the mesa report: is there trust in a trusted build if the builders broke our trust?
Welcome, my friends, to the United Soviet States of America where Trust is now compulsory. Dare to question the State’s narrative or intent and you will be silenced, dehumanized, and destroyed. Just ask Nicki Minaj.
What we continue to learn from our current dystopia is that our Trust should definitely be withheld.
On Thursday, September 16, 2021, Tina Peters’ defense team delivered a copy of the Forensic Examination and Analysis of Mesa County images before and after the Dominion Trusted Build update (“the Mesa Report”) to the District Attorney in Mesa County, Colorado. On Friday, September 17, 2021, the Mesa Report was delivered to the three County Commissioners Janet Rowland, Scott McInnis, and Cody Davis.
These four elected officials are the only persons read-in on this report prior to it being filed at 12:00AM Saturday, September 18, 2021, outside of Tina’s defense team, the technical experts who performed the analysis, and the technical experts who peer reviewed the analysis — all of whom are under NDA and have kept the report’s existence quiet up until now.
And yet, Grand Junction Sentinel reporter Charles Ashby, whose beloved “beat” is attacking the Mesa County grassroots, reported this morning that he got a copy of the report on late Friday, September 17, 2021.
America’s Mom Sherronna Bishop certainly thinks so and took to Facebook this morning to share her take.
Regardless of the leak, the report centers on Dominion’s Trusted Build. You will hear a lot about the findings of this report in the coming days and weeks, but to truly understand the implications, it is critical that you understand the concept and intention of a Trusted Build.
So let’s dive in.
trust us, bro — the trusted build
Consider Microsoft Windows 10 as a Trusted Build. Educated consumers would decide to buy a personal computer (over a Mac, for example), in part, because of the familiar operating system: Microsoft Windows. It’s simple to install (often already installed), and you know what you’re getting.
Now, keep in mind that MS Windows 10 has averaged 337 discovered vulnerabilities per year, including fourteen of the most severe possible vulnerabilities discovered just this year, seven years after Windows 10 was introduced.
Doesn’t matter: Despite the security vulnerabilities, Windows 10 would be considered a Trusted Build because all of the components have been vetted and verified — by Microsoft. And that is a very important point:
The term Trusted Build is used by the U.S. Government to describe chain of custody for a specific configuration of applications inside elections technology. According to the U.S. Election Assistance Commission (EAC),
“A trusted build is a build that is performed with several security and verification measures to a [sic] such an extent that the executable machine code can confidently be shown to be a faithful and authentic representation of the source code.”
Presumably, every Trusted Build is evaluated with the same attention to detail they applied in that definition. (This is important and comes up later.)
While the term Trusted Build is specific to elections, the concept mirrors a Golden Image in the business and consumer technology space. For non-technical folks, an “image” is basically a template for technology configuration. A Golden Image is where a technology team centrally builds a master template with the security, hardware, and software configurations needed for its purpose. The IT team can then confidently roll out their trusted build to all the machines in their technology ecosystem.
For Colorado (and any other state using Dominion), the Dominion team centrally created their master template for Colorado voting machines (Design) and installed it onto all the Dominion Colorado voting machines (Implementation) — 62 of 64 Colorado counties including Mesa.
This concept isn’t new — every entity with a computer system (i.e., all of them) must protect the fidelity of their systems and code to ensure the effectiveness and security of their enterprise (e.g., their business, agency, election infrastructure, etc.).
code fidelity? who is responsible for that?
On paper, for elections, it’s the County Clerks. The County Clerk is who the People elect to protect the integrity of our elections.
#trustusbro
The buck stops with the Secretary of State. Photo cred: Denver Post –
Jena Griswold certifies the November 2020 election.
But here is what really happens:
- The U.S. Election Assistance Commission (EAC) accredits a Voting
Systems Testing Lab (“the Lab”), such as Pro V&V or SLI, as able to
test election technologies for certification.
- The election technology vendors, such as Dominion, Clear Ballot, or ES&S, complete their Trusted Build.
- The
Lab tests the Trusted Build, and reports to the Secretary of State that
the vendor’s Trusted Build is compliant with all Federal and State
Voting System Standards (or not, in theory; but in practice, they always
seem to be good enough).
- SecState, an elected official who
historically has little to no technology experience, takes the word of
(read: outsources her responsibility to) the Lab and certifies the
Trusted Build.
- In a highly collaborative relationship,
SecState’s staff and the election technology vendor’s team deliver and
install their Lab-tested, SecState-approved Trusted Build in the
County’s voting machines.
- At this point, the State team hands over the keys to the Clerk and her IT team. Keep in mind that the Clerk has responsibility for the execution of the election and accountability for the integrity of its outcome.
And also keep in mind that, up to this point, the Clerk has had zero involvement and has no authority over the design, build, testing, and certification of the system.
Further, the Clerk is contractually — and even legally — forbidden from doing anything other than complying with the vendor and SecState guidance and demands. Did you vote for that?
On paper, the County Clerk is responsible to ensure the integrity of the election in her county. In reality, the integrity of the election depends on the confidentiality, integrity, and availability of the hardware and software delivered to them — into which she has no true visibility and over which she has no control.
