STORY UPDATED: check for updates below.
Does the movie "Absolutely 9-0" released by Mike Lindell contain credible evidence of a Chinese cyberattack against the U.S. election? No, that's not true: he reuses the same debunked data he already showed in his previous movies "Absolute Proof" and "Absolute Interference," and it is unlikely this will sway the Supreme Court, even if he somehow manages to get a hearing. Lindell conceded to Lead Stories that some of the data shown in the video was not the "actual" data because he wanted to keep his evidence secret "for security."
The title of Lindell's movie refers to a claim he made on May 27, 2021, in an interview with David J. Harris Jr., when he said the U.S. Supreme Court would vote unanimously to return Trump to office using something called a "quo warranto." Lead Stories looked into that claim and found it lacked merit since a sitting U.S. president can only be removed from office through impeachment, death or a declaration of disability (and not through Supreme Court action).
The new movie appeared on June 3, 2021, on Lindell's FrankSpeech.com website here (archived here). It shows Lindell interviewing a man with a blurred-out face who he only identifies as "one of my cybersecurity experts" and who he claims has "over 20 years of experience" working with the private sector, government, law enforcement and intelligence agencies and "many ... certifications." Based on his bio it is likely this is the same anonymous expert that was interviewed in "Absolute Interference."
(Screenshot taken by Lead Stories on June 3, 2021)
At the start of the new movie, Lindell says:
Hello everyone. I'm Mike Lindell, and as you all know, on January 9th, I received evidence of a cyberattack orchestrated by China on our 2020 election. I took that one piece of evidence and I just went all in. This was something different, nobody had seen. This was something that came through the machines, the Dominion machines, the Smartmatic and other machines.
Lindell relies on the same debunked information he already presented in "Absolute Proof" and "Absolute Interference": data files he claims to have received on January 9, 2021, from unnamed people. A detailed Lead Stories investigation found the files originated on the website of a man named Dennis L. Montgomery who has a long history of fabricating data files and evidence. The files were then promoted on a website named The American Report that published several conspiracy theories in the past. Next, the data files made their way to Brannon Howse who claims he was the one who brought them to the attention of Lindell.
The new claim Lindell makes is that he now has "pcaps" a.k.a. "packet captures" that were recorded during the election.
When data is transmitted over the internet it is broken down in small chunks called "packets" that are transmitted individually over the network (with some of the pieces possibly even taking different routes to avoid congestion). At the destination end the packets are reassembled into whatever form the data had at the origin: a file, a video stream, a request to a server...
Data packets moving over a network like the internet get sent from server to server until they eventually reach their destination. The people running the servers (or the services connecting them) can use software to inspect the packets going through their part of the network. This is called "capturing" packets and the result is a "packet capture" or "pcap" for short.
Lindell equates these alleged pcap files with video of a bank being robbed, but in that analogy, a bank robbery investigator would also need to say WHERE that video came from, how it got from the source to you (chain of custody), how you got your hands on it, and how you know it is legitimate. He does none of those things yet these would likely be the first questions that would be asked if this data was ever presented to a court.
Lindell and his expert also claim pcap files are an immutable record that can't be forged. They seem to be unaware software has existed for years that can create pcap files with dummy data for testing purposes.
To prevent unauthorized snooping, all important data (like banking info or login attempts or ecommerce transactions) is also encrypted before being split into packets and transmitted over the Internet. That means people along the way can only see who is sending packets where, but not what the contents are.
This makes it unlikely Lindell or his cyberexperts really have looked at the content of actual captured packets. He doesn't explain who recorded them or how they were able to decrypt the traffic, seemingly taking that for granted even though it would be a major feat that would require the sort of infrastructure and knowledge on the level of the NSA if it was even possible.
