November 18, 2020

President Trump on Tuesday fired his top election security official Christopher Krebs (no relation). The dismissal came via Twitter two weeks to the day after Trump lost an election he baselessly claims was stolen by widespread voting fraud.

Chris Krebs. Image: CISA.

Krebs, 43, is a former Microsoft executive appointed by Trump to head the Cybersecurity and Infrastructure Security Agency (CISA), a division of the U.S. Department of Homeland Security. As part of that role, Krebs organized federal and state efforts to improve election security, and to dispel disinformation about the integrity of the voting process.

Krebs’ dismissal was hardly unexpected. Last week, in the face of repeated statements by Trump that the president was robbed of re-election by buggy voting machines and millions of fraudulently cast ballots, Krebs’ agency rejected the claims as “unfounded,” asserting that “the November 3rd election was the most secure in American history.”

In a statement on Nov. 12, CISA declared “there is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised.”

But in a tweet Tuesday evening, Trump called that assessment “highly inaccurate,” alleging there were “massive improprieties and fraud — including dead people voting, Poll watchers not allowed into polling locations, ‘glitches’ in the voting machines that changed votes from Trump to Biden, late voting, and many more.”

Twitter, as it has done with a remarkable number of the president’s tweets lately, flagged the statements as disputed.

By most accounts, Krebs was one of the more competent and transparent leaders in the Trump administration. But that same transparency may have cost him his job: Krebs’ agency earlier this year launched “Rumor Control,” a blog that sought to address many of the conspiracy theories the president has perpetuated in recent days.

Sen. Richard Burr, a Republican from North Carolina, said Krebs had done “a remarkable job during a challenging time,” and that the “creative and innovative campaign CISA developed to promote cybersecurity should serve as a model for other government agencies.”

Sen. Angus King, an Independent from Maine and co-chair of a commission to improve the nation’s cyber defense posture, called Krebs “an incredibly bright, high-performing, and dedicated public servant who has helped build up new cyber capabilities in the face of swiftly-evolving dangers.”

“By firing Mr. Krebs for simply doing his job, President Trump is inflicting severe damage on all Americans – who rely on CISA’s defenses, even if they don’t know it,” King said in a written statement. “If there’s any silver lining in this unjust decision, it’s this: I hope that President-elect Biden will recognize Chris’s contributions, and consult with him as the Biden administration charts the future of this critically important agency.”

KrebsOnSecurity has received more than a few messages these past two weeks from readers who wondered why the much-anticipated threat from Russian or other state-sponsored hackers never appeared to materialize in this election cycle.

That seems a bit like asking why the year 2000 came to pass with very few meaningful disruptions from the Y2K computer date rollover problem. After all, in advance of the new millennium, the federal government organized a series of task forces that helped coordinate readiness for the changeover, and to minimize the impact of any disruptions.

But the question also ignores a key goal of previous foreign election interference attempts leading up to the 2016 U.S. presidential and 2018 mid-term elections. Namely, to sow fear, uncertainty, doubt, distrust and animosity among the electorate about the democratic process and its outcomes.

To that end, it’s difficult to see how anyone has done more to advance that agenda than President Trump himself, who has yet to concede the race and continues to challenge the result in state courts and in his public statements.


534 thoughts on “Trump Fires Security Chief Christopher Krebs

  1. JamminJ

    This is the equivalent of a board of directors wanting to fire the CEO for cause, but the CEO saying his office computer was hacked to plant evidence… and the CISO saying, “no sir, that didn’t happen”.

    Then the CEO pointing to a couple of help desk tickets about a BSD, some low disk warnings, and a few times the network was slow. And using that to say he shouldn’t be fire, he was hacked, and then firing the CISO.
    The extraordinary claim that requires extraordinary evidence, is that the computer was “hacked”, and NOT that there were some issues. So evidence and proof of these issues, is NOT the basis for the larger claim.

    So when someone reports that the CEO’s claim is “baseless”, its a FACT.

    Evidence of irregularities, mistakes and even a few accounts of real fraud… are NOT a basis for the larger claim of widespread fraud and that the Trump really won.
    So yeah, “Baseless” accurately refers to the extraordinary claim that lacks extraordinary evidence.

  2. A. Bosch

    There’s no arguing with devotees of 45’s cult. Extraordinary evidence? They don’t even have the barest of evidence and it doesn’t make a dime’s worth of difference.

    That a sizeable minority voted for him and believes his lies means we may need to start re-thinking the fundamental nature of this 240+ year old republic. There is a process for that described in the Constitution and it’s called a Constitutional Convention .

    1. John Leatham

      show me the documented evidence that there was no such widespread fraud and I will acknowledge the validity of your dismissive sanctimony and arrogance…

      1. JamminJ

        Compiling error! Cannot prove a negative.

        Intelligence always seems like arrogance to the ignorant.

  3. Matt

    Chris lied that DVS systems at polling places are not connected to Internet. The DVS systems had an insecure easily editable audit logs, something we who deal with cyber security is not acceptable at any level. Chris knew that DVS was a foreign owned company and didn’t think it was a risk. There is no transparency of DVS code, closed source. Chris knew these machines had numerous serious vulnerabilities and claimed they were secure. Chris failed USA.

    1. JamminJ

      You make a lot of claims here, and state them as if they were undisputed fact.

      If you can’t understand that Dominion is not even “foreign owned”, then you can’t be trusted for the rest of your claims.
      You need to stop listening to Gateway Pundit, InfoWars, Qanon, etc…
      You need to fact check your claims first, before you start calling out Chris Krebs.

        1. JamminJ

          The real Dominion Voting Systems company.

          https://www.bloomberg.com/profile/company/1045239D:US

          Headquarters address:
          1201 18th Street Suite 210 Denver, CO 80202 United States

          https://www.dnb.com/business-directory/company-profiles.dominion_voting_systems_inc.afb4f7862bf394ab3056650d03f0a8b0.html

          “In addition to its Colorado office, the company also operates offices in Toronto, Canada, New York, and California. Dominion Voting was founded by CEO John Poulos and James Hoover.”

            1. JamminJ

              So you are confused about the difference between ownership and founding.

              Headquarters for Dominion Voting Systems Inc. is Denver. This is the company in question. The DVS in Canada is a different entity, and does not distribute the voting systems in the US.

              But alas, what’s your point exactly? That Canada is “foreign” and is exerting influence on US elections?

          1. Trent

            Lawyer here. Saying Dominion is “US owned,” is not meaningful in any relevant sense. Only that the majority of equity is held (directly) by US persons, or entities.

    1. Trent

      This guy is to lawyers what Christopher Krebs is to IT security professionals. :/

  4. JEANNE S HUGHES

    Chris Krebs obviously did a lazy and irresponsible turning of his back on the dominion Sequoia Smartmatic systems.
    Now he has been rightfully fired by Trump. He did a shameful job for U.S. cybersecurity saying there was no way that these foreign born and internet controlled machines did not in any way change our vote counts with “algorithms” Krebs looks lije he is now posturing on 60 minutes for a position in a corrupt Biden administration that I hope never happens. If justice prevails this election will be done over without Dominion smartmatic or Venezuela influence.

    1. JamminJ

      Dominion doesn’t use Smartmatic. Speaking of lazy… so many conspiracy theory nutjobs here aren’t willing to do this very quick fact check.
      The Venezuela connection is pure fabrication, and a bit racist when you find out why they are making that claim.

      It is getting very easy to see comments like Jenanne’s for what they are. Trump supporters are getting triggered by their election lose, and can’t hold back their rage. They are willing to accept any justification other than they are simply outnumbered by voters who do not like Trump. Something that is very obvious in hindsight.

  5. A. Bosch

    There’s no arguing with devotees of 45’s cult. Extraordinary evidence? They don’t even have the barest of evidence and it doesn’t make a dime’s worth of difference.

    That a sizeable minority voted for him and believes his lies means we may need to start re-thinking the fundamental nature of this 240+ year old republic. There is a process for that described in the Constitution and it’s called a Constitutional Convention .

