oh, basically the Volkswagen trick. Cars would run dirty while normal but switch into running clean mode when doing emissions testing. VW got caught and paid billions in fines and had to recall a lot of vehicles.
Any updates on this Reiner Fuellmich saga? I feel like it's all background noise and we'll never see anyone actually brought to justice in court. Then again, it's a HUGE case like with Durham and probably takes time to build a list of all the names and amass the proper pile of evidence -- which is likely a difficult undertaking itself with all the fake news and cooked numbers.
Bottom line here, if these machines were configured to PXE Boot before the disk. Then on election day they could be running a completely different OS then the one on the Disk. During the Elections the Machines would run dirty, but during the audits later the machines would run clean.
If they did this, then more likely then not the Splunk Logs, and the router logs would contain this information. This would be why they'd fight to the death to prevent anyone from seeing these logs. The logs could prove that these machines were configured and ran a dirty OS they designed, instead of the one presented during certification.
I think it started with a bad batch of brake pads. The engineers were running around for days shouting "NOTHING CAN STOP WHAT IS COMING!" but nobody listened until it was too late.
they figured it out because the advertised mpg was so much high than the emissions testing mpg - both were accurate because clean mode destroyed the mpg
Boy, isn't it interesting? More miles per gallon = less gasoline pumped and used; but more emissions control = more gasoline pumped and used but less "emissions". What a catch-22!
If this were the case, then the router logs could show BOOTP/DHCP traffic, proving they booted something other than the programmed OS. The file transfers for it would also be fairly different in terms of total bytes transferred than normal machine traffic while working regularly.
To put it bluntly, the router / Splunk logs would be the smoking gun if these machines PXE Booted a different OS.
When your computer is powered on, among the first parts to "wake up" is the BIOS. This is like a nerve center, or the medulla of your brain.
The BIOS has pre-saved instructions to hand off control to another section of the computer which holds an operating system, usually it's Windows installed on a hard drive within the computer. We call these sections "environments." This is like the medulla (low level functioning) handing off control to your cerebral cortex (high level functioning).
The BIOS has options on which environment to hand off control to. The choice is determined by a pre-programmed boot order. The boot order says "Try booting to X first. If X is not there, try booting to Y."
One type of environment is called PXE, pronounced "Pixie" in the IT industry. PXE exists so the BIOS can boot to an environment through a network connection instead of a hard drive. The BIOS detects the ethernet connection, then detects a remote PXE server to talk to, then hands off control to the remote server at the other end of that network connection. The hard drive is out of the loop.
The PXE hand off must be pre-configured in BIOS. It is not a default (from factory) setting in BIOS. PXE must manually be enabled, and the boot order must manually be set to boot to PXE.
In the case of the election server, if a bad actor does not want to remotely boot through PXE, he can just disable the connection to the remote PXE environment. No one will notice as the machine boots to its local hard drive. However, if the connection is establish, just reboot the system and it's instantly running from a remote environment located anywhere.
You just said why. Generally, unless you are on a massive, massive network, the same hardware that runs your router is also going to host your DHCP server, DNS server, time server, etc.
So even winding this train of thought back further, they could have changed the time at the server, thus making all the connected devices potentially record events as occurring at a different date/time than they actually did. The whole fact that these voting devices were networks just opens up such a can of worms, it's insane.
Its way beyond insane. I've worked with computers sense I built my 386DX16 in 1990. You gave a pretty good rundown. I'm wondering maybe if they didn't use DHCP and/or other dynamic protocols because they weren't sure they could control that part of the network at all locations like in red counties so they coded it to go to a specific IP or series of IPs. If so then that should provide a real world location that all this traffic went to.
It's a broadcast query, as the IP address settings are not known at the time.
Basically, the for a DHCP request (which is how both PXE and assigning your laptop an IP address over DHCP work), the computer yells to everything that will listen "Hey, I'm here, give me an IP address." (The actual message is called DHCPDISCOVER).
The computer will accept the first DHCPOFFER it hears back.
The PXE boot settings are optional additional fields that can be set on the DHCP server.
To clarify, broadcast basically sends a message to the IP address 255.255.255.255 (an IP address where every bit is 1). Everything on the network that sees the message has the opportunity to respond to this.
They swear up and down it isn't connected to anything. And of course, it obviously isn't supposed to be. So even if you get ahold of the system to audit and it's outside the bad actor's contrrol at that point, no worries - the auditors will power up without an ethernet connection (because that's obviously what one should do) and it boots into the perfectly normal unadaulterated legit preapproved os.
But if on election day you just happen to have these systems connected, then they boot through some server in China.
Fucking brilliant. And you don't even have to sneak in and risk loading a cheating OS which needs you to sneak in afterwards to switch them. You just sneak in to switch out / configure the boot specs. Maybe don't even need to sneak anywhere to do that.
I applauded the Taliban on 9/11, it was a well orchestrated op
And I applaud these cheating fucking dems, this shit is clean
...but I look forward to both being glassed all the same.
The PXE hand off must be pre-configured in BIOS. It is not a default (from factory) setting in BIOS. PXE must manually be enabled, and the boot order must manually be set to boot to PXE.
You'd be surprised, although like you said, it's usually the last item in the boot order...
You don’t necessarily need to manually set PXE to boot first. For instance, if you are imaging a Dell pc, if you hit F12 on boot you can manually pick the boot device, whether PXE or USB stick or specific drive. Dell Can also Preconfig the bios at the factory to enable PXE boot so that it would show as enabled when you hit F12 by default. While interesting, there is an element of plausible deniability here.
You can also run DHCP of a small toaster or even pocket pc computer off a dumb switch which would collect no logs and scurry the server out the back door without anyone being the wiser. Routers can also not be set up to collect logs so that potentially can be a trap as well. If it contains basic logs you might see some SYN/ACK handshakes with either external public addresses or internal private addresses. This would probably require sone explanation if the machines were not to be networked at all.
But a few plug yanks on the ethernet runs with a direct run or a dumb switch in my scenario and no one would be the wiser. If I was going to attempt to pull this off, I would put a different configuration and boot off a USB drive. The fact that they insert drives for vote dumps means the process is already expected. If the scenario presented was put in place as suggested to PXE boot, thats a whole lot of extra steps that doesn’t seem very intuitive and overly complicated.