The graphic shown on screen during the discussion about pcaps also does not appear to show the real output of packet capturing software. A twitter user by the name of @zedster grabbed the data and found it was simply a hexadecimal representation of plain text data (tweet archived here):
Freeze frame, There supposed PCAP is hex,-- zedster (@z3dster) June 3, 2021
Lets try to decode it shall we
I promise you no TCP/IP PCAP has ever appeared to hold data this way pic.twitter.com/Zi4H74hwnD
He also posted this tweet (archived here):
They zoom out all the way if someone wants to run some OCR, this is around 3:04 pic.twitter.com/lbtDL7hPfA-- zedster (@z3dster) June 3, 2021
Lead Stories ran some OCR (Optical Character Recognition) on the image using the website onlineocr.net and after decoding it using the website rapidtables.com recovered a block of text that looked like this:
,'','','R','AP''','','R','AP',','','R','AP',','','','','R','P','R','AP','',','','','','',','','','','R','P','','','','',','','R','AP',','','','','','''','','R','AP',','','R','AP',','','R','A','''','','','','',','','','','',','','','','',''''),('XXXXXXX',XXXXXX','D','',M','A','NF','418','','APPLE ST '','','PHILADEPHIA','PA','1917','','','','',','21/04 VENICECSLAND RECREATIN CT','7 LOCH T ','PHILADELPHA, PA 19127','1/6/2018','2104,'WD21','','MN0','','STH194','TS07','USC03','TC04','CPR','CP','RCD02','21041','','','','',','','','','',','','','NF' 'AP,'','','','','''','','','NF','P','','','','',','','','','','
(Note that we redacted a name that appeared in the text and replaced it with XXXXXXX XXXXXX)
This is not the output of a packet capture but appears to be part of publicly available voter data from Pennsylvania according to Washington Post reporting.
In an email to Lead Stories, Mike Lindell conceded the data shown in the video was not an actual election pcap file, but he claimed he had the actual election pcap files in his posession and that he did not show them in the video for "security". He also announced a "complete cyber event for all cyber experts and cyber companies to come to see for themselves" and that "everyone will 100% validate the election crimes". It is unclear when and where this event will take place and which experts will attend, we will update our reporting when we learn more. Here is his complete message:
I have the actual election pcaps but for security we did not put them in the video.... we are doing a complete cyber event for all cyber experts and cyber companies to come to see for themselves and everyone will 100% validate the election crimes .... It has all been validated by many white hat hackers and other cyber companies but I want to get everyone on board before the Supreme Court...
Mike Lindell doesn't seem to understand what pcaps are since he says they looked at "20 of them" and seems to conflate that with individual lines in an Excel sheet that purports to show individual attacks against U.S. election infrastructure.
(Screenshot taken by Lead Stories on June 3, 2021)
We discussed the data shown in this spreadsheet in great detail in our fact checks of "Absolute Proof" and "Absolute Interference" and concluded they had all the hallmarks of forgery: it showed Trump losing more votes in certain counties than there were actual ballots cast and there were various other oddities with naming and ordering that seemed to indicate they were created by hand and not as the output of some software program.
Just like in "Absolute Interference," Lindell claimed he had hired people to "validate" the data and they seem to have looked up the publicly available data of some of the IP addresses mentioned in the files to show they were actually Chinese and American. But that proves nothing: lists of American and Chinese IP addresses are publicly available on the internet so whoever created this data could have just pulled them from there. As we noted in an earlier fact check:
The data file here is the equivalent of a timestamped list of phone conversations between American and Chinese telephone numbers, complete with a transcript of what was said. Looking up the phone numbers in the phonebook and seeing they are indeed American and Chinese does not prove the list is real or that the phone conversations took place. It just means that the person who created the list could also have used the phonebook.
At seven minutes, 58 seconds in the new movie, Lindell's expert claimed that the evidence showed "a lot" of hacks. He said:
Some were just doing reconnaissance and others were flipping votes.
But Lindell provides no explanation of how the vote stealing or flipping worked. In the spreadsheet it appears to show Trump losing votes ("TRUMP: DOWN") but in the past Lindell has also claimed the votes were somehow "flipped" to Joe Biden. It is never explained how exactly this happened and how it would not result in discrepancies being found when paper ballots from 250 randomly selected precincts were hand-audited by the office of the Michigan secretary of state shortly after the election.
Dominion Voting Systems is suing Lindell and his company, MyPillow Inc., for $1.3 billion, alleging that he made defamatory false statements: that Dominion's machines were used to steal votes. Lindell has responded with a $1.6 billon lawsuit of his own against Dominion.
2021-06-07T14:35:18Z 2021-06-07T14:35:18ZAdded Lindell's admission the data shown in the video was not an "actual election pcap file".
2021-06-05T22:02:05Z 2021-06-05T22:02:05ZAdded more information about the alleged pcap screenshots.