IEBC software Installed from sotik Bomet

[patel]

• Tweet

Baghdad bob your days are numbered

902646957633671177[/tweet]]

ICT ACCESS/AUDIT:15(a) software application installed from Sotik in Bomet,multiple uploading of the same Form 34B, modification & deletions pic.twitter.com/a93gevfQJA

— Apollo Mboya, HSC (@MboyaApollo) August 29, 2017

[/url]

[patel]

what a fuckery...

902647383892348928[/tweet]]

ICT ACCESS/AUDIT:16-Misuse of accounts,deletion of commands on 8th August & 17th August 2017 pic.twitter.com/KYtAzaIHkk

— Apollo Mboya, HSC (@MboyaApollo) August 29, 2017

[/url]

[Kim Jong-Un's Pajama Pants]

Here is my take just from scanning through some of these things.  It's very very suspicious looking on the surface of it.  But I suspect panic more than anything funny.  The highly touted system failed at some point, they panicked and started improvising.  The result is this mess.

But they haven't admitted as much, so if it comes back to bite them, I won't feel sorry for them.

[Pragmatic]

The court erred in not accepting help (amicus curi) of an IT specialist. They should have accepted the request by the Kenya ICT Association Network. One wonders why the court declined to admit KICTANET as a friend of the court. Would have helped a great deal in clarifying some of these things. I dare say some of the judges may have been sold to the yarn of the firewall being a really "impenetrable wall" in its literal sense.....

[Pragmatic]

....erred in not accepting...

[Kim Jong-Un's Pajama Pants]

The court erred in not accepting help (amicus curi) of an IT specialist. They should have accepted the request by the Kenya ICT Association Network. One wonders why the court declined to admit KICTANET as a friend of the court. Would have helped a great deal in clarifying some of these things. I dare say some of the judges may have been sold to the yarn of the firewall being a really "impenetrable wall" in its literal sense.....

I think so too.  90% of the petition was premised on the IT system.

[bryan275]

The court erred in not accepting help (amicus curi) of an IT specialist. They should have accepted the request by the Kenya ICT Association Network. One wonders why the court declined to admit KICTANET as a friend of the court. Would have helped a great deal in clarifying some of these things. I dare say some of the judges may have been sold to the yarn of the firewall being a really "impenetrable wall" in its literal sense.....

I understand that the Kenya ict network organisation was an itumbi and his i36 trojan horse.  We dodged a bullet...

[RV Pundit]

Just read the NASA it audit and there is nothing there to suggest any foul play.Certainly nothing to be used in presidential petitions.IEBC need to commended for rolling out systems that worked in some of the toughest places.All you see are some staff struggling to upload forms.

[patel]

At what point do you stop lying? First thing first there is a very clear difference between installing a software and uploading a form
2. Only 277 different users accessed the server so where did the other 40,000 plus polling officers upload their forms?

Just read the NASA it audit and there is nothing there to suggest any foul play.Certainly nothing to be used in presidential petitions.IEBC need to commended for rolling out systems that worked in some of the toughest places.All you see are some staff struggling to upload forms.

[patel]

https://mobile.twitter.com/MboyaApollo/status/902645921044889602

[RV Pundit]

What software did he install.Maybe ms word.This internal iebc systems.Those that struggled most likely got help from iebc staff to upload staff.No where in statures or laws define how iebc should structure it's IT systems.The point that NASA need to proof is whether systems was hacked or not.it wasn't. The systems has not be compromised.Raising suspicion is not enough in court of law.

[Nefertiti]

Or guest logins. Imagine 41K users. All this conjecture instead of just tabling photos of materially different forms. The burden of proof is on the petitioner not IEBC.

What software did he install.Maybe ms word.This internal iebc systems.Those that struggled most likely got help from iebc staff to upload staff.No where in statures or laws define how iebc should structure it's IT systems.The point that NASA need to proof is whether systems was hacked or not.it wasn't. The systems has not be compromised.Raising suspicion is not enough in court of law.

[Kim Jong-Un's Pajama Pants]

Or guest logins. Imagine 41K users. All this conjecture instead of just tabling photos of materially different forms. The burden of proof is on the petitioner not IEBC.

