November 18, 2020

President Trump on Tuesday fired his top election security official Christopher Krebs (no relation). The dismissal came via Twitter two weeks to the day after Trump lost an election he baselessly claims was stolen by widespread voting fraud.

Chris Krebs. Image: CISA.

Krebs, 43, is a former Microsoft executive appointed by Trump to head the Cybersecurity and Infrastructure Security Agency (CISA), a division of the U.S. Department of Homeland Security. As part of that role, Krebs organized federal and state efforts to improve election security, and to dispel disinformation about the integrity of the voting process.

Krebs’ dismissal was hardly unexpected. Last week, in the face of repeated statements by Trump that the president was robbed of re-election by buggy voting machines and millions of fraudulently cast ballots, Krebs’ agency rejected the claims as “unfounded,” asserting that “the November 3rd election was the most secure in American history.”

In a statement on Nov. 12, CISA declared “there is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised.”

But in a tweet Tuesday evening, Trump called that assessment “highly inaccurate,” alleging there were “massive improprieties and fraud — including dead people voting, Poll watchers not allowed into polling locations, ‘glitches’ in the voting machines that changed votes from Trump to Biden, late voting, and many more.”

Twitter, as it has done with a remarkable number of the president’s tweets lately, flagged the statements as disputed.

By most accounts, Krebs was one of the more competent and transparent leaders in the Trump administration. But that same transparency may have cost him his job: Krebs’ agency earlier this year launched “Rumor Control,” a blog that sought to address many of the conspiracy theories the president has perpetuated in recent days.

Sen. Richard Burr, a Republican from North Carolina, said Krebs had done “a remarkable job during a challenging time,” and that the “creative and innovative campaign CISA developed to promote cybersecurity should serve as a model for other government agencies.”

Sen. Angus King, an Independent from Maine and co-chair of a commission to improve the nation’s cyber defense posture, called Krebs “an incredibly bright, high-performing, and dedicated public servant who has helped build up new cyber capabilities in the face of swiftly-evolving dangers.”

“By firing Mr. Krebs for simply doing his job, President Trump is inflicting severe damage on all Americans – who rely on CISA’s defenses, even if they don’t know it,” King said in a written statement. “If there’s any silver lining in this unjust decision, it’s this: I hope that President-elect Biden will recognize Chris’s contributions, and consult with him as the Biden administration charts the future of this critically important agency.”

KrebsOnSecurity has received more than a few messages these past two weeks from readers who wondered why the much-anticipated threat from Russian or other state-sponsored hackers never appeared to materialize in this election cycle.

That seems a bit like asking why the year 2000 came to pass with very few meaningful disruptions from the Y2K computer date rollover problem. After all, in advance of the new millennium, the federal government organized a series of task forces that helped coordinate readiness for the changeover, and to minimize the impact of any disruptions.

But the question also ignores a key goal of previous foreign election interference attempts leading up to the 2016 U.S. presidential and 2018 mid-term elections. Namely, to sow fear, uncertainty, doubt, distrust and animosity among the electorate about the democratic process and its outcomes.

To that end, it’s difficult to see how anyone has done more to advance that agenda than President Trump himself, who has yet to concede the race and continues to challenge the result in state courts and in his public statements.


534 thoughts on “Trump Fires Security Chief Christopher Krebs

  1. Winston

    “baselessly claims”

    Please keep politics and such conclusions out of this forum. I don’t come here for that and am frankly sick of seeing it anywhere.

    1. Winston

      Why Do Most Countries Ban Mail-In Ballots?: They Have Seen Massive Vote Fraud Problems
      141 Pages Posted: 9 Aug 2020 Last revised: 21 Aug 2020
      John R. Lott – US Department of Justice

      Abstract

      Thirty-seven states have so far changed their mail-in voting procedures this year in response to the Coronavirus. Despite frequent claims that President Trump’s warning about vote fraud/voting buying with mail-in ballots is “baselessly” or “without evidence” about mail-in vote fraud, there are numerous examples of vote fraud and vote buying with mail-in ballots in the United States and across the world. Indeed, concerns over vote fraud and vote buying with mail-in ballots causes the vast majority of countries to ban mail-in voting unless the citizen is living abroad.

      https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3666259

      1. JamminJ

        Lott also wrote More Guns, Less Crime, a far right wing opinion paper. He’s a partisan hack.
        So what? Trump’s Justice Department wants to publish this to keep in line with Trump’s rhetoric.

        The arguments made don’t even make sense. What other country has a similar electoral college? Most countries don’t “ban” mail in voting because of fraud. He jumps far to that conclusion. They simply don’t have a system like ours, where the USPS is a tax funded service with a mandate.

        1. seriously

          This is just name calling. Lott is a well respected researcher.

          1. JamminJ

            Being respected by only far-right extremists is a red flag.

              1. JamminJ

                Careful of the sheep who shop around looking for “truth” that most agrees with thier ideology.
                They invite wolves to lead them.

              2. Self - Independent Contractor

                Logical fallacy will not disguise your inability to see past your ideology

            1. Me

              Being anything other than a “far-right extremist” is a red flag if you care for truth and our Constitution

      2. Peter C

        I live in Washington State where mail-in voting is the only way to vote and has been so for over a decade. There were 74 votes or about 0.002% in the 2016 election that were forwarded for prosecution, mainly for having cast ballots in two states. https://www.theolympian.com/news/local/article173609901.html
        Before you yammer on about this being a Dem controlled state, please note that the Secretary of State office, which oversees elections, has been held by Republicans since 1964.
        Please be informed about how mail-in voting works first.
        As for evidence about fraud in the current election, the Trump campaign has been to court 25 and counting alledging fraud of various kinds. They have either lost or withdrawn every single case. If the evidence is so overwhelming, why have they not been able to prove it in court.
        As for the software flipping votes, the proof of that being bs is quite easy.
        First – The software cannot change the paper ballots.
        1. Pick a random selection of precincts tabulated by the suspected software.
        2. Print out the software’s tabulation of the result in those precincts
        3. Hand count and tabulate the results in those precincts
        4. Compare the hand count tabulation with the tabulation generated by the software.

        The above steps are done in most counties as part of an automatic post-election audit to verify that the some bug in the software didn’t cause any errors. In no case have they ever found a discrepancy between machine counting and hand counting that could be traced back to malicious code biasing the outcome in one candidates favor.

        And if this huge effort at voter fraud was going on, why limit it to just the presidential race? You’d think they would have flipped NC and Georgia senate seats while they were at it.

        1. TJ

          Prior to the 2016 presidential election, my father received a non-requested WA state absentee ballot forwarded from an address they have not lived at since the 1960s. My mother stated they only lived at that address for a few months and haven’t lived in WA since the 1970s. The only thing that changed was my parents inherited a piece of property in WA around 2014. I believe mail-in ballots only work once we get to a national ID. I don’t know of any other country in the world (though I may be wrong) that issues IDs based on the state they live in versus the country.

          1. JamminJ

            How would ID cards help in a mail voting scenario?

            I know there is also a lot of confusion because people receive registration or ballot applications that are actually mailed by political parties, to every address on record, without any due diligence whether the person is still living there or even alive.
            They bear the state seal and even a return address of the county election board. But they are actually from the political parties.

            Political parties have every incentive to err on the side of inclusion. They are marketing. So their rolls are highly inaccurate.

            It makes sense to never be affiliated with a political party. It sucks to not be able to vote in closed primaries, but it’s nice not to be on a list you can never get off.

      3. Me

        Who can verify that Chris Krebs even knows what he’s talking about? C-suite job at Microsoft? What are his proven credentials?

        He hasn’t even attempted to address the fact that mail-in ballots were submitted fraudulently since signature matching, receipt date enforcement, poll-watching, etc., were all thrown to the wind as supported by thousands of affidavits signed under penalty of perjury. And what about 100+% overvoting in districts in several states as supported by sworn affidavits by far more trustworthy citizens than this cyber-lemming. Let this joker sign a such an affidavit dealing with things that were out of his sphere of influence. He’s trying to save his own ass for his next job. I retired from civil service at DHS and their cybersecurity was a joke. Two breaches of personnel records in my less than 10 years there. Chris Krebs is merely trying to save his own worthless ass by asserting certainty about issues not only beyond his control but beyond his cognizance and understanding.

