- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
re: Microsoft SQL Database Management Program found on Dominion... Non-Authorized software
Posted on 5/10/21 at 3:11 pm to LSU316
Posted on 5/10/21 at 3:11 pm to LSU316
quote:I mean why run this if its not connected to a network?
Right so that was my question if it was a "connected" server then that is an issue because I think it was well published that they couldn't be on a network.
Posted on 5/10/21 at 3:12 pm to ninthward
So, for us non-computer geeks...can someone just answer "is this a big deal or not?"
Posted on 5/10/21 at 3:12 pm to LSU316
quote:I don't expect the average Joe on TD to be an SQL expert.
I think bringing up some arbitrary point that "MS SQL isn't allowed on them" is what got this thread talking because frankly it seems ridiculous.
Posted on 5/10/21 at 3:13 pm to GodnCountry
quote:
Yes. Look up the election commission certified program. It's not.
You linked to it yourself.
Just tell me what I'm missing. All I see (and again I'm not someone with any experience) in the EAC Cert is:
What am I missing?
Posted on 5/10/21 at 3:13 pm to lsursb
quote:
So, for us non-computer geeks...can someone just answer "is this a big deal or not?"
The ones arguing don't even know what they're talking about lol.
Posted on 5/10/21 at 3:13 pm to GodnCountry
LINK
I'm guessing you are talking about that...pg1 looks to be certifying the Dominion Voting Systems Democracy Suite 5.5 by the United States Election Assistance Commission
On page 4 of the document MS SQL Server 2016 Standard, MS SQL Server 2016 Service Pack 2, and MS SQL Server 2016 SP1 Express are all listed as part of that platform.
So if they certified the overall system does that not mean that they certify the components....especially if they are listed in the certification doc?
I'm guessing you are talking about that...pg1 looks to be certifying the Dominion Voting Systems Democracy Suite 5.5 by the United States Election Assistance Commission
On page 4 of the document MS SQL Server 2016 Standard, MS SQL Server 2016 Service Pack 2, and MS SQL Server 2016 SP1 Express are all listed as part of that platform.
So if they certified the overall system does that not mean that they certify the components....especially if they are listed in the certification doc?
This post was edited on 5/10/21 at 3:25 pm
Posted on 5/10/21 at 3:14 pm to theunknownknight
quote:
So did they find any actual code? Look in the SQL logs? DB instances? Connection strings? authentication information?
They found
1- 1060 votes in a county of 25K people that are "phantom".
2-They found 20% of mail outs were sent to PO boxes.
3- They also showed the court how votes were flipped and duplicated the process on video.
It's not "just the software". It' not certified by the commission.
This post was edited on 5/10/21 at 3:15 pm
Posted on 5/10/21 at 3:14 pm to Powerman
quote:
I'm hear to say OP is a fricking moron
Posted on 5/10/21 at 3:14 pm to lsursb
quote:Once again Dominion machines are proven to be connected to the internet. That's all you need to know. There are multiple ways for these machines to be online. This thread in general is about a computer language tasked to store data on a broad network and can be accessed either locally or remotely via a server and data can be manipulated.
So, for us non-computer geeks...can someone just answer "is this a big deal or not?"
This post was edited on 5/10/21 at 3:16 pm
Posted on 5/10/21 at 3:14 pm to Powerman
quote:
Do you even know what SQL is?
It was the SQL database management tool you philistine and its not allowed. This isn't Vietnam. There are rules.
Posted on 5/10/21 at 3:15 pm to jonnyanony
quote:
Generally no it doesn't. Or more accurately, it could be used to do that, but it would be a clunky orchestration pumping scripts into unnecessary software when you could write a 30 line method in almost any programming language, compile it into a binary called "dominion_security.exe" and have it run as a scheduled task.
That poll workers where getting support updates via Internet and the machines had software that is not supposed to be on a voting machine sure makes those live instances of vote switching smell bad no matter how it happened.
Posted on 5/10/21 at 3:16 pm to bayou2
LINK
quote:
A Tale of Two Hacks: From SolarWinds to Microsoft Exchange
quote:
Oliver Tavakoli, CTO of Vectra AI, discusses the differences between the massive supply-chain hack and the Exchange zero-day attacks, and their legacy and ramifications for security professionals.
