By Wendi Strauch Mahoney -September 24, 2021
Arizona’s Maricopa County forensic audit report presentation began at 4:00 EST Friday in the State Senate showing over 57,000 votes are in question. The Maricopa audit is just one county in Arizona but it is the fourth largest county in terms of population in the U.S. The full report with Senate President Fann’s letter to AG Brnovich can be found here.
The independent audit team presented their findings with Senate President Karen Fann presiding. The Senate Republicans chose an audit team led by Cyber Ninjas CEO, Doug Logan and Ben Cotton of CyFIR.
Data analyst and inventor, Dr. Shiva Ayyadurai also presented his analysis of several facets of the audit, including findings on duplicate ballots and ballot envelope images.
Senate liaisons Randy Pullen and Ken Bennett both presented. Bennett reviewed pertinent election laws and statutes toward the end of the presentation that could force compliance by the county to adjust the number of votes.
Senator Peterson, also present for the hearing, spoke at the end. He mentioned the constant obstruction to the audit, ostensibly spending, he said, “hundreds of thousands of dollars” to fight the process of an independent audit that was by and large supported by the citizens of Arizona. Peterson identified many critical issues that need to be addressed, some of which are criminal offenses:
- The obstruction of the audit.
- The numbers do not reconcile.
- “It appears they broke the law with the duplicate ballots.”
- We need to hold people accountable for the mistakes.
- There are significant chain of custody issues.
- Failure to preserve data files.
- Cyber security weaknesses.
- Signatures missing on the envelopes.
The Finding Summary Table below provides a quick overview, showing over 57,000 illegal votes, almost 6x the margin of 10,457 votes tallied on Nov. 3 for Biden.
According to Patrick Byrne with the America Project:
“This audit has been the most comprehensive and complex election audit ever conducted. It involved the hand count of approximately 2.1 million ballots with a forensic paper inspection and a forensic review of the voting machines. Most important—an in-depth analysis of the voter roll and the 2020 general election final file.”
“57,000 votes and 734 pallets with serious issues were identified in the audit including improper voter registration and improper voter discrepancies—this is a conservative estimate.”
Dr. Shiva was responsible for the analysis of the ballot images which were handed over only recently due to resistance on the part of the County. Shiva discussed the duplicate ballots, many of which were approved erroneously. There were 2-copy, 3- copy and 4-copy duplicate ballots in the mix. Shiva found that there were ballots that had 2,580 “scribbles” for signatures and 1,919 with no signature at all. He then moved to signature analysis of the EVBs (Early Voter Ballots).
A total of 17,126 voters sent in two or more ballots as duplicates, according to Shiva.
In many cases, blank signature duplicates came in and one of the blank signature ballots was approved as a valid vote. Others came in with the same address, same name, and phone number but two different voter IDs on the Early Voter Ballot EVB return envelopes.
Shiva emphasized the importance of the EVBs return envelopes and the signature verification element of the process.
Shiva concludes that the signature verification process used in the Maricopa County Audit is unverifiable.
Dr. Shiva’s team found a sudden surge in duplicate ballots between 11-04-2020 and 11-09-2020. There was no mention of duplicates in the Maricopa Canvass Report. 17,126 voters sent in two or more ballots (duplicates). Jovan Hutton said in a post-hearing analysis:
“People were lurking in the system to understand the counts. At any moment in time, they could adjust….they took your legal ballots, fraudulent ballots and counterfeit ballots and the legal ballots voted illegally. They jammed it into the system.”
Doug Logan began his analysis at around 5 p.m. EST. He reviewed the measures he and his team used to ensure that the audit was comprehensive and secure from top to bottom. Many of the counters were local volunteers performing their inspections to favor accuracy over speed—one of the reasons the audit took several months.
The volunteers examined the paper at a granular level, with microscopes to identify paper fibers, indicating the type of paper used. Over 140 terabytes of data for the paper examination alone.
Logan said that the current completed information included in the report includes hand counts, image capture, review and analysis of voter rolls. Not included today are the Splunk Logs and data from the routers. Additionally, paper analysis needs to be completed. He said the record-keeping for the audit was poor.
“There were more duplicates than there were original ballots,” said Logan, and there were numerous concerns with the duplicate ballots in general. Missing or incorrect serial numbers, duplicate ballots co-mingled with originals, etc.
Logan confirmed that the count alone still showed that Biden had the most votes. A proper canvass would be needed to reconcile the multiple irregularities that indicate the ballots counted do not reflect what actually happened in the election. Logan also confirmed Shiva’s finding that the EV32 files did not match the EV33 files—meaning the early voter ballots sent (EV32s) should match the early voter ballots received (EV33).
Ben Cotton/CyFIR handled the cyber security aspects of the report. His findings were significant. His team captured over 114 terabytes of information, mostly in the form of images of the system.
Cotton said there was “no accountability in the security measures” for the 2020 election. “It only takes one person with admin access to provide external voting access to that voting system.” The system was “neither accountable nor was it secure,” said Cotton.
Among the findings from Cotton’s team are:
- Found security patches have never been updated since the Aug. 6, 2019 installation of the software.
- They failed to update anti-virus definitions and failed to preserve security logs. No malware was found on the Election Management System (EMS).