        1. JamminJ

          “hasn’t even attempted to address the fact…”
          proceeds to describe things that are NOT A FACTS, but are debunked lies or completely unfounded fabrications thrown out of court.

          “supported by thousands of affidavits signed under penalty of perjury”
          Nope. The affidavits were NOT submitted in court. And they knew they weren’t going to submit them, so they told the people signing affidavits, “don’t worry, there is no chance of perjury”. They knew that these were not going to be submitted in court, but rather used as a prop at press conferences and on TV interviews only.

          Cybersecurity professionals who have never handled evidence (majority)… may not understand the legal process. Some are impressed by affidavits, and have zero understanding of what they are.
          This isn’t some battle of who gets the most affidavits, or needing affidavits to counter other affidavits. That’s not how the law works.

    2. Tom Willis

      It’s not political to state a fact.
      If you didn’t come to this blog for facts, or find Brian’s factual statements sickening, then no-one is making you come here.

      1. AK

        FACT- They have found proof of voter fraud in several states.
        FACT- Trump technically has not lost. The states certify the election results NOT the media.
        FACT- The electoral college doesn’t vote until Dec. so until then, the election is not over.

        So putting an opinion such as “baselessly claims” is not a fact for true journalism or reporting. This site is supposed to deliver unbiased security reports, not opinions.

        1. JamminJ

          You need to check your facts.

          Don’t confuse fraud involving registrations (which happens in many states, and every cycle), and actual voter ballot fraud (extremely rare). What they have “found”, are just accusations designed to muddy and confuse people. In that sense, they are successful.

          The Media reports and makes predictions based on the math of how states WILL certify the election results. They have ALWAYS called/projected elections several weeks before certification. Nobody said “Hillary technically has not lost” this time 4 years ago. Why? Because it was clear, and the Media can do the math. Just like now, the math is clear… there is no coming back for Trump. So yeah, Trump is the “apparent loser”.

          The “election” is widely understood as the “general election”. Not the primary, and not the electoral college meeting. The “election” was over Nov 3rd.

          There has always been some subjective take on the news from Krebs. It’s just now, Trump voters are being triggered. That’s what you get for following a cult of personality.

          1. Mahhn

            AK is accurate, your just upset. Lets get technical and let the system/process work. Check and balances. There is no need for drama if we follow process.

            1. JamminJ

              The process is playing out. And Trump/Giuliani are trying to HALT that process.
              It would be fine if there were sincere questions in need of answers. Then we could calmly investigate and find problems to fix.
              But instead, the problems are fabricated, in order to justify an insincere blocking of the system/process.

    3. Bill Essig

      The claims were baseless, and that’s a fact.

      What’s more, I cannot believe the gall in that request. The man can write whatever he darn well pleases, no one is forcing you to read it. Did you miss his surname in the domain? This is HIS blog, not yours, and as such your desire to see written the way you want it written (sans politics) is irrelevant.

      1. D K

        Definition of fact: the truth about events as opposed to interpretation.

        To say it is “baseless” is not a fact. There are hundreds of sworn affidavits as well as FACTual examples of ballots switched by voting machines, ballots not counted for weeks, irregularities in how some boxes of votes approved at counting locations, etc., etc.

        The evidence is far more tangible here than any of the ridiculous, unproven libel that came from the Russia hoax.

        1. JamminJ

          Being based in partisan nonsense, is still “baseless”.

          Many cases, where there is a signed affidavit, some bold claim, or whatever is playing out on TV in front of a landscaping company… once they get into court… they don’t dare make those claims. The judge will throw it out or worse, there might be consequences for the attorney’s.
          Remember the “so what’s your problem”, when they backtracked on allegations there were no observers?

          The courts decide whether claims are baseless… not the media. But the media can report on the outcomes of the court cases…. which agree, this is “baseless”.

          In that sense, Krebs is reporting FACTS.

    4. Dre

      The sentence everyone objects to says it is baseless to claim the election was stolen from Trump based on voter fraud. This is factually correct.

      Despite incidences of voting irregularities and fraud that happen in every election, there is in fact zero evidence of this happening on a scale that would amount to the theft of the election, since that would mean millions of votes being changed or filed fraudulently, and no one has shown ANY evidence approaching this scale of malfeasance.

      1. JamminJ

        Exactly. The political strategy is the muddy everything and confuse everyone. Make wild grandiose claims of an election that Trump actually won, but that hundred of thousands of votes would have to have been tampered with… then provide unimpressive evidence of a few votes here and there, that don’t nearly make up the difference.

        Extraordinary claims require extraordinary evidence… and without that level of evidence, there is no basis for the extraordinary claim.

    5. Colby

      I agree. What a put off to read anything politically biased on this site. I have been noticing that on this site a lot more lately.

      1. JamminJ

        2020 is simply a more political year.
        Trump’s presidency is so divisive and hyper-partisanship has made a lot of things political.
        Firing of the head of CISA is right up the alley of this cybersecurity blog.

    6. Kent Brockman

      “baselessly claims” x 100 million to ya pal. If you don’t like commentary based on facts, you can always stick to Faux News.

    7. Zach

      Claiming something happened and providing no evidence is the definition of baseless… It’s a statement of fact, not a politically charged opinion – why are people conflating the two?

      1. JamminJ

        70 million people have a major case of cognitive dissonance.
        Over the years, Brian Krebs has written many articles that involve politics. But it was easy to ignore when it did not feel like an attack on the personal beliefs of these Trump supporting snowflakes. So for many KOS readers, they are triggered by the facts presented in this article, because it directly contradicts their personal ideology that Trump is worthy of reverence.

        1. Zach

          You’re right, it’s strange though – most people in IT are generally left leaning and IT companies are based in large cities as well, so I find it strange to find so many Trump supporters questioning results. If they are working in the field, they shouldn’t be surprised by this because most people surrounding them likely wouldn’t have the same beliefs they do.

          As for Cognitive dissonance – shouldn’t the IT field be used to getting things wrong and correcting past beliefs? Especially in security, networking, and development… Doesn’t quite add up.

          1. A. Bosch

            I disagree that people in IT lean left. Anecdotally, in my experience, the opposite is true. Engineers of all fields, including systems, are politically conservative.

            1. JamminJ

              I disagree that engineers lean conservative, because of profession.

              There may be a correlation that results from decades of engineering degrees being expensive, and white conservatives being more likely to afford such education.
              I’m talking about engineers who went to school in the 60’s, 70’s and 80’s…. who are now the professionals and leaders in the engineering fields.

              Computer Science, however, is a MUCH more inclusive profession with many growing up in the 80’s and 90’s with real world experience rather than a formal education. IT degrees and certifications can be obtained without spending nearly as much as getting an engineering degree.

              Also, IT is much more global, as contractors come in from India and China at far greater rates than engineers. These racial minority immigrants lean to the left.

              As you said, this is highly subjective and anecdotal.
              If you’re white and old, that has more to do with leaning conservative than profession.

              1. Seriously

                Seriously J ? you are going to go all racial ? The evil white people ? Engineering degrees are no more expensive than any other degree. They are more work.
                I got an engineering degree while supporting myself on a minimum wage job. Lots of hard work. I don’t see color and distrust racists.

                1. JamminJ

                  Wow, you really got triggered, replying with some canned “I don’t have white privilege” response.
                  The fact that you immediately got defensive about how “hard you work”, it very telling. I didn’t even mention work.

                  Again, I’m talking about engineers who went to school in the 60’s, 70’s and 80’s. You can thank President Johnson for the Higher Education Act of 1965. It took decades for minorities to catch up, but that’s when it started.
                  “Minority Programs and Activities of the CollegeEntrance Examination Board: A Critical Review andBrief Look Ahead.” 1973
                  https://files.eric.ed.gov/fulltext/ED120197.pdf
                  “The College Entrance Examination Board’s (CEEB) internal review of its efforts to develop and implement programs to expand educational opportunities for minorities and the poor revealed that the Board had not been as successful as it had hoped. Most of the Board’s efforts to ensure equal access to higher education focused on guidance programs, test center desegregation, financial assistance, and test use.”

                  There are a LOT of reasons why minorities were less represented in all higher education.
                  But yes, engineering was more expensive. Back then, you could not afford an engineering degree on minimum wage without the governement paying nearly all of the expense. This was still harder for racial minorities to qualify. I am glad that grants, stipends, financial aid exists today to allow us to afford an engineering degree. This was not always the case. Which is why a mentioned shifting demographics over time.

