Share this page!

Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
Twitter logo
22 Sep, 5 tweets, 2 min read
Wow. I was wrong with this tweet. So I deleted it and made a snapshot of it.

Conventional wisdom is that SSDs don't need defragmentation, which mostly right, meaning partly wrong.

Windows knows it's an SSD when asked to "defrag" and does what's appropriate. Image
I just asked Windows to defragment my SSD, which took less than a second, because all it did was make sure any "trims" needing done were fully completed. It knew the difference between SSD and rotating disk and did what was needed. Image
@shanselman has a better explanation.
I can't see the value of putting that in Dominion's documentation, but at the same time, it wouldn't hurt to tell Microsoft to "defrag" your SSDs because it won't actually do it, but will do some useful SSD file system maintenance.
So yes, back in the day, it was true that defragging your SSD was idiotic, but oh my I'm getting old that was a decade ago.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Robᵉʳᵗ Graham #PcapsOrItDidntHappen

Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @ErrataRob

Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
23 Sep
1/ The post by @briankrebs is garbage. It's typical conspiracy-theory nonsense that seeks anomalies that can't otherwise be explained (except by the conspiracy).

It should try harder to explain them. In the following tweets I show you how.
2/ Take this part of the article, an inexplicable SPF entry that looks nothing like any of the other Trump Organization domains.

Yes, but it looks exactly like other domains that Cendyne manages on behalf of client hotel companies. ImageImage
3/ It's Cendyne who registered the domain, not the Trump Organization. The domains are for sending bulk email, for which they use Listrak machines, which all have similar configurations. Image
Read 7 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
23 Sep
1/n In two days, they'll present the Maricopa audit live at 4pm Eastern. I plan on live tweeting it, as responses to this tweet, so you can bookmark this and check back Friday.

I'm certain there will be no value to my tweets, so you probably shouldn't.
2/n The report leaked early, so naturally I read it and wrote up a response discussing the cybersecurity bits.
blog.erratasec.com/2021/09/check-…
3/n Most of the news about the Cyber Ninjas is concerned about whether the results come out right (Biden vs. Trump). This is probably the most important part.

But my expertise is in the cybersecurity parts.
azcentral.com/story/news/pol…
Read 53 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
22 Sep
Sooo.....

You have two choices:
#1 fall back on the "experts have debunked it". I'm an expert, I've debunked it.
#2 spend considerable amount of time understanding the issue so that you can competently debate it and answer questions, which frankly, isn't worthy your time
The short answer is this: the forensics investigators looked only at the C: boot drive, not the D: data drive were records are preserved. Thus, they could not have said whether or not records were correctly preserved according to state law.
Secondly, it's not a valid forensics report, because among other things, they violate forensics ethics by not putting their name on it and redacting information without disclosing the fact of redaction to the reader.
Read 13 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
22 Sep
I think the reason people are upset at the new Space Force uniforms is that they didn't take the "unisex" approach to uniforms that the Scots take.
It's still early days. Maybe we can start a petition to make kilts optional.
Since Space Force seems to be deriving inspiration from sci-fi, yes, space kilts are a thing.
Read 4 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
21 Sep
So one of the funny things from that "Mesa County Dominion deletes files" report is the screenshot they take of the report produced by the FTK Imager.

It's missing a line of text: the name of the examiner who created the image. The name was "cjh" which many claim is Conan Hayes
With the magic of cryptography, we KNOW for certain the name was deliberately removed in that graphic. That's because the MD5/SHA1 hashes confirm this is the SAME system image that was posted online during Lindell's Cybersymposium.
Yes yes, I know, both MD5 and SHA1 are broken and it's possible to create two files with the same hashes, that SHA2 needs to be used to actually be certain. But it still would require participation of the person who created them -- not something done after the fact.
Read 4 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
20 Sep
1/ One of the problems with hacking is that you are always certain you are going it in the sub-optimal, least elegant fashion.

Such is the case in my examination of those disk images from the Mesa County election computer. A natural question is to grab password hashes.
2/ The standard free utility for examining a disk image is "Autopsy". There are more expensive commercial offerings. Autopsy has a lot of really cool plugins. I assume it would have one for password hashes, but I can't find one.
3/ So I do it the inelegant way. I simply go through the filesystem and extract the SAM, SECURITY, and SYSTEM registry "hives" (aka. files in registry format).
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @ErrataRob has new unrolls!

Check out other threads from @ErrataRob!

Read all threads by @ErrataRob

:(