    1. JJ

      Mr. Bosch, it is typical of progressives, liberals, communists and fascists to attempt to brand those that oppose your political positions with negative symbols, as well as paint with massive demagogue brushes.

      The supporters of President Trump are no more cultists than the supporters of China Biden. See what I did there? Not very nice was it?

      So here’s a better idea– join the club of the professionals, the educated, the literate.

      Offer your policy ideas that you either support or do not. Things that you actually know. You do your side a disservice with such unsophisticated emotional personal attacks which add nothing to an effective debate. Of course, if that’s all that you have to offer, Mr. bosch… by all means, carry on.

      1. JamminJ

        If Biden voters were to have the fervor of Trump supporters, I would be very skeptical too.

        Let me know when Biden holds rallies every week, caters to racial supremacist groups, has his face on 10 foot flags, and wants to put his name on buildings.

        The biggest factual criticism of Biden, is that he’s boring. He’s not the extremist cult figure that Trump tries to be.

        Conservative or liberal, progressive or libertarian… go ahead and express opinion and political ideology. Not all Republicans/Conservatives support Trump. Many do not.
        It’s the adoration for a narcissist and pathological liar that is what makes you a cult of personality, not political leanings.

        1. MikeHoncho

          i love how you refer to anyone and everyone whos voted Trump as a ‘Trump cultist’ while you constantly defend a nearly identical POS with the same fervor he sniffs kids

          1. JamminJ

            There is nobody even near identical to Trump in this country. You have to look at the history of authoritarianism and nationalism in Europe and South America to find someone close.
            And these tough guys usually have cult like followings.

  6. JJ

    JamminJ said: “Dominion doesn’t use Smartmatic.”

    If you were attempting to say that Dominion does not use Smartmatic code in their machines then you would be incorrect. It is undisputed that Smartmatic sold Sequoia Voting Systems (which were redesigned after Smartmatic’s purchase of Sequoia using Smartmatic proprietary code) to a group of Smartmatic Managers in 2007 which in turn sold Sequoia to Dominion in 2010.

    This history is undisputed as is the fact that Dominion owns the Smartmatic code that came with the purchase of Sequoia.

    What is also undisputed is the fact that Dominion Voting Systems was founded in 2002 in Toronto, Ontario, Canada, by John Poulos and James Hoover. It is a Canadian company founded by two Canadian citizens with headquarters in Toronto Canada. Poulos and Hoover still retain ownership of the company.

    And being that Canada is a foreign country, Dominion voting Systems is therefore a foreign company influencing US elections.

    BTW, has anyone here actually taken a look at the Dominion voting Machine User Manual? or set one up? or run one? Or examined its code? Did anyone know that a Dominion representative was a consultant to Chris Krebs? Does anyone know if Kris Krebs ever took a look at Dominions proprietary code– the code that we “trust” the integrity of our elections to?

    1. JamminJ

      BTW, instead of “trusting” your right wing media outlets… how about you lookup up Sequoia for yourself. It went bankrupt in 2014… which is 4 years after your supposed sale of the company to Dominion.
      https://business-bankruptcies.com/cases/sequoia-voting-systems-inc

      If you can’t get basic facts straight about whether a company existed, its ownership and location (easy to fact check)… how can anyone trust your wild claims that require these leaps of logic?

      1. Matt

        DVS acquired most of Sequoia in 2010 which included source code, firmware and IP. The remaining parts of the company barely continued until 2014. JJ is 100% correct and your left wing sources are misleading.

        “ On June 4, 2010 Dominion Voting Systems, a Canadian company engaged in manufacturing electronic voting hardware and optical scanners, acquired some OCR and voting equipment assets from Sequoia Voting Systems.”

        At this point there is an overwhelming amount of evidence and analysis that proves there was systemic election fraud. Brian’s premature opinion of being “baseless” is now proven incorrect.

        1. JamminJ

          So now your claim has gone from buying the company, to acquiring most of it?
          Not only that, but you’re also back-pedalling your claim about being “foreign owned” to being “foreign founded”.
          Even that is a stretch when it comes to Canada being “foreign”.

          10 years ago, Dominion was a small Canadian company. Since then, much has changed including its headquarters which is now in Denver Colorado. That is pretty normal for companies to split off so that all operations are domestic. But you have a LOT to explain how the evil Canadians are meddling in US elections… because this thread is a serious leap of logic.

          If this nonsense constitutes part of your “overwhelming evidence” of systemic election fraud… then its even more pathetic than I thought. It makes sense that even conservative Trump appointed judges are throwing this crap out of court every time. This isn’t from left wing sources… but conservative judges appointed by Republicans.

          It gets worse every time you make statements like, “evidence and analysis that proves” or “now proven incorrect”. It smacks of desperation that your claims need to at least sound credible.

          Dude, just stop this denial and admit that the majority of voters don’t want any more of Trump.
          You are embarrassing yourself pretty badly.

    2. JamminJ

      You don’t even seem to know what the word “undisputed” means. Because your claims are denied, debunked and intentional lies.

      “Dominion and Smartmatic do not collaborate in any way and have no affiliate relationships or financial ties.”
      “Dominion does not use Smartmatic software.”
      “In 2010, Dominion purchased certain assets from Sequoia, a private U.S. Company. Smartmatic, a previous owner of Sequoia, pursued legal actions against Dominion.”

      “Dominion did not acquire Smartmatic and/or its software from Sequoia.”

      “Dominion is a nonpartisan U.S. company based in Denver, CO.”
      https://www.dominionvoting.com/about/

      The foreign ownership and influence you are implying simply does not exist. Yes, the founders are Canadian and have other headquarters, that are unrelated to US elections… but that is a serious stretch from the allegations you are making.

    3. JamminJ

      “Dominion and Smartmatic do not collaborate in any way and have no affiliate relationships or financial ties.”
      “Dominion does not use Smartmatic software.”
      “In 2010, Dominion purchased certain assets from Sequoia, a private U.S. Company. Smartmatic, a previous owner of Sequoia, pursued legal actions against Dominion.”

      “Dominion did not acquire Smartmatic and/or its software from Sequoia.”

      “Dominion is a nonpartisan U.S. company based in Denver, CO.”

      The foreign ownership and influence you are implying simply does not exist. Yes, the founders are Canadian and have other headquarters, that are unrelated to US elections… but that is a serious stretch from the allegations you are making.

    4. RCJR

      I love how all these people implying that dominion influenced the election because uh, um, they’re Canadian just sidestep the problem of why the hand canvass didnt reveal any irregularities.

  7. Justin

    What do you mean by “in the wild” you mean like Stuxnet, or maybe that 2008 attack called considered the worst breach in the history of the U.S. military? Both of those used USB drives. Although not nearly as cool as a HID attack, they just used a plain ole virus.

    If 2 people can forget to tally almost 6000 votes on two USB drives without anybody noticing until a recount, I would say he failed at his job.

    How does that happen? Rather than running a cable, they chose to have poll workers drag and drop the votes on to USB drives so that they could be transported by hand to the tallying machine. With no oversight to prevent tampering. Not just once per day, but multiple times per day over the voting process.

    True, there is still no evidence of tampering with the machines, but Trump also can’t get a judge to issue an order allowing the voting machines to be examined forensically either. So it’s easy to say there is no evidence when they close their eyes and stick their fingers in the ears.

    I could care less who runs the country. Both parties have been in office in my lifetime and I’m still alive. My concern is the balance of power. Any attempt to change the outcome of an election effectively takes that control from us. I’m not cool with that I don’t care if it was my party or not, if there was something going on, I want to know about it.

    I’m still in College, so I don’t know much about cybersecurity, yet, I’m always learning. Please explain what criteria you use when you make a conscious decision not to address a critical vulnerability?

    1. JamminJ

      Stuxnet is a great example of the risk and danger involved with hacking a system by inserting a USB in person.
      4 Iranians were executed on the suspicion of being involved.
      People inserting USB devices get caught. It is high risk, and in the case of trying to throw an election, low chance of reward.

      The recounts were the first to find missing memory cards, but it would have been found by audit later anyway. Usually the numbers of missing votes are too small to make a difference in state, so it doesn’t make news…. even though this happens every election cycle.

