Tons of computers are set up to boot this way by default. Having not found a device to boot from on the network they will then look to see if they have a disk to boot from.
Negligence or intended? You decide. To me, it's not a smoking gun.
Note that it would be difficult to boot a computer (with a fat OS like Windows) over the Internet as the bandwidth would be too low. PXE boot is normally done on a LAN where there is fast network access.
iPXE is the leading open source network boot firmware. It provides a full PXE implementation enhanced with additional features such as:
boot from a web server via HTTP
boot from an iSCSI SAN
boot from a Fibre Channel SAN via FCoE
boot from an AoE SAN
boot from a wireless network
boot from a wide-area network
boot from an Infiniband network
control the boot process with a script
You can use iPXE to replace the existing PXE ROM on your network card, or you can chainload into iPXE to obtain the features of iPXE without the hassle of reflashing.
iPXE is free, open-source software licensed under the GNU GPL (with some portions under GPL-compatible licences), and is included in products from several network card manufacturers and OEMs.
How is this NOT a smoking gun? Maricopa County and all the others who used PXE to boot the local machines would've had a high bandwidth modem/router set up to accomplish this, right? They said these machines weren't connected, and yet, we now have proof that they were, thanks to the Dominion whistleblower and CMZ, correct?
Even though this is months after the elections, this is still proof [they] were using nefarious methods to enact [their] plan re: 2020 elections.
Agree, not a smoking gun until we get more information's, just the fact that it's there the option means literally nothing
PXE first of all it's present on almost all the desktops and many notebooks (the network card should be PXE-Boot enabled or it won't work)
PXE can be configured in thousands way, could have been used for the first imaging of the system (sysprep /aktoolset / etc)
Also, you need a deployment infrastructure (automated or manually) with the various NS/DNS/IPs and endpoint management
Then you would have logs around in different places of what's happening (in case, the packet captures that Mike has should be able to prove it)
Another thing it's the Acronis boot manager was shown (You won't boot normally Acronis via PXE to then boot again in another protocol), it can be local or over the network or from a hidden partition / drive etc (i think, if that's legit, was probably hidden in the 'secure zone' that's a hidden partition Acronis creates), i saw some videos from CZ channel but again, just a quick view of the interface doesn't give any detail / prove anything, we need more details
Source: I'm myself an Enterprise architect with over 15 years of experience in the field
The one thing that did get my attention is he said that the "state" had the BIOS password. Well, in Texas at least, elections are run by each county and the state should have no such access. I'm working and haven't had a chance to watch the video multiple times.
Yep that's another thing, normally (depending on how the whole infrastructure is designed / implemented), you can have two or multiple type of 'password' (access) to the BIOS, standard in professional class notebook and desktops it's a user password and a superuser one, this second that's generally kept by the IT teams, can decide what the other can view, do , etc, and has higher level access (ex can wipe the machine or do other things that the normal user can't do)
I don't think the actual boot image is that big. Once the computer boot from the PXE image, then every other data read/write is done via local drive, I think.
Some enterprise environments use a custom OS, or highly customized version of an existing OS across all machines, connected to a central login server.
Rather than install the OS every time they get new hardware, or manually install updates across millions of machines, especially if they're scattered across multiple physical locations, it makes sense to have a single Operating System image that can be updated and forced out to all the machines on the network.
It's possible (though with all the shady dealings, my benefit of the doubt is pretty low on this one) that Dominion ordered a BIOS image and didn't bother to order the default to have PXE disabled, and whoever Dominion got to build their BIOS just set the default they normally do for their enterprise customers.
Point is, unless someone can force Dominion to give up the data, it's hard to way what happened, though the odds aren't int heir favor...
If they ordered a custom BIOS, it wouldn't have been from the manufacturer. Maybe through a third party channel partner, but that would still leave too many witnesses who see your election management system is configured for network booting. Even Dominion isn't that stupid.
I do think it's possible they pushed out a very lean image to a hidden partition on the drive via PXE. Post election, just delete the partition.
Nah, I'm saying there's a 1 in 1mil chance that both Dominion and whoever makes their BIOS dropped the ball, and they ended up with a "boot-from-network" by default in their BIOS by accident.
I highly doubt it, but there's a very slim chance that incompetence was at play here, in which case Dominion still can't be trusted with election integrity...
Tons of computers are set up to boot this way by default. Having not found a device to boot from on the network they will then look to see if they have a disk to boot from.