                  And it’s still shifting.
                  Differential tuition (where engineering degrees cost up to 42% more), are making a comeback. And in 2015, most schools now charge more.
                  https://www.pewtrusts.org/en/research-and-analysis/blogs/stateline/2017/06/01/why-universities-charge-extra-for-engineering-business-and-nursing-degrees

                  1. Orion

                    You’re an idiot! You may be correct on the election and we may be politically aligned but you are as divisive as the “Orange in Chief”

            2. Ki. Bosch

              That wouldn’t make sense… Engineers tend to have good critical thinking skills, which should exclude them from being right-leaning…

    8. Anon

      Basically you’re linking a defense department (which should be apolitical- but literally said they are trying to get trump re-elected) paper with a headline that is contradicted by it’s frivolous 141 pages on foreign voting statistics, and even if it was true it wouldn’t actually mean anything about postal voting in our country since this actually just explains that most countries handle things differently because of their own needs and cultures…

      This is what we mean when we say they are giving non-arguments, no real evidence of their claims, and are dropping law cases left and right. This is actually a huge indicator of lacking evidence:
      Lawyers need to make claims under penalty of perjury and have ethical standards they need to abide by. Hence why the claims in court are not nearly as egregious as the ones the president is spouting. Even now, law firms are backing down from taking these cases on, because there is actually a consequence for them if they keep making frivolous lawsuits (suits lacking evidence) .
      That should give you an idea of how baseless these claims actually are, the only ones that make it through are questioning an insignificant amount of ballots because of clerical errors.

    9. David Calabrese

      The claims *are* baseless, this is just an objective statement. Brian does a good job of not being subjective in his reporting.

    10. Fred

      Why doesn’t the orange carbuncle just …LEAVE
      ???
      Has he no honor?

    11. Ayatollah LoMein-i

      I consume only right-wing media sources. I am comfortable in my echo chamber, and didn’t expect this blog to burst my bubble by confirming that I don’t exist in reality.

  2. Kevin

    Take it easy on Winston, has had to retire his MAGA hat and the blood hasn’t been allowed to rush back into his brain.

    To think that this is about politics vs. facts is absurd. The US and CISA are weakened by his departure.

  3. Steve J

    So I don’t think the trump defenders here are necessarily low iq just maybe a tad racist or delusional. I guess it’s okay for mail in voting except when it’s done by populations that tend to have more people of color. That is why trump and his crazies are so upset about mail in voting in our cities.

    1. D K

      Yes, Steve… that is why… Zzzzz. Such a weak argument from a wannabe intelligentsia giving us his stereotypical knee-jerk reaction. The problem was widespread mail-in-voting ANYwhere when ballots were simply mailed to a poorly-vetted database of registered voters — many of which moved or died. The problem especially came from these superbly well-run Democrat-held cities — some of which coincidentally have large minority populations. It is irrelevant they have a history of voter fraud in local elections — LOOK AWAY!!. We all know Philadelphia and Detroit are models of how every city in the world should be governed to achieve paradise… To question anything wrong in these cities is tantamount to racism… Snore… To blindly ignore that there were voting irregularities and the appearance of fraud simply makes you either a moron or that you approve of doing whatever it takes for your candidate to win — even if it amounts to fraud. To not even want to look into this is telling, and frankly not surprising at all.

      1. JamminJ

        The racism that is apparent is regarding the fact that there was significantly more instances of voter irregularity and fraud in a 90% white county compared to 85% black Detroit. And nobody is threatening to not certify that county’s results.
        Yes, it looks pretty racist.

        It isn’t hard to hear the dog whistles of racism being intertwined throughout. “Democrat run cities” is code for “too many minorities”. We hear you loud and clear.

    2. Shawn

      Nope. We’ve been hearing all year how mail in voting is bad… regardless of who is sending in the ballots.

      The issue is Trump keeps saying fraud instead of impropriety, delayed ballots, and malfeasance. Meanwhile, the media is happy to ignore this and focus solely on the word fraud. It’s incredibly lazy.

      1. JamminJ

        No, we’ve only been hearing that mail voting is bad, when it was clear that Democrats were taking the pandemic seriously enough to overwhelmingly vote by mail. It was an opportunity to distinguish Democratic ballots from Republican ones, something Trump could exploit. He and his family have been voting by mail the entire time.

        The media is rightly focusing on the larger claim. Trump says he won the election, and that there was enough intentional fraud to constitute “stealing” the election from him.
        How dare the media use his own words against him.

        1. JJ

          Jammin, you said: [Trump] and his family have been voting by mail the entire time.”.

          This is factually not true. The Trumps have said that they vote via “Absentee Ballot” which is not the same system as the general “Mail-in-Ballot” scheme that sends unsolicited ballots out to every registered voter whether they are alive or dead. This is basic knowledge.

          1. JamminJ

            Yes, there is a difference in how traditional absentee ballots must be requested and new unsolicited ballots are being sent out.

            But you are WRONG about how voter rolls are routinely updated based on records showing when someone dies. It varies by state, and you may disagree with the notion of the state being proactive with sending out ballots. But there are other checks to ensure integrity of the election… without relying on the “security” of having the voter jump through hoops of requesting a ballot months in advance.
            The right to vote is important, and the state has a duty to make it easy and practical for large masses to vote during a pandemic.

          2. JamminJ

            So yes, I am factually correct. You were making an argument based on semantics that do not even apply. Absentee ballots still use the mail.

  4. JamminJ

    To the comments from people upset with the politics discussed on this blog… they had no problem with Brian Krebs other articles that involved politics, until it disagreed with their personal politics.

    They only object because they voted for Trump and the cognitive dissonance is catching up to them. When you join a cult of personality… they take disagreement personally. They are to blame for worshiping Trump. They backed themselves into this corner and now they are triggered by his loss.

  5. JamminJ

    It’s surprising and sad that cybersecurity professions are falling for this.

    This is the equivalent of a board of directors wanting to fire the CEO for cause, but the CEO saying his office computer was hacked to plant evidence… and the CISO saying, “no sir, that didn’t happen”.

    Then the CEO pointing to a couple of help desk tickets about a BSD, some low disk warnings, and a few times the network was slow. And using that to say he shouldn’t be fire, he was hacked, and then firing the CISO.
    The extraordinary claim that requires extraordinary evidence, is that the computer was “hacked”, and NOT that there were some issues. So evidence and proof of these issues, is NOT the basis for the larger claim.

    So when someone reports that the CEO’s claim is “baseless”, its a FACT.

  6. JJ

    It is typical that the supporters of liberal philosophies resort to the usual “low IQ”, “racist”, etc. adjectives to describe people they don’t know at all but disagree with… and yet it is still true to this day that people often accuse others of which they are themselves guilty. You call me racist? You most probably are.

    Brian Krebs is a professional communicator, and the knowledge I’ve gained from him over the years has been massive. My respect for him is immense. But he made a communication error when he made his “baseless” claim, and in doing so, Brian derailed his own article and switched the focus from Chris Krebs (a subject that Brian is probably expert on) to backstage politics (a subject he is most probably not expert on).

    By making that personal claim in the way that he did, he declared the issue resolved. But it is not resolved. If Brian had instead said that it was *in his opinion* that the claims were baseless, he would be good to go, and the ensuing debate could focus on that– the opinion, not the false conclusion.

    Let’s keep in mind that no one here has any idea of what the actual evidence is. It may be what the Conservatives claim and be overwhelming evidence of actual political machine fraud. Or it may not be. But let’s all at least recognize the fact that what we believe or not is simply based on which of the talking heads we choose to give credibility to, and has nothing to do with our own actual ignorance of what actually happened at 3AM on race day behind politically closed doors.

    1. JamminJ

      This is the equivalent of a board of directors wanting to fire the CEO for cause, but the CEO saying his office computer was hacked to plant evidence… and the CISO saying, “no sir, that didn’t happen”.

      Then the CEO pointing to a couple of help desk tickets about a BSD, some low disk warnings, and a few times the network was slow. And using that to say he shouldn’t be fire, he was hacked, and then firing the CISO.
      The extraordinary claim that requires extraordinary evidence, is that the computer was “hacked”, and NOT that there were some issues. So evidence and proof of these issues, is NOT the basis for the larger claim.