- Credential management portion of the investigation showed the county allowed shared accounts and common, more easily hackable passwords.
- Devices on the network were shown to have connected to the internet, contrary to what the county and Dominion maintained. Some of the internet activity “correlated with a purge of data on the day before the audit.”
- Anonymous logins that wiped out buffers.
- Someone logged in as an administrator and deleted a lot of data.
- They caught on video whoever went in and did the file deletion. This is criminal and will be referred to AG Brnovich.
Cotton said the credential management in Maricopa County was “offensive”—meaning the County showed little effort toward accountability of the account holders who had access to the systems.
“I will tell you,” Cotton said, “that in Maricopa County, they failed to provide or perform basic operating system and patch management functions. All major security vendors update their antivirus at least on a weekly basis.”
He was not allowed to look at the poll worker laptops or any ICX devices (for handicapped people). He also stated his team was not allowed to see credentials that would help validate the configuration settings or the admin settings.
There were hardware configuration issues, meaning there were two hard drives on the adjudication endpoint—not an approved configuration—a significant finding. The previous audits done by Maricopa County did not discover this dual-drive configuration.
“This means you can boot from a hard drive that is not part of the election configuration and have access to the election network. Very important. It’s clearly not part of the [approved] election configuration and allows access to the election network. There appeared to be non-Maricopa accounting data on one of the bootable hard drives. There were Domininion databases and data that appeared to have originated from Washington State and South Carolina,” said Cotton.
Cotton also said there were thousands of file deletions from the (EMS). Files were deleted in several time frames between the end of October and March of 2021.
“One hundred percent of the paper is fake,” says Patrick Byrne in a post-hearing video conference attended by Patrick Byrne, Joe Flynn, Phil Waldron, Steve Montenegro, Seth Keshel and Jovan Hutton Pulitzer. This was confirmed by Jovan Hutton Pulitzer in the same discussion broadcast on The America Project. The American Project has helped foot the cost of the audit with the help of Patrick Byrne and donations from Americans. Byrne declared:
“The election should never have been certified. This is not about Trump or Biden. They deleted a great deal of data and tried to cover up election fraud. It is time for indictments and de-certification.”
The paper issue was not covered with granularity during the hearing but Byrne confirmed the finding regarding the paper stock used is in the full report. Pulitzer says that proper security paper was not used—a significant issue, if true. VoteSecure stock paper should have been used to help avert fraud and bleed-through of voter ballot markings.
Notably, while the report was comprehensive with the information that was made available to the Senate and the auditors, a County-run canvass has not been performed and the auditors have yet to see routers and Splunk logs, passwords, and hardware keys because of resistance from the Maricopa County Board of Supervisors. That agreement has been reached and the findings are forthcoming—no deadline has been mentioned by Fann for the completion of that investigation. The Routers could provide important data that will help paint a more accurate picture of what happened in the County’s November 2020 election.
A canvass was originally requested by the Senate Republicans and proposed in the original contract but significant pushback from the federal government, the Democrats, and Secretary of State Hobbs forced Fann and the Republicans to back off from doing a canvass. A letter in May from Principal Deputy Assistant Attorney General Pamela Karlan claimed, “potential intimidation of voters” if a canvass were to be performed. A citizen-run canvass, led by Liz Harris and over 1000 volunteers who went door-to-door, found 173,104 “lost votes” and “96,389” ghost votes.
Important to remember is the earlier preliminary hearing in July that revealed multiple anomalies and raised many questions. The audit team reported their painstaking and exacting process to deliver an accurate accounting of the 2020 vote. They revealed in the hearing significant issues with mail-in ballots, signature verification, thousands of duplicate ballots with no matching serial numbers, issues with insecure passwords, and alleged unauthorized security breaches.
UncoverDC reported in July:
- There were 74,243 more ballots received than sent out—with no records attached.
- 11,326 people didn’t show up in election files on November 7 but suddenly appeared on December 4, and it was recorded that they had voted in the 2020 election.
- 3,981 voters were registered after October 15 who voted. It was decided in court that voters registered after that date would not be able to vote.
- 18,000 voters who voted were shown to have been removed right after the election. Documentation is needed on those voters and canvassing would help, according to Logan.
The Executive Summary shows a number of recommendations related to various facets of an election:
Rep. Mark Finchem, who held the first full hearing on Nov. 30 regarding the Nov. Election, is now calling for an audit in Pima County where he lives. He wants to decertify the election and hold accountable those who committed election fraud. Finchem is also a strong proponent for new ballots for the state with his Ballot Integrity Project, a project that could help protect the votes for Arizonans.
Finchem joined legislators from across the U.S. with a letter to the American people about the 2020 election, asking to restore the trust of the American people with a renewed commitment to election integrity.
Chair of the Maricopa Board of Supervisors, Jack Sellers issued this letter late this afternoon. An excerpt states:
“Once again, these ‘auditors’ threw out wild, damaging, false claims in the middle of their audit and Senate leadership provided them the platform to present their opinions, suspicions, and faulty conclusions unquestioned and unchallenged. Today’s hearing was irresponsible and dangerous.”
Governor Ducey also made a statement on Twitter. He says “There will be no de-certification of the 2020 Election.” Thread below:
** End **