      The accusation that there is no oversight is a bold claim, that has been refuted and debunked. And the Trump team has failed to provide evidence for this too.

      Trump has to provide some reasonable evidence to get voting machines examined forensically… by law. A campaign can’t just demand courts to provide injunctive relief without something. But of course, Trump doesn’t care about forensic evidence… but rather just wants to hold up certification indefinitely with frivolous legal action. That’s the game plan, to stall and make the election into a farce, so he can ask the state legislature to declare the election “failed” and to have Republicans declare their own slate of electors.

      If your final question was sincere…
      Cost benefit analysis and risk assessments are usually how most cybersecurity experts determine to address critical vulnerabilities. The affected systems may not be exposed, and/or the cost to remediate too high. It depends on several factors.
      But we are benefited by industry and regulatory guidelines about what is categorized as a “critical vulnerability”. We have standards organizations and the actual product developers to classify vulnerabilities.

      What we DON’T DO, is take the word of a politician that something is critically vulnerable, just because it suits his political needs. Many are aware of issues with voting…. but many states have been doing mail voting for a long time, so we don’t just accept that it’s “rife with fraud” because the losing party says so. Had Trump won… he would not have pursued any claim about voting systems. Neither would any of his supporters. Don’t believe me? Look at 2016, when Trump and Trump voters made ZERO claims about Dominion or any other voting system. Why? Because they won. So that immediately puts these claims into suspicion.

      1. JamminJ

        Correction: The recounts were the first to find missing memory cards with vote tallies, but it would have been found by the eventual canvassing later anyway.

        These human error mistakes happen every election cycle. Yes, even missing memory cards. Thousands of counties, and tens of thousands of precincts all reporting, is a logistical nightmare. Mistakes happen all the time. But the public is unaware because the networks use math to project an apparent winner in each state, knowing that a standard deviation of error isn’t enough to change the outcome. Even a few thousand isn’t enough.
        Things like this happen all the time. This is just the first time we had such a sore loser, that was willing to cause such a hissy fit about how the sausage gets made.

        1. JJ

          You are trying so hard to convince the jury before the court has heard the evidence. Don’t worry Jammin, the truth will eventually be heard. People do have eyes and ears of their own… no matter how many times you tell yourself the swing state election wasn’t rigged. You can yell all you want, but the improprieties coming to light are improprieties nevertheless.

          1. Hans Gruber

            45’s lackey Barr just said a Justice Dept. review found no evidence of fraud that would undo Trump’s election loss.

            Are you still going to hold on to notions that your “evidence” is going to materialize?

            1. Matt

              As usual, wait 24 hours and it’s fake news. The DOJ election fraud investigation continues and fake news media spins a false narrative. Kraken has been released and evidence of fraud is monstrous. Hundreds cyber security patriots are discovering all kinds of evidence including packet captures of DVS systems communicating with foreign systems. Chris may have been duped by the nefarious others or he is just another swamp rat.

              1. JamminJ

                I’ve seen what you are calling “evidence”. It isn’t evidence, its speculation. It turns out that Trump voters are just making spurious connections similar to what you see on the wall of a conspiracy theory nut, red string and all.

                Trump calls everything “fake news”. So its lost all meaning and no longer has any bite. He’s become such a predictable clown that every time he calls something fake, intelligent people know to look deeper as its likely true. He’s cried wolf too many times that its entirely ineffective.

                The Kraken is a fictional creature, and will remain a work of fiction. Apt metaphor for an entirely fictional conspiracy theory.

              2. JamminJ

                Also, it is worth repeating again. There is a HUGE difference between vulnerabilities in systems that were show with proofs of concept (POC), such as done years ago at cybersecurity conferences…. and evidence of attacks in the wild.
                The claims of a stolen election are extraordinary, and thus require extraordinary proof. Showing that something is technically possible is a POC, but it doesn’t count as evidence that someone actually pulled it off at such a scale that could make Trump president again.

                Cybersecurity experts here understand this. Trump cultists are here too, but they’re own brains have already been exploited for profit. The charlatan has already hacked their wetware, and DOS’d their ability to even recognize what is or is not evidence.

            2. JJ

              Are you watching the AZ, MI, and GA Legislative hearings? No one can watch these hearings with an open mind and say the process is transparent. I’ve watched days of sworn testimony of eyewitnesses to tampering with the system.

              And btw, has CNN, or MSNBC or any other mainstream network even mentioned them? Crickets.

              1. JamminJ

                It speaks volumes that you think these people were “sworn”. They were NOT under oath. That should raise huge red flags. Their affidavits were not submitted to any court of law… which means there is really no risk of perjury either.

                I have heard a few of the testimonials. They are very vague and mostly nonsense grievances that don’t even make the assertion that fraud took place. It’s just a media circus designed to cause confusion so the Trump team can later ask the state legislatures to call the election failed, and to grant him a slate of loyal electors. He cannot win in court, so he’s trying this hail Mary that does not even require any standard of evidence. Gullible people are easy to manipulate.

                How much attention should be given to liars? At some point, you have to just turn your back from the onslaught of BS that is being spewed, because it is unlimited. They really have no limit on what they can add to a conspiracy theory. I don’t care that the media isn’t giving them airtime… these are NOT real courts. Hearings in some hotel, a landscaping company or offices for one political party are NOT official government business. We need to stop treating them as something worthy of our attention.
                If they can’t get a court to take them seriously, why should we?

          2. JamminJ

            Who’s the jury in your eyes? The masses? That’s a trial by media, and that’s not how the law works.
            Trump’s good at playing for the cameras and convincing gullible people. Charlatans are usually good at this.
            But the legal system isn’t about popularity. There is no celebrity panel of judges or a “call in to vote hotline” like this was a reality show.
            The court has heard all the evidence presented. There is a reason why Giuliani won’t plead fraud cases or present any evidence despite claims made for the TV audience.

            Trump and his supporters have a toxic relationship with the truth.
            Sure, millions might always believe the lie. Just as millions still believe the holocaust was a hoax or the earth is flat.
            Just like Birtherism, Qanon and 911 Truthers… the “people have eyes and ears”, but apparently no brains.

        2. JJ

          The “sausage” being made needs to be made in plain sight of all.

          No one should EVER have concerns about how any election and the subsequent tallys are executed.

          We have literally hundreds of eye witnesses thus far that have publicly testified in Michigan and Arizona legislatures thus far to the fact that the tallying of votes in certain precincts was not transparent– that poll watchers and poll challengers we not allowed to view the process as required by law and common courtesy.

          You can yell all you want, but these people witnessed first hand transgressions that you most certainly have not.

          Based on the sworn, first hand accounts of these poll watching/challenging witnesses, this entire country should be having a fit that partisans are allowed to control precincts like this. No matter the party affiliation, Americans should be demanding that their elected officials get to the bottom of this and fix the holes that allow these illegal activities to persist that these witnesses have/are testifying to.

          Keep swinging JamminJ, the truth may just come out this time.

          1. JamminJ

            Losers will ALWAYS have concerns. Most graciously understand… but when you have a narcissist who can’t stand to let anyone else have the spotlight, and is braggadocios about having to “win everything”… losing isn’t something he can take graciously.

            “literally hundreds of eye witnesses thus far that have publicly testified in Michigan and Arizona legislatures”
            No, you have affidavits waved at political party press conferences (not the same as public testimony in court or in front of state legislature).
            It should raise a red flag that Trump lawyers refuse to submit those affidavits in court. It looks like they got those affidavits under false pretenses, telling the “witnesses” that there is no risk of perjury because they won’t submit them in court. Rather, the purpose is just to wave them in front of cameras in desperation to look credible.

            “thus far to the fact”
            Stop abusing the word “fact”. You either don’t know what it means, or think you are going to sound credible by using it for everything.