The past four months have exposed two high-profile attacks, which both had pundits declaring them the “worst-ever” and “unprecedented.” They shared other similarities – both attacked businesses rather than individuals, and affected tens of thousands of organizations. But that is where the similarity ends.
The SolarWinds hack was a “supply-chain” attack on approximately 18,000 purchasers of the company’s Orion software. Two things make it particularly bad. One, Orion clients include numerous large enterprises and U.S. government agencies. Two, Orion is an “infrastructure monitoring and management” tool. It is well-placed within target networks to reach pretty much any other asset, making it an ideal base camp for an attacker to pursue many goals.
Other elements of the SolarWinds hack are disturbingly familiar. This attack is attributed to a group which Mitre, the nonprofit research organization, has dubbed APT29. You may know APT29 by another name: Cozy Bear. Cozy Bear is also blamed for hacking the Democratic National Committee in 2015. It’s believed to be connected to the Russian Foreign Intelligence Service (a.k.a. SVR), which generally collects information, while the GRU, the Russian Military Intelligence Service, weaponizes it.
... NOW --- take this information and layer it on the Dominion Software manipulation
AND
BINGO
THERE YOU ARE
... you see the Dominion Software was hooked up to CrowdStrike --- up until that earthquake on May 16, 2020. That is when the CrowdStrike computer was destroyed ...
... and if you note the reference in the article about the Russian hackers and the Mueller investigation and EVERYTHING ...
well
THIS IS IT
... remember right after the election they found chips in the voting machines that were not supposed to be there.
But those chips were there so that the voting machines could connect with CrowdStrike computer ...
but it was destroyed and they had to go with a backup plan --- old school
... they had to go with actual outside software to be able to communicate with the PROTOTYPE ...
... then they had to pray you would never find out ...
THERE YOU GO
Posted on 5/10/21 at 3:16 pm to ninthward
quote:
Once again Dominion machines are proven to be connected to the internet. hats all you need to know.
Now this I agree with....this is the pain point in my mind and the point that should be getting pounded in court.
The problem with this shite is judges, lawyers, and the justice system in general don't understand this shite.
Posted on 5/10/21 at 3:17 pm to moneyg
quote:
You are playing semantics.
"Semantics"...usually goes pretty poorly after you use that word.
Posted on 5/10/21 at 3:19 pm to jonnyanony
quote:
Generally no it doesn't. Or more accurately, it could be used to do that, but it would be a clunky orchestration pumping scripts into unnecessary software when you could write a 30 line method in almost any programming language, compile it into a binary called "dominion_security.exe" and have it run as a scheduled task.
So what?
If I have SSMS, I can without compilation write, modify, and execute a script to any server that accepts a connection assuming I have an authorized login.
Just at a basic level, a knowledgeable user with SSMS can, on the fly, be ready for any situation that may need to occur.
If I'm writing a standalone program, then I need to program for every possible scenario, or program to receive input from somewhere else (external network, receive requests from elsewhere, UI, etc.)
Posted on 5/10/21 at 3:19 pm to hubertcumberdale
That's not the data management program.
Posted on 5/10/21 at 3:19 pm to GodnCountry
quote:
They found
1- 1060 votes in a county of 25K people that are "phantom".
2-They found 20% of mail outs were sent to PO boxes.
3- They also showed the court how votes were flipped and duplicated the process on video.
It's not "just the software". It' not certified by the commission.
This is GodnCountry bailing out on the whole "you didn't read your link" argument because it now appears he didn't read the link.
Posted on 5/10/21 at 3:20 pm to Jjdoc
Please provide link to this story.
Posted on 5/10/21 at 3:20 pm to Jjdoc
It wouldn’t surprise me at all if dominions software is built on SQL. I work with several software packages that are developed on top of a base SQL install.
SQL is like excel, or Visio, or word. You can use it on its own, or you can build custom software that interfaces with it. Seems very likely that the votes are stored in a local database, and that’s exactly what SQL does, so....
SQL is like excel, or Visio, or word. You can use it on its own, or you can build custom software that interfaces with it. Seems very likely that the votes are stored in a local database, and that’s exactly what SQL does, so....
Popular
Back to top
Follow TigerDroppings for LSU Football News