UPDATE - BOUNGIORNO: Palm Beach County Election Infrastructure Breach Proven
Staff WriterAugust 31, 2024
UPDATE: There is push back on this article. We are going to present both sides and the reader can make up his own mind…
We received this link refuting BOUNGIORNO analysis…
Good intentions can result in Big Problems
And we received this information supporting BOUNGIORNO:
Palm Beach Candidate for supervisor of elections Jeff Boungiorno has released information showing massive breach of the county's election systems. The data shows similar coding artifacts from Mesa County, CO of Tina Peter's fame.
Time stomping is a technique used to alter the timestamps on files or directories in a computer system, often to cover tracks or to make it appear as if certain files were created, accessed, or modified at different times than they actually were. In the context of a Windows operating system, time stomping can be accomplished using various methods and tools.
Common Methods of Time Stomping in Windows:
Using the touch Command:
The touch command in Windows, when available, can be used to create or update the timestamp of a file. This is more common in Unix-like systems, but similar functionality can be replicated in Windows using PowerShell or other tools.
PowerShell Commands:
You can use PowerShell to modify the timestamps of files. For example:powershellCopy code(Get-Item "C:pathtofile.txt").LastWriteTime = "01/01/2020 12:00:00" This command will change the "Last Write Time" of the specified file to the date and time provided.
Using the SetFileTime API:
Windows provides the SetFileTime API, which can be accessed through programming languages like C++ or Python to modify the creation, access, or modification times of a file.
Third-Party Tools:
There are various third-party tools specifically designed to perform time stomping, such as Timestomp. These tools are often used by penetration testers and sometimes by malicious actors to alter file timestamps.
Manipulating System Time:
Another approach is to change the system clock on the Windows machine, create or modify the files while the system time is set to the desired date, and then revert the system clock. This method is less commonly used because it may leave other traces.
Forensic Implications:
Time stomping can make forensic analysis more challenging, as it obscures the true timeline of file activity. However, forensic tools often look for inconsistencies in the metadata or use other artifacts to detect time stomping.
Example of Changing Timestamps Using PowerShell:
powershellCopy code$file = Get-Item "C:pathtofile.txt"
$file.CreationTime = "01/01/2020 12:00:00"
$file.LastWriteTime = "01/01/2020 12:00:00"
$file.LastAccessTime = "01/01/2020 12:00:00"
This script will change all three timestamps (creation, last write, and last access) of the specified file to January 1, 2020, at 12:00 PM.
Mitigating Time Stomping:
To mitigate the effects of time stomping, security teams should:
Correlate timestamps with other system logs (e.g., event logs, security logs).
Use advanced forensic tools that can detect inconsistencies or signs of timestamp manipulation.
Monitor for the usage of time-stomping tools or suspicious PowerShell commands.
https://miamiindependent.com/boungiorno-palm-beach-county-election-infrastructure-breach-proven/