The conflict of interest here is stunning. The CEO of this company Acronym, which owns the app developer Shadow, received $100K from the Buttigieg campaign and her husband is an advisor for his campaign. Buttigieg's organizing director is also a former employee of Shadow. And the entire company is all former Hilary Clinton employees e.g. centrist democrats.
Quick observation: the vast majority of Democrats with the social connections to feel confident starting this kind of company will be affiliated with candidates who have won previous elections. This centralization is by design: the winner of presidential primary effectively becomes "head of party" and installs their own leadership at the national committee level.
This is true, but it's also part of what's broken in the poli-tech space -- if you're starting a business there, the connections you have matter much more than your experience and/or competence in application design, UX, operations, etc. You don't get customers by building a better product, you get customers by lining up influential people behind you. So the software products that serve this space tend in general to be pretty underwhelming.
This can be classified as a mutated variation of Enterprise Software Syndrome, the disease that makes enterprise software suck so badly.
Buying software services from an ideologically driven consulting firm is the mistake here. The DNC is supposed to be completely neutral in this situation, so to hire former Clinton tech people is a poor decision.
Another observation: caucuses arguably have only one single advantage over traditional voting and that is making it incredibly hard to commit voter fraud or any type of election stealing. The public nature of the voting and tallying means that there is large group of witnesses to the results. It would take pretty brazen and easily provable fraud for someone to report numbers that didn't match the results that everyone witnessed. That plus Hanlon's razor should be enough for us to require some type of evidence beyond circumstantial connections between political operatives before we accuse someone of nefarious behavior.
> This centralization is by design: the winner of presidential primary effectively becomes "head of party" and installs their own leadership at the national committee level.
That's not really true; the winner of the general election becomes effective head of their party; a primary winner who loses the general generally has less (but significant) influence. Hillary Clinton has less control of the DNC after the 2016 election than before it (she had unusual influence before the election for a number of reasons); the reform eliminating first-ballot superdelegate voting rights was due to influence gained by the Sanders-aligned faction.
This company produces the textbanking software that the Buttigieg campaign uses. It's frustrating to watch people repeating the phrase "received money from the Buttigieg campaign" with the implication that it's a bribe when the actual situation is that both the Iowa Democratic Party and the Buttigieg campaign used the same contractor for some software.
There's a pretty clear conflict of interest between the Buttigieg work of helping his campaign and the caucus tabulating work for the DNC. There might not be actual foul play, but the reason we look to avoid conflicts of interest in things like this is that it's easier to establish a lack of conflict of interest than it is to establish a lack of foul play.
Yeah, I guess Republicans can never use Drupal, because a lot of Democratic money went towards it. Can anyone use Windows anymore? Certainly no cloud service can ever be used.
pretty sure you're right but also pretty sure people with a sound ethical worldview wouldn't be simultaneously engaged in text banking and vote counting...but then these are the people who also thought it would be funny to name their company "Shadow." The only thing more laughable is that no one in the state of Iowa apparently had a reason for concern prior to last night.
Something that nobody here has pointed out. I could maybe understand why you would think that the DNC would want to make the process slow, but Buttigieg has just as much reason as Bernie to want the Iowa Caucus to run smoothly. His campaign only existed on the hope that he would win last night, and if he doesn't create any momentum out of Iowa he is DOA for super Tuesday. Anyone making up these theories hasn't thought things all the way through, clearly.
Well, if he can claim he won and the media will run with it without any clear results, that works ok too.
Thinking all the way through here, any momentum buttigieg gathers in iowa and new hampshire will be lost is south carolina and nevada, and then bloomberg will be a factor competing for his voters on super teusday.
Buttigieg's path to the nomination is having it given to him by superdelegates if no one gets a majority.
This is a conspiracy theory. Please don't amplify this disinformation. There is no proof anything this commenter is stating has anything to do with the issues in Iowa.
Are you disputing the stated facts, or just the (unstated) connection to the other issues? A conflict of interest is a conflict of interest, no matter how far it may or may not have gone.
- always test your code
- always test your code with people
- never ever succumb to the temptation to ironically name your organization no matter how funny it is to you
This kind of crap is why Bernie Sanders is so popular. It's why Trump won the 2016 election too. There is an overwhelming feeling on the part of voters that the "establishment" of the party is beholden to a small group of wealthy neoliberals (or neoconservatives on the GOP side, but there are few differences in policy between the two). Many on the left regard liberalism as a failed project, and Sanders is popular among them because he offers an alternative to neoliberalism.