In Colorado, our Clerks have been assuring the public of that code fidelity since November: It’s the gold standard; it’s the trusted build. That’s what the SecState told them. That’s what the Vendor told them. That’s what the Lab told them. That’s what the EAC told them. That’s even what Matt Crane and the Colorado County Clerks Association told them.
And most of them can’t pick a modem out of a line-up.
the use of “trust” in “trusted build” is tenuous at best.
As previously mentioned, the EAC uses the term Trusted Build to apply to election systems’ chain of custody across the nation. EAC regulates the Labs who are responsible for affirming that the Trusted Build complies with the law and all applicable standards. The SecState certifies the Trusted Build and also determines which election technology vendors can be contracted within the State. The Clerk selects which vendor her county will use from the SecState list, and any local technology needs for the Trusted Build are managed by either county IT or the vendor themselves.
But the TRUST that they demand we summon is trust in the actual coding and configuring of the systems — and that coding and configuration is done by the vendor.
We talk a lot about how Colorado is the Election Fraud Test Kitchen for the nation. If you go search, “Trusted Build,” one of your first results will be the Law Insider definition, which provides samples of government Trusted Build documentation going back to 2012.
“Trusted build means the write-once installation disk or disks for software and firmware for which the Secretary of State has established the chain-of-custody to the building of the disks, which is then used to establish or re-establish the chain-of-custody of any component of a voting system that contains firmware or software. The trusted build is the origin of the chain-of-custody for any software and firmware component of the voting system.”
All of the sample government documents about Trusted Build that are provided at Law Insider are from — wait for it — Colorado.
Three of these samples are below, and please note that the earliest example is from 2012, back when Republican Secretary of State Scott Gessler was at the helm. Gessler is widely known in Colorado for not believing in election fraud and for terrible judgement when talking to reporters. Here is a quote of Gessler talking about our Colorado elections:
“Colorado has one of the best and most sophisticated Risk Limiting Audits out there. When I say Colorado is better than other states, it is in a lot of ways, at a lot of levels. As much as we’re grumpy, as much as I’m grumpy about Colorado, compared to other states, it’s far better. Okay?” Source
Is it though?
So, for those counting, Colorado set the national standards for:
- Mass Mail-in Balloting
- Electronic Voting Machine Standards
- Risk Limiting Audits
- Automatic Voter Registration
- Trusted Builds
- and more…
eyes on the trusted build
Leaked or not, the release of the Mesa Report, which forensically compares the Mesa County, Colorado backup images from before and after the Dominion Trusted Build update earlier this year, is quite concerning. Remember: image = centrally designed computer template. Let’s consider the implications.
The Mesa Report image analysis reveals that Election Records, required for preservation under current document retention laws, were deleted. This is a violation of the law, and it appears the Trusted Build was designed and implemented to remove those records.
In other words, the Trusted Build was designed and implemented to violate the law, and…
- The Lab knowingly or incompetently reported the Trusted Build as compliant with all Voting System Standards under the law, and…
- The EAC knowingly or incompetently accredited the Lab that reported the Trusted Build as compliant with all Voting System Standards under the law, and…
- The SecState knowingly or incompetently certified the Trusted Build as compliant with all Voting System Standards under the law, and…
- The Trusted Build wasn’t compliant with all Voting System Standards under the law — as shown by the forensic comparison of the images before and after the Trusted Build update, and…
- The above players — along with local law enforcement, the Colorado Bureau of Investigation, the FBI/DOJ, and likely others — knowingly or incompetently covered up the violation of the law — including the flaws in the systems design and any, potentially more devious, actions.
In my review of the report, those are what I see as the major implications.
So, what happens next?
we are about to find out what happens next
Did you notice who is missing in the list of implications above? The for-profit and, in Dominion’s case, foreign election technology vendor that actually builds the Trusted Build. That is by design, and we can thank our elected officials for this reality where companies like Dominion Voting Systems have all of the power over American elections and none of the accountability or, on paper, liability.
Does it really matter if it was “knowingly” or “incompetently?” For prosecutorial reasons, sure. If the Trusted Build was DESIGNED to remove election records — as this peer-reviewed report shows — the answer to that question is pretty clear.
But I am certainly more interested in the Public Trust.
How can we ever again TRUST any of the individuals, companies, agencies, or institutions that are involved in our current election nightmare? Remember, they’ve all been telling us the system is perfect and that November 2020 was the most secure and transparent election in history.
What if they are proven to be lying?
Let’s be honest: Trust cannot be restored until Accountability is realized. When #RussiaGate happened, I realized something that I now know is a pattern of behavior by our enemies in this fight:
Don’t ever forget that.
You can download the Mesa Report here:
Ratio Invictus, Data Jeff, and Monsanto Mole contributed to this article.
Buckle up folks, it’s going to be an interesting week.
Well reasoned. And what is really galling is the contracts with Dominion that purport to deny government entities of their ability to inquire/dig deeper. That is just BS—those contracts should be deemed null and void as a matter of law because the person who signed for the government lacked the authority to agree to crap like that. Nor can those contracts be leveraged to avoid civil or criminal liability—I am confident whomever signed those contracts didn’t have the authority to agree to what amounts to a plea deal—only a prosecutor has the authority to confer immunity by waiving an otherwise clear right of the government to charge/investigate—and even they lack the authority to enter into a plea deal in advance of the crime being committed!!! I give these people one thing—-they have serious balls.
Liked by 1 person