A alternate boot to a usb drive with a vote shaving algorithm would in my mind be easier to get away with. Drive goes in pocket and in the trash after the tallies are uploaded. This is just me riffing of course, not knowing how this all works with these machines. I assume there has to at least be some sort of central database that even a hand recount would catch if votes were being flipped or weighted
Yes, all these methods of initiating a network boot are possible. However, we don't need to explain how they PXE booted the server, we just need to explain why we're looking at photos confirming PXE was enabled. It didn't come from factory that way, which would be easily verifiable through the service tag. Dominion may be corrupt and careless, but paying the manufacturer to customize the BIOS of their election management systems to boot from a network may be too stupid even for them.
I do think they were probably booting "servers" in other locations through USB. But in some regions they wanted to push the WMI remotely because their regular foot soldiers on the ground were not the best and brightest. Think Ruby Freeman and her daughter.
Anything is possible, but I am questioning this as some sort of smoking gun. There still has to be some continuity of data rather than a separate system or there’s a huge gap a hand recount will
Immediately uncover…
It is basically virtual discs on a server somewhere.
You configure a computer to 'PXE Boot' in the BIOS and it will check the network for a PXE server, load whatever image the server sends it, and boot off of that.
Staying objective and removing my personal feelings from it, PXE booting such a sensitive machine leaves a significant risk surface if there is not some sort of validation conducted on the server side post-deployment.
If you want to experiment with PXE yourself to understand this better check out FOG https://fogproject.org/
Tons of computers are set up to boot this way by default. Having not found a device to boot from on the network they will then look to see if they have a disk to boot from.
Negligence or intended? You decide. To me, it's not a smoking gun.
Note that it would be difficult to boot a computer (with a fat OS like Windows) over the Internet as the bandwidth would be too low. PXE boot is normally done on a LAN where there is fast network access.
iPXE is the leading open source network boot firmware. It provides a full PXE implementation enhanced with additional features such as:
boot from a web server via HTTP
boot from an iSCSI SAN
boot from a Fibre Channel SAN via FCoE
boot from an AoE SAN
boot from a wireless network
boot from a wide-area network
boot from an Infiniband network
control the boot process with a script
You can use iPXE to replace the existing PXE ROM on your network card, or you can chainload into iPXE to obtain the features of iPXE without the hassle of reflashing.
iPXE is free, open-source software licensed under the GNU GPL (with some portions under GPL-compatible licences), and is included in products from several network card manufacturers and OEMs.
How is this NOT a smoking gun? Maricopa County and all the others who used PXE to boot the local machines would've had a high bandwidth modem/router set up to accomplish this, right? They said these machines weren't connected, and yet, we now have proof that they were, thanks to the Dominion whistleblower and CMZ, correct?
Even though this is months after the elections, this is still proof [they] were using nefarious methods to enact [their] plan re: 2020 elections.
Agree, not a smoking gun until we get more information's, just the fact that it's there the option means literally nothing
PXE first of all it's present on almost all the desktops and many notebooks (the network card should be PXE-Boot enabled or it won't work)
PXE can be configured in thousands way, could have been used for the first imaging of the system (sysprep /aktoolset / etc)
Also, you need a deployment infrastructure (automated or manually) with the various NS/DNS/IPs and endpoint management
Then you would have logs around in different places of what's happening (in case, the packet captures that Mike has should be able to prove it)
Another thing it's the Acronis boot manager was shown (You won't boot normally Acronis via PXE to then boot again in another protocol), it can be local or over the network or from a hidden partition / drive etc (i think, if that's legit, was probably hidden in the 'secure zone' that's a hidden partition Acronis creates), i saw some videos from CZ channel but again, just a quick view of the interface doesn't give any detail / prove anything, we need more details
Source: I'm myself an Enterprise architect with over 15 years of experience in the field
The one thing that did get my attention is he said that the "state" had the BIOS password. Well, in Texas at least, elections are run by each county and the state should have no such access. I'm working and haven't had a chance to watch the video multiple times.
Yep that's another thing, normally (depending on how the whole infrastructure is designed / implemented), you can have two or multiple type of 'password' (access) to the BIOS, standard in professional class notebook and desktops it's a user password and a superuser one, this second that's generally kept by the IT teams, can decide what the other can view, do , etc, and has higher level access (ex can wipe the machine or do other things that the normal user can't do)
I don't think the actual boot image is that big. Once the computer boot from the PXE image, then every other data read/write is done via local drive, I think.
Some enterprise environments use a custom OS, or highly customized version of an existing OS across all machines, connected to a central login server.
Rather than install the OS every time they get new hardware, or manually install updates across millions of machines, especially if they're scattered across multiple physical locations, it makes sense to have a single Operating System image that can be updated and forced out to all the machines on the network.
It's possible (though with all the shady dealings, my benefit of the doubt is pretty low on this one) that Dominion ordered a BIOS image and didn't bother to order the default to have PXE disabled, and whoever Dominion got to build their BIOS just set the default they normally do for their enterprise customers.
Point is, unless someone can force Dominion to give up the data, it's hard to way what happened, though the odds aren't int heir favor...
If they ordered a custom BIOS, it wouldn't have been from the manufacturer. Maybe through a third party channel partner, but that would still leave too many witnesses who see your election management system is configured for network booting. Even Dominion isn't that stupid.
I do think it's possible they pushed out a very lean image to a hidden partition on the drive via PXE. Post election, just delete the partition.
Nah, I'm saying there's a 1 in 1mil chance that both Dominion and whoever makes their BIOS dropped the ball, and they ended up with a "boot-from-network" by default in their BIOS by accident.
I highly doubt it, but there's a very slim chance that incompetence was at play here, in which case Dominion still can't be trusted with election integrity...
This does present a couple of questions. If the machines were set to pxe boot, they wouldn't have a running image on them for the audit unless someone went back and installed something prior handing the machines over and flipped off the pxe boot in the BIOS. The only way I am familiar with doing a permanent install from pxe is using pxe to load something like a small busybox image which will run a kickstart script to install an OS, like centos for example. We have to assume these are not diskless machines as they are NOT to be networked, and must have the ability to start on their own.
Pxe would be yet another reason to see the router configs. if those machines were set to pxe boot, then you will can check the router to see where it forwards/relays the ports 67, 69 for the bootp request for the actual image these things would pull from.