      Saying that the claim is “baseless” is entirely accurate unless/until the claimant provides the evidence. Since Trump and his surrogates have not… it will remain “baseless”.
      You cannot ask someone to prove the negative first.

      So when someone reports that the CEO’s claim is “baseless”, its a FACT.

    2. nothappy

      I just lost all respect for Brian, especially since I have history with him on this man and he told me that he doubted Chris Krebs and refused to share the stage with him. Once you pick sides in Cybersecurity, you are no longer an expert. Objectivity is #1 requirement for this field. If you aren’t sufficiently suspect of everyone you cease to be able to identify the bad. Verizon calls their Cyber team “the Paranoids”. is apt

  7. DLivesInTexas

    It is hard to believe that Christopher Krebs, the head of the CISA, would not be aware that the Dominion voting systems with Smartmatic software were identical to what was used in several countries to generate voting outcomes desired by the politicians in power.

    Kreb’s guarantee of a “secure” election is meaningless if fraudulent votes were allowed to be introduced by those in charge of the “secure” systems.

    Many states reviewed the Dominion voting systems and rejected their use due to missing security and auditing capabilities.

    Based on information provided by Detroit and Dominion whistleblowers, the FBI is looking into what happened in Michigan. Only time will tell if election fraud was isolated or wide-spread.

      1. DLivesInTexas

        Your WaPost article deals with nothing in my original post.

        Dominion election hardware was used in other countries to deliver election results desired by the political party in power.

        That is a FACT regardless of who owns the company and who the company gives money to.

        CISA’s belief that Dominion’s hardware is acceptable in a US election is worrisome. Why implicitly support election systems that have a track record of being manipulated?

        Like any reputable security professional, Christopher Krebs should understand that a “secure” election does not eliminate the likelihood of fraud by people who control that “secure” equipment. To say otherwise is naive at best.

        Now that Dominion equipment has been accused of being utilized in fraudulent activity, it will be interesting to see if they will enter into a lawsuit to protect their reputation. The legal discovery should be interesting.

          1. DLivesInTexas

            You keep bringing up things that have nothing to do with my original comment.

            I never mentioned Giuliani or any of his claims.

            As a security professional, you know that a “secure” system is not immune from non-trivial and potentially undetected fraudulent activity by the owners of the supposedly “secure” system.

            Why doesn’t Christopher Krebs?

        1. JamminJ

          FALSE CLAIM: “Dominion is a company that’s owned by another company called Smartmatic through an intermediary company named Indra,” Giuliani told Fox Business host Lou Dobbs in an interview on Nov. 12. “Dominion is a Canadian company but all of its software is Smartmatic software.”

          Dominion, for one, is not a Canadian company. It has been majority owned since 2018 by Staple Street Capital, a New York private equity firm. And both Dominion and Smartmatic have issued statements saying Smartmatic neither owns Dominion nor provides it with any software or equipment.

          Powell perpetuated the false claims and implied the alleged connection was a sign of foreign election interference in her own interview with Dobbs on Nov. 15. She further claimed Dominion software had deep ties to Venezuela.

          “I can hardly wait to put forth all the evidence we have on Dominion,” she said, “starting with the fact that it was created to produce altered voting results in Venezuela for Hugo Chavez and then shipped internationally to manipulate votes for purchase in other countries, including this one.”

          Smartmatic is an international company incorporated in Florida by Venezuelan founders. There’s no reason to believe Dominion has ties to Venezuela, nor a partnership with Smartmatic, according to Eddie Perez, a voting technology expert at the OSET Institute, a nonpartisan election technology research and development nonprofit.

          “It appears that Mr. Giuliani is making some wild and unfounded claims that are connecting the dots between companies that appear to be unrelated,” Perez said.

          https://apnews.com/article/fact-checking-afs:Content:9740535009

          1. DLivesInTexas

            Once again, you keep spouting nonsense.

            Read my original comment. Nothing in any of your various responses – or the articles you endlessly refer to – have anything to do with its content.

            1. JamminJ

              I quote you directly…. stop denying it. You got caught.

              https://apnews.com/article/fact-checking-afs:Content:9740535009

              “I never mentioned Giuliani or any of his claims.”

              DLivesInTexas original comment:
              “the Dominion voting systems with Smartmatic software were identical to what was used in several countries to generate voting outcomes desired by the politicians in power.”

              Giuliani:
              “Dominion is a company that’s owned by another company called Smartmatic”
              “Dominion is a Canadian company but all of its software is Smartmatic software.”
              “shipped internationally to manipulate votes for purchase in other countries”
              “uses a Venezuelan company software that’s been used to steal elections in other countries”

              1. DLivesInTexas

                My comment was about how and why Christopher Krebs would implicitly support the use of Dominion voting machines in the USA election when they had a proven track record of being utilized in corrupt foreign elections.

                1. JamminJ

                  “when they had a proven track record”
                  Which is the BS lie that you got from Rudy Giuliani. That’s the lie that has been debunked several times here.

                  Liars usually cover their lies by using the lie as a supposition, so they can ask additional questions that predicate on the lie being true.
                  “When did you stop beating your wife” is the classic example.

                  People reading KOS are smarter than that.

    1. Christoph

      You keep whining that all replies to your unsubstantiated claims do not address your bold statements, yet you yourself provide no proof for your outlandish claims of tailor-made election results.
      And you do expect to be taken seriously?

  8. JJ

    Jammin said: ‘But there is a reason why “widespread” voter fraud conspiracies don’t really exist in the real world. Because there is no cost/benefit like there is in typical financial fraud…”

    In what world are you living jammin? Political machines have been executing voter fraud since the beginning of voting time itself. That is not even in dispute.

    However, if you would like a contemporary example:

    “On Tuesday [Nov 16, 2020], two Los Angeles County men [Carlos Antonio De Bourbon Montenegro and Marcos Raul Arevalo] were arrested and charged in a 41-count criminal complaint over submitting more than 8,000 fraudulent ballots on behalf of homeless people in the city of Hawthorne.”

    https://californiaglobe.com/section-2/two-arrested-on-voter-fraud-perjury-charges-in-la-county/

    Did you notice the 8,000 count? That’s just two fraudsters (that got caught) at work for the DEMOCRATIC party. What happens when you have 100 Democratic fraudsters? I’d be careful, Jammin, of such sweeping claims.

    1. JamminJ

      Again, Trump supporters are constantly trying to conflate “ballots” with “registration applications”. They are not the same.

      From that very article:
      “allegedly submitted more than 8,000 fraudulent voter REGISTRATION APPLICATIONS”
      “Of course they were going to get caught. But this is why we check ballots and make sure votes are legitimate.”

      This PROVES my point, that there is no reward since they cannot actually swing an election. This fraud was ONLY for the mayoral race, and NOT the national election… again, proving my point that fraudsters only try if they think they can swing an election.
      So a presidential race won’t see widespread fraud in this manner. Showing an attempt for a local mayor election proves my point.

      1. JJ

        What this proves is that two monkeys got caught, not that fraud doesn’t happen. Common sense (and this article) tells us fraud happens. It happens in all industries. If it didn’t, we’d have no need of laws.

        You can’t say that voter fraud hasn’t happened in the presidential election of 2020 (yet). You can wish it and whistle past that graveyard, but until we see for ourselves what the alleged evidence is, no one, not even you Mr. Jammin can say for sure.

        1. JamminJ

          I notice that you avoid using the word “widespread”. This is because you do not want to acknowledge scope or nuance.

          In cybersecurity, we don’t say things in “absolute terms” like “never” and “always”. We know that something can be reasonably secure, but not “unhackable”. We know that attacks happen, but we understand the risk and reward of attackers. We try not to exaggerate a threat that has minimal impact.

          You and other Trump supporters are trying to build a straw man argument, claiming that the Left is saying “ZERO” fraud happens. Nobody is saying this. Laws will be enforced for even a single occurence of fraud. That is up to local and state law enforcement. But it does NOT mean the national election is suspect.

          The real argument is that irregularities, mistakes, and even fraud… DOES happen, but at a scale so small, that it does not affect a national presidential election. Not even enough to swing a close state’s electoral votes.

          1. JJ

            Jammin said: “I notice that you avoid using the word “widespread”. This is because you do not want to acknowledge scope or nuance…”

            In the first case, that’s because I do not know the scope or nuance. It’s unlikely that you do either. I can only observe that there is claimed to be fraud in this election and that no one can yet say that claim is baseless. There is as such, so far, ample evidence to the contrary.

