Macomb County Limited Custody: Fill & Download for Free

No, it won’t impact anything.The report is awkwardly written, poorly laid out, repetitive, and feels like a first draft by a kid trying to get into law school. It’s conclusions are lept to, he’s failed to provide context or link important evidence while discussing minutiae in great detail.Further, it massively overreaches it’s scope in many places. This was a “forensics” report, meant to discuss factual findings of the information security in place, as well as, I’d imagine, a process analysis. Instead it’s combative towards the defendants and goes so far as to make truthiness claims about defendant's’ statements.While he does glancingly address the primary reason for the errors, he doesn’t conduct any interviews specifically with the canvassing staff, even if he does mention conversations with them. Due to the conclusions he draws, this is essential…To be fair to the report, however, he does bring up some excellent issues:The machines weren’t up to date, patching wise. Based on how far out of date they were, this could have been a CAT 1 STIG finding (highest vulnerability)The fact that the audit logs were missing prior to the election is concerning, but likely explicable, and should be explainedIf they all use the same account, that’s also a concernThe fact that the USBs weren’t secured is a concern in operational securityFrom my understanding of the entire process, these concerns aren’t as bad as they seem for a few reasons:The central tabulation computer was “air-gapped”. It was not connected to a LAN or the internet.The missing audit logs happened before the election. So they're likely moot for any ballot switching tampering.The attempt to clear the logs was not an attempt to clear the logs.The election was over a month overThey still have the paper ballots, which the forensic analysis team didn’t have access too (also important since they weren’t able to actually test their theories)Some background first:No, Charles Austin Miller, this "audit" wasn't court ordered. The report was paid for by a guy who was disputing the results of a marijuana referendum in Central Lake to allow a marijuana retailer within city limits.[1] The judge ordered William Bailey could take images of the machines for analysis and then ordered the public release of the report (which I can’t find anywhere). The “audit” itself wasn't ordered.UPDATE: the actual official risk limiting audit was conducted over a seven hour livestream where the pubic was able to watch the bipartisan audit team hand count the ballots. In the end, Trump gains 11 votes over the machine count and Biden gained 1.[2]Let’s be clear: This wasn’t an impartial audit, it was an antagonistic consultant report, run by Russ Ramsland, a Republican operative also known for making more counterfactual claims in affidavits than factual ones…like mistating voter turnout rates in different districts and mistaking Michigan for Minnesota.He was hired by William Bailey to do the report. Bailey was angry because of a very narrowly passed local referendum asking if it was okay for a retail marijuana dispensary to open up in his town, Central Lake, located in Antrim County.I looked through most of the answers and while they talked about just how flawed Ramsland is, they didn’t really talk about where these figures and this statement came from. I’ll leave the ad hominems with those answers.Antrim County gained notoriety this election cycle after an initial erroneous upload on November 3rd said it was won by Biden. After a brief review they fixed the results to have it won by Trump by a 61% to 37% margin.[3] The reason for the mixup was an Election Definition wasn’t properly updated across all the precincts after one district’s local ballot changed in October.[4]Sheryl Guy, an Antrim County Clerk found the problem and corrected it on November 5th.Most of the report ignores that this happened to make it seem like something illegal happened. Only one portion of this report actually addresses the event that happened, however, it simply hand-waves it away, claiming this wasn’t what happened.On my expertise, I’m a systems administrator, and systems developer, and have worked on securing DoD systems for a decade, running security audits and securing these systems.So what is this Report actually saying?Update: Here is the report, https://www.9and10news.com/content/uploads/2020/12/Antrim_Michigan_Forensics_Report_121320_v2_REDACTED.pdfFor reference, here is the response affidavit filed from the Secretary of State: https://www.michigan.gov/documents/ag/SOS_Benson_Response_Antrim_County_710474_7.pdfAs laid out by the Washington Times they say he's claiming that 68% of the ballots that were run through the machine errored, causing them to be adjudicated and that no one oversaw the adjudication process. Further, he’s asserting that this error rate was by design, as in, Dominion engineered their software to fail at a rate of 68% so that people could then change who voted for whom. He leaps from this assertion to say that every county in Michigan that used Dominion machines should be de-certified ergo, every state that uses Dominion should be de-certified. (Yes, he does say this explicitly in the report).A quick summary of what’s wrong with this conclusion:The machines are all certified nationally by the EAC. A failure rate that high would raise some major red flags all over the place, it’s frankly shocking that it took this long for it to come to light…if it’s true. He’s also assuming the adjudication process is set up to change votes — the interesting thing is that he doesn’t even understand