Maricopa County Audit 2020 Election

[eDe manKing]

Highlights from AZ Audit Senate Hearing 7/15

Hand Count
• Ballot duplication nightmare. Serial numbers are required to match the original and duplicated ballot. “Thousands” of ballots are either missing serial numbers or have unreadable serial numbers printed over a dark black ballot identification box.

Machine Analysis
• Inferior equipment verification process. Senator Peterson noted that if the EAC equipment verification process cannot handle evaluation by an audit, then we need a new certification procedure.

• Security breach, cyber security vulnerabilities, and missing security event data. Ben Cotton of CyFIR emphasized the critical need for router and Splunk log data. He gave 4 reasons:

a) The November election system breach reported by Maricopa County and the SoS.

b) Extreme cyber security vulnerabilities: the last malware and operating system/ security patch update was in August 2019 when the Dominion software was originally installed. “It would take less than 10 min to gain system-level access.”

c) Security event data only goes back to 2/5/21. By design, the security log only holds 20 MB of data. Strangely, on 3/11/21, there were 37,646 queries for a blank password that had had the effect of overwriting the data prior to 2/5/21.

d) Suspicious anonymous logons. CyFIR has found anonymous logons at the system level that do not follow the pattern of normal Windows behavior.

• Maricopa County is unable to validate the security of the election system. The evidence provided suggests that only Dominion is able to verify the ICP configuration. Cotton explains that it’s impossible to validate the security of an election system if you cannot independently validate the configuration. CyFIR needs the authentication fobs held by Dominion to check ICP configuration.

Paper Analysis
• Ballot calibration was off by an average of 1000% leading to bleed-through, which can cause over-votes or inaccurate vote attribution. The County has stated that they use thick VoteSecure paper, which should limit bleed-through in the event of mis-calibration. However, the Cyber Ninjas team found a large number of ballots on very thin paper stock. The ballots printed on-demand at the voting centers on Election Day has the worst calibrations issues. More than 168K ballots were affected.

Voter Rolls
• Voter roll anomalies affect more than 107K ballots. Doug Logan “highly recommends canvassing” based on the data his team has reviewed. For example:

a) There are 74,243 mail-in ballots with no clear record of being sent out

b) 11,326 who voted did not show up on the 11/7 voter rolls, but are listed in the 12/4 database

c) 3,981 who voted on Election Day were registered after 10/15, which is a violation of state law

d) Approximately 18k people voted on Election Day but were subsequently removed from the rolls

Envelopes
• Maricopa County did not turn over images of the envelopes as requested on the January subpoena

The hearing concluded with a review of the 17 missing items needed to complete audit, many of them already subpoenaed, including router data, Splunk logs, hardware tokens, envelope images, chain of custody documentation, and all portable media. Fann stated that the Senate will likely have to go back to court to enforce the subpoena.

[eDe manKing]

Congressional Response
download/file.php?mode=view&id=1177