Do the Maricopa auditors already have the missing files? Screenshot they posted was from data recovery software.
(media.greatawakening.win)
?? Theory ??
Comments (67)
sorted by:
Yep! These people are stupid! How did they think they could just delete a whole group of files without it being recovered? I've had users delete full hard drives and times where the hard drive fried and smoked but send it in and pay a little money and they can extract every single bit that was on that drive.
I'm guessing they never expected a real audit to be done... like they knew they could get away with it...
Depends on how the data was deleted. If you remove the index the data is still there until you write new data on top of it. There are programs that do this such as bleachbit and ccleaner.
Agreed, former IT gunslinger here. Unless the locations on the drives that contained the original data were over written, the data is absolutely recoverable by the right technician. I think they have them dead to writes. Pun intended.
They forgot to wipe it, like with a cloth, then accidentally smash it with a hammer repeatedly.
She's already dead.
Executed last Friday.
it was infuriating
they didnt smash the scorecard with the hammer?
I have broken every old hard drive to bits, smashed with hammer, separated into multiple trash cans like I’m disposing of a dead hooker.
And there was only like a credit card number on it. Seems like a bird brain like Katie Hobbs would direct her IT staff to do something like that—or she would do it herself?
I shoot mine! I offer it as a service when I replace peoples computers! I let them know I take it out to the range and shoot it up to pieces! They love that! Of course I'm from Arizona.
the right technician? Fuck i drive forklifts and if the data wasn't written over top i could fucking do it.
You're probably forklift certified. Thats in a class of its own.
Since they were networked Is it possible that you could copy the drives over the network? That way if you, I dunno, seized the servers over seas they were networked to you could use the overseas servers to access the original machines to check?
^^
Even deleted data is recoverable up to a certain point. I know because I've used forensic recovery software in the past.
Destroy and delete?
Bleachbit for laptops, hammer for phones.
The government has software that will wipe a drive 40 times after putting fake data on it each time, yet it still can be recovered.
Not true. Maybe back in the 80's-90's when drive densities were negligible.
The last time I used the software was in 2012, and it was current... I am in healthcare software now, but forensic audits can recover the info unless the drive has been completely ruined.
You mean wipe it with a cloth?! HRC
Great info. Sounds like you work in the field of data recovery. So you think there is a high probability they recovered these files? I assume that the cyber ninjas would be experts in data recovery and that the idiots who deleted it, did it hastily and did not take any additional measures to prevent the data from being recovered ( if that is possible)
More than likely they already recovered the file. Just take a look at the documentation for the software they are using
https://www.r-studio.com/Data_Recovery_Technician.shtml
Note that the software they use actually takes into account the RAID structure on modern drives. My guess is they will be able to recover over 90% of the data deleted.
There is a 100% probability they could recover any deleted files...
I couldn't agree more!
Maybe they had Hillary "wipe" the drive like with a cloth.
In most cases even formatting a drive you can still get data back. I have used various tools of the trade for data recovery while owning a small IT outfit for 10+ years with double that in a related 9-5 career. Deleting a file or even a formatted drive hasn't actually removed any data and it has just removed the index or address table that tells your computer that your file is in X location (and actually in many locations fragmented out). Data is stored fragmented out at times with a bit of preamble and such for the fragmentations. This is one of the ways the recovery software works to recover a file... which takes a very long time in some cases. Regardless, you can format a drive 20 times, even re use the disk during those formats and you can still get some files from the first time the drive was used... as long as it hasn't been written over - indexes and such from different file systems come into the mix here as well. And this is where bleachbit and other tools people have mentioned come in... they will fill a drive with 0's or whatever and actually write over things deleted... but that didn't happen if they are seeing the files in the list there. <I have over simplified greatly, mostly just to point out that if the files are in the list they can probably recover them>
Thanks for the info. Your over simplification was perfect for someone like myself to understand. I knew it was possible but never knew much about the topic until today. If they have it I hope they keep quiet about it so they don't trigger any evidence destruction in other states.
My guess is that at least two steps of destruction of evidence occurred here. Also, I do not think it will be sufficient to recover the deleted files. Notice - all of the files from 11/3 are either empty or are a standard and small size. The standard, small files are very likely template database files with no data. Then, notice how there are large files which contain the actual adjudicable ballots. This would be a gold mine of overt fraud if the manual adjudication is as fraudulent as we suspect.
Notice the two files with length of 0 bytes (AdjudicableBallotStore_20201103_General_2020-1). It looks like the data we deleted. Actually, it appears someone opened a console and ran a single command:
drop database <databasename>
Can this be recovered? Yes, but it is not a trivial. This would involve reconstituting the mdf file. I have never seen a data recovery tool that can do this, but I know for a fact that the IRS has such tools, so they must be common in the art.
Is it possible for them to delete the files and then ensure that recovered files are fake?
Technically, yes, but they would almost certainly be undone by mistakes. That would be a highly complex operation, especially since the database has transactional logging.