What software did he install.Maybe ms word.This internal iebc systems.Those that struggled most likely got help from iebc staff to upload staff.No where in statures or laws define how iebc should structure it's IT systems.The point that NASA need to proof is whether systems was hacked or not.it wasn't. The systems has not be compromised.Raising suspicion is not enough in court of law.

40,000 is indeed a lot.  I would imagine the main application would have one login.  Guest logins should raise alarms about the level of security.  KPMG did mention horrendous security.  But apparently they were given the old system to audit.

[bryan275]

Or guest logins. Imagine 41K users. All this conjecture instead of just tabling photos of materially different forms. The burden of proof is on the petitioner not IEBC.

What software did he install.Maybe ms word.This internal iebc systems.Those that struggled most likely got help from iebc staff to upload staff.No where in statures or laws define how iebc should structure it's IT systems.The point that NASA need to proof is whether systems was hacked or not.it wasn't. The systems has not be compromised.Raising suspicion is not enough in court of law.

40,000 is indeed a lot.  I would imagine the main application would have one login.  Guest logins should raise alarms about the level of security.  KPMG did mention horrendous security.  But apparently they were given the old system to audit.

41k users is indeed a large number, but we need to remember that the actual "work" done by these users was quite narrow if I have understood it correctly.  Log in>upload 34A>type number of votes by candidate>click send>log out.  I do not think these were resource intensive to a point of the system breaking.

[bryan275]

What software did he install.Maybe ms word.This internal iebc systems.Those that struggled most likely got help from iebc staff to upload staff.No where in statures or laws define how iebc should structure it's IT systems.The point that NASA need to proof is whether systems was hacked or not.it wasn't. The systems has not be compromised.Raising suspicion is not enough in court of law.

Who knows.  I think it would be ignorant to expect that the "hacker" would label his worm as "rigging algorithm" for the benefit of any future auditors.   Or even better still not claim that they were installing something that they were not supposed to.  The starting point is that whoever it was, was up to some sort of mischief or criminal intent. 

Nothing innocent here.

 

[Kim Jong-Un's Pajama Pants]

Or guest logins. Imagine 41K users. All this conjecture instead of just tabling photos of materially different forms. The burden of proof is on the petitioner not IEBC.

What software did he install.Maybe ms word.This internal iebc systems.Those that struggled most likely got help from iebc staff to upload staff.No where in statures or laws define how iebc should structure it's IT systems.The point that NASA need to proof is whether systems was hacked or not.it wasn't. The systems has not be compromised.Raising suspicion is not enough in court of law.

40,000 is indeed a lot.  I would imagine the main application would have one login.  Guest logins should raise alarms about the level of security.  KPMG did mention horrendous security.  But apparently they were given the old system to audit.

41k users is indeed a large number, but we need to remember that the actual "work" done by these users was quite narrow if I have understood it correctly.  Log in>upload 34A>type number of votes by candidate>click send>log out.  I do not think these were resource intensive to a point of the system breaking.

You right there was nothing resource intensive about this system.  To be fair, I was just suggesting a possible and typical configuration of such apps. 

One real login to the main system that belongs to the main application.  This application in turn provides access to end users through virtual logins.

I have actually seen a statement to the effect that on Election Day, there was nothing that came into the system from polling stations, or something to that effect - I'll try share it when I can.  It's what partly makes me lean towards a system failure.

[bryan275]

Or guest logins. Imagine 41K users. All this conjecture instead of just tabling photos of materially different forms. The burden of proof is on the petitioner not IEBC.

What software did he install.Maybe ms word.This internal iebc systems.Those that struggled most likely got help from iebc staff to upload staff.No where in statures or laws define how iebc should structure it's IT systems.The point that NASA need to proof is whether systems was hacked or not.it wasn't. The systems has not be compromised.Raising suspicion is not enough in court of law.

40,000 is indeed a lot.  I would imagine the main application would have one login.  Guest logins should raise alarms about the level of security.  KPMG did mention horrendous security.  But apparently they were given the old system to audit.

41k users is indeed a large number, but we need to remember that the actual "work" done by these users was quite narrow if I have understood it correctly.  Log in>upload 34A>type number of votes by candidate>click send>log out.  I do not think these were resource intensive to a point of the system breaking.

You right there was nothing resource intensive about this system.  To be fair, I was just suggesting a possible and typical configuration of such apps. 