The wealth inequality that accelerated after the 2007 crisis has added a class warfare aspect to national politics where one did not exist before. Trump has largely eviscerated the Republican party by playing on this, and I think we're seeing this dynamic on the Democrat side this election cycle.
I don't think that really matters, though. Even the appearance of impropriety is an unacceptable risk to the integrity of the caucus. Doubly so in a time of conspiracy theories and misinformation run rampant.
Reminds of people saying YouGov (being "founded by a Tory") were biased in the lead up to the election, despite that being a literal kamikaze attack on their business model.
They ended up being almost literally bang on, ironically enough.
Pandemonium and uncertainty in this situation favors the losing candidates. Would the underdogs in this fight be getting the same level of attention today if the results were clear? I do not think it was rigged, but there are many levels of deniable sabotage that have the same result. Like just purposefully doing a garbage job.
I don't necessarily think they purposefully rigged the app, but do you not think the campaign may have gotten extra training or a direct line to Shadow for support questions on how to use the app that other campaigns wouldn't have gotten?
I'm seeing on Twitter that the app interface wasn't very intuitive and officials there were confused on how to use it.
Also, what’s your source for Buttigeg’s $100K payment to the CEO of acronym? I head about $42K the buttegieg campaign paid to shadow, but that appears to be legitimate text messaging services.
It’s dirty politics to pedal conspiracy theories. I hope you can refrain around here.
(Also, I know some people in Newtown — conspiracy theories can get down right evil quickly. Be careful not to down a dark path because you don’t know where it’s going to end.)
In the pre-Trump era politicians had to at least pretend they weren't corrupt. Now that it's clear there are no consequences, I think we'll only see them get more and more brazen.
>In the pre-Trump era politicians had to at least pretend they weren't corrupt.
I guess you should let Hillary know she should not have been in control of a foundation that was receiving millions of dollars in donations from foreign leaders while she was the head of the department in charge of US foreign policy.
You're just peddling the probable media narrative. It's undoubtedly the worst for Bernie. He didn't get to tout his "first count" win, which would've given him a boost going into second alignment. And he would've given a victory speech which is historically equal to at least a +5 bump in the polls.
On top of all that, it seemed like Bernie Sanders had the biggest turnout (just from qualitatively observing the number of people in his corner). As it stands, I suspect foul play. I do not have evidence of this, however.
My bet is that the contractors were incompetents who were hired based on political connections, and they both 1) just finished the app within the past week, and 2) never tested it after it was officially finalized. By bet is that they tested it weeks ago, it failed, they blamed the failure on a few bugs, they eventually marked those specific bugs fixed, then just prayed after shipping it. I know I'm being too specific, but past trauma.
Major sign: Not only wasn't there a dry run before d-day, but they didn't even train the people expected to use the app on the app.
The corruption is traditional corrupt procurement (apparently connected to Buttigieg and the Clinton complex) rather than an attempt to fix the primary. Primary fixing will be done out in the open with sudden rule changes.
Incompetent is a bit harsh. I think you need to be quite good to hit a home run with a new app/system that will be rolled out at an event to lots of users.
The app's entire purpose is to allow 1700 people to type in 21 numbers, and to send those numbers to a database. I don't know how that's more than a week's work, with another month or two added to design the walkthrough.
True, the results are on paper and presumably will be accurately counted eventually. The concern is that this fiasco was meant to occur if the DNC felt that Sanders was going to win in a landslide. Some believe this was done on purpose to rob him of any momentum this morning, and to allow for other candidates (read: actual members of the Democratic Party) to claim some sort of success as the news cycle moves forward to tonight's State of the Union, tomorrow's Senate vote, and then the NH primary.
There is a compelling case to be made that manipulating the reporting of results (rather than the results themselves) would be more in line with your goals of public perception and deniability.
Anyone that's worked on a system with distributed state knows data consistency can be hard, particular in situations where the system comes under load and latencies begin to increase.
You're not specifically complaining about it, but I think it's interesting that they are being criticized for not being transparent, and then being criticized based on that transparency when they are.