            “not allowed to view the process”
            The courts disagree with this CLAIM (not fact) and have rebuked every attempt of the Trump team to use that argument.
            One judge even threatened to sanction the lawyer who tried to make this argument in court (which is why they don’t want to try it again). The judge got real serious at the lawyer, and forced him to reply “honestly” with “there was a non-zero number of Republican observers”. The judge basically smacked down his nonsense, asking him again. Yes, the observers were there and they were within the distance in accordance with law.
            The Judge ended it with, “so what’s your problem”.

            The Trump team is now playing the game of “not close enough to see”, which is just whining about a nonsense grievance. The law does not allow them to be so close they can see fine print on every ballot handled. Even if close enough to see, they would next sue for being allowed to object to everything to hold up the election.
            The laws apply to both party observers equally. The Republican observers don’t want “common courtesy”, they want to disrupt. Which is why they didn’t object to laws passed in 2019, until after the 2020 election, which a judge through out too.

            Biden voters aren’t the ones yelling, they got their candidate elected.
            Trump voters are the ones cause a hissy fit.

            I don’t believe these people have first hand accounts of transgressions. That would be evidence/testimony that the Trump legal team would present in court… but it should speak volumes that they haven’t submitted this as evidence, but rather are just using it for political stunts at press conferences.

            Poll watchers/observers, are the very definition of “partisan”. They are literally chosen by the parties. They law allows the major parties to pick these people to have this access. So when a poll watcher or observer makes a claim, it is HIGHLY SUSPECT.

            The elected officials are partisan, the observers are partisan too. So are those who signed the affidavits. The non-partisans are usually the non-elected poll “workers”, although many are partisan. So it should say something that the non-elected/appointed poll workers aren’t the ones making claims of a rigged election. And even Trump supporting partisans and Trump’s own political appointees that are flat out refusing to go along with these claims.

            And yes, Americans want to fix a broken election system. But it is not mail ballots, observer distance, or anything else.. but rather abolishing the electoral college. But of course, that helped Trump, so you wouldn’t dare criticize that part.

            1. JJ

              Losers do not always have concerns. What a load. They only have concerns when the agreed upon terms are not honored. They have concerns when a lack of transparency clouds the good faith observation.

              Good faith is key to lack of concern. And from the eyewitness testimony, there seems to have been an abundance of bad faith in the Democrat controlled swing state machines.

              Have you been watching the testimony and the challenges to such testimony by the liberal senators? The witnesses to the fraud actually reek of credibility.

              1. JamminJ

                There was just as much transparency in 2020 as there was during the 2016 election. The transparency is set by state and local law. The number of poll watchers, where they sit, how close they can be, and how to make challenges… are all the same. It is only this year, that the loser has been such a whiny little beeahtch, that people thing something is different.

                Again, talking at a GOP held press conference is not “testifying”. Its a media circus. They can’t win in court, where even conservative judges aren’t buying this nonsense, so they appeal directly to ignorant masses.

            2. MikeHoncho

              thank you for the laughs you really are a good little lapdog, so loyal

          2. JamminJ

            It is in plain sight… for those who actually pay attention to real journalism rather than social media and partisan pundits. For months, you could have been reading about history, real reports about how elections work today, and how everyone knew that this election would take much longer (weeks). The experts understood and tried to educate the public to expect a major blue shift in the presidential race since mail in voting was actively being discouraged by Republicans and encouraged by Democrats.
            Only the ignorant were taken by surprise that on election night, Trump was ahead in a count that is done disproportionately for in-person votes and less populated counties first. By law, some swing states were not allowed to even touch, let alone pre-canvas, absentee ballots until the in-person votes were all done. That was always known to be something that would cause a blue shift in later days as mail takes longer to process.

            Trump is playing on the ignorance of this election. He was briefed about a long process to count and the inevitable blue shift… and still feigned ignorance of how the election could turn. It was his strategy to count on the ignorant masses.

            1. JJ

              It’s not in plain sight when hundreds of Republican poll watchers/challengers are excluded from the process– even with court orders demanding their legal participation.

              In plain sight? Really? I don’t think so. And not according to the witnesses testifying in the last three days,

              1. JamminJ

                Several judges have already debunked that claim that Republican poll watchers/challengers were excluded.
                The ONLY court case Trump won, simply got a larger number of poll watchers closer than what the law already allowed.

                Also, talking at a GOP held press conference is not “testifying”. Its a media circus. They can’t win in court, where even conservative judges aren’t buying this nonsense, so they appeal directly to ignorant masses.

            2. Trent

              “Real journalism.” Don’t make me laugh. You’re over your word limit.

    2. Trent

      This. Thinking it is acceptable to move sensitive, mission critial data around on USB drives, is beyond the pale of unacceptable. Chris Krebs is a “face guy,” and a joke. His C# reference in Senate testimony (where he thought he was being impressive) is all you need to know.

    1. JamminJ

      It isn’t too hyperbolic to say that fascism is back in fashion.

      1. JJ

        Very much back in style– on the Democratic Left.

        Rule number one: accuse the other side of that which you are guilty of yourself.

        Trump colluding with Russia? The Democrats did– the Steele Dossier.

        Trump abusing power in the Ukraine? Obama and Biden did that when Joe Biden threatened to withhold one $Billion. Now you’re going to say that was a doctored video??

        Trump owned by a foreign power? Biden took BILLIONS from China. Or was that just Biden’s son who flew to China with Joe Biden on Air Force 2 to make the deal with China’s Communist Party in 2013?

        Rule Number Two: Buy the media outlets and make sure they ignore it all.

        1. JamminJ

          Read history about fascism. Read about how authoritarian dictators rise to power and keep it. Both liberals and conservatives have great examples all over the world over history.

          If you want to compare accusations from pro-Trump vs. anti-Trump, then the accusations of stealing the election should convince you that Trump tried to steal the election. He did ask his followers to vote twice.

          The rest of your Qanon nonsense doesn’t hold any credibility here. It’s all be debunked before.

  8. Robert Shih

    I’m going to stay away from politics and challenge Brian and Chris Krebs to take a DNA test. It would be HI-larious that two of the biggest names in cyber security that share the same last name did not know they might be related.

  9. Cher

    I’ve got to admit to being a total lurker on the comments for this story, and to having returned every day to catch up on the drama. Brought a smile to this old wizened face.

    My favorite “one for the ages” quote about all this: “Voters, not lawyers, choose the president. Ballots, not briefs, decide elections.” — Judge Stephanos Bibas

    1. JamminJ

      Yeah, those are fun phrases. Unfortunately, the electoral college not voters choose the president in this country. So that small crack in the system is being exploited. Trump figures that state legislatures have a chance at being manipulated, and they can potentially select a new slate of electors to vote for Trump.

      Each state’s law, says the winner of the popular vote gets the slate of electors, but there are usually some loopholes if the state lawmakers, governors and/or secretaries of state were to declare an election to be “failed”. Not likely to happen, but its possible. This is what happens when you put middlemen in between the electorate and the elected.

  10. David Lewis Moore

    Mr. Krebs,

    Thank you for all your efforts to make our election safe, and for your defense of the integrity of the election afterward. Before we voted, I was so afraid that foreign actors would try to subvert the voting machines themselves, and I had no confidence that the Government had done anything to prevent that.

    Now I know that the Government had YOU to make sure the malicious actors could not subvert the election.

    I am proud of you for all you have done to make things safe when it mattered and then for your willingness to stand up afterward when it mattered as well.

    You have a lot of character and a great deal of spine. You are a shining example to all public officials and to the public who will never get to know you.

    I just want you to know that I appreciate you!

    Thank you for all you have done.

    David Moore
    Houston, Texas

  11. mpratt

    All this banter…But the bottom line is who do I believe? I could take the lazy route and just go with the information that’s easy and available on twitter, fb, or the internet. I could run that through one of the many fact-checkers if I was concerned. But ultimately, rather than believing pundits that spout all sorts of things even knowing that sometimes they are well-intentioned, they are simply not in the arena and can’t make a good decision about truth. I think I will stick with the knowledge of someone who undoubtedly has a high security clearance vs. those talking heads…Or worse, to believe some of those that wouldn’t even qualify for a clearance. If anyone has doubts about his veracity, I would challenge you to look no further than IG reports. Federal agencies are constantly inspected, IGs are reported to, and agencies are even Congressionally investigated. While perhaps not specific to him, I’m sure he’s had inspections that would highlight problems. I’m not looking for one because I trust the system. If there were problems, they would have been fixed. Because the IG that found them is coming back. So, to think anyone made it to the top of a sensitive agency without stellar credentials is unbelievable. And I don’t think he’s an appointee who may be suspect. So, I’m sticking with Mr. Krebs…

    1. Trent

      If you believe in independent “fact checkers,” in 2020, you are a moron.