Here's an analogy for the non-tech savvy.
File systems used by all computers (like FAT, NTFS, HFS, etc) are like a library. Imagine a library. There's the card catalog and there are the books on different aisles and shelves and so on. The card catalog tells you where in the library to find the book you are looking for but it does not contain any actual data; you have to go retrieve the book (file) to read it. A file system is essentially the card catalog to the files on your drive.
When you "delete" a file from your computer, (basically) what happens under the hood is your operating system goes to the card catalog and removes that file's card but it might leave the book on the shelf. Later, when you save a new file to your computer, the operating system might reuse the same position on the aisle + shelf as that old deleted book, and if it does, it overwrites the deleted book with the new one (and thus you cannot recover the book that used to be there). However, there's a chance a deleted file is still on the shelf, untouched, and a piece of software like in OP scans through the entire library, walking down every aisle and looking at every shelf, looking for "deleted" books that are not listed in the card catalog. Sometimes you can recover them, sometimes you cannot (many variables, mostly time + activity).
The biggest exception to that is modern SSDs (depending on configuration of something called TRIM) delete the book at the same time its reference is removed from the card catalog (for faster write performance) and file recovery is impossible.
Great analogy. Do libraries even use card catalogs anymore? I figure the card catalog is now on a computer.
No clue LOL
All part of the plan. Its obvious. Without saying much, places I have worked have their own facilities (usually in maintenance in the basement) to dispose of hard drives. Two rollers covered in teeth that crush and tear the hard drives (and other metals) to pieces.
Explain to me, Hillary and her cohorts had the commonsense to dispose of her phones via a hammer/bleachbit and these computer experts delete? No way. This was all meant to be found. They could have easily (virus/hack) the entire system and placed it under encrypted lock and key.
No doubt about it. The entire election, and now the process of 'reveal' has been planned.
Yes. They do.
These people are stupid?
Is it possible that they deleted files/formatted disks without overwriting them multiple times?
https://www.blancco.com/blog-many-overwriting-rounds-required-erase-hard-disk/
Looks like they didn't have enough time to do that, look at the accessed parameters for the recovered files. Literally a couple days before the forensic audit began.
So who had access on 4/12?
Yes. Deleting files means nothing unless they physical destroyed the drives its easy to retrieve every retard knows this so we dealing with exceptional dumb people
?Where’s Hillary with her hammer when they needed her the most, dammit!!?
???????
These people are stupid ?
I think also they included the pic of the software used to pressure someone on the other side to finally break. The RINO's may be dug in but perhaps not all the IT folks they use.
I’m sure the other states are taking measures right now to properly doctor their data.
They also appear to have gained root access, which is what you get when you have obtained the root password.
It is my understanding that they can undelete whatever was deleted.
In most operating systems, deleting a file means removing the record entry that points to where the file content is stored. The data isn't really "wiped" per se, but the storage clusters holding the data is marked free for use.
The discovery of those missing entry by a forensics program shows that they were able to discover the deletion. Furthermore, they definitely can recover it... But there's no guarantee the contents arent corrupted.
One more thing to add is that modern hard drives make use of redundant writes onto multiple platters to speed up the disk I/O. So, having the file corrupted on one cluster means it can be still restored from another cluster.
As someone points out, only way for true deletion is if they did multiple writes over the sector containing the data bytes. But given that the county didn't have much time nor expertise, i'm guessing they just dragged the files into the recycle bin and emptied it.
If they can successfully recover the deleted software, would they even need the passwords?
The modified date is not the deleted date.
https://files.catbox.moe/2z3xb4.png
I believe it is the date that the drive was cloned, whether it was done by offense or defense is a separate question.
The big problem is not the deleted files. That's trivial to resolve. The problem is the zero length database files. Both the ldf and the mdf are empty. Someone dropped the database before deleting the directory. This is possible to rebuild, but it is completely non-trivial.
If they’re talking about it, yes. The audit is probably already done, they’re just playing it out for the left to sweat a little and expend their secret “quiver of arrows”.
Uh, then, yes??
The NSA has everything. They have everything that happens in this country before it happens.
Will you finally score it with that hot barmaid? Ask the NSA. They already have the tape to blackmail you.
Of course they do. You wouldn't make a statement like that unless you already had the goods.
Depending on the sql db software, it also creates backup shadow copies. I can almost guarantee they have the goods.
Yes, Cyber Ninja likely already have the files. The purpose of their posting was to ward off the US-DOJ's attempt to step in and shut down the audit. Doing so now would make the DOJ look totally complicit with the steal.
10+ years ago I used a free data recovery tool off download.com to salvage deleted pictures and music from a failed / corrupted hard drive.
So if these idiots just hit the delete key and didn't used a shredder ( or whatever it is called where the program writes over it 10+ times ) they can 100% get 95% of the data back.
I think it makes sense that if they can recover the file names, they can recover the files. Unless this software only accesses a system log of some kind.