People having been posting the paper caucus records left and right on Twitter and elsewhere. I wouldn't be surprised at this point the internet mob could count the results if someone tried to organize it.
Edit: Apparently all those paper sheets also have PIN numbers to log into the app, so that probably is a contributing issue.
It's a little disturbing to me to see this detail featured in so many stories, because (1) DHS isn't especially qualified to review applications for security vulnerabilities, and (2) there are reasons not to insert the Republican-controlled DHS into the processes of the Iowa Democratic Party. Moreover, there's no evidence at all that security had anything to do with the failure, and lots of reasons to believe otherwise; it's not even a relevant detail.
I'm a broken record about this, but you probably don't want to work in a field where the norm is that the government checks your software engineering work, particularly for security; there is a longstanding track record of failure here.
None of this is to defend the app, which appears to have been, from conception through deployment, moronic.
> Such a test from DHS’ Cybersecurity and Infrastructure Security Agency would have focused on security and not the performance issue that Wolf said was most likely responsible for the failure. Still, Wolf said this was a “concerning event” given the amount of scrutiny around elections security after Russians targeted the 2016 presidential election.
> “We don’t see any malicious cyber activity going on,” Wolf said. “No one hacked into it -- so this is more of a stress or load issue as well as a reporting issue that we’re seeing in Iowa.”
> The Iowa Democratic Party has said there was no evidence of hacking in the much-delayed results, merely human error.
DHS wouldn't be the one to do performance testing. Sure they should have had security scans but the issue at hand is not related.
You'd think that a lot of the allegations of foreign interference in the 2016 election would have been recalled in the past couple of months and the Iowa Democratic Party would have openly welcomed the DHS' security testing of the app to ensure minimal foreign meddling.
I think that the folks handling this software project screwed up plenty, but I also don't know if I'd fault them for not going anywhere near DHS. Given the way the current administration has shamelessly attempted to corrupt pretty much every institution it touches I think the political compromise of DHS is something that opposing parties should be factoring into their threat models.
Architecture, performance, and security reviews? Definitely should've happened. DHS? Ehh.
Recent history has proven out time and time again that all sorts of organizations that should know better about securing their applications and data, absolutely don't. Just look at the Equifax breach or the OPM breach for examples.
For whatever reason, many, many people in positions of leadership have a hard time properly evaluating and mitigating risk when it comes to cybersecurity. Even when it's obvious that risk can absolutely destroy their organization.
It's clearly not an overloading issue. If the outage was a couple of hours sure, maybe it's a load issue. But it's after noon on the following day and the system is still broken.
Plus, it doesn't make sense that it would be overloaded. They should have known exactly how much load to expect based on the number of caucuses held across the state. Also, Iowa isn't a populous state so the total number of datapoints is not going to be all that big. This should not have been a hard problem. The DNC is looking like a bunch of idiots this morning.
Even the most cursory security review for a "client software communicates with server software over the public internet" type of app should include determining whether or not the app will be easy for a script kiddie who knows the app's endpoint to DOS it. At the very least they would have noted that it ran like crap when they fired up some automated testing tool and promptly bogged down the app.
Having been around DHS procurement a bit, I can only imagine what their App testing looks like. It probably only can test on certified Windows CE and Zune devices.
This thread is full of the dumbest takes imaginable.
There are no conflicts of interest beyond those in niche markets anywhere. There are a finite number of people and companies serving in this space. Multiple campaigns use the same contractors, and those contractors will advise campaigns. The conflict of interest is known and the key thing is declaring them, siloing information, and policing behavior. This happens in every startup board where a customer participates in a funding round [and gets board seats].
Also, what was DHS going to do here? This is a private organization doing a [private] caucus in a single state. We've all read the mythical man month. DHS should focus on securing the national elections, which there is ample evidence they are behind on.
Really? You're going to call out the entire rest of this thread, many posts with links to back up credible claims being made, and go with "There are a finite number of people and companies serving in this space"?
Do you honestly believe that there isn't a company that could have made the app without direct financial ties to one candidate? There are certainly a number of developers who fit that description in this very thread.
