Anyone see the Newsmax interview with (I think, Biglots) CEO who had his computer nerds on the task of Dominion system analysis? BTW, what happened with the argument that non state legislature changes to allow voting past Nov 3rd are on their face unconstitutional; that would be enough to overturn the election by itself. How does Alito not see the unconstitutional process, and thereby rubber-stamp other means of change--Gov's, election boards, judges etc.??!!
This IT Security nerd looks at some of the videos and thinks to himself "no way is Dominion so incompetent." I could see incompetence at county and state level of the election machine, but not this degree of incompetence.
The surreptitious thumb drive handoff raises quite a number of questions, and they all point to malice, not incompetence.
1. it is normal practice in most large organizations to use a Group Policy to disable ALL* external data ports. in this case, even rolling back the GPO won't undo the change. Either an individual user would have to make a registry modification, or a new GPO published which makes that regedit at the enterprise level
* - except possibly sales/marketing
2. it is normal practice within many large organizations to use Zero Trust endpoint agents like Bit9 and CyberArk to do what can be done with that Group Policy. Not to mention that both Bit9 and CyberArk will ***only*** allow execution of those programs which have been expressly permitted to execute. Both of those tools are a Default Deny on ***everything***. As a frame of reference, I am the Bit9 owner where I work, and also do lots of work in CyberArk.
3. all large organizations use SIEM tools (we use splunk). SIEM tools are good aggregators from all activity for all security tools, for event logging, and a number of other things.
4. there may be some that don't and I am not aware of them, but EDR sensors are deployed which will track Every. Single. Thing.: file executions, file modifications, network connections, registry modifications, memory abuse, and quite a number more. Some EDR (endpoint detection and response) tools, like the one we use, actually give me reverse shell to every single PC and server in the entire enterprise. If a user has mounted a personal OneDrive or Google Drive to Windows Explorer, I can see all of the contents of his Google or OneDrive.
With the tool set we use where I work, there is literally nothing I cannot see and audit anywhere in our enterprise, with the exception of database content (Oracle, MS SQL Server, MySQL, MongoDB,
et al).
It is quite a stretch for me to believe none of those sorts of tools were in place anywhere because of incompetence.
www.breitbart.com