That could explain the USB devices also - PXE boot to USB to run Windows, do its thing pull the USB and reboot. Easy - I do it often for scrubbing pcs of hard to remove malware.
What pedeITA said... but conceptually you're on target.
Boot from PXE -> write image to separate (hidden) partition -> boot to hidden partition and run without leaving a trace on the primary partition. Send all the data to a network device and nuke itself on next reboot, leaving the untouched primary- and none's the wiser.
Or boot entirely from a PXE server using a disk that is remotely mounted. Nothing is written to Hard Drive except what they want to write, they could run entirely different OS, and Programs with a back door built in. If they designed it right it could read literally everything from the disk to keep the network traffic down, but instead of running the software it would run a cracked version of it from the network, with their C&C builtin. They could use the database tools on the disk to alter the database anyway they wanted.
There'd be evidence on the router logs, and evidence on the splunk servers. This is why they are fighting to the death to keep those away from the public eyes.
Agreed, but unlikely here- we're talking full windows with MSSQL. You'd need better than 1GB/s network to make it remotely stable, let alone usable- and that box didn't have 10G ethernet.
Imagine the following, you could slim it down to mere few dozen Mega Bytes.
The network boot points to a custom wrapper, a minimal Linux load, that then runs the OS on the Disk as a Virtual Machine. The custom linux load contains any one of, or even all three of the following, a crack for the election program, a database tools program to alter the voter database, or a slim remote administration tool such as VNC.
The Database, is on the disk, The OS is on the disk. The Program is on the Disk.
They only need to be able to use remote command and control to run the Database tool found on the machine. They could also do it without remote command control by using a program set to flip votes according to a pre-determined algorithm. They don't have to pass the OS over the network, nor the programs, nor the Database. Just have the VM Trick the OS into thinking it's C:\program files\NAME OF VOTING SOFTWARE\VOTINGSOFTWARE.exe is located elsewhere where it runs a crack first before executing the program. I've seen cracked games run where the crack is measured in the 100-200KB. They could easily write a crack thats only a few hundred KB to a couple MB.
In short these machines could be hijacked by an OS Wrapper that simply tells it that the Disk is mostly where they think it is except for 1-2 files. This could simply add either remote command and control, or a remote algorithm, that takes excess trump votes and flips them to Biden. Mostly recording the accurate ones, but flipping enough to turn it to Biden.
I could probably kludge something that does exactly that in less than 50MB. Over 10mb connection it wouldn't take more than 3 minutes to load, and then it could act as a local PXE boot for all the other machines, meaning I only have to transfer that 50MB once.
SUMMARY FOR NON-TECHNICAL PEOPLE
If these devices booted from the network which they are prohibited from doing. Instead of running the clean software they could be running dirty software that writes tainted results of their choosing instead of the real results of the election. The Router and Splunk Logs would likely have this information.
Agree with you, at least from a "can we do this" perspective- I've done something similar a while back, but that was with Linux liveboot (all in memory) and an NFS file mount that overlaid a real directory... fuse does this elegantly today.
But this is a full Windows OS with MSSQL running on it. IOPS alone would negate this possibility, excepting server-class hardware with 10GE or FC SAN connectivity- which the Dell laptop in the video didn't have.
IOPS aren't a problem here because once loaded into memory the OS-Wrapper is local. The OS is local Disk, the Database is Local Disk, all the programs are local. Only the OS wrapper, the crack, and or remote administration tool is loaded from network all are very small and once initially would stay in memory.
IOPs aren't an issue because the VM is reading OS wrapper from Memory, that it got over the Network, and everything else is read from disk, with either the crack, or remote administration tool ran remotely from the network. The OS wrapper could be under 50MB. The Crack and RAT would both be less than 3MB, and once ran load would stay in memory.
Everything except for RAT or Crack, would simply be read from local disk. Minimal network transfers.
EDIT 1 -- FYI
They make linux versions for just this purpose minimal size and overhead for running VMs
EDIT 3. This is really looking doable with less than 50MB total payload, plus the OSwrapper could also run a PXE boot server, and answer local BOOTP/DHCP requests meaning it only has to be transfered once. On a 100mb connection a 50M file could be downloaded in less than 6 seconds for the initial, and then all other machines on the network could be done at local gigabit speeds.
Sorry i typed quickly - what i was thinking - have something like Serva running already locally off a USB. That is the master - then all local PXE boots possibly could be configured to pull from there. When all is done pull the sticks.
You don't need to load another OS. You can do pretty much anything with an insecure PXE.
"If you’ve ever run across insecure PXE boot deployments during
a pentest, you know that they can hold a wealth of
possibilities for escalation. Gaining access to PXE boot
images can provide an attacker with a domain joined system,
domain credentials, and lateral or vertical movement
opportunities. This blog outlines a number of different
methods to elevate privileges and retrieve passwords from PXE
boot images. These techniques are separated into three
sections: Backdoor attacks, Password Scraping attacks, and
Post Login Password Dumps."
https://www.netspi.com/blog/technical/network-penetration-testing/attacks-against-windows-pxe-boot-images/?print=pdf
They can even do this AFTER the voting is done. Just need to reset the machine. If the data is not properly secured (at this point who will image it is) they can change whatever they want. Having access to certificates they can even "fake results" and sign everything.
Of course, if you reset the machine at this late stage, the counting will be stopped... Oh wait!
No. It's not about patients. That's ridiculous. This is more like a serial killer that is openly murdering people and nothing gets don't about it. It's not like there is a process that we are all watching and can see progress. Absolutely NOTHING has happened to bring ANY of these high ranking elites to justice. As a matter of fact. They just continuously double down on their crimes. The situation is getting WORSE. Not better. It's like telling someone who is dying of cancer to have patience as they slowly slip into death.
Maybe. But if things happened too quickly, a whole bunch of snakes wouldn’t have been outed and exposed, and they would have slithered back quietly into their places without anyone noticing or knowing that they are snakes. Pain is coming my friend and heads will be removed
I'm just imagining some arrogant black hat IT guy thinking "haha they don't know what we did" and then hearing from a supervisor "there's buzz going around about PXD, or PXE, or something like that, do you know what they mean--" and then the IT guy immediately panics
Yes, exactly, which is why they chose to pass data unencrypted. Encryption typically fills each frame, and if they assumed they were in the clear, they might have opted for better bandwidth.