how this process works in Michigan.But I’ll cover all this in more detail in the analysis of the report below.So let’s look at the report, now that I have access to it.He starts with this conclusion:2. We conclude that the Dominion Voting System is intentionally and purposefully designed with inherent errors to create systemic fraud and influence election results. The system intentionally generates an enormously high number of ballot errors. The electronic ballots are then transferred for adjudication. The intentional errors lead to bulk adjudication of ballots with no oversight, no transparency, and no audit trail. This leads to voter or election fraud. Based on our study, we conclude that The Dominion Voting System should not be used in Michigan. We further conclude that the results of Antrim County should not have been certified.Having worked in IT and performed security audits I have to say that this declaration is vastly overstepping its scope and asserting legal remedies rather than sticking to the lane of an information security audit.Later he drops this bomb at point 22:Research is ongoing. However, based on the preliminary results, we conclude that the errors are so significant that they call into question the integrity and legitimacy of the results in the Antrim County 2020 election to the point that the results are not certifiable. Because the same machines and software are used in 48 other counties in Michigan, this casts doubt on the integrity of the entire election in the state of Michigan.OH, THAT’S WHY THEY’RE DOING THIS.It would have been stupid to overturn such a red county as Antrim, or most of the other counties that use Dominion. But if they got Wayne county…Trump would win Michigan. Trump would win Georgia because Dominion!Frankly, as someone who’s run forensic system audits, it seems like a tremendous overreach of the report to even suggest in such blatant terms that he should suggest to a county judge reviewing a city matter that not only should he overturn Antrim county, but also demand that all 48 counties decertify the results.He presents the different vote totals, one on Election day, one on the 5th, revised with numbers up for Trump and a count that took place on the 21st where Biden lost 1300 votes.Secretary of State Benson’s response clarifies the November 21st adjustment in her response to the report:On November 21, the Bureau of Elections received corrected official election results from Antrim County, which may explain why a user was in the election management system on that date.He boldly states:4. The Antrim County Clerk and Secretary of State Jocelyn Benson have stated that the election night error (detailed above by the vote "flip" from Trump to Biden, was the result of human error caused by the failure to update the Mancelona Township tabulator prior to election night for a down ballot race. We disagree and conclude that the vote flip occurred because of machine error built into the voting software designed to create error.As stated, the person who made the mistake, Sheryl Guy, has confessed this error and cleaned it up. After running the tabulation after fixing this configuration problem, the numbers were appropriate.No where in the report does it actually account for this tabulation problem. As I continue I’ll point out a number of places where he mentions November 6th as a problem date. November 5 was when the configuration was updated, but he doesn’t mention this event outside of alluding to the fact that this mitigation should have thrown off the security certification of the machines…which I don’t believe is the case. Certified machines have data updated all the time, an election definition correction would not invalidate the machine’s security certification.5. Secretary of State Jocelyn Benson's statement on November 6, 2020 that "[t]the correct results always were and continue to be reflected on the tabulator totals tape . . . ." was falseThis is another overreach of his report. The report was to analyze the security and tabulation of the voting machines, not as a lawyer trying to rebut the Secretary of State’s comments.The full paragraph he’s quoting says this:[5]The correct results always were and continue to be reflected on the tabulator totals tape and on the ballots themselves. Even if the error in the reported unofficial results had not been quickly noticed, it would have been identified during the county canvass. Boards of County Canvassers, which are composed of 2 Democrats and 2 Republicans, review the printed totals tape from each tabulator during the canvass to verify the reported vote totals are correct.She’s referring to the particular precincts in question. Each one was correct without error, the errors occurred when merging the results prior to the definition update on the 6th.6. The allowable election error rate established by the Federal Election Commission guidelines is of 1 in 250,000 ballots (.0008%). We observed an error rate of 68.05%.The FEC is in charge of campaign finance, he probably means the EAC. However, looking at the EAC guidelines I can’t find that figure mentioned anywhere. Voluntary Voting System Guidelines. Further, 1 in 250,000 is .0004%, not .0008%….but later on we find the issue: in J-2 he quotes the document and it turns out he’s been doubling the threshold, he meant to say 1 in 125,000.8. The tabulation log for the forensic examination of the server for Antrim County from December 6, 2020consists of 15,676 individual events, of which 10,667 or 68.05% of the events were recorded errors. These errors resulted in overall tabulation errors or ballots being sent to adjudication. This