            And btw, every American, Liberal or Conservative should wish to see the actual evidence (or lack there of) of fraud before making sweeping claims that can’t be substantiated. Every American should want to see the truth and be patient enough to wait for that truth to be presented in the courts.

            Jammin said: “and: “You and other Trump supporters are trying to build a straw man argument…”

            What is straw man about suggesting we wait to see the beef? Again, please be careful about your generalizations…

            You are the only one here I see speaking in absolutes and assumptions (“you and trump supporters…” etc.). You have absolutely no idea who I voted for.

            Jammin also said: “The real argument is that irregularities, mistakes, and even fraud… DOES happen, but at a scale so small, that it does not affect a national presidential election.”

            Not sure how can you prove this? Were you there in Philadelphia at 3AM? or Wisconsin, Michigan or Georgia? If you were, you travel well.

            1. JamminJ

              “I do not know the scope or nuance. It’s unlikely that you do either”
              False. We don’t need to know the all the details, and confirm everything, in order to understand the scope of the accusation. If someone says the Earth will be destroyed, and cites a few earthquakes… that shows the scale of the claim is WAY off base compared for the evidence cited. Even BEFORE verifying that the earthquakes happened, we can understand the scale.

              “there is claimed to be fraud in this election and that no one can yet say that claim is baseless”
              That’s not how logic works.
              The burden of proof is on the claimant.
              Saying that the claim is “baseless” is entirely accurate unless/until the claimant provides the evidence. Since Trump and his surrogates have not… it will remain “baseless”.
              You cannot ask someone to prove the negative first.

              “There is as such, so far, ample evidence to the contrary”
              No, that is not the reality. There is ample accusations. There is evidence of irregularities, mistakes and isolated fraud incidents. But that’s the misdirection.

              Do you know how magicians work? Misdirection.
              Evidence of irregularities, mistakes and even a few accounts of real fraud… are NOT a basis for the larger claim of widespread fraud and that the Trump really won. So yeah, “Baseless” accurately refers to the extraordinary claim that lacks extraordinary evidence.
              You seem to have fallen for evidence that is NOT supporting the larger claim.

              This is playing out in court too. Judges are asking Rudy if he’s claiming “Fraud”, but he’s not. He can’t play his misdirection claims in court.

              “should wish to see the actual evidence (or lack there of) of fraud before making sweeping claims that can’t be substantiated”
              Again, that’s not how logic works. The positive claim is coming from Trump. Denying the positive is not equivalent. You cannot ask people to prove a negative. The negative is assumed until proof of the positive claim is substantiated.
              Only one side is making “sweeping claims”. The other side is merely denying these claims.

              “should want to see the truth and be patient enough to wait for that truth to be presented in the courts”
              If only. But the claimants (Trump’s team) wants to halt counting and halt the process of certification. Calling this “baseless” in the meantime is accurate.

              You’re not suggesting we “wait”. You are supporting Trump’s suggestion of halting the process. You are not suggesting that we wait until after the states certify or after the electoral college votes. You are advocating the opposite of waiting.

              “You are the only one here I see speaking in absolutes and assumptions”
              You don’t know the difference between absolutes and generalizations. Yes, I am making inferences based on your comment history. I do think you voted for Trump, and yes I am assuming based on what I’ve seen… that you are suffering from burning cognitive dissonance since Trump lost.

              “Were you there in Philadelphia at 3AM?”
              The judge asked the Trump lawyers… and the lawyer tried to be smart saying, “there were a non-zero number”. Then the judge got upset, and basically called him out and mentioned that he is risking disbarment if he doesn’t stop his nonsense.
              Then Trump’s lawyer admitted that Trump DID have observers in the room. Yes, at 3 am, and every point ballots were being counted.

              “Not sure how can you prove this?”
              It’s not up to me (or anyone) to prove the negative. The Trump team (and yes, his supporters), are the ones making extraordinary claims… without extraordinary evidence.

              1. JJ

                Jammin said: “Only one side is making “sweeping claims”. The other side is merely denying these claims.”

                And neither can be substantiated before the litigation is over.

                You said: “You cannot ask people to prove a negative…”

                Actually you can ask anyone to back up their statement, positive or negative. They either can or can’t. This is how logic works.

                you said: “You’re not suggesting we “wait”. You are supporting Trump’s suggestion of halting the process. You are not suggesting that we wait until after the states certify or after the electoral college votes. You are advocating the opposite of waiting.”

                Where did you see me say that? I’m not supporting either side here… the only concept I’m supporting is that none of us knows the answer yet. Not even you. Let’s see what happens.

                1. zboot

                  You can’t prove a negative. . . that’s literally how logic works. Such a basic concept that getting it wrong shows you seriously misunderstand logic and implication.

                2. So tired of this

                  You have been indoctrinated into a cult and have been manipulated into following a man and not the principles of the Republican party.

                  Step back and understand this for what it is; You (those that think Trump walks on water) have been duped by a narcissist that could care less about political affiliations and wants only your unwavering fealty.

                  No one should knowingly want this but it is difficult to get out of until you come to the this understanding;

                  You aren’t ignorant and but you have been mislead by lies to ensure your continued loyalty.

                  This is a cult and as with all cults they do not benefit the followers.

  9. Fred Carson

    Hmmm, who do I trust more for my security news? Brian Krebs and Christopher Krebs, or, Orange Julius?

    That’s a tough one. Let me first don my tin foil hat and spend some time on Parler doing some important fact-finding research. That way I can stimulate my thinking facilities while protecting myself from those thought-control beams that are being directing at my house.

    But first, I have to get over to my flat-earth and fake moon-landing meetings.

  10. OffRoadD

    Funny how only Texas said “NO”
    to Dominion machines. Apparently
    Eric Coomer is Antifa – obviously
    anti-Trump. Wonder why that company
    was allowed to handle the voting ?

  11. RogerPedacter

    DLivesInTexas and OffRoadD
    are Russian sock puppet accounts trying to spread debunked lies about Dominion. Classic propaganda fake news.
    Dozens of independent fact checkers have debunked this nonsense over the past few days.

    1. DLivesInTexas

      My Russian sock-puppet masters would like to know what aspects of my original post are inaccurate?

      BTW, JamminJ’s WaPost, Reuters and APNews articles do not deal with any aspect of my original post.

        1. DLivesInTexas

          You keep bringing up things that have nothing to do with my original comment.

          I never mentioned Giuliani or any of his claims.

          The only parroting going on here involves you posting media articles that have absolutely nothing to do with the contents of my original comment.

          My Russian puppet-masters congratulate you on your very high level of obfuscation and think you would make a fine addition to their team.

          1. JamminJ

            https://apnews.com/article/fact-checking-afs:Content:9740535009

            “I never mentioned Giuliani or any of his claims.”

            DLivesInTexas original comment:
            “the Dominion voting systems with Smartmatic software were identical to what was used in several countries to generate voting outcomes desired by the politicians in power.”

            Giuliani:
            “Dominion is a company that’s owned by another company called Smartmatic”
            “Dominion is a Canadian company but all of its software is Smartmatic software.”
            “shipped internationally to manipulate votes for purchase in other countries”
            “uses a Venezuelan company software that’s been used to steal elections in other countries”

            Stop lying to cover your disinformation. You got caught already.

            1. DLivesInTexas

              Why do you keep posting non-equivalent nonsense?

              Once again, my comment was about how and why Christopher Krebs would implicitly support the use of Dominion voting machines in the USA election when they had a proven track record of being utilized in corrupt foreign elections.

              None of the stuff you keep posting all over krebsonsecurity.com has anything to address that question.

              The use of Dominion election systems throughout the world is well documented. Google it or go to the Dominion website.

              The use of Dominion election systems in countries with questionable election results is well documented.

              You can easily match Dominion customers with countries known for election tampering. It might take longer than simply posting the same old nonsense, but you might find it illuminating.

              Why didn’t Christopher Krebs recommend against the use of those Dominion systems?

              1. JamminJ

                “when they had a proven track record of being utilized in corrupt foreign elections”

                This is the argument you are parroting from Rudy Giuliani. There are dozens of fact checks that debunked this claim. Since this prerequisite claim is FALSE… everything that stems from it, is also FALSE. So as much as you want to tie this to Krebs, it falls flat, because you have no evidence of your initial assumption.