What it means is obvious. The question is can he prove it. If he can, it's a game changer. Not sure how he'd have access to the knowledge, software or the hardware in order to prove it. I guess we'll all see shortly.
I don't think he will have a problem with that. You don't talk about changing videos to make it harder for big tech to censor if it's a nothing burger.
There was a false flag at the pentagon right as this was released. Plus CNN is dishing hard on Andrew Cuomo's sex abuse.
The video shows that the CEO lied to congress about the connection. It also shows a worker had the password for the BIOS, at an elections center on election night.
Nonsense. This video isnt meant to convince Internet blackpillers. This video confirms with those that are thinking logically everything we already knew. More importantly this is a shot across the bow to every secretary state and supervisor of elections in the country that we have it all. You don’t have to convince them because they know it’s true but now they know we know. It’s game on.
This is why th AZ Senate subpoenaed the passwords, routers, USB drives, and the people who used them. It's also why the Maricopa County BoE has steadily denied involvement and refused the subpoenas.
Like CMZ said in his drops yesterday, "Time's up!"
Now we see what kind of stones the AZ Senate has. How big their stones are, too.
If history proves anything it is that we will not see shortly. From what I saw of the first account testimony given right after the election, we already had proof that the election was rigged. It's not for lack of evidence that the election was not overturned by state legislatures.
Imagine if the pcaps show these machines were actually booting off the network. Since PXE isn't encrypted, you would also be able to see the code it was actually running.
What it means is that everything Sidney Powell claimed happened quite probably did. Her lawsuits claimed that the vote tallys were sent overseas, adjusted, Trump votes disappeared, Biden votes added and that the totals were sent back to the USA. This is probably how it was done. if you are going to send faulty counts to the media you have to fix the counts at the election offices too on the ground. I remember seeing a chart showing all the major European Countries sending their info to a company tied into Dominion and smartmatic that sends the vote counts to the media, all done up front on election night. Voter ID or not they are probably manipulating elections around the world.
If these "servers" (which were really laptops) were sending vote totals overseas, there would be a log of the IP connecting to the gateway (the front door to the internet) on the routers. So how would they wipe any trace of the IP on the local machine? Use a different image on a hidden partition that was loaded on election night via PXE. Then delete it after election night.
I just thought of another scenario for why PXE was enabled.
You don't need to boot to a remote PXE server in a far off location. A laptop sitting next to the target machine can be a PXE server. It can connect through a small switch or crossover cable. Boot the target system, connect to the second laptop, then push a boot image from one laptop to another. I know because I've done it.
What if they hide the real boot location on a USB stick? i.e. the USB stick contains a copy of the OS, and it boots normally, except that the USB copy enables the wireless connection, and includes a small boot loader, or even a simple function to retrieve counting instructions (that replaces an existing one that does something innocuous). Once the system is up, it watches for a signal from the network, and then down loads the nefarious SW.
Easy way to avoid anyone seeing a boot order message, or an abnormally long boot time.
I'm just not convinced that ANY amount of proven corruption will get anyone to act. People are super pissed off right now. I'm not sure that we can get any more pissed off. Yes, I believe in the Q team and that there WAS a plan. But I also believe these are just men. Men are fallible. I do not trust in anything or anyone other than God. And unless God has said this is the plan, I'm not holding my breath.
I mean, God has said things are happening and the plan fits, that's just my opinion, but there has been virgin apparitions around the world warning us of the pandemic, and the looting all over the world before it happened. Told people to get ready and how, I hope people listened. And I think we are still going to see bad things to come before there is a light.
Whatsoever thy hand findeth to do, do it with thy might; for there is no work, nor device, nor knowledge, nor wisdom, in the grave, whither thou goest.
The Bible states we know nothing once we're dead and also states we won't awake from our slumber until the last trump when Christ returns.
Mary is still human. She's not a goddess. She will most definitely rise from the dead at the return of Christ and will even wear a crown as the Catholics insist she does even now.
oh, basically the Volkswagen trick. Cars would run dirty while normal but switch into running clean mode when doing emissions testing. VW got caught and paid billions in fines and had to recall a lot of vehicles.
Reiner Fuellmich was the attorney.
same guy working on coming Nuremberg 2? Interesting.
Any updates on this Reiner Fuellmich saga? I feel like it's all background noise and we'll never see anyone actually brought to justice in court. Then again, it's a HUGE case like with Durham and probably takes time to build a list of all the names and amass the proper pile of evidence -- which is likely a difficult undertaking itself with all the fake news and cooked numbers.
Bottom line here, if these machines were configured to PXE Boot before the disk. Then on election day they could be running a completely different OS then the one on the Disk. During the Elections the Machines would run dirty, but during the audits later the machines would run clean.
If they did this, then more likely then not the Splunk Logs, and the router logs would contain this information. This would be why they'd fight to the death to prevent anyone from seeing these logs. The logs could prove that these machines were configured and ran a dirty OS they designed, instead of the one presented during certification.
The router logs are key. The next shoe to drop.
Haha, nice. I responded "Audi diesel." Yup.
I think it started with a bad batch of brake pads. The engineers were running around for days shouting "NOTHING CAN STOP WHAT IS COMING!" but nobody listened until it was too late.
Haaahh 👍🏽
I think I may have installed a set of those pads back in the 80's. Abject Terror.
lol
they figured it out because the advertised mpg was so much high than the emissions testing mpg - both were accurate because clean mode destroyed the mpg
Boy, isn't it interesting? More miles per gallon = less gasoline pumped and used; but more emissions control = more gasoline pumped and used but less "emissions". What a catch-22!
This is environmentalist-wacko-ism a nutshell.
Kinda like the ethanol scam.
ironically making more emissions in the long run...
i can't recall exactly but likely they had the car 'know' it was being tested when a diagnostic device was plugged into it.
a good documentary on it is one of the "Dirty Money season 1" episodes on netflix which is about the emissions scandal.
can't remember how they got caught but I think independent car autists figured it out.
The EPA equivalent of the CDC's PCR test.
haha good analogy.
Came here to say this . The VW engineer went to jail for the thing.
If this were the case, then the router logs could show BOOTP/DHCP traffic, proving they booted something other than the programmed OS. The file transfers for it would also be fairly different in terms of total bytes transferred than normal machine traffic while working regularly.
