A new report has revealed proof of illegal entries and logins into the Independent Electoral and Boundaries Commission (IEBC) servers.
The report shared by Prof Makau Mutua provides details of how various people accessed the servers and other discrepancies that occurred during the election period.
The report shows initial findings from an audit of the IEBC server as follows:
1. Foreign IP Addresses Accessed Server Illegally
According to the findings, foreign IP addresses accessed the file server even though they do not belong to the IEBC IP address inventory.
2. Multiple IP Addresses from One User
The report further reveals that in some instances there were multiple IP addresses from one user.
3. No Data From Polling Stations
The FileZilla server log reveals that in some areas there was no data from polling Stations.
"There is no trace of data that originated from the polling station returning officers as earlier indicated by IEBC. All the uploads came from CECs raising questions on whether the data on their server came from the polling stations as stipulated by the regulations," the report read in part.
4. No Trace of Forms 34B
As per the logs, some constituencies do not have any trace of forms 34B uploaded for example in Busia county, Matayo Constituency, the CEC did not upload the form 34B for the constituency from the logs.
5. Same form 34B uploaded multiple times
The audit report notes that on the election day between 1:44:57 AM and 2:12:29 AM form 34B for Kibwezi East was uploaded multiple times.
The report notes that the action compromised the integrity of the file as the same username went ahead and changed the same file again on the date 8/12/2017.
6. Deletion of files from server by various users
Approximately 8,300 files were reportedly deleted between 8/8/2017 22:32:59 PM and 8/17/2017 13:09:55 PM. Out of the 8,300 files, 7,954 were successfully executed.
The delete commands had 1,582 delete requests for form 34A and 147 delete requests for form 34B. The report notes the deletion of files reveals that the integrity of the server was weak.
7. Mismatch in file types uploaded to server
The findings also reveal mismatch in file types uploaded to the server where .docx, .pdf, .jpg, .xslx were all uploaded.
A query is, however, raised that if the images were scanned, then they should all be in .jpg only. The report alludes to the fact that .docx and .xslx file formats were used as they are modifiable.