                You cannot even name the country Giuliani is referring to. And you cannot put the onus of proof on anyone else, the burden is on the person making the claim.

                Since you obviously are not reading the fact checking articles I linked… then you cannot even claim they are not related. They mention Giuliani’s claims and debunk them directly. Those are the same arguments you are repeating here.

              2. JamminJ

                You don’t want to mention which countries referenced in this claim… because everyone will see that you are lying. You are still basing your argument that “Dominion is Canadian” and “Owned by Smartmatic”. Both are lies that are easily debunked. So when you name a country, you’ll give up the ruse, because it’ll be obvious that Dominion is has nothing to do with it.

                1. JamminJ

                  “when they had a proven track record of being utilized in corrupt foreign elections”

                  This is the argument you are parroting from Rudy Giuliani. There are dozens of fact checks that debunked this claim. Since this prerequisite claim is FALSE… everything that stems from it, is also FALSE. So as much as you want to tie this to Krebs, it falls flat, because you have no evidence of your initial assumption.

                  You cannot even name the country Giuliani is referring to. And you cannot put the onus of proof on anyone else, the burden is on the person making the claim.

                  Since you obviously are not reading the fact checking articles I linked… then you cannot even claim they are not related. They mention Giuliani’s claims and debunk them directly. Those are the same arguments you are repeating here.

                  You don’t want to mention which countries referenced in this claim… because everyone will see that you are lying. You are still basing your argument that “Dominion is Canadian” and “Owned by Smartmatic”. Both are lies that are easily debunked. So when you name a country, you’ll give up the ruse, because it’ll be obvious that Dominion is has nothing to do with it.

              3. JamminJ

                BTW, your boss Rudy is having a literal “melt down”. Haha 🙂

          2. JamminJ

            “I never mentioned Giuliani or any of his claims.”

            DLivesInTexas original comment:
            “the Dominion voting systems with Smartmatic software were identical to what was used in several countries to generate voting outcomes desired by the politicians in power.”

            Giuliani:
            “Dominion is a company that’s owned by another company called Smartmatic”
            “Dominion is a Canadian company but all of its software is Smartmatic software.”
            “shipped internationally to manipulate votes for purchase in other countries”
            “uses a Venezuelan company software that’s been used to steal elections in other countries”

            Stop lying to cover your disinformation. You got caught already.

  12. Tawniz

    Chris Krebs seems to be an amazingly talented individual. More so is that he seems to be working for the protection of our ‘entire’ country and our democracy and fair voting. This is very sad to hear. He was hired by trump but refused to trade his integrity for his position. We need more people like Mr. Krebs to use his skills and knowledge to keep our cyber security safe. We also need more people like him to stand up for what is right in our county. I do hope the Biden administration will bring him back or ask for his integrity to be used elsewhere. I hope Mr Krebs feels good for getting fired by trump because that only means he’s doing whats right not whats trump. Thank you for being honest Mr Krebs!

  13. pol bel

    Chris Krebs has heavyweight authority about voting security and can be fired by a 97-pound weakling about voting security like t***p! What an upside-down country where ignoramuses override experts.

    1. JJ

      Mr. C. Krebs works at the pleasure of the President. Of course he can be fired.

      1. JamminJ

        It’s true, it’s perfectly legal for presidents to fire people within the executive branch of the government. He has pretty much unlimited power to fire or even pardon.

        That doesn’t mean you don’t pay a political price. Nixon past the point of no return when he legally fired someone.

        it’s not a violation of law, but a violation of customs and norms. not much can be done legally, but his legacy takes a hit every time he does it.

        1. JJ

          Not really. It’s been stated that C Krebs employment was terminated for multiple reasons. I notice that you make a great many assumptions in your replies. Let’s not do that.

          Chris Krebs’ job description is determined by his boss, as are all employee’s job descriptions, determined by their bosses. When an employee no longer executes that job description to the satisfaction of his boss, he needs to be terminated– whether others agree with that move or not. Keep in mind, Jammin, that you have absolutely no idea what was involved in the termination of Chris Krebs (nor does anyone else outside that process). So maybe let’s get off that soap box…

          The legacy of any president has only to do with his actions concerning the country, not the people he employs or terminates in the execution of his policy.

          As an example, Obama’s legacy is the tripling of health insurance cost for the majority of the country and the loss of private insurance for a great many working Americans.

          Trump’s legacy, on the other hand, will be the revival of the conservative philosophy which has been dormant for decades. The firing of Chris Krebs is irrelevant to President Trump’s legacy. And Krebs will be just fine.

          1. JamminJ

            “It’s been stated”
            By who? The guy who fired him for contradiction but would love to invent a legit reason?

            The first public announcement of the head of CISA being fired… was on Twitter. Normally, a termination at this level would have deliberation and involve much more than what we see in public. But the Twitter King himself, doesn’t do anything normally. He did it on Twitter. And that pretty much shows the motivations and reasoning behind this action.

            Umm… look at the actual legacies of Presidents. Lookup Nixon’s massacre. Study history and you’ll see that hiring and firing play huge parts in the cementing of presidential legacy.

            I won’t bother wasting time fact checking another fake news story about Obama. Stop getting your talking points from Fox News. Obama’s legacy (two terms), VP gonna be president, and relatively few scandals… is being cemented every day. His legacy for Democrats will be similar to how Republicans view Reagan.

            Hahahahaha.. wow. Really? Trump’s legacy will be positive? No. Republicans will disavow him in droves as soon as he’s out of power. Ruling through fear of reprisal as he does… only works so long. You can keep a dog in line by stepping on its neck, but you can never move your foot.
            History will NOT be kind to Trump. He’ll be a stain on the country’s legacy for decades. Conservatives will have to revise the history of him just to justify their own compliance.

  14. Sore Loser

    Trump will go down as the sorest loser in Presidential election history. Decades from now, droves of people will still be laughing at what a crybaby he was, if anyone remembers who he is.

    P.S. Lock him up

  15. Fact

    Fact : I went to vote and when attempting to vote I was told I had already voted . Wouldn’t tell me who I voted for but said it would be under investigation. Have t heard anything since .

    So yes voter fraud is a fact.

    1. JamminJ

      Yes, voter fraud does happen. Nobody is actually making the argument that there are zero cases of voter fraud, in any election.

      Its what we call, a strawman argument. Something easy to refute, but nobody’s actually making that claim.

      Widespread voter fraud is a completely different matter and there’s no evidence to support such a thing.

      There’s also hanlon’s razor.
      Don’t attribute malice what can be easily explained by stupidity.

      Every election has error and irregularities. 99.9% of the time it’s not malicious or intentional. But human error.
      People often have the same names and/or similar addresses that confuse people especially the elderly who work at polling locations.
      Simple mistakes cause problems like you’ve experienced.

      If some poll worker accidentally crossed your name off because someone came in to vote whose name was listed right above yours, is not fraud. It happens way more often than intentional fraud.

      1. Gary Viceroy

        So nice of you to share your physic insight, that a person with a experience of a situation knows not as much as you who has not experienced the same.

        1. JamminJ

          Are you really going to argue for the authority of anecdote?
          That’s laughable.

          Sorry, but the layperson doesn’t know what “fraud” is. They could be missing fries at McDonald’s and say that’s “fraud”.

          From the information given… statistically it’s far more likely to be an honest mistake.

  16. VM

    Brian, by posting this here you have opened whole can of worms. Whether claims are true or false is yet to be decided in courts, and as a head of an agency, mr. Christopher Krebs acted unethically, again it is because CISA doesn’t have judicial power, it’s not their right to decide whether the evidence is sufficient and credible.

    1. JamminJ

      That is utter BS.
      The head of the cybersecurity agency, under the department of Homeland security has plenty of authority to speak about the security of election systems. Krebs has every right to speak up if anyone makes a false claim about massive, widespread fraud. That is his domain, and he is the expert.

      He did not act unethically. But did his job and is respected on both sides.

      The courts don’t decide everything. They cannot declare the sky blue, or that an earthquake happened in New Mexico. If someone makes a claim that Iran just bombed Chicago…. Are you going to wait for a judge’s ruling? or are you going to say, “I live in Chicago and there are no bombs”.

      Christopher Krebs is the proper authority to refute claims of massive election security breaches.

    2. zboot

      One doesn’t need to be a judge to be a cybersecurity professional. As far as I know, very few such professionals are also judges.