To put it bluntly, the router / Splunk logs would be the smoking gun if these machines PXE Booted a different OS.
I work for the company that made the server.
I'll translate this into normie speak:
When your computer is powered on, among the first parts to "wake up" is the BIOS. This is like a nerve center, or the medulla of your brain.
The BIOS has pre-saved instructions to hand off control to another section of the computer which holds an operating system, usually it's Windows installed on a hard drive within the computer. We call these sections "environments." This is like the medulla (low level functioning) handing off control to your cerebral cortex (high level functioning).
The BIOS has options on which environment to hand off control to. The choice is determined by a pre-programmed boot order. The boot order says "Try booting to X first. If X is not there, try booting to Y."
One type of environment is called PXE, pronounced "Pixie" in the IT industry. PXE exists so the BIOS can boot to an environment through a network connection instead of a hard drive. The BIOS detects the ethernet connection, then detects a remote PXE server to talk to, then hands off control to the remote server at the other end of that network connection. The hard drive is out of the loop.
The PXE hand off must be pre-configured in BIOS. It is not a default (from factory) setting in BIOS. PXE must manually be enabled, and the boot order must manually be set to boot to PXE.
In the case of the election server, if a bad actor does not want to remotely boot through PXE, he can just disable the connection to the remote PXE environment. No one will notice as the machine boots to its local hard drive. However, if the connection is establish, just reboot the system and it's instantly running from a remote environment located anywhere.
If done right, no one notices.
You just said why. Generally, unless you are on a massive, massive network, the same hardware that runs your router is also going to host your DHCP server, DNS server, time server, etc.
So even winding this train of thought back further, they could have changed the time at the server, thus making all the connected devices potentially record events as occurring at a different date/time than they actually did. The whole fact that these voting devices were networks just opens up such a can of worms, it's insane.
Bingo.
Thank you for the explaination
Its way beyond insane. I've worked with computers sense I built my 386DX16 in 1990. You gave a pretty good rundown. I'm wondering maybe if they didn't use DHCP and/or other dynamic protocols because they weren't sure they could control that part of the network at all locations like in red counties so they coded it to go to a specific IP or series of IPs. If so then that should provide a real world location that all this traffic went to.
What a mess.
You're correct, another reason they don't want to turn those over...
I see you. ThanQ.
Not necessarily. An attacker could bring their own dhcp server and the host will boot on whatever DHCP config it receives first.
It's a broadcast query, as the IP address settings are not known at the time.
Basically, the for a DHCP request (which is how both PXE and assigning your laptop an IP address over DHCP work), the computer yells to everything that will listen "Hey, I'm here, give me an IP address." (The actual message is called DHCPDISCOVER).
The computer will accept the first DHCPOFFER it hears back.
The PXE boot settings are optional additional fields that can be set on the DHCP server.
To clarify, broadcast basically sends a message to the IP address 255.255.255.255 (an IP address where every bit is 1). Everything on the network that sees the message has the opportunity to respond to this.
This is brilliant.
They swear up and down it isn't connected to anything. And of course, it obviously isn't supposed to be. So even if you get ahold of the system to audit and it's outside the bad actor's contrrol at that point, no worries - the auditors will power up without an ethernet connection (because that's obviously what one should do) and it boots into the perfectly normal unadaulterated legit preapproved os.
But if on election day you just happen to have these systems connected, then they boot through some server in China.
Fucking brilliant. And you don't even have to sneak in and risk loading a cheating OS which needs you to sneak in afterwards to switch them. You just sneak in to switch out / configure the boot specs. Maybe don't even need to sneak anywhere to do that.
I applauded the Taliban on 9/11, it was a well orchestrated op
And I applaud these cheating fucking dems, this shit is clean
...but I look forward to both being glassed all the same.
Thanks for the explanation. Very helpful.
Emphasis mine:
You'd be surprised, although like you said, it's usually the last item in the boot order...
You don’t necessarily need to manually set PXE to boot first. For instance, if you are imaging a Dell pc, if you hit F12 on boot you can manually pick the boot device, whether PXE or USB stick or specific drive. Dell Can also Preconfig the bios at the factory to enable PXE boot so that it would show as enabled when you hit F12 by default. While interesting, there is an element of plausible deniability here.
You can also run DHCP of a small toaster or even pocket pc computer off a dumb switch which would collect no logs and scurry the server out the back door without anyone being the wiser. Routers can also not be set up to collect logs so that potentially can be a trap as well. If it contains basic logs you might see some SYN/ACK handshakes with either external public addresses or internal private addresses. This would probably require sone explanation if the machines were not to be networked at all.
But a few plug yanks on the ethernet runs with a direct run or a dumb switch in my scenario and no one would be the wiser. If I was going to attempt to pull this off, I would put a different configuration and boot off a USB drive. The fact that they insert drives for vote dumps means the process is already expected. If the scenario presented was put in place as suggested to PXE boot, thats a whole lot of extra steps that doesn’t seem very intuitive and overly complicated.
A alternate boot to a usb drive with a vote shaving algorithm would in my mind be easier to get away with. Drive goes in pocket and in the trash after the tallies are uploaded. This is just me riffing of course, not knowing how this all works with these machines. I assume there has to at least be some sort of central database that even a hand recount would catch if votes were being flipped or weighted
Yes, all these methods of initiating a network boot are possible. However, we don't need to explain how they PXE booted the server, we just need to explain why we're looking at photos confirming PXE was enabled. It didn't come from factory that way, which would be easily verifiable through the service tag. Dominion may be corrupt and careless, but paying the manufacturer to customize the BIOS of their election management systems to boot from a network may be too stupid even for them.
I do think they were probably booting "servers" in other locations through USB. But in some regions they wanted to push the WMI remotely because their regular foot soldiers on the ground were not the best and brightest. Think Ruby Freeman and her daughter.
Anything is possible, but I am questioning this as some sort of smoking gun. There still has to be some continuity of data rather than a separate system or there’s a huge gap a hand recount will Immediately uncover…
Agreed. We're filling in those gaps with theories until the real evidence is available, but CM said today will happen soon.
Context for the less technical.
PXE stands for Pre eXecution Environment
It is basically virtual discs on a server somewhere.
You configure a computer to 'PXE Boot' in the BIOS and it will check the network for a PXE server, load whatever image the server sends it, and boot off of that.
