MyPillow CEO Mike Lindell has produced four video documentaries so far, all claiming to show evidence of fraud in the November 2020 election. Lead Stories has previously looked into these videos here, here, here and here and found there were serious issues with the data and evidence that was presented in them. Lindell even admitted to us that some of the data offered as proof in the last video was not actually what it was claimed to be, later describing it as "B-roll" (instead of actual footage showing part of a "pcap" file that was supposedly new evidence).
Lead Stories also undertook a detailed investigation into the source of some of the other data used in the videos and discovered it originated with Dennis Montgomery, someone described on the website of David J. Harris Jr. as a "known fraudster" and by The Gateway Pundit as a "conman" (both sites have offered MyPillow discount codes to their readers in the past).
When even sites that seem to have a commercial interest in Mike Lindell and MyPillow have questioned the source and integrity of the evidence he presented in the past, it should come as no surprise that we had some burning questions ourselves when Mike invited us to his "Cyber Symposium" event to be held on August 10-11-12 in Sioux Falls, at which, he announced, he would reveal "cyber data and packet captures from the 2020 November Election," challenging attendees to find "proof that this cyber data is not valid data," even going so far as offering a monetary reward for proving it is not valid. But that already assumes the data is validated somehow.
Will he prove his claims this time? Here's how we'll know:
First step: validating the evidence by examining origin, chain-of-custody and methods
Just like in court or in science, all data and facts brought out as evidence start out as unvalidated by default. Validation happens by process of investigation, probing, asking questions and getting answers. Mike knows this is important; in the past he has claimed to have hired experts to validate some of his data, and even to "validate the validation." If there are any questions about the plausibility of how evidence was obtained, these need to be answered to eliminate the possibility of fraudulent origin: no one can plausibly claim to have super-detailed pictures of a secret underground moon base without first explaining who took them and how they got to the moon to erase concerns the whole thing was photoshopped.
We'd also like to note that Mike has claimed in the past that digital evidence is frozen in time and can't be altered or faked. As fact checkers we've seen enough photoshopped images, deepfake videos and doctored documents to know that this is not exactly true. Packet-capturing software usually outputs text files (see a description of the format used by the tcpdump tool here, look for "Output Format") and text files can be easily edited. We've also shown in the past that software like Scapy exists that can be used to forge/spoof/inject packets for training and testing purposes.
We know there are mathematical tools that can be used to prove the integrity of digital files (hashes, checksums, signatures etc.) but those only prove a file wasn't changed after it was hashed/checksummed/signed. These methods tell you nothing about how and when a file was created and you'd need to have some solid evidence of the age of the hash/checksum/signature as well if you want to prove the files weren't just created yesterday.
Next steps: validating the evidence by looking at consistency, other records, level of detail and reproducibility
Once it has been satisfactorily established where a piece of evidence came from, it is time to see if it is internally consistent. A witness who constantly contradicts things they said earlier in their story is far less credible than someone who keeps their story straight. The same standard applies to a set of data. Data that has names/locations/numbers/times, etc., that don't match up with other known records is suspect, too. For example: claiming to have surveillance video of a bank heist that happened in a town with no bank.
If something is claimed to be evidence that something happened in a certain way, can that thing be reproduced or reconstructed in that way? For example: if a witness said someone moved from A to B in x seconds, is it physically possible to move that fast? Can it be tried out by others?
The more detailed the explanation provided is, the better. A broad and hypothetical explanation is less convincing than a precise and detailed one. Compare "someone said he may have done something to him because the victim was later found dead" with "at precisely 09:15 he shot the victim twice using a 9mm pistol and we have surveillance tape, the murder weapon, gunpowder residue and an autopsy report that shows where the bullets entered."
What difference does evidence validation make for a claim to be true or false?
To use an analogy: suppose someone claimed to be able to predict the lottery. To prove it, this person hands you a sealed envelope today that contains a prediction they supposedly made two weeks ago about last week's lottery numbers. You'd be right to be skeptical. The numbers on the piece of paper could be 100% correct and impossible to dispute, but that envelope could have been sealed after the results of the draw were already known.
Note that in this case the envelope wouldn't prove if the claim about the predictive abilities was true or false. The person could theoretically still be a psychic and he could have sealed the envelope two weeks ago, there is just no way to tell, given the available evidence. The envelope would just be unvalidated evidence and the claim would remain unproven.
The story would be different if there was other supporting and validated evidence that the envelope was indeed sealed two weeks ago and hadn't been touched since (locked in a vault, in your possession the whole time, there were witnesses to the sealing, a signature of trusted third person on the seal, video/pictures of the sealing are available ...). If you had those things and the numbers were right, you could possibly begin to speak of valid evidence to prove the claim is true (but with caveats: witnesses could be lying, supporting evidence could be tampered with, there may be multiple envelopes in play etc., so you'd need to be absolutely sure about that supporting evidence, too).
For completeness' sake: note that if the numbers in the envelope were wrong it would be an entirely different story in both cases. That would make the evidence invalid, not just unvalidated. The claim about having predictive powers would remain unproven, though. (But the claim the envelope was valid evidence would be proven false.)
It goes without saying that to do any of the things listed above requires full and unrestricted access to all the available evidence.
With all this in mind, here are the questions we are looking to get answers to in order to be able to validate the pcap data:
We need a full and detailed explanation of who created these files and how and when they did it, including an explanation of how and where they intercepted the data. And we mean the "detailed" part. Names, locations, facilities, companies, agencies, dates, times, contact info ... No vague "cyber-teams" or "anonymous experts".
We need a full and detailed description of how they were able to decrypt the contents of the packets since most internet traffic is encrypted these days precisely to stop people from eavesdropping on the contents of packets. This is related to the criteria for plausibility mentioned earlier.
To prove the explanation holds water, we suggest a practical demonstration of interception and decryption of packets sent between two Lead Stories-controlled servers to serve as proof these experts at least have the skill and access required to do what they claim they can do.
We need a complete downloadable version of all files, preferably signed/hashed so we can verify our version is the same and nothing got garbled in transit.
We'd like a full and detailed description of the exact attacks the pcap files purportedly show (i.e. what software was attacked and on what type of equipment, which exact weaknesses were exploited, how exactly was data changed on the target machines?), preferably with steps included to reproduce the attacks and/or copies of bug reports submitted to the software vendors.
We need a full and detailed explanation of how these changes remained undetected even in places where paper ballots were later hand audited. If this explanation requires complicity of local officials, please name them and show proof of that.
Nice to have: clarity on whether the pcap files show if votes were flipped, stolen, injected, added, cloned or duplicated (or something else, or all of them) and what that means for contradictory claims. Matt DePerno said flipped (through a misconfigured tabulator), Mary Fanning said cloned (with Hammer/Scorecard), Douglas Frank said added (from a "reservoir"), the Montgomery data said stolen ("DOWN"). Who is right?
If the pcaps show all of them were right and the attacks were a mixture, it would be nice to know what could have motivated that. If election thieves were adding votes to make candidate A win, why would they risk then accidentally flipping their vote count with candidate B and then maybe having the votes stolen away from B again, risking detection at each step?
Nice to have: a full and detailed explanation why it took ten months for this evidence to be presented at a symposium instead of being sent to authorities on November 5, 2020. If this pcap data was acquired before Trump left office and recounts/lawsuits were still ongoing, why was it withheld from public view until now? If it was obtained after Biden took office, what led to the delay?
We have sent a copy of this list to Mike Lindell and we look forward to finding answers to all of these questions. We will have our own experts look at any and all data provided to us to see what we can discover but any assistance (including from Mike's experts) is welcomed.