One real login to the main system that belongs to the main application.  This application in turn provides access to end users through virtual logins.

I have actually seen a statement to the effect that on Election Day, there was nothing that came into the system from polling stations, or something to that effect - I'll try share it when I can.  It's what partly makes me lean towards a system failure.

The cynical me, tends to lean towards "system switch off" to allow for the rigging server to take over processes and deliver the predetermined "winner".  I suspect it would have been easier to render parts of the infrastructure unusable than to have in place a blanket instruction to the polling centre IEBC staff to not send the data back. 

[RV Pundit]

Yes if you mean scanned form 34As which were suppose to be "FTP"ed to file server didn't hit servers in Nairobi . Otherwise key-in statistics/data/prov results - which were lighter - went to the database -smoothly and don't material differ with form 34As.

In fact it would be a big mistake to do away with key-in data.  Sending scanned images to Nairobi from most places of rural kenya is no joke.  Key-In data guarded against any rigging because those figures hit the servers randomly as soon as counting ended...starting 7 mins after Narok Prison completed their tallying.

We stop the so called provisional results - and you may have darkness for 2 days - and it's back to 2007 again.

I have actually seen a statement to the effect that on Election Day, there was nothing that came into the system from polling stations, or something to that effect - I'll try share it when I can.  It's what partly makes me lean towards a system failure.

[Kim Jong-Un's Pajama Pants]

What software did he install.Maybe ms word.This internal iebc systems.Those that struggled most likely got help from iebc staff to upload staff.No where in statures or laws define how iebc should structure it's IT systems.The point that NASA need to proof is whether systems was hacked or not.it wasn't. The systems has not be compromised.Raising suspicion is not enough in court of law.

Who knows.  I think it would be ignorant to expect that the "hacker" would label his worm as "rigging algorithm" for the benefit of any future auditors.   Or even better still not claim that they were installing something that they were not supposed to.  The starting point is that whoever it was, was up to some sort of mischief or criminal intent. 

Nothing innocent here.

 

The correct thing is to trust but verify.  Give them as much benefit of doubt as possible and work from there.  However I perfectly understand why this can be difficult.  Because IEBC has done everything in the book, with their stonewalling, to lose that benefit.  And if it hurts them, they had it coming. 

For me though, this mostly suggests a crappy system and its deployment.  Could that be something one can engineer?  Absolutely.

[Kim Jong-Un's Pajama Pants]

Or guest logins. Imagine 41K users. All this conjecture instead of just tabling photos of materially different forms. The burden of proof is on the petitioner not IEBC.

What software did he install.Maybe ms word.This internal iebc systems.Those that struggled most likely got help from iebc staff to upload staff.No where in statures or laws define how iebc should structure it's IT systems.The point that NASA need to proof is whether systems was hacked or not.it wasn't. The systems has not be compromised.Raising suspicion is not enough in court of law.

40,000 is indeed a lot.  I would imagine the main application would have one login.  Guest logins should raise alarms about the level of security.  KPMG did mention horrendous security.  But apparently they were given the old system to audit.

41k users is indeed a large number, but we need to remember that the actual "work" done by these users was quite narrow if I have understood it correctly.  Log in>upload 34A>type number of votes by candidate>click send>log out.  I do not think these were resource intensive to a point of the system breaking.

You right there was nothing resource intensive about this system.  To be fair, I was just suggesting a possible and typical configuration of such apps. 

One real login to the main system that belongs to the main application.  This application in turn provides access to end users through virtual logins.

I have actually seen a statement to the effect that on Election Day, there was nothing that came into the system from polling stations, or something to that effect - I'll try share it when I can.  It's what partly makes me lean towards a system failure.

The cynical me, tends to lean towards "system switch off" to allow for the rigging server to take over processes and deliver the predetermined "winner".  I suspect it would have been easier to render parts of the infrastructure unusable than to have in place a blanket instruction to the polling centre IEBC staff to not send the data back. 

I am also open to that possibility and I suggested it in the early going.  It's easier to let the POs and ROs continue the routine uninterrupted and run a dummy system on the material day.  There are many possibilities. 

But you need to sync it with actual votes at the polling stations.  The more likely thing is these guys were left to their own devices, by a failed system, to figure out how to send the electronic scans.