    1. JamminJ

      As the Trump campaign will remind you, these are sworn statements. But according to legal experts, the jeopardy faced by those behind them is relatively minimal.

      “There is a remote chance that sworn statements (if they are actually sworn statements — most documents that appear to be ‘sworn’ don’t count within the meaning of the statute) could subject the declarant to some exposure under the perjury statutes,” said Lisa Kern Griffin, an expert on evidence at Duke University, in an email. “But perjury prosecutions are rare and almost never arise from statements outside of the context of proceedings in which oaths are formally administered — such as depositions, congressional testimony, grand jury proceedings, or trial testimony.”

    2. JamminJ

      It doesn’t matter to me that I respond to constant trolling by sore loser Trump cultists.
      This small minority of trolls often shout over any moderate rational discussion in an effort to seem like they are the majority.
      This is common among conspiracy theorists groups… the loudest voice usually wins.

      I’ve read the affidavit from this guy… it’s not at all convincing. Matt posted this last week. Nothing has changed, and it still has not been submitted as testimony.

      This was my reply then…

      This is not evidence. It’s an affidavit.
      Trump’s defense team won’t even try to submit this as evidence, because if they did it would be thrown out.

      Also, this isn’t really making any election fraud claims either. It’s just open source connections being made and really weak inferences that would get lawyers disbarred if they tried to use this logic.
      This thing literally reads like one of those crackpot conspiracy nuts, with thumbtacks and red string all over the place. Real investigators don’t write this kind of nonsense.

      This is not how the law works people. It’s not a crowd sourced, election of affidavits from people who want to jump on the bandwagon of conspiracy.
      That’s how the Salem Witch Trials were conducted. That’s not a system of legal due process that would actually work.
      Everybody wants to participate in a trial by media here. And people are being coerced into signing affidavits, knowing that nobody will even look twice let alone prosecute them for perjury.
      It is very suspicious that Trump lawyers are telling people to sign affidavits and that they can say whatever they like, because there is no chance of perjury since they won’t actually file them in court.

      “A key issue is whether the affidavit is filed in court, as most filed by the Trump team haven’t been. Beyond that, any false statements would need to be deemed to be “material” to the proceedings — i.e. relevant to the actual claims. And from there, any legal jeopardy would require that the statements made were knowingly false.”

    3. JamminJ

      “If he is talking about affidavits that the swearers will submit or that Giuliani will submit as their authorized agent in a judicial proceeding, they would be at risk of a perjury prosecution,” said Julia Simon-Kerr, a law professor at the University of Connecticut. “If he’s talking about affidavits he’s collected to wave in front of reporters, but that won’t be submitted in a judicial proceeding, they would not subject the swearers to a perjury prosecution.

      “Given the disjunction between what is actually happening in the courts and what he is talking about,” Simon-Kerr continued, “I wouldn’t be surprised if it is the latter.”

    4. JamminJ

      Just like the Texas guy who signed an affidavit declaring Minnesota counties and precincts to officially be a part of Michigan… this affidavit also has glaring errors that destroy any credibility of the claimant.
      Number 9 is the biggest cybersecurity blunder that would show how this guy is a complete fraud. He really doesn’t know that anyone can create a subdomain that looks like someone else’s primary domain? He actually tried to show that as proof that another US firm is involved in this grand conspiracy. Total whack job.

      It casts doubt on anyone who would even link this affidavit in a comment… as I would question your cybersecurity expertise if you think this is legit.

      1. Matt

        “Number 9 is the biggest cybersecurity blunder that would show how this guy is a complete fraud. ”

        Can you explain your analysis of “Number 9”? What you describe it as makes no sense and suggests you don’t even have a basic understanding of DNS.

        In the affidavit, written by a retired electronic intelligence analyst of the 305th Military Intelligence Battalion, number 9 corresponds with the cursory search on LinkedIn of “dominion voting” and nothing to do with domains.

        1. JamminJ

          Yeah, it wasn’t number 9… as that one ended abruptly. It was even less than cursory, it was a xenophobic attempt to say, “look, foreigners evil!” without any claim or context given. Nobody has even made a claim about Serbian developers.

          In Number 10, he claims to find an Edison Research server in Iran… and bases that claim his finding of a host with a “subdomain” called edisonresearch. So if I spin up a system on my domain, and call it Matt, he would say you and I were in cahoots.
          It’s an epic fail that no cybersecurity investigator would ever make and then release as a finding.

          I am all too familiar with the guys in the 305th. Maybe not during his time of duty… but in the Army cyber community of the last 15 years… MI guys are NOT cybersecurity experts. When Cyber Command was first stood up, MI tried to take it over by populating with their 35D guys. They didn’t have what it took in cyberspace. They weren’t really computer savvy. The Signal corp, not the MI branch, had the better teams and now make up the vast majority of the new 17 series cyber force.

          Both 9 and 10 were the most glaring examples of ineptitude in this unsworn declaration, and for those alone, its enough to fire him if he would dare submit this nonsense in a report. I suspect he’s gone from this career field though, and probably told that any declaration would not be shown in court, so there is no risk of perjury. They just wanted more accusations to wave at cameras at a press conference.

          1. Alex

            yeah thats a pretty big jump to a conspiracy conclusion. I didn’t even see it at first because it was so blurry.
            He concluded “on 2020-11-08 showed that Edison Research has an Iranian server” but even the tool hes using says “similar domain” as a warning. Just because some iranian stood up a server called edisonresearch.theirdomain.ir this guy says the company has an Iranian server?

            The rest of the report is also very flimsy with lots of big jumps in logic that don’t make sense. Open source intelligence is very useful but it can be abused easily to make false positive connections. And this guy abuses the hell out of it.

            1. Ben

              Agree 100% that this is one of the dumbest reports ever written. It tries to connect dominion with China but it just looks like they used a domain reputation service that registered a name that would commonly be used by mistake or possibly waterholed by phishers. That domain (dominionvotingsystems.com) just redirects via HTTP 302, to the real domain (dominionvoting.com). This is a very common thing to do.

          2. Matt

            Your dismissal of this type evidence is hard to grasp, I guess it’s from your TDS. It’s possible that sub domain is legit since there is a connection of BMC capital and Edision which does business with Iran. And Iranian APT groups were targeting election related companies as reported by FBI and CISA to have collected voter role data.
            When we do these types investigations, you can never have to much information.

            1. JamminJ

              It may be hard to grasp for any Trump trolls who don’t know anything about cybersecurity, just posing here to defend their leader.
              This is not “evidence”, its a declaration of accusations and ramblings with no coherent context. His mobile phone screenshots of whois lookups tell me only one thing, he uses Cricket mobile and doesn’t even understand the open source tools he’s using.
              Laymen can easily be confused because they don’t know how domain registration works. It isn’t a dismissal either… its a debunking.

              1. Matt

                I don’t think you know the meaning of debunking. All presented in this affidavit appears to be true and verifiable using the same open source data and tools. You can only wish it was false. And is sworn under penalty of perjury.
                And now we’re hearing that the Trump team has examined a DVS system from Georgia and votes were flipped from Trump to Biden, only 37 but it was from a very small county. I need to see evidence myself to totally believe this but it’s not looking good for Chris’s credibility.

                1. JamminJ

                  “All presented in this affidavit appears to be true and verifiable”
                  Screenshots can be real, but interpretations and subsequent conclusions be completely wrong.