high error rates proves the Dominion Voting System is flawed and does not meet state or federal election laws. [SIC]9. These errors occurred after The Antrim County Clerk provided a re-provisioned CF card with uploaded software for the Central Lake Precinct on November 6, 2020. This means the statement by Secretary Benson was false. The Dominion Voting System produced systemic errors and high error rates both prior to the update and after the update; meaning the update (or lack of update) is not the cause of errors.The report filed doesn’t contain these logs, so we can’t tell what they are actually saying.The date referenced, December 6, is oddly thrown in there. These logs have dates on them so they could easily see what was going on and when. Without seeing more, the date is a red-herring and these errors that he’s referring to are most likely due to the update of the Election Definition. Referenced above.It is strange that he’d mention only Central Lake in this issue, as well. Yes, that’s where the lawsuit he’s addressing happened, but he has access to several machines down chain in the process.He also doesn’t specify when these errors occurred. In other words he says there were “15,676 individual events, of which 10,667 or 68.05% of the events were recorded errors.” and then he says “The Dominion Voting System produced systemic errors and high error rates both prior to the update and after the update”. How many occurred on each date?There are no examples of the verbiage of these error logs, so we cannot examine what they are. Depending on the system it could be anything. Further, there’s no interviews listed anywhere with anyone present who can attest to a large number of adjudications. This sort of thing would absolutely be noticed. There were only 15,000 ballots cast, which would be, as he said 10,000 adjudications. That’s a tremendous amount of work for a small county. There would be no way that they could complete adjudications on that many ballots in 2 days.Without providing these logs with analysis from Dominion and qualified third party experts, this central piece of evidence that they use is, while troubling, highly suspect as evidence of fraud or even machine error.It’s worth noting that ASOG has been involved in several election cases and hasn’t brought this to light in any of those, many of which involve Dominion tabulation machines.10. In Central Lake Township there were 1,222 ballots reversed out of 1,491 total ballots cast, resulting in an 81.96% rejection rate. All reversed ballots are sent to adjudication for a decision by election personnel.11. It is critical to understand that the Dominion system classifies ballots into two categories, 1) normal ballots and 2) adjudicated ballots. Ballots sent to adjudication can be altered by administrators, and adjudication files can be moved between different Results Tally and Reporting (RTR) terminals with no audit trail of which administrator actually adjudicates (i.e. votes) the ballot batch. This demonstrated a significant and fatal error in security and election integrity because it provides no meaningful observation of the adjudication process or audit trail of which administrator actually adjudicated the ballots.He really likes to say “Significant and fatal error in security.” He says it a lot in this report.I bring this part up because he is throwing a lot of terminology around without defining it, using “normal ballots” and “adjudicated ballots” and then throwing “reversed” in there (he bolded it).Without contextually defining what “Reversed” means, this is an absurdly high number. On top of that, an 82% rejection rate would be noticed. Again, this is a very red precinct. From the tabulation tape he provided a photo of, there would have to be something really wrong going on, and every team working on these adjudications were bipartisan…Someone would have noticed this error rate, but there’s no interviews claimnig this was the case.13. The linked video demonstrates how to cheat at adjudication:He literally added in a video from a guy on twitter called KanekoaTheGreat to show you that if there’s a single dishonest adjudicator there that isn’t observed and not working in a team, then they can change a ballot to justify voter’s intent.He also notes this:15. Significantly, the computer system shows vote adjudication logs for prior years; but all adjudication log entries for the 2020 election cycle are missing. The adjudication process is the simplest way to manually manipulate votes. The lack of records prevents any form of audit accountability, and their conspicuous absence is extremely suspicious since the files exist for previous years using the same software. Removal of these files violates state law and prevents a meaningful audit, even if the Secretary wanted to conduct an audit. We must conclude that the 2020 election cycle records have been manually removed.The major problem with this observation is noted in the SOS response (linked above):12. The report does not explain the basis for its assumption that Antrim County uses adjudication software or any evidence that adjudication software was actually used to change votes. It is not clear how this would even be possible in Antrim County, as adjudication software is used with the Dominion Image Cast Central (ICC) high-speed scanners, not Image Cast Precinct (ICP) tabulators. According to my understanding, ICC high-speed scanners are not used in Antrim County. Rather, adjudication is done by teams of election workers using the paper ballot when needed.The Report goes on:18. The Election Event Designer Log shows that Dominion ImageCast Precinct Cards were programmed with new ballot programming on 10/23/2020 and then again after the election on 11/05/2020.This note is bizarre. It’s been known since 11/5 that there was an issue with the election definition as linked above, that a ballot initiative was changed 10/23. But there were issues with a few of the precincts that required updating after 11/5.