Staying objective and removing my personal feelings from it, PXE booting such a sensitive machine leaves a significant risk surface if there is not some sort of validation conducted on the server side post-deployment.
If you want to experiment with PXE yourself to understand this better check out FOG https://fogproject.org/
Nerds got us into this and Nerds will get us out of it! Fuck Black Hats!
Tons of computers are set up to boot this way by default. Having not found a device to boot from on the network they will then look to see if they have a disk to boot from.
Negligence or intended? You decide. To me, it's not a smoking gun.
Note that it would be difficult to boot a computer (with a fat OS like Windows) over the Internet as the bandwidth would be too low. PXE boot is normally done on a LAN where there is fast network access.
Edit: DHCP is also necessary to use PXE.
You can use iPXE to boot from the internett: IE: https://ipxe.org/
iPXE is the leading open source network boot firmware. It provides a full PXE implementation enhanced with additional features such as:
boot from a web server via HTTP
boot from an iSCSI SAN
boot from a Fibre Channel SAN via FCoE
boot from an AoE SAN
boot from a wireless network
boot from a wide-area network
boot from an Infiniband network
control the boot process with a script
You can use iPXE to replace the existing PXE ROM on your network card, or you can chainload into iPXE to obtain the features of iPXE without the hassle of reflashing.
iPXE is free, open-source software licensed under the GNU GPL (with some portions under GPL-compatible licences), and is included in products from several network card manufacturers and OEMs.
How is this NOT a smoking gun? Maricopa County and all the others who used PXE to boot the local machines would've had a high bandwidth modem/router set up to accomplish this, right? They said these machines weren't connected, and yet, we now have proof that they were, thanks to the Dominion whistleblower and CMZ, correct?
Even though this is months after the elections, this is still proof [they] were using nefarious methods to enact [their] plan re: 2020 elections.
Agree, not a smoking gun until we get more information's, just the fact that it's there the option means literally nothing
PXE first of all it's present on almost all the desktops and many notebooks (the network card should be PXE-Boot enabled or it won't work)
PXE can be configured in thousands way, could have been used for the first imaging of the system (sysprep /aktoolset / etc)
Also, you need a deployment infrastructure (automated or manually) with the various NS/DNS/IPs and endpoint management
Then you would have logs around in different places of what's happening (in case, the packet captures that Mike has should be able to prove it)
Another thing it's the Acronis boot manager was shown (You won't boot normally Acronis via PXE to then boot again in another protocol), it can be local or over the network or from a hidden partition / drive etc (i think, if that's legit, was probably hidden in the 'secure zone' that's a hidden partition Acronis creates), i saw some videos from CZ channel but again, just a quick view of the interface doesn't give any detail / prove anything, we need more details
Source: I'm myself an Enterprise architect with over 15 years of experience in the field
The one thing that did get my attention is he said that the "state" had the BIOS password. Well, in Texas at least, elections are run by each county and the state should have no such access. I'm working and haven't had a chance to watch the video multiple times.
Yep that's another thing, normally (depending on how the whole infrastructure is designed / implemented), you can have two or multiple type of 'password' (access) to the BIOS, standard in professional class notebook and desktops it's a user password and a superuser one, this second that's generally kept by the IT teams, can decide what the other can view, do , etc, and has higher level access (ex can wipe the machine or do other things that the normal user can't do)
I don't think the actual boot image is that big. Once the computer boot from the PXE image, then every other data read/write is done via local drive, I think.
Force of habit, probably.
Some enterprise environments use a custom OS, or highly customized version of an existing OS across all machines, connected to a central login server.
Rather than install the OS every time they get new hardware, or manually install updates across millions of machines, especially if they're scattered across multiple physical locations, it makes sense to have a single Operating System image that can be updated and forced out to all the machines on the network.
It's possible (though with all the shady dealings, my benefit of the doubt is pretty low on this one) that Dominion ordered a BIOS image and didn't bother to order the default to have PXE disabled, and whoever Dominion got to build their BIOS just set the default they normally do for their enterprise customers.
Point is, unless someone can force Dominion to give up the data, it's hard to way what happened, though the odds aren't int heir favor...
If they ordered a custom BIOS, it wouldn't have been from the manufacturer. Maybe through a third party channel partner, but that would still leave too many witnesses who see your election management system is configured for network booting. Even Dominion isn't that stupid.
I do think it's possible they pushed out a very lean image to a hidden partition on the drive via PXE. Post election, just delete the partition.
Nah, I'm saying there's a 1 in 1mil chance that both Dominion and whoever makes their BIOS dropped the ball, and they ended up with a "boot-from-network" by default in their BIOS by accident.
I highly doubt it, but there's a very slim chance that incompetence was at play here, in which case Dominion still can't be trusted with election integrity...
This does present a couple of questions. If the machines were set to pxe boot, they wouldn't have a running image on them for the audit unless someone went back and installed something prior handing the machines over and flipped off the pxe boot in the BIOS. The only way I am familiar with doing a permanent install from pxe is using pxe to load something like a small busybox image which will run a kickstart script to install an OS, like centos for example. We have to assume these are not diskless machines as they are NOT to be networked, and must have the ability to start on their own.
Pxe would be yet another reason to see the router configs. if those machines were set to pxe boot, then you will can check the router to see where it forwards/relays the ports 67, 69 for the bootp request for the actual image these things would pull from.
This definitely would be proof there was outside connectivity.
See part 5 of the Devolution series, which ties in Dominion
Expert level question for you. It's clear we captured unencrypted data. Can you please speculate as to why? Packet size? Or just arrogance?
That could explain the USB devices also - PXE boot to USB to run Windows, do its thing pull the USB and reboot. Easy - I do it often for scrubbing pcs of hard to remove malware.
What pedeITA said... but conceptually you're on target.
Boot from PXE -> write image to separate (hidden) partition -> boot to hidden partition and run without leaving a trace on the primary partition. Send all the data to a network device and nuke itself on next reboot, leaving the untouched primary- and none's the wiser.
Or boot entirely from a PXE server using a disk that is remotely mounted. Nothing is written to Hard Drive except what they want to write, they could run entirely different OS, and Programs with a back door built in. If they designed it right it could read literally everything from the disk to keep the network traffic down, but instead of running the software it would run a cracked version of it from the network, with their C&C builtin. They could use the database tools on the disk to alter the database anyway they wanted.