There are plenty of credible and factual claims being made here, they are just not material. Just because someone has a financial relationship doesn't mean their is malfeasance. That's why all sorts of legal documents have conflict disclosures. That's why their are legal consequences for not disclosing conflicts. A conflict is not a de facto problem, acting on that conflict is and I see no reason to believe that happened here. I don't see anyone in the Democratic party that benefits from this.
There are a million companies that could have written this app. I could have written this app. The reason I didn't is that I don't target this market, don't have domain expertise in how caucuses are run [at the level of writing an app to administer one], and have no prior work to reference in the space. I have no doubt that's the reason the vendor was selected.
Are you actually saying the DHS couldn't have ran some script kiddie attacks to see if it was vulnerable to the most trivial of interference, which it was? Or is it just important to you for people to ignore this colossal fuck up?
Do you know if nobody did a basic pentesting with metasploit or not, or some other security audit? Was that actually the root cause of the problem? From the actual article
"Such a test from DHS’ Cybersecurity and Infrastructure Security Agency would have focused on security and not the performance issue that Wolf said was most likely responsible for the failure. Still, Wolf said this was a “concerning event” given the amount of scrutiny around elections security after Russians targeted the 2016 presidential election.
“We don’t see any malicious cyber activity going on,” Wolf said. “No one hacked into it -- so this is more of a stress or load issue as well as a reporting issue that we’re seeing in Iowa.”"
I think they had a buggy app collecting caucus votes and I see people claiming it's some kind of vast conspiracy without any evidence. With all the people (metaphorically) tripping over their d*s around the world, it seems odd what kind of coverage this is getting. Particularly since (referencing my other comment: https://news.ycombinator.com/item?id=22239685) a much more egregious issue happened in the same state's caucuses 2012 (not to mention the 2016 NV Democratic party screw up). The reasonable conclusion is caucuses are a mess and should be scrapped (which both parties are gradually doing).
The director of the DHS said that their testing would not have caught this issue. They are quoted as such in the article referenced in this submission (and I quote their statement here https://news.ycombinator.com/item?id=22239826).
"So what? How is that a good reason to not care about it?" Yes.
"The national elections are run by the states too. That's how elections work, they are decentralized.." Yes, and the FBI, DHS, and a number of federal agencies are consulted and have resources devoted to it. DHS has a webpage describing their involvement https://www.dhs.gov/topic/election-security.
Hillary was the Democratic party nominee in the general election. Everyone in the Democratic party technical consultancy world worked for her in 2016. Just pointing this out without context is useless. How does that compare to the Democratic party in 2008, or the Republican party in 2016?
Readit News
This can be classified as a mutated variation of Enterprise Software Syndrome, the disease that makes enterprise software suck so badly.
That's not really true; the winner of the general election becomes effective head of their party; a primary winner who loses the general generally has less (but significant) influence. Hillary Clinton has less control of the DNC after the 2016 election than before it (she had unusual influence before the election for a number of reasons); the reform eliminating first-ballot superdelegate voting rights was due to influence gained by the Sanders-aligned faction.
Dead Comment
This company produces the textbanking software that the Buttigieg campaign uses. It's frustrating to watch people repeating the phrase "received money from the Buttigieg campaign" with the implication that it's a bribe when the actual situation is that both the Iowa Democratic Party and the Buttigieg campaign used the same contractor for some software.
I would want to see how much other campaigns paid for textbanking software but that seems unusually expensive.
Thinking all the way through here, any momentum buttigieg gathers in iowa and new hampshire will be lost is south carolina and nevada, and then bloomberg will be a factor competing for his voters on super teusday.
Buttigieg's path to the nomination is having it given to him by superdelegates if no one gets a majority.
https://twitter.com/alexstamos/status/1224577210897453057
"The wedding of Tara Elizabeth McGowan and Michael Mackay Halle took place Sept. 5 [2015]…"
https://twitter.com/mhalle:
"Strategist for @Petebuttigieg… Maximizing time with @taraemcg in the Ocean State"
- always test your code - always test your code with people - never ever succumb to the temptation to ironically name your organization no matter how funny it is to you
What buffoons.
It is such a scam; makes working on Wall Street feel cleaner and more moral.
It's full steam ahead to another cycle of divisiveness, extreme polarization and getting nothing done.
The wealth inequality that accelerated after the 2007 crisis has added a class warfare aspect to national politics where one did not exist before. Trump has largely eviscerated the Republican party by playing on this, and I think we're seeing this dynamic on the Democrat side this election cycle.
