Share this page!

Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
Twitter logo
25 Sep, 12 tweets, 4 min read
1/ There's no educating conspiracy-theorists like this guy, but nonetheless I'm going to try. This thing as a simple, rational explanation, though I'm not sure I can make it simple enough for conspiracy theorists.
2/ Cendyne is a company that does marketing for hotel companies, including sending out mass email.

When they get a customer, they often register a new domain on behalf of that customer, like mjh-email.com, hyatt-email.com, deniham-email.com.
3/ Their apps, such as those used to schedule events at venues like hotels, will do lookups on those domains. They do so in various ways, like "mail1.mjh-email.com" or also "mjh1.contact-client.com" -- both of which point to 66.216.133.36.
4/ The servers for mass emails are in turn contracted with mass email company Listrak. These domains point to Listrak servers. They all exist outside a small town in Pennsylvania.
5/ Tump hotels was a customer of Cendyne and now isn't. After the contract was over, Cendyne started to use the server for other clients, causing a spillover.
6/ At no time is there any evidence this domain was in anyway involved with the Trump organization. All the evidence points to Cendyne, who had by this time severed their relationship with Trump Hotels.
7/ Trump hating conspiracy theorists can't accept this.
8/ Why did Cendyne change its records when the NYTimes contacted Alfa? Because that was the same time the FBI contacted Cendyne, who then noticed that the DNS still had outdated records.
9/ The entire presentation today in Maricopa by Trumpists was the same conspiracy-theory argument: their inability to rationally explain anomalies. But the defect was in themselves not being smart enough to explain, not a conspiracy.
10/ Most of my debunking is of those on the right (Trumpists, antivax). But it's important to note there are plenty of conspiracy theorists on the left.
11/ One of the ways you can tell you are dealing with a conspiracy theorist is when they cite things they haven't read that don't say what they think it says.

Nowhere here does Trump Org admit they used the server.
12/ What it does say is that the server belonged to Cendyne. It then uses the passive voice, "it was used to send email".

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Robᵉʳᵗ Graham #PcapsOrItDidntHappen

Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @ErrataRob

Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
23 Sep
1/ The post by @briankrebs is garbage. It's typical conspiracy-theory nonsense that seeks anomalies that can't otherwise be explained (except by the conspiracy).

It should try harder to explain them. In the following tweets I show you how.
2/ Take this part of the article, an inexplicable SPF entry that looks nothing like any of the other Trump Organization domains.

Yes, but it looks exactly like other domains that Cendyne manages on behalf of client hotel companies.
3/ It's Cendyne who registered the domain, not the Trump Organization. The domains are for sending bulk email, for which they use Listrak machines, which all have similar configurations.
Read 7 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
23 Sep
1/n In two days, they'll present the Maricopa audit live at 4pm Eastern. I plan on live tweeting it, as responses to this tweet, so you can bookmark this and check back Friday.

I'm certain there will be no value to my tweets, so you probably shouldn't.
2/n The report leaked early, so naturally I read it and wrote up a response discussing the cybersecurity bits.
blog.erratasec.com/2021/09/check-…
3/n Most of the news about the Cyber Ninjas is concerned about whether the results come out right (Biden vs. Trump). This is probably the most important part.

But my expertise is in the cybersecurity parts.
azcentral.com/story/news/pol…
Read 53 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
22 Sep
Wow. I was wrong with this tweet. So I deleted it and made a snapshot of it.

Conventional wisdom is that SSDs don't need defragmentation, which mostly right, meaning partly wrong.

Windows knows it's an SSD when asked to "defrag" and does what's appropriate. Image
I just asked Windows to defragment my SSD, which took less than a second, because all it did was make sure any "trims" needing done were fully completed. It knew the difference between SSD and rotating disk and did what was needed. Image
@shanselman has a better explanation.
Read 5 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
22 Sep
Sooo.....

You have two choices:
#1 fall back on the "experts have debunked it". I'm an expert, I've debunked it.
#2 spend considerable amount of time understanding the issue so that you can competently debate it and answer questions, which frankly, isn't worthy your time
The short answer is this: the forensics investigators looked only at the C: boot drive, not the D: data drive were records are preserved. Thus, they could not have said whether or not records were correctly preserved according to state law.
Secondly, it's not a valid forensics report, because among other things, they violate forensics ethics by not putting their name on it and redacting information without disclosing the fact of redaction to the reader.
Read 13 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
22 Sep
I think the reason people are upset at the new Space Force uniforms is that they didn't take the "unisex" approach to uniforms that the Scots take.
It's still early days. Maybe we can start a petition to make kilts optional.
Since Space Force seems to be deriving inspiration from sci-fi, yes, space kilts are a thing.
Read 4 tweets
Robᵉʳᵗ Graham #PcapsOrItDidntHappen Profile picture
21 Sep
So one of the funny things from that "Mesa County Dominion deletes files" report is the screenshot they take of the report produced by the FTK Imager.

It's missing a line of text: the name of the examiner who created the image. The name was "cjh" which many claim is Conan Hayes
With the magic of cryptography, we KNOW for certain the name was deliberately removed in that graphic. That's because the MD5/SHA1 hashes confirm this is the SAME system image that was posted online during Lindell's Cybersymposium.
Yes yes, I know, both MD5 and SHA1 are broken and it's possible to create two files with the same hashes, that SHA2 needs to be used to actually be certain. But it still would require participation of the person who created them -- not something done after the fact.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @ErrataRob has new unrolls!

Check out other threads from @ErrataRob!

Read all threads by @ErrataRob

:(