                  Again, no… this is NOT a “sworn” testimony. Not all signed affidavits are sworn. And “penalty of perjury” is not enforced unless under oath and used in court, and a zealous prosecution pursues it.
                  I’ve already addressed this misinformation several times. There is zero chance these affidavits will be prosecuted for perjury, and they know it.

                  “And now we’re hearing “. You sound like Trump himself… baseless accusations and hearsay.
                  Chris’s credibility is fine. Giuliani and yours however, not so much.

                2. JamminJ

                  You seem to have a history of repeating baseless accusations. You obviously never worked in cybersecurity or even handled evidence… because you don’t know what the word evidence means. Any accusation of dirt on your enemies, seems like “evidence” to you.
                  Some anon puts up a spider charge and on open source list of vulnerabilities, and you think its a “packet capture”. Now you want to say that Trump has examined a voting machine? And what’s your proof? A picture of box that says ‘voting machine’?
                  Wow, you kiddies can’t even pose like a legit cybersecurity professional.

                  Stop repeating disinformation, you don’t have a clue about the subject matter. And its obvious on a blog like this.

                3. JamminJ

                  You seem to have a history of repeating baseless accusations. You obviously never worked in cybersecurity or even handled evidence… because you don’t know what the word evidence means. Any accusation of dirt on your enemies, seems like “evidence” to you.
                  Some anon puts up a spider chart and an open source list of vulnerabilities, and you think its a “packet capture”. Now you want to say that Trump has examined a voting machine? And what’s your proof? A picture of box that says ‘voting machine’?
                  Wow, you kiddies can’t even pose like a legit cybersecurity professional.

                  Stop repeating disinformation, you don’t have a clue about the subject matter. And its obvious on a blog like this.

                  1. Matt

                    I’ve been protecting the DC area DIB for a couple decades, handled many incidents. From the Arizona hearing, Col Waldron claimed that not only did the military’s ‘white hat hackers’ see the data flowing overseas to Germany on election night, they also have a copy of the traffic and and packets of data that were sent. I heard about the examination of one of the Georgia “ voting machines” from a radio interview of a Trump campaign member yesterday, can’t remember who.
                    Your attacks are a clear sign you know your losing…

                    1. JamminJ

                      So someone long retired, claims there’s a packet capture but did not provide any evidence of such? That would be considered evidence, but he did not produce it.

                      Why wasn’t this guy even under oath?
                      This is what happens when you don’t use a court of law. You get this hearsay without any corroborating evidence.

                      People can make any claims they like at press conferences, but it’s suspicious that they won’t dare submit as evidence or swear an oath in a real Court.

                      Take a step back. Do you not see what’s wrong? You are listening to conservative talk radio and accepting whatever they’re saying. Then you repeat that here, as if you won’t immediately get called out on such nonsense.

                      Nobody should accept claims of technical credibility, here on the anonymous internet.
                      So it doesn’t really mean anything that you claim to have protected networks for decades.

                      I want to hear your analysis of number 10. Why is that subdomain an indication that Edison research has an Iranian server? Explain it with the context and detail that was not included in this report.
                      Once you do, we will all see whether or not you know anything about cybersecurity or if you’re just posing.

              2. BeyCrammin

                Something tells me you fell for EVERY lie of the last for years cuz “Democrats Bad”. Spare us your pontificating on this topic as it’s clear you drank the Trump kool-aid and are in line for a footjob from Giuliani. The right/media didn’t do ANY checking on the absurd claims from 2016-Nov 2020. Now reps think they can tell us that there was election fraud in 2020 but nothing with russia in 2016 with ZERO evidence coming from the Giuliani investigation? You can tell it’s a lie since they delete content related to Ukraine since the powers that be openly withheld money to get them to dig up dirt.
                Here’s how non-Trumpers think in 2020: If it’s banned by the right, it’s the truth and seek it out on legitimate journalistic sources.
                Trump didn’t win the election at all. If he did reps wouldn’t have lost 50+ court cases and the right would be interested in talking about reforming the electoral college. SOO MANY ballots only had the top of the ticket filled out because soo many people who don’t follow politics still hate Trump. That’s what happens when a populist tweets every night, even people who would not normally vote, go out and vote so he’ll finally shut up.
                Why don’t you want to talk about the fact that reps have only won the popular vote once since 1988?
                You got biden/harris for the moment. They’re respectable like obama. Given all the power from mandate OF the people.
                The Constitution doesn’t mention that tweets have the power to call elections without waiting for ALL the proper procedure to take place because when you lie you have to give the illusion of success. I mean calling up state politicians to overturn an election is a bit desperate for a losing candidate.
                But You do You friend. If being an unhinged fascist apologist is making you happy then enjoy spreading lies to others in your bubble.

            2. JamminJ

              It’s very weird that the anonymous author is using the known breach “Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data” as evidence of voter fraud to elect Biden when it was only registration data and really in states that Trump won. In fact, “CISA and the FBI assess this actor is responsible for the mass dissemination of voter intimidation emails to U.S. citizens”. Remember those intimidation emails sent to registered Democrats saying “we’re in possession of all your information” and instructed voters to change their party registration and cast their ballots for Trump.

    5. JamminJ

      Thoroughly done… anything else? Happy to get you another $40 wager. 😉

  12. ernest johnson

    Donald Trump and Mike Pence are more of a real man than any I know of in my 75 year life span !!!!!!!!!!!!!! President Trump ; prosecute every fraudulent politician and drive every Communist out of this free Republic . If it can be God’s will , long live this great Constitutional Republic that our founders and God Almighty gave us.———-Ernest E. Johnson .

  13. JamminJ

    Yeah, it wasn’t number 9… as that one ended abruptly. It was even less than cursory, it was a xenophobic attempt to say, “look, foreigners evil!” without any claim or context given. Nobody has even made a claim about Serbian developers.

    In Number 10, he claims to find an Edison Research server in Iran… and bases that claim his finding of a host with a “subdomain” called edisonresearch. So if I spin up a system on my domain, and call it Matt, he would say you and I were in cahoots.
    It’s an epic fail that no cybersecurity investigator would ever make and then release as a finding.

    I am all too familiar with the guys in the 305th. Maybe not during his time of duty… but in the Army cyber community of the last 15 years… MI guys are NOT cybersecurity experts. When Cyber Command was first stood up, MI tried to take it over by populating with their 35D guys. They didn’t have what it took in cyberspace. They weren’t really computer savvy. The Signal corp, not the MI branch, had the better teams and now make up the vast majority of the new 17 series cyber force.

    Both 9 and 10 were the most glaring examples of ineptitude in this unsworn declaration, and for those alone, its enough to fire him if he would dare submit this nonsense in a report. I suspect he’s gone from this career field though, and probably told that any declaration would not be shown in court, so there is no risk of perjury. They just wanted more accusations to wave at cameras at a press conference.

  14. JamminJ

    There is no cult of personality revolving around Biden. Even his strongest supporters simply describe him as “reasonable, honest and decent”. Yet the fervor of Trump supporters describe him as a Messiah or a savior of some kind. Only one side is drinking kool-aid, and you only need to see which side has the charismatic leader figure that everyone is afraid to cross.

    Only one side is supportive of fact checking. Trump’s rhetoric has been effective against his sheep, because he first attacked the credibility of journalism. Once a gullible person believes journalists are untrustworthy, they will flock to pundits with opinions and get their news exclusively from partisans and social media. The definition of bubble.

    In either Russia or the 2020 election narrative… we have to rely on hard evidence. Investigations into Russian interference/conspiracy… there were several legal indictments, and several convictions. People were tried in courts of law, where it doesn’t matter whether democrat or republican. Trump had ample opportunity to gather and present evidence in court. And he’s lost all his cases claiming fraud. Why? Because despite rhetoric on both sides, judges need to see evidence.

    Facts are not the same as your subjective “truthiness”. Both sides have narratives and spin they want to impart. Just because one side doesn’t want to give credence to an accusation by repeating it, doesn’t make it true. That is simply a logical fallacy. It shows ignorance more than anything. If you suggest going on social media for the “truth”, then you are exactly the kind of sheep they want you to be. The kind that can’t think for themselves, and thus easy to manipulate by first attacking real journalism. They figure they can destroy your confidence in facts, so you’re more susceptible to a fake reality that anyone can craft on social media.