There'd be evidence on the router logs, and evidence on the splunk servers. This is why they are fighting to the death to keep those away from the public eyes.
Agreed, but unlikely here- we're talking full windows with MSSQL. You'd need better than 1GB/s network to make it remotely stable, let alone usable- and that box didn't have 10G ethernet.
Imagine the following, you could slim it down to mere few dozen Mega Bytes.
The network boot points to a custom wrapper, a minimal Linux load, that then runs the OS on the Disk as a Virtual Machine. The custom linux load contains any one of, or even all three of the following, a crack for the election program, a database tools program to alter the voter database, or a slim remote administration tool such as VNC.
The Database, is on the disk, The OS is on the disk. The Program is on the Disk. They only need to be able to use remote command and control to run the Database tool found on the machine. They could also do it without remote command control by using a program set to flip votes according to a pre-determined algorithm. They don't have to pass the OS over the network, nor the programs, nor the Database. Just have the VM Trick the OS into thinking it's C:\program files\NAME OF VOTING SOFTWARE\VOTINGSOFTWARE.exe is located elsewhere where it runs a crack first before executing the program. I've seen cracked games run where the crack is measured in the 100-200KB. They could easily write a crack thats only a few hundred KB to a couple MB.
In short these machines could be hijacked by an OS Wrapper that simply tells it that the Disk is mostly where they think it is except for 1-2 files. This could simply add either remote command and control, or a remote algorithm, that takes excess trump votes and flips them to Biden. Mostly recording the accurate ones, but flipping enough to turn it to Biden.
I could probably kludge something that does exactly that in less than 50MB. Over 10mb connection it wouldn't take more than 3 minutes to load, and then it could act as a local PXE boot for all the other machines, meaning I only have to transfer that 50MB once.
SUMMARY FOR NON-TECHNICAL PEOPLE If these devices booted from the network which they are prohibited from doing. Instead of running the clean software they could be running dirty software that writes tainted results of their choosing instead of the real results of the election. The Router and Splunk Logs would likely have this information.
Agree with you, at least from a "can we do this" perspective- I've done something similar a while back, but that was with Linux liveboot (all in memory) and an NFS file mount that overlaid a real directory... fuse does this elegantly today.
But this is a full Windows OS with MSSQL running on it. IOPS alone would negate this possibility, excepting server-class hardware with 10GE or FC SAN connectivity- which the Dell laptop in the video didn't have.
IOPS aren't a problem here because once loaded into memory the OS-Wrapper is local. The OS is local Disk, the Database is Local Disk, all the programs are local. Only the OS wrapper, the crack, and or remote administration tool is loaded from network all are very small and once initially would stay in memory.
IOPs aren't an issue because the VM is reading OS wrapper from Memory, that it got over the Network, and everything else is read from disk, with either the crack, or remote administration tool ran remotely from the network. The OS wrapper could be under 50MB. The Crack and RAT would both be less than 3MB, and once ran load would stay in memory.
Everything except for RAT or Crack, would simply be read from local disk. Minimal network transfers.
EDIT 1 -- FYI They make linux versions for just this purpose minimal size and overhead for running VMs
https://computingforgeeks.com/minimal-container-operating-systems-for-kubernetes/
EDIT 2 --ADDITIONAL FYI Fedora CoreOS for PXE boot is 10MB compressed. https://getfedora.org/en/coreos/download?tab=metal_virtualized&stream=stable
EDIT 3. This is really looking doable with less than 50MB total payload, plus the OSwrapper could also run a PXE boot server, and answer local BOOTP/DHCP requests meaning it only has to be transfered once. On a 100mb connection a 50M file could be downloaded in less than 6 seconds for the initial, and then all other machines on the network could be done at local gigabit speeds.
Sorry i typed quickly - what i was thinking - have something like Serva running already locally off a USB. That is the master - then all local PXE boots possibly could be configured to pull from there. When all is done pull the sticks.
Or simply all the usb sticks were wifi dongles.
Nope, if you boot via USB, you don't boot via PXE, those are two different things
USB is a local boot device / media, you boot from the PC bootloader directly there
PXE you boot the system in this modality (Pre-Boot Execution Environment), and it connects to the boot / deployment infrastructure over the network
Here are some examples (this uses Novell but there are many ways to do it, just take the idea)
http://www.novell.com/documentation/zcm10/zcm10_preboot_imaging/graphics/preboot_process_01_a.png
http://www.novell.com/documentation/zcm10/zcm10_preboot_imaging/graphics/zcm101_imgsatsrv_pxeboot_a.png
You don't need to load another OS. You can do pretty much anything with an insecure PXE.
"If you’ve ever run across insecure PXE boot deployments during a pentest, you know that they can hold a wealth of possibilities for escalation. Gaining access to PXE boot images can provide an attacker with a domain joined system, domain credentials, and lateral or vertical movement opportunities. This blog outlines a number of different methods to elevate privileges and retrieve passwords from PXE boot images. These techniques are separated into three sections: Backdoor attacks, Password Scraping attacks, and Post Login Password Dumps." https://www.netspi.com/blog/technical/network-penetration-testing/attacks-against-windows-pxe-boot-images/?print=pdf
They can even do this AFTER the voting is done. Just need to reset the machine. If the data is not properly secured (at this point who will image it is) they can change whatever they want. Having access to certificates they can even "fake results" and sign everything.
Of course, if you reset the machine at this late stage, the counting will be stopped... Oh wait!
Got'em! Round up the usual suspects.
I mean. This is like the 10th time we've had them. How many times do we need to catch them in the act before something is done?
Patience. It is like that phrase that every media outlet once said all at the time “the walls are closing in.”
No. It's not about patients. That's ridiculous. This is more like a serial killer that is openly murdering people and nothing gets don't about it. It's not like there is a process that we are all watching and can see progress. Absolutely NOTHING has happened to bring ANY of these high ranking elites to justice. As a matter of fact. They just continuously double down on their crimes. The situation is getting WORSE. Not better. It's like telling someone who is dying of cancer to have patience as they slowly slip into death.
