Cybersecurity expert weighs in on AZ audit draft
Check: that Republican audit of Maricopa
Author: Robert Graham (@erratarob)
Later today (Friday, September 24, 2021), Republican auditors release their final report on what they found with elections in Maricopa county. Draft copies have circulated online. In this blogpost, I write up my comments on the cybersecurity portions of their draft.
https://arizonaagenda.substack.com/p/we-got-the-senate-audit-report
The three main problems are:
They misapply cybersecurity principles that are meaningful for normal networks, but which dont really apply to the air gapped networks we see here.
They make some errors about technology, especially networking.
They are overstretching themselves to find dirt, claiming the things they don't understand are evidence of something bad.
In the parts below, I pick apart individual pieces from that document to demonstrate these criticisms. I focus on section 7, the cybersecurity section, and ignore the other parts of the document, where others are more qualified than I to opine.
In short, when corrected, section 7 is nearly empty of any content.
more:
https://blog.erratasec.com/2021/09/check-that-republican-audit-of-maricopa.html#.YU4SSRpHahB