    The Presidential election is separate from Congressional races. Down ballot races were lost by Democrats because many conservatives are moderates and NOT Trump supporters. Many on the right hate Trump too. There are several high profile Republicans speaking out against Trump. So many registered Republican voters voted for Biden, but had no such problem with down ballot Republicans.
    If you cannot understand this basic concept, you have to actually read up on politics and the last 20 election cycles. It’s well understood and was predicted as one of several possible outcomes.

    I have seen no evidence that 2020 had a significant increase in top-only ballots. Every election has some percentage of apolitical voters who simply don’t know about anyone on the ballot, besides the presidential candidates. This is quite normal since many voters don’t pay much attention. Of course, this 2020 race was a bit different since Trump is way more known, unpopular and was likely to invoke an emotional response for people to go out and vote for/against him. Also, the pandemic brought more attention to the presidential race, but not other races.

    Not sure what you are suggesting about “since 1893”. Do you have any numbers? This race wasn’t particularly close accept in a couple of states, but not even as close as 2000. It’s more of a function of hyper-partisanship, FPP voting and the electoral college. These things encourage a polarization into only 2 factions and it makes elections “close”. Although Biden won the popular vote by millions, it comes down to “battleground” states EVERY TIME. And in each state, the campaigning ensures that the results will be close. There is every incentive for a state to WANT to be a battleground. You know how much money is spent in a state for these campaigns?

    What do you think “call” means in this context? Does anyone with a high school education think that TV networks are trying to officially/legally declare, appoint, or elect the President of the US? Or does the word “call” mean to “Project” or “Predict”? You know, if you say, “I called it” after something you predicted came true.
    Network decision desks use math to make a call. They look at how many votes are still left to count, where those votes are coming from, what kind of ballots and the historical and current trend. They make a determination of whether or not the remaining votes to be counted could possibly change the outcome.
    If Trump is up in the tally, but there are enough remaining votes, that were mailed in, from historically blue counties/cities, and the trend has been that mail-in votes have been overwhelmingly blue… then they can make that call with 99.5% certainty (which was their criteria). It is not anyone’s fault, except Trump’s for telling his supporters not to vote by mail, and Biden’s for telling his supporters to vote by mail.

    Anyone who was paying attention to the demographics and the statistics knew MONTHS in advance, that the counting would take days/weeks and there was going to be a late blue shift for Biden. Just because Trump supporters were caught unaware, doesn’t make it fraud,.. it makes it ignorance.

    Was Trump desperate when he used the “Office of the president elect” unofficial seal on December 14, 2016???
    Transitioning the highest office in the country is NOT an easy task, it takes lots of money, time and people to accomplish every 4 or 8 years. The proper procedure is set in US law and in the GSA, which has hundreds of internal documents that refer to the president-elect. Having this title usually makes it easier to have the transition be successful by the time of inauguration. The stakes are high if anyone were to nitpick. For example, the brief legal battle between Bush and Gore, delayed critical intelligence for Bush that may have prevented 9/11.

  15. Eric

    From a Cyber Security perspective, there is a big problem with Christopher Krebs statement that there was no evidence that voting machines lost/deteled etc. votes.

    We work in the Cyber Security field and the one thing we should all be agreeing on, whether or not you like the parties involved, is that before we make statements, make sure you have done an extensive audit to back up what you are saying.

    I’m not arguing that he was right or wrong, I’m saying he, and CISA, did not do a comprehensive audit on the whole system, so they were physically not in a position to make any claims.

    If any of my team members makes a definitive statement that there is absolutely zero chance that a customers systems was compromised, and I find out that no comprehensive investigation was done, their head will be on the proverbial chopping block, whether they were correct or not.

    And to be clear, in this instance, as far as CISA was concerned the client, was not Trump, was not Biden, the client was the Citizens of the USA.

    1. JamminJ

      Christopher Krebs didn’t say, “there is absolutely zero chance that a customers systems was compromised”

      Just that it was comparatively more secure than previous elections. Which can be true, and knowable even without a full 100% audit.

      Remember, CISA only knows what is reported from downstream. They were tracking intrusions and compromises for months now. But their responses and protections did hold.

    1. JamminJ

      OMG, these two “witnesses” know each other, and work at the same Dallas firm?

      This just gets better and better.

    2. JamminJ

      Holy cow, did you actually read this?!?
      It isn’t ad hominem… it is from an actual interview. His words.

      “He said it should have made clear that his time in the 305th was as a student, not as a working intelligence expert”
      “He blamed “clerks” for Powell’s legal team, who he said wrote the sentence. Merritt said he had not read it carefully before he signed his name swearing it was true.”
      “he had decided to remove himself from the legal effort altogether”

      “Merritt told The Post he completed the medic and intelligence trainings as well. He said that for both programs, the particular career path he was studying for changed by the time his training ended. He maintained that this pattern left him in a sort of military bureaucratic limbo, in the service but without a specific job until he became a wheeled vehicle mechanic in 2005”.

      The witness himself just blew up your entire argument. And he confirmed that these witnesses signing affidavits are being coached. They are being told to sign, and that there is no risk of perjury.

      Also, it shows how the legal system is supposed to work. “Expert” testimony needs to have Voir Dire. It is absolutely necessary to go into the professional background of a person claiming to be giving an expert opinion. It isn’t ad hominem.

      Thank you. This news confirmed my own experience with the 305th soldiers not being well trained in cyber.

      I don’t need to spin the Ramsland affidavit, as it’s been thoroughly debunked already by all major fact checkers (left and right). This was the dude who put Minnesota counties in his list of suspect Michigan counties. I’ve mentioned it before, it is an example of the nonsense that Trump supporters believe without reading or thinking.

      I know you drank the kool-aid believing that all news media is fake news. But you just have to search properly (don’t use Google since it’ll return the sites you have already visited first.. keeping you in an echo chamber).

      There is a difference between Left/Right bias, and factual reporting.
      If you think critically, and know how to use the internet (instead of the internet using you)… it’s not hard to find real journalism. You just need to let go of the lie that bias equals nonfactual. Avoid editorials, and look up the reputation of a source.

    3. A. Bosch

      Average White Guy – How’s yesterday’s electoral college vote working out for you?

  16. Average White Guy

    At least we got JamminJ making concise, albeit meaningless, responses…

    1. JamminJ

      I would say the opposite. I haven’t been very concise (rather a bit wordy)… I tried to be detailed.
      Meaning can be found by actually reading. You have shown that you don’t actually read beyond a few sentences. Because if you had… you wouldn’t have gifted me with the Merritt interview that completely destroyed his credibility as an expert witness, and destroyed your argument too. Thank you 🙂

      If you ever feel like reading… there are several posts debunking these unsworn affidavits. Anyone here, with some understanding of cybersecurity… can easily see number 10 and then laugh out loud at the incompetence. There are many knowledgeable people here… and so far, nobody has taken the challenge to explain how Merritt concluded that Edison Research has an Iranian server, based on a subdomain hostname being similar.

    2. JamminJ

      https://lawandcrime.com/2020-election/heres-how-georgias-lawyers-destroyed-sidney-powells-wildly-unqualified-election-malfeasance-experts/

      Why this affidavit was thrown out:

      “Spyder does not disclose whether s/he has any experience with election administration or the companies, software and machines used by states to conduct elections. Because Spyder is not named, it is impossible to verify or even research what Spyder’s credentials may be. On the record before the Court, Spyder cannot qualify as an expert given his/her lack of relevant education, training, experience, knowledge, and skill.
      Spyder’s declaration should also be disregarded because it relies on nothing more than speculation and s/he uses no discernable [sic] methodology in reaching his/her conclusions.”

      Failing to show your math (methodology) in court… fails the voir dire process. Expert witness testimony has higher standards.

      “Even if Ramsland were qualified (and he assuredly is not), his report is inadmissible because it utterly fails to disclose the data or methodology he (or others) used . . . . Indeed, the report can be searched in vain for Ramsland’s data sources, the statistical analyses conducted, margins of error, or virtually anything that might suggest serious scholarly or expert analysis.”