[6]19. The only reason to change software after the election would be to obfuscate evidence of fraud and/or to correct program errors that would de-certify the election. Our findings show that the Central Lake Township tabulator tape totals were significantly altered by utilizing two different program versions (10/23/2020 and 11/05/2020), both of which were software changes during an election which violates election law, and not just human error associated with the Dominion Election Management System. This is clear evidence of software generated movement of votes. The claims made on the Office of the Secretary of State website are false.Updating the tabulation configuration doesn’t constitute a “software change”, which would be updating the systems after certification to use completely different software.Here is also another case of the report overstepping itself to jump from “an Election Definition update” to THE MACHINES WERE DESIGNED TO CHANGE VOTES! SHE’S LYING!The Dominion ImageCast Precinct (ICP) machines have the ability to be connected to the internet (see Image 11). By connecting a network scanner to the ethernet port on the ICP machine and creating Packet Capture logs from the machines we examined show the ability to connect to the network, Application Programming Interface (API) (a data exchange between two different systems) calls and web (http) connections to the Election Management System server. Best practice is to disable the network interface card to avoid connection to the internet. This demonstrated a significant and fatal error in security and election integrity. Because certain files have been deleted, we have not yet found origin or destination; but our research continues.Another strange one. He claims that because it has a network card, it’s a security risk.He provides no evidence that it was not disabled nor that it was ever plugged in.Because the intentional high error rate generates large numbers of ballots to be adjudicated by election personnel, we must deduce that bulk adjudication occurred. However, because files and adjudication logs are missing, we have not yet determined where the bulk adjudication occurred or who was responsible for it. Our research continuesOr you could have interviewed canvassing personnel. The county has always been very Red, and at least half of the people working were Republicans.But again, as per the SOS statement, it was hand adjudicated.Additionally, he oversteps the scope by assigning intention to the errors that occurred. It’s subtle, but important.He then resurrects his Venezuela Conspiracy theory by proxy, bringing up a Venezuelan Mathematics professor who devised a statistical approach to claiming that the election on Venezuela was rigged…and therefore this one in Antrim was too.He throws this in there:Dominion voting system is a Canadian owned company with global subsidiaries. It is owned by Staple Street Capital which is in turn owned by UBS Securities LLC, of which 3 out of their 7 board members are Chinese nationals. The Dominion software is licensed from Smartmatic which is a Venezuelan owned and controlled company. Dominion Server locations have been determined to be in Serbia, Canada, the US, Spain and Germany.Yes, Venezuelan immigrants to the United States started SmartMatic In the United States who are anti-Medura.As noted by Kevin Bryant in the comments:Dominion doesn’t use licensed software, it makes it itself, and has no connection to SmartMatic.Additionally, from SmartMatic (even if it’s irrelevant):And SmartMatic does not own any shares of Dominion.[7] And Dominion has no financial ties to SmartMatic.This is propagating misinformation and a long debunked conspiracy theory.For the process part of this, it’s important to note that Ramsland Did Not Have Access to the Ballots.Most of what he talks about sounds fishy, with “before” and “after” pictures of receipts printed out where the votes change significantly…but he didn’t get to examine the ballots to see what the issue was. His claim that 3 ballots were damaged and then “cured” (an election term that I think is used improperly) and then not counted, doesn’t fly right. Especially since the issue at question is the proposal to have a marijuana dispensary. That one lost one “no” vote between the election and recount.He doesn’t know why and the computer won’t tell him.As the tabulator tape totals prove, there were large numbers of votes switched from the November 3, 2020 tape to the November 6, 2020 tape. This was solely based on using different software versions of the operating program to calculate votes, not tabulate votes.Except that’s not what happened. The tabulation definition changed, not the software version.J-3 is nonsense, the only county in Michigan that uses ranked choice voting is Macomb county. It was certainly not enabled in Antrim.And again from the SOS report:In J.4 through J.6, the report suggests it is improper to divert write-ins for adjudication, but that is the only way those ballots can be counted – people have to look at the name written in on the paper ballot and determine who it should be assigned to.He concludes with a random excerpt of a script they ran without providing context.It is suspect that the computers hadn’t been updated in a few years. At the