  17. Thorsten von Eicken

    Brian, thanks for taking a stand with this post.

  18. Senor Senorita

    Brian,

    Let me just give you a heads up: Your father is lying. You and Chris Krebs look like brothers.

    Great article, as always. Keep up the good work.

  19. Stoptothink

    Having recently started following your blog, I admire the quality of your articles. Not being from the land of the free, the hardest thing I find to get my head around is the politics and ideology. I was firmly under the impression that the greatest threat to the future world will be cyber-attacks. But now I’m starting to believe that the greater threat now is misinformation. We’ve patched most of the bugs in software, but we haven’t patched any bugs in ourselves, we have millions of zero-day exploits and hackers are now focussing on these. Some of the other comments on this particular article are deeply concerning to me, mainly because at first glance they provide a solid argument backed up by references to believable studies, this is now high quality misinformation. This is no longer strong opinion by the misinformed and non-critical, this is highly advanced and intelligent manipulation to trip up anyone who doesn’t practise good critical thinking. And now we are at a point where a blog frequented by highly intelligent cybersecurity professionals, which, judging by the comments, many who seem to have been compromised.

    The second you let your critical thinking guard down, whatever your race, religion, or political persuasion, you are at risk.

    Keep up the excellent work.

    1. JamminJ

      This sums it up perfectly.

      Our wetware is under attack by APTs. Malicious warez are spreading fast, and gaining footholds. We all know someone infected. It’s heartbreaking, even when you understand what’s happening, precisely because you really can’t patch wetware.

  20. Mahhn

    May I remind our fellow enthusiastic Security and IT peeps, we live by the rules below. They should be guides in this political junk to.
    -Zero Trust-
    and
    -Trust but Verify-
    No system or person is above scrutiny.
    If they are, they system is broken.

    1. JamminJ

      Even better…
      Extraordinary claims require extraordinary evidence.
      We trust but verify. Before a single vote is discarded, before a single certification process is halted… the claimants must prove their case in court.
      Of course, that is NOT what they want to do. They want you to trust their claims beforehand and stop the process.

  21. Average White Guy

    As a seasoned IT security professional and not particularly political, I suggest the voting infrastructure be audited in states where recounts are appropriate. We all know logs are present, plainly visible or in remnants of devices that stored or moved the voter data. The firing of CKrebs or the use of the word “baseless” by BKrebs is irrelevant to what election systems experts like Professor Appel from Princeton or another firm like Secureworks or Allied Security Systems would definitively determine IF they had forensic level access to these systems.

  22. JamminJ

    IT security professions in corporate environments should understand this:

    This is the equivalent of a board of directors wanting to fire the CEO for cause, but the CEO saying his office computer was hacked to plant evidence… and the CISO saying, “no sir, that didn’t happen”.

    Then the CEO pointing to a couple of help desk tickets about a BSD, some low disk warnings, and a few times the network was slow. And using that to say he shouldn’t be fire, he was hacked, and then firing the CISO.
    The extraordinary claim that requires extraordinary evidence, is that the computer was “hacked”, and NOT that there were some issues. So evidence and proof of these issues, is NOT the basis for the larger claim.

    So when someone reports that the CEO’s claim is “baseless”, its a FACT.

    1. Average White Guy

      Ok JamminJ, I have a few minutes to engage but volume of posts doesn’t equate to validity and you seem to have a lot of time to “convince” us your opinion is the correct one. That said, your analogy is weak imho. If you do a basic search on statistical anomalies you will see the numbers reported on election night by the media outlets were highly suspect and would convince me as a CISO to investigate further. CKrebs continuing to state the 2020 elections were the most secure in history was a gross exaggeration, especially given the evidence that continues to be found. Was his firing appropriate? Probably not given what we are told but I would like to know what happened behind closed doors within CISA and in his discussions with POTUS before and after Nov 3. Troll on…

      1. JamminJ

        AWG,
        The way comments are moderated, they get posted in dumps/traunches… so it would only LOOK like I spent a lot of time, but its just the reality of how comments are buffered by moderation. Speaking of which..

        For someone that does statistical analysis, and paid attention for the last few months (not just started paying attention on Nov 3rd)… it is NOT SUSPICIOUS AT ALL.
        We knew for a long time that due to COVID, and the subsequent inflation of mail in voting… the process could take weeks. This long process of counting was well known months ago. And we knew it would show how the sausage was made on election night.

        Usually, without COVID, a single election night would have traunches of votes, separated by minutes, not days. And counties reporting in with rapid succession. Enough to hide the normal irregularities we see every election. This time, we saw the “blue shift” coming miles away. And we knew that there would be periods where ONLY in-person votes were counted, then seemingly odd “breaks”, before they started counting absentee/mail votes.

        None of this was “suspicious”, because it was all expected.

        If you were the CISO, and you weren’t aware that 2020 would be different, and then were surprised to see these things happen… then you would be fired for cause.
        (btw, the analogy had the CEO, not the CISO, fired for cause as something comparable to a referendum election).

        As an investigator… you don’t simply call unfounded claims, “evidence”. So your admission that you consider Rudy Giuliani’s ramblings as “evidence”, then you are already disqualified. In court, there are standards for evidence. And since no court is even accepting their nonsense as evidence, we should not either.

        Having worked in government, it should be clear that Trump’s firings don’t have diligent meetings. He is impulsive and fires people on Twitter without any consultation. If there was something additional, they would not hesitate to provide justification.

        1. JJ

          JamminJ said: “This long process of counting was well known months ago. And we knew it would show how the sausage was made on election night…”

          Well that seems to be the problem here… when poll watchers are kept away from the auditing and even court orders don’t get them in sight of the “sausage”… then instead of getting to see the sausage making process we are left wondering where all those unsigned blue sausages are coming from. At 3AM. You can spin this all you wish, but at the end of the day you may yet be surprised.

          Lack of transparency is at the root of the swing state problem. And often a sign of corruption. We’ll see what shakes out.

          1. JamminJ

            Poll watchers from both parties were present despite what you hear at press conferences.
            When they make those kind of claims in court, the judge asks very explicitly… And Trump’s lawyers stopped making that claim.

            Now they want to argue about the distance. But again, Rudy Giuliani is lying.
            Poll watchers are much closer than he is describing.

            The strategy is NOT to actually get a win in court, or to get more poll watchers or closer viewing.
            But rather, to make false claims that there is a lack of transparency. The end game is to sow enough distrust, that state legislatures declare the elections null and void.

            The fact is, each county and state has rules about poll watchers that have been the consistent for decades. Swing states are not substantially different than safe states. The only difference is where the Trump team chooses to file lawsuits.

        2. Average White Guy

          Successfully baited…I just won money for getting you to make 40 posts on one article. Take a nap, it might help you deal with your outrage.

          1. JamminJ

            You: “I have a few minutes to engage”
            Looks like I baited you. You didn’t have to comment at all.

            The only outrage I see on this forum is Trump worshiping cultists getting triggered because dear leader lost.
            Read the comments by everyone so butt hurt that Brian Krebs accurately called Trump’s claims “baseless”. Wow, they have all gone rabid with madness.
            These gullible people have locked themselves in an echo chamber of news media that would never question the honesty of Donald, and thought an IT security blog would be a safe space that would not burst their bubble of ignorant bliss. But alas, he fired the head of CISA, which is right in the wheelhouse of this blog.
            So now, so many Trump voters are hearing something outside their bubble, and getting outraged.

    2. JJ

      In the case of the election, no one yet knows if or how deep the election fraud went. Nor does anyone here seem to know the extent of the circumstances surrounding the termination of Chris Krebs. If Krebs has a grievance he can file it. Just like the Trump campaign is doing.

      In terms of Chris Krebs, he is an at will employee. Cause is not needed for his termination.

      In the case of the election, we will see what’s baseless or not. No one here is close enough to the litigation to yet make that conclusion.

      1. JamminJ

        JJ,
        “no one yet knows”
        This is the classic fallacy of “teach the controversy” that conspiracy nuts claim whenever they spout complete fantasy.

        “IF or how deep the election fraud went”
        So are you saying the Trump should not attempt to delay/halt certification until AFTER they prove their case in court?
        Because that is not what they are doing. They want to build an equivalency between fact and fiction, to make claims that are more and more ridiculous, so that their lies can have equal credibility to the truth in the meantime, while people sit on the fence between reality and dementia say, “we don’t know”.