Negligence or intended? You decide. To me, it's not a smoking gun.
Note that it would be difficult to boot a computer (with a fat OS like Windows) over the Internet as the bandwidth would be too low. PXE boot is normally done on a LAN where there is fast network access.
Edit: DHCP is also necessary to use PXE.
You can use iPXE to boot from the internett: IE: https://ipxe.org/
iPXE is the leading open source network boot firmware. It provides a full PXE implementation enhanced with additional features such as:
boot from a web server via HTTP
boot from an iSCSI SAN
boot from a Fibre Channel SAN via FCoE
boot from an AoE SAN
boot from a wireless network
boot from a wide-area network
boot from an Infiniband network
control the boot process with a script
You can use iPXE to replace the existing PXE ROM on your network card, or you can chainload into iPXE to obtain the features of iPXE without the hassle of reflashing.
iPXE is free, open-source software licensed under the GNU GPL (with some portions under GPL-compatible licences), and is included in products from several network card manufacturers and OEMs.
How is this NOT a smoking gun? Maricopa County and all the others who used PXE to boot the local machines would've had a high bandwidth modem/router set up to accomplish this, right? They said these machines weren't connected, and yet, we now have proof that they were, thanks to the Dominion whistleblower and CMZ, correct?
Even though this is months after the elections, this is still proof [they] were using nefarious methods to enact [their] plan re: 2020 elections.
Agree, not a smoking gun until we get more information's, just the fact that it's there the option means literally nothing
PXE first of all it's present on almost all the desktops and many notebooks (the network card should be PXE-Boot enabled or it won't work)
PXE can be configured in thousands way, could have been used for the first imaging of the system (sysprep /aktoolset / etc)
Also, you need a deployment infrastructure (automated or manually) with the various NS/DNS/IPs and endpoint management
Then you would have logs around in different places of what's happening (in case, the packet captures that Mike has should be able to prove it)
Another thing it's the Acronis boot manager was shown (You won't boot normally Acronis via PXE to then boot again in another protocol), it can be local or over the network or from a hidden partition / drive etc (i think, if that's legit, was probably hidden in the 'secure zone' that's a hidden partition Acronis creates), i saw some videos from CZ channel but again, just a quick view of the interface doesn't give any detail / prove anything, we need more details
Source: I'm myself an Enterprise architect with over 15 years of experience in the field
The one thing that did get my attention is he said that the "state" had the BIOS password. Well, in Texas at least, elections are run by each county and the state should have no such access. I'm working and haven't had a chance to watch the video multiple times.
Yep that's another thing, normally (depending on how the whole infrastructure is designed / implemented), you can have two or multiple type of 'password' (access) to the BIOS, standard in professional class notebook and desktops it's a user password and a superuser one, this second that's generally kept by the IT teams, can decide what the other can view, do , etc, and has higher level access (ex can wipe the machine or do other things that the normal user can't do)
I don't think the actual boot image is that big. Once the computer boot from the PXE image, then every other data read/write is done via local drive, I think.
Force of habit, probably.
Some enterprise environments use a custom OS, or highly customized version of an existing OS across all machines, connected to a central login server.
Rather than install the OS every time they get new hardware, or manually install updates across millions of machines, especially if they're scattered across multiple physical locations, it makes sense to have a single Operating System image that can be updated and forced out to all the machines on the network.
It's possible (though with all the shady dealings, my benefit of the doubt is pretty low on this one) that Dominion ordered a BIOS image and didn't bother to order the default to have PXE disabled, and whoever Dominion got to build their BIOS just set the default they normally do for their enterprise customers.
Point is, unless someone can force Dominion to give up the data, it's hard to way what happened, though the odds aren't int heir favor...
If they ordered a custom BIOS, it wouldn't have been from the manufacturer. Maybe through a third party channel partner, but that would still leave too many witnesses who see your election management system is configured for network booting. Even Dominion isn't that stupid.
I do think it's possible they pushed out a very lean image to a hidden partition on the drive via PXE. Post election, just delete the partition.
Nah, I'm saying there's a 1 in 1mil chance that both Dominion and whoever makes their BIOS dropped the ball, and they ended up with a "boot-from-network" by default in their BIOS by accident.
I highly doubt it, but there's a very slim chance that incompetence was at play here, in which case Dominion still can't be trusted with election integrity...