff and officially begin an election audit under the direction of Speaker Robin Vos. The brief 5-line ballot did not specify any funding — or cost limits — on the election investigation, but Republicans have indicated they plan to spend $680,000 on “at least to start” in their hunt to find fraud and a “steal” of the presidential election. The actual ballot wording allows Vos to appoint someone to “oversee an Office of Special Counsel” investigating the integrity of the election. (Well before the vote he had already tapped former Supreme Court Justice Michael Gableman — an outspoken critic of the 2020 presidential election.)

In a sign that there is still a division among Republican election skeptics, some legislators are getting lobbied to support the Brandtjen audit instead of Vos’ plan. Previously, that audit was referred to by supporters as a “cyber forensic audit,” but with Vos now calling his audit by that name, Brandtjen’s supporters are now demanding a “Full Forensic Physical and Cyber Audit” (or FFPCA for short) in contrast with Vos’ “forensic cyber audit.” Proponents of election-fraud theories, both groups and individuals, continue to express dissatisfaction with Vos on various message boards and email lists viewed by the Examiner. A key difference appears to be their desire to seize machines and materials.

At this point my head is spinning and I don't now who can be trusted.

a reply to: IndieA

Depending on what the Arizona forensic investigation finds, it will either breathe life into Wisconsin, Pennsylvania, Michigan and Georgia....or cause them all to cancel whatever it is they were thinking about investigating.

originally posted by: nemonimity
a reply to: tanstaafl

www.w3.org...#:~:text=15.1%20Personal%20Information,HTTP%20protocol%20to%20other%20sources.

Linking to an RFC that was replaced by multiple others?

But ok, let's look at the 8 year old superceded reference:

"15.1 Personal Information
HTTP clients are often privy to large amounts of personal information..."

So, are you now claiming that a router is an HTTP client? Hint: it isn't. A web browser is an HTTP client.

Then we have:

"15.1.1 Abuse of Server Log Information
A server is in the position to save personal data about a user's requests which might identify their reading patterns or subjects of interest."

Do you not understand that "server" means a WEB server? I already noted that the web server logs would have a lot of information. But... this is also talking about HTTP, not HTTPS... encrypted traffic is different, but the web server would obviously have access to the actual data.

Next?

originally posted by: Boadicea

originally posted by: nemonimity
a reply to: tanstaafl

www.w3.org...#:~:text=15.1%20Personal%20Information,HTTP%20protocol%20to%20other%20sources.

Caveat then deny the caveat?

Could you explain the relevant parts in layperson's terms for the rest of us please?

It is an old superceded RFC (see my prior link), so not fully relevant.

What does HTTP (hypertext transmission protocol) have to do with the routers? Is the actual text -- including names and emails -- contained on the routers/Splunk logs? How does this provide identifiable information?

The potentially personally identifying information isn't in the router logs, unless they were logging at a level that would capture it, but, it would be encrypted - unless it was unencrypted (not over HTTPS) traffic.

It would however be contained in the web server logs (the web/HTTP/HTTPS traffic that is). It is entirely possible they were sending the web server logs to Splunk too, in which case, the info would be in there.

But that is still irrelevant, as the auditors are under serious legal restrictions as to what they can and can't do with the info, and if they want to keep their reputations intact, remain in business, and stay out of jail, they'd best not divulge any personally identifiable information, unless it is revealed as evidence of criminal activity.

a reply to: tanstaafl

"Unless", indeed. But, is it?

a reply to: tanstaafl

Thank you! Very much appreciated.

But that is still irrelevant, as the auditors are under serious legal restrictions as to what they can and can't do with the info, and if they want to keep their reputations intact, remain in business, and stay out of jail, they'd best not divulge any personally identifiable information, unless it is revealed as evidence of criminal activity.

Even if it did reveal evidence of criminal activity, as I understand it, that would be simply part of what they turn over to the Senate, and it would be the Senate which would provide that information to law enforcement.

I'm still shaking my head that so much concern is placed upon potential misconduct by the auditors -- who have means and opportunity, but no motive that I can think of.

But so little concern is placed upon the known and potential misconduct of election officials -- who have means, opportunity AND motive. And are fighting tooth and nail to hide the whole truth from the public.