    3. Average White Guy

      @A. Bosch @JamminJ: In all honesty, whoever is in the White House has very little effect on my life. My only point, as an American and IT professional, is if our voting systems were so “secure” why would anyone try to prevent a forensic audit or wipe machines or delete files? All politicians and election officials should welcome recounts and audits to provide assurances to citizens unless they are hiding something and that is why our founding fathers provided time between election and inauguration day….

      1. A. Bosch

        Is that a belated acknowledgement that Trump will be departing the White House on January 20, 2021?

      2. JamminJ

        I am actually also wanting to see forensic investigations too. But so far, they haven’t turned up any evidence of fraud. The only report that is making that accusation is coming from Ramsland (R). He is a former Republican congressional candidate from Dallas, Texas. His previous testimony was thrown out of court. He’s the guy who claimed Minnesota counties as being in Michigan, remember. There are high standards for providing expert witness testimony in court. A forensic report would need to meet those standards… and nothing from Ramsland has been held as credible. And since he’s already handled that machine, he has probably already broke chain of custody.
        So an “independent” forensics report would be needed of course. I’m all for it. Nobody is preventing it.

        Since Ramsland (R) is the source of those claims of “wipe machines or delete files”, it really has no credibility. Get an “independent” forensics report from someone who hasn’t run for Congress and isn’t such an obvious Trump supporter who has already submitted a false affidavit.

        Russ Ramsland was a 2016 Republican candidate who sought election to the U.S. House to represent the 32nd Congressional District of Texas. Ramsland was defeated by incumbent Pete Sessions in the Republican primary on March 1, 2016.[1]
        https://ballotpedia.org/Russ_Ramsland

        Brian Krebs has written many articles on such topics as “value of a hacked PC”, and “badguy uses for compromised email”. He writes these because the layperson doesn’t understand the effects on their day to day life. Similarly, the US President is far more important than people know, and not for the reasons they intuitively imagine.

        One important example, is possibly 9/11… the delays caused by the Bush vs. Gore dispute wasn’t that long, but the 9/11 commission concluded that it could have been a factor. The transition period is extremely important for a functioning government. Even if we agree about small government being better, there are crucial functions that cannot be ignored or even delayed. Uncertainty and delay in the transition process, missing intelligence briefings, held up appointments to national security positions… all contribute to us being weak. We have serious adversaries that sit and wait for these weak moments.

        The founding fathers did not provide time between election and inauguration to perform endless recounts, audits and legal fights… it was to transition the new president and get them up to speed to make executive decisions on day 1. The executive branch cannot have any delay to respond to emergencies or threats. The legislative and judicial branches can afford to be deliberative, so they can have more time. But the office of president is so critical, that every past election loser…. understood that endless fighting for power actually made us weaker. This is why rational people on both sides are appalled at the selfishness of not conceding.

        1. mpratt

          Jammin J, You are a true patriot because you have obviously taken the time to learn how our government works, not to mention being aware of the current events you have commented about. Also, in the past I regularly read the Security section of the Washington Post. I don’t think anyone will convince me data streamed to a foreign country unnoticed. 🙂

  17. Average White Guy

    @ A. Bosch: as my original post states I am apolitical and in fact think you have to be corrupt to enter and survive in politics but I also think there is a lot more to be investigated before inauguration day. I took the money I made off JamminJ and hedged my bets on who is POTUS on Jan 20. Stay tuned.

    1. JamminJ

      Don’t forget my cut of the profits 🙂
      Adam, the guy you bet that I wouldn’t comment, has no idea we went to the same high school.

  18. jmaster

    It’s obvious Biden won and those people who supporting that orange nut are paranoid & delusional.Proof of some irregularities are not a basis for the larger claim of overall fraud and that Trump really won.

  19. rumple stiltskin

    It’s pretty sad and bizarre that I’m reading Security Industry articles – even from you Krebs – where the authors are so blinded by their Trump-hate that they are applying a political lens vs their usual security lens when it comes to focusing on securing the integrity of this Election and our overall Election process.

    You basically wrote an entire (political) article slamming Trump and 74+ million voters for fighting for Election process integrity and against voter fraud and disenfranchisement – of which there is there is an abundance of evidence through sworn testimony around this Election.

    When it comes to Election integrity that Trump and 74+ million Trump voters are fighting for, politically-biased Security Professionals suddenly forget about fundamental Security controls, chain-of-custody, the “CIA triad” and mitigating the “internal threat” of the People & Process aspect of our Election system.

    Pretty sad statement on political blinders and the current divisive, hateful rhetoric that has been pumped out by the news media without ceasing for the past 4+ years. In every airport and in every hotel I have been since even before Trump won in 2016, literally every time I’m forced to see CNN, each and every story and banner on the screen has been anti-Trump propaganda – I have never seen that in America in all of my life here.

    We don’t even have a nation-wide ID requirement to verify that a voter is an American citizen and allowed to vote. That’s the equivalent of given any user off the street access to your network, your data without any credentials, any verification to confirm they are a company employee and authorized to have access.

    Every other country has an ID requirement to confirm the person voting is a citizen of their country and eligible to vote. That’s not “racist” – liberals in America only use that Saul Alinsky tactic to shut people up and institutionalize their own cheating.

    Same-day registration is also insane and allows any cheating liberal to drive to Georgia and vote for Democrat Senators in this January run-off, without even being a real resident of Georgia. That is effed up to the core and again – no other country is so insecure on voter registration. A have a family member from Asia and they said you have to be registered 6 months before voting in any election in their birth country – that, sir is a country who is more serious about security the integrity of our Elections than any amoral, cheating thug in the Democrat party machine.

    Krebs – I come to your site to get great Security info – but you are gonna lose me and a lot of others if you start cranking out content around your own, biased political views. Security is Security – there should be no politics that cloud the truth or approach on that front. Please stick to that truth.

    1. JamminJ

      It’s not Trump hate, and this isn’t a political article. Krebs on Security is a cybersecurity blog… and when the head of CISA (the nation’s top cybersecurity agency) is fired… this is exactly the type of article the Brian should write.

      Not all 74 million Trump voters are fighting with him. Many accept the results of the election, and think Trump should secede. Yes, the majority of them still believe some of the lies and now have little to no confidence in the process… but confidence is easy to destroy in people who don’t understand how something works.

      The main problem is that Trump supporters like you, are behaving like a cult. And they have no clue what does or does not constitute as “evidence”. You don’t even know that the vast majority of the “sworn testimony” are NOT sworn under oath. Merely signed declarations, most without even a notary. Trump’s lawyers have coached many of these witnesses to sign affidavits, and are telling them that there is zero chance of perjury because they are not submitting these in court, let alone pushing them to swear under oath in court.

      Courts/Judges have the ONLY say on what does or does not meet the criteria for “evidence”, and they’ve thrown it all out because they aren’t submitting evidence, just speculation and accusation.

      Only one side is supportive of fact checking. Trump’s rhetoric has been effective against his sheep, because he first attacked the credibility of journalism. Once a gullible person believes journalists are untrustworthy, they will flock to pundits with opinions and get their news exclusively from partisans and social media. The definition of bubble.

      You talk nonsense about political partisanship, but when facts are checked without bias, you get triggered that your worldview is being singled out as fake news. You want to see the lies you believe as equivalent to real world facts. But it’s just not true. It is clear that it hurts your feelings that your opinions are not respected as the truth. Get over it.

      You have locked yourself in an echo chamber of news media that would never question the honesty of Donald, and thought an IT security blog would be a safe space that would not burst your bubble of ignorant bliss. But alas, he fired the head of CISA, which is right in the wheelhouse of this blog.
      So now, so many Trump voters are hearing something outside their bubble, and getting triggered. You can go rage on Parler now. You won’t be missed.

  20. Fig Newton

    Wow, this post has held up abysmally. Chris Krebs, Solar Winds, etc. Not sure if I’m trust him to make me fries at McDonalds

Comments are closed.