same time, based on the form factor of those “servers” they appear to be compact desktopsMaking me just guess here, that the SQL installed was a desktop or pocket version that was coupled with the voting tabulation software.On top of that, the machines were never on the network, as stated in the report — it’s updated offline and they use USBs to transfer the data to it, which mitigates most of the issues.6. Antivirus definition is 1666 days old on 12/11/2020. Antrim County updates its system with USB drives. USB drives are the most common vectors for injecting malware into computer systems. The failure to properly update the antivirus definition drastically increases the harm cause by malware from other machines being transmitted to the voting system.This is a concern, to be sure. You want to make sure this stuff is up-to-date…but again, when the chain of custody of the USBs is maintained, this is partly mitigated.However, one strange thing that jumped out at me concerning this report…He doesn’t anywhere state the OS versionHe doesn’t anywhere state the version of the Dominion software in useHe doesn’t anywhere state the SQL Server version in use.These are basic, basic, basic first steps in any forensic information security investigation.Especially since he’s claiming they’re out of date…It’s odd also that WSUS was run in 2019, yet he’s saying it’s 3 years out of date…a decent Security operation would link to evidence of when Microsoft put these patches out there.This quote here was very illuminating also,a user attempted to zero out election results. Id:3168 EmsLogger - There is no permission to {0} - Project: User: Thread: 189. This is direct proof of an attempt to tamper with evidence.Except that's not what that means. In many coding languages {number} is a placeholder for a variable. This error likely means that something completely unexpected occurred and requires a lot more context. It definitely doesn't necessarily mean that someone was trying to zero election results.My analysis is that he showed several random pictures for no reason whatsoever, like the servers, for instance, and a random picture from the Dominion configuration manager from the installation guide, not a screenshot from the server itself. here:This is from the Dominion manual, and is completely irrelevant to the machines themselves. Why would you not put in a screenshot to compare to the actual tabulation machine? He shows a picture of some sort of “log” that’s redacted claiming that votes were allowed to be changed without audit.However, the Secretary of State notes:The report does not explain the basis for its finding that “RCV or Ranked Choice Voting Algorithm” was enabled in J.3, or how the “enabling” RCV would have caused ballots not designed for or tabulators not programmed for ranked choice voting to be read and tabulated. Ranked Choice Voting is not authorized by the Michigan Election Law for use in federal or state-level elections.So this configuration was completely irrelevant.Additionally he says this:7. On 12/8/2020 Microsoft issued 58 security patches across 10+ products, some of which were used for the election software machine, server and programs. Of the 58 security fixes 22, were patches to remote code execution (RCE) vulnerabilities. [Image 11]:12/8 was over a month after the election…while it’s always good practice to keep a server up to date, the final ballot tabulation was posted 11/21 and certified…it's kind of asinine to expect them to install patches that haven't even been released yet. Also the server was air-gapped, so no one could connect to it remotely to execute codeThe picture provided is a complete red-herring. It has nothing to do with the relevance of a patch not installed that wasn’t released until weeks after tabulation was complete. Nothing at all.The fact that he felt the need to put those in there, but couldn’t provide the logs or pictures of the errors, or screenshots of anything else that is actually relevant is very suspect. It speaks of a lack of experience and lack of detail.The fact that he tried to assert legal solutions to perceived security issues demonstrates that the report was more political than professional.It was terribly assembled mixing up data, processes, and conclusions, randomly numbering paragraphs like this was a legal motion. It was repetitive. He dismisses out of hand the fact that they had to update the data definition software so that he can draw the conclusion that this was a machine problem and not a human one.I’m not a Michigan state or Antrim County or Dominion voting expert. I am an information security professional, and this report is a joke, for the most part, full of casual errors, like the 1 in 125000 error that he repeated twice while repeating the incorrect calculation twice as well as many grammatical errors.I’d agree that they should have a professional do an audit and they did find a few suspect issues at play, but nothing that would affect the election…Adjudications are normal and this was a red state.Footnotes[1] Audit of Antrim County Vote Tabulating Machines Continues - 9 & 10 News[2] Antrim County audit shows 12-vote gain for Trump[3] Antrim County election results investigated after red Michigan county turns blue[4] Antrim vote glitch: Expert shares how county mistakenly flipped from red to blue[5] False claims from Ronna McDaniel have no merit[6] https://www.michigan.gov/documents/sos/Antrim_Fact_Check_707197_7.pdf[7] https://www.reuters.com/article/uk-factcheck-smartmatic-ceo-biden-team-d/fact-checksmartmatic-ceo-is-not-on-bidensteamsmartmatic-software-is-not-on-dominion-voting-machines-idUSKBN2801ZJ