Maybe. But if things happened too quickly, a whole bunch of snakes wouldn’t have been outed and exposed, and they would have slithered back quietly into their places without anyone noticing or knowing that they are snakes. Pain is coming my friend and heads will be removed
I'm just imagining some arrogant black hat IT guy thinking "haha they don't know what we did" and then hearing from a supervisor "there's buzz going around about PXD, or PXE, or something like that, do you know what they mean--" and then the IT guy immediately panics
Yes, exactly, which is why they chose to pass data unencrypted. Encryption typically fills each frame, and if they assumed they were in the clear, they might have opted for better bandwidth.
00:38 THE STATE has the password.
Not the county.
Not the vendor.
this would be interesting when they will corroborate on the machine side what the packet captures data is saying. as in 'we have it all'.
What it means is obvious. The question is can he prove it. If he can, it's a game changer. Not sure how he'd have access to the knowledge, software or the hardware in order to prove it. I guess we'll all see shortly.
I don't think he will have a problem with that. You don't talk about changing videos to make it harder for big tech to censor if it's a nothing burger.
There was a false flag at the pentagon right as this was released. Plus CNN is dishing hard on Andrew Cuomo's sex abuse.
The video shows that the CEO lied to congress about the connection. It also shows a worker had the password for the BIOS, at an elections center on election night.
Nonsense. This video isnt meant to convince Internet blackpillers. This video confirms with those that are thinking logically everything we already knew. More importantly this is a shot across the bow to every secretary state and supervisor of elections in the country that we have it all. You don’t have to convince them because they know it’s true but now they know we know. It’s game on.
This is why th AZ Senate subpoenaed the passwords, routers, USB drives, and the people who used them. It's also why the Maricopa County BoE has steadily denied involvement and refused the subpoenas.
Like CMZ said in his drops yesterday, "Time's up!"
Now we see what kind of stones the AZ Senate has. How big their stones are, too.
If history proves anything it is that we will not see shortly. From what I saw of the first account testimony given right after the election, we already had proof that the election was rigged. It's not for lack of evidence that the election was not overturned by state legislatures.
It seems he has the manual.
Exactly.
For normies, this is a very good explanation.
CodeMonkeyZ’s video. Share far and wide.
https://files.catbox.moe/ljslwr.mp4
I wonder when the rest of the video will drop? This isn't all of it. It cuts off mid conversation.
Imagine if the pcaps show these machines were actually booting off the network. Since PXE isn't encrypted, you would also be able to see the code it was actually running.
https://rumble.com/vkoh4q-ron-watkins-huge-election-fraud-video-bombshell.html
And for those of us who deal with human health vs computer health, in English?
What it means is that everything Sidney Powell claimed happened quite probably did. Her lawsuits claimed that the vote tallys were sent overseas, adjusted, Trump votes disappeared, Biden votes added and that the totals were sent back to the USA. This is probably how it was done. if you are going to send faulty counts to the media you have to fix the counts at the election offices too on the ground. I remember seeing a chart showing all the major European Countries sending their info to a company tied into Dominion and smartmatic that sends the vote counts to the media, all done up front on election night. Voter ID or not they are probably manipulating elections around the world.
If these "servers" (which were really laptops) were sending vote totals overseas, there would be a log of the IP connecting to the gateway (the front door to the internet) on the routers. So how would they wipe any trace of the IP on the local machine? Use a different image on a hidden partition that was loaded on election night via PXE. Then delete it after election night.
Holy shit, that means:
https://greatawakening.win/p/12jd0Bdzph/x/c/4JBx65zm6E8
Yes I see ur comment about Spain, I still believe that happened.
I'm thinking this video was the first drip in a series of drips. Like the Project Veritas method. More will come out.
What are the odds that this external system is located on an ... AMAZON (CIA) SERVER?
I'd say fairly high. We already know Chemical Gina was overseas at the Scytl site when this was happening in real time.
this is a huge leak. But 1+ minute video made in poor quality ain't gonna wake up any normies. People in conspiratorium don't need convincing
Gee, it would, say have to have TRILLIONS of dollars riding on doing it, ya think?
I just thought of another scenario for why PXE was enabled.
You don't need to boot to a remote PXE server in a far off location. A laptop sitting next to the target machine can be a PXE server. It can connect through a small switch or crossover cable. Boot the target system, connect to the second laptop, then push a boot image from one laptop to another. I know because I've done it.
What if they hide the real boot location on a USB stick? i.e. the USB stick contains a copy of the OS, and it boots normally, except that the USB copy enables the wireless connection, and includes a small boot loader, or even a simple function to retrieve counting instructions (that replaces an existing one that does something innocuous). Once the system is up, it watches for a signal from the network, and then down loads the nefarious SW.
Easy way to avoid anyone seeing a boot order message, or an abnormally long boot time.
So?
Wow
I'm just not convinced that ANY amount of proven corruption will get anyone to act. People are super pissed off right now. I'm not sure that we can get any more pissed off. Yes, I believe in the Q team and that there WAS a plan. But I also believe these are just men. Men are fallible. I do not trust in anything or anyone other than God. And unless God has said this is the plan, I'm not holding my breath.
I mean, God has said things are happening and the plan fits, that's just my opinion, but there has been virgin apparitions around the world warning us of the pandemic, and the looting all over the world before it happened. Told people to get ready and how, I hope people listened. And I think we are still going to see bad things to come before there is a light.
countdowntothekingdom.com
2 Corinthians 11:14
**And no marvel; for Satan himself is transformed into an angel of light. **
That's a heavy accusation to try an lay on the mother of Christ.
1 Thessalonians 5:20-21 20 Despise not prophesyings. 21 Prove all things; hold fast that which is good.
The dead see and hear nothing.
Ecclesiastes 9:10
Whatsoever thy hand findeth to do, do it with thy might; for there is no work, nor device, nor knowledge, nor wisdom, in the grave, whither thou goest.
The Bible states we know nothing once we're dead and also states we won't awake from our slumber until the last trump when Christ returns.
Mary is still human. She's not a goddess. She will most definitely rise from the dead at the return of Christ and will even wear a crown as the Catholics insist she does even now.
So is everyone dead? Because we serve a living God, and His kingdom is eternal life.
Explain then, why Jesus speaks with who you call "dead"
Matthew 17: 3 3 And, behold, there appeared unto them Moses and Elias talking with him.
Doesn't God hear the council and prayers of His wise men and women? Doesn't this mean Moses and Elijah are alive and with our Lord in heaven?
Moses is not a god, neither is Elijah, explain this then, if everyone who dies in the body stays dead.