        Yes, it’s legal to fire Chris Krebs without cause or reason.
        My analogy had the CEO, not the CISO, fired for cause as something comparable to a referendum election.
        There will be no legal repercussions to Krebs termination. But political firings have political consequences sometimes. Nixon had a similar issue.

      2. JamminJ

        “no one yet knows”
        This is the classic fallacy of “teach the controversy” that conspiracy nuts claim whenever they spout complete fantasy.

        “IF or how deep the election fraud went”
        So are you saying the Trump should not attempt to delay/halt certification until AFTER they prove their case in court?
        Because that is not what they are doing. They want to build an equivalency between fact and fiction, to make claims that are more and more ridiculous, so that their lies can have equal credibility to the truth in the meantime, while people sit on the fence between reality and dementia say, “we don’t know”.

        Yes, it’s legal to fire Chris Krebs without cause or reason.
        My analogy had the CEO, not the CISO, fired for cause as something comparable to a referendum election.
        There will be no legal repercussions to Krebs termination. But political firings have political consequences sometimes. Nixon had a similar issue.

  23. JamminJ

    “There’s like a loyalty purge going on in the last month of the White House,” Rep. Adam Kinzinger (R-Ill.)

    Some sycophants here are actually saying that there might be a legit cybersecurity reason for firing Chris Krebs. Invoking ignorance, saying “we don’t know why”.

    Trump fires people on Twitter. And without care, will do it right after a public dispute. The ONLY reason Krebs is gone, is he publicly contradicted the President.

    Loyalty over Truth.

    1. JamminJ

      “no one yet knows”
      This is the classic fallacy of “teach the controversy” that conspiracy nuts claim whenever they spout complete fantasy.

      “IF or how deep the election fraud went”
      So are you saying that Trump should not attempt to delay/halt certification until AFTER they prove their case in court?
      Because that is not what they are doing. They want to build an equivalency between fact and fiction, to make claims that are more and more ridiculous, so that their lies can have equal credibility to the truth in the meantime, while people sit on the fence between reality and dementia say, “we don’t know”.

      Yes, it’s legal to fire Chris Krebs without cause or reason.
      There will be no legal repercussions to this termination. But political firings have political consequences sometimes. Nixon had a similar issue.

  24. Alberto Eins

    What saddens me the most, is that people I considered to be highly intelligent and rational four years ago, have proven the power of propaganda and fanaticism override everything.

    In 2020 1+1 no longer equals 2. 1+1=5 0r 20 or 1000 because one man and his propaganda machine say so.

    Archimides, Pythagoras, Euclid, Newton, Descartes, Turin, Wiles.. You are fired!

    Brian I follow you, because you are a trustworthy journalist that does his homework and posts the facts. Respect!

    1. JamminJ

      Don’t watch random YouTube propaganda.

      Is this the press conference at the landscapers by the porno shop and crematorium… or the RNC conference where the lying Giuliani was literally melting down?

    2. Try to save face Grace

      Yes, “baseless” is correct.
      These Rudy press conferences are nothing but a circus with a center ring clown.

      These affidavits don’t hold up in court. Nobody goes after these people with charges of perjury, even when they lie. We’ve already seen several “sworn” witnesses retract their story when investigated. It’s all a made up story.
      Judges are dismissing cases left and right. Trump and Rudy are losing these cases… despite having these affidavits.

      1. JJ

        Why the personal insults? Which of the 200 affidavits have not held up in court? Which of the affidavit witnesses have retracted their story? Names?

        You may think that the story is made up, but until this is over, you don’t know any more than Jammin does.

        Instead of personal insults, maybe try to be kind instead, and stay in the professional lane.

        No one yet knows the truth. But we will. Until then, lets be kind with our words.

        In the end, the only cases that will matter are the ones won or lost at the Supreme court.

        1. Kindness

          Are you offended by insults to Rudy Giuliani? He acts like a circus clown just calling it out

          Instead of kindness first how about we practice a bit of logic.
          I see a lot of comments here like “I don’t have to prove anything, you prove me wrong”

          How about people stop mentioning affidavits as if they are proof. They are just notarized statements. They don’t tell objective truth they’re simply record some subjective viewpoint.
          Don’t hold up a stack of affidavits unless each one was actually used in court and allowed by a judge.

          That’s the logic that is missing here, that is being repeated requested. That the person making the extraordinary claims be the first to provide the extraordinary evidence. Instead of making wild accusations and then asking for evidence to disprove it.

          1. JJ

            I’m not offended at all. Just saying. Be kind to people, even the ones you disagree with.

            There are many kinds of logic, the type most often wrong is the one using assumptions in the formula.

            1. JamminJ

              Occam’s Razor is the principle of selecting the solution with the fewest assumptions.

              So ask yourself, ignoring all of the rhetoric… Which has the fewest assumptions?

              A grand conspiracy in which thousands of people successfully altered hundreds of thousands of ballots.
              Or a standard deviation of errors and mistakes that happen every election cycle.

              The narrative that Trump is positing requires an enormous amount of assumptions to be true.

    1. A. Bosch

      Thank you for posting that. It seems that responding to Krebs on Security posts keeps those Russians especially busy. What’s sad is that their disinformation and their agent provocateurial craft would not get any traction in the U.S. if it wasn’t for our deep political and cultural divisions. That and the fact that a sizeable percentage of Americans are deficient in basic critical thinking skills.

      “Extraordinary claims require extraordinary proof” – that was Carl Sagan’s response to UFO and alien first encounter claims. He was viciously attacked for positing that.

      As of today the end game looks in site for this dangerous demagogue’s Presidency, but we may now be subjected to 4 years of rants and harangues that he was cheated by “elites” or “communists” , and his cult will buy every word of it. A similar big lie did not work out so well for the German Weimar republic.

    1. JamminJ

      This is not evidence. It’s an affidavit.
      Trump’s defense team won’t even try to submit this as evidence, because if they did it would be thrown out.

      Also, this isn’t really making any election fraud claims either. It’s just open source connections being made and really weak inferences that would get lawyers disbarred if they tried to use this logic.
      This thing literally reads like one of those crackpot conspiracy nuts, with thumbtacks and red string all over the place. Real investigators don’t write this kind of nonsense.

      This is not how the law works people. It’s not a crowd sourced, election of affidavits from people who want to jump on the bandwagon of conspiracy.
      That’s how the Salem Witch Trials were conducted. That’s not a system of legal due process that would actually work.
      Everybody wants to participate in a trial by media here. And people are being coerced into signing affidavits, knowing that nobody will even look twice let alone prosecute them for perjury.

  25. instig8r

    Well, thanks for all the good work over the years, Brian. But now it is evident that you reputation for following corruption and criminal activity to its source was just a facade. You jumped off the fence with that comment. I’m out.

    1. JamminJ

      Brian follows real corruption, and does real investigations. He is not an errand boy for the Republican party or Trump fanatics.

      Brian Krebs will not be tasked to investigate accusatory speculation for purely political purposes.

      1. MisterPi

        I want to thank you (all) for one of the most interesting and informative comment threads I have read surrounding the (fairly balloted) election. I completely agree that it takes a mind-numbing stretch of the imagination to believe that there was a grand, secret cabal-organized conspiracy to deny Trump a second term. If there had been an organized vote swap, Mitch McConnell, Lindsey Graham, Kelly Loeffler and David Perdue all would have been defeated as well. Why would the Democrats orchestrate the largest crime in the history of the US and leave their chosen leader with a Senate still in Republican control? And with the two largest roadblocks to progress still in place?

        As you point out, the “stolen election theory” does not pass the Occam’s Razor test.

  26. mealy

    Additional laudatory kudos, I hope you expand your operation.

    This is key stuff – &not being corporate controlled is a rare condition.

  27. justin

    The guy should have been fired. The claim that this is the most secure election ever is a joke.

    Steevie Wonder could have compromised this whole election with a USB HID attack. $8 – $25 dollars and 45 seconds is all it would have taken.

    Not saying much

    1. JamminJ

      Compromising a single voting machine with a USB attack is risky, requires being present in person, and could at most change a few hundred votes. Definitely not the “entire election”.

      Still, no evidence that a single voting machine was attacked by any USB attack.
      In cybersecurity there is a HUGE difference between POCs at Defcon, and seeing attacks “in the wild”.

Comments are closed.