They ended up being almost literally bang on, ironically enough.
I'm seeing on Twitter that the app interface wasn't very intuitive and officials there were confused on how to use it.
Also, what’s your source for Buttigeg’s $100K payment to the CEO of acronym? I head about $42K the buttegieg campaign paid to shadow, but that appears to be legitimate text messaging services.
It’s dirty politics to pedal conspiracy theories. I hope you can refrain around here.
(Also, I know some people in Newtown — conspiracy theories can get down right evil quickly. Be careful not to down a dark path because you don’t know where it’s going to end.)
I guess you should let Hillary know she should not have been in control of a foundation that was receiving millions of dollars in donations from foreign leaders while she was the head of the department in charge of US foreign policy.
He probably is also hurt by Biden’s bad finish being lost in the chaos.
Major sign: Not only wasn't there a dry run before d-day, but they didn't even train the people expected to use the app on the app.
The corruption is traditional corrupt procurement (apparently connected to Buttigieg and the Clinton complex) rather than an attempt to fix the primary. Primary fixing will be done out in the open with sudden rule changes.
1a : lacking the qualities needed for effective action
b : unable to function properly
And some security testing and analysis also wouldn't have prevented this problem, unless it was done at huge scale.
https://twitter.com/JTHVerhovek/status/1224550235881517056?s...
So who is now in possession of the paper records and how easy would it be to manipulate those records?
Anyone that's worked on a system with distributed state knows data consistency can be hard, particular in situations where the system comes under load and latencies begin to increase.
You're not specifically complaining about it, but I think it's interesting that they are being criticized for not being transparent, and then being criticized based on that transparency when they are.
This isn't without precedent, https://en.wikipedia.org/wiki/2012_United_States_presidentia... (or https://www.washingtonpost.com/politics/2020/02/04/iowa-seco... for more narrative). Just 8 years ago in the Republican caucus in Iowa they changed the announced winner more than two weeks afterward.
Edit: Apparently all those paper sheets also have PIN numbers to log into the app, so that probably is a contributing issue.
I'm a broken record about this, but you probably don't want to work in a field where the norm is that the government checks your software engineering work, particularly for security; there is a longstanding track record of failure here.
None of this is to defend the app, which appears to have been, from conception through deployment, moronic.
Deleted Comment
> “We don’t see any malicious cyber activity going on,” Wolf said. “No one hacked into it -- so this is more of a stress or load issue as well as a reporting issue that we’re seeing in Iowa.”
> The Iowa Democratic Party has said there was no evidence of hacking in the much-delayed results, merely human error.
DHS wouldn't be the one to do performance testing. Sure they should have had security scans but the issue at hand is not related.
Architecture, performance, and security reviews? Definitely should've happened. DHS? Ehh.
For whatever reason, many, many people in positions of leadership have a hard time properly evaluating and mitigating risk when it comes to cybersecurity. Even when it's obvious that risk can absolutely destroy their organization.
Plus, it doesn't make sense that it would be overloaded. They should have known exactly how much load to expect based on the number of caucuses held across the state. Also, Iowa isn't a populous state so the total number of datapoints is not going to be all that big. This should not have been a hard problem. The DNC is looking like a bunch of idiots this morning.
DoSing can be as dangerous as an RCE bug if your goal is to cause delays and chaos.
I haven't seen any reporting stating that clearly. At this point tt could've been any sort of bug. My money is on an AWS misconfiguration.
There are no conflicts of interest beyond those in niche markets anywhere. There are a finite number of people and companies serving in this space. Multiple campaigns use the same contractors, and those contractors will advise campaigns. The conflict of interest is known and the key thing is declaring them, siloing information, and policing behavior. This happens in every startup board where a customer participates in a funding round [and gets board seats].
Also, what was DHS going to do here? This is a private organization doing a [private] caucus in a single state. We've all read the mythical man month. DHS should focus on securing the national elections, which there is ample evidence they are behind on.
Do you honestly believe that there isn't a company that could have made the app without direct financial ties to one candidate? There are certainly a number of developers who fit that description in this very thread.
There are a million companies that could have written this app. I could have written this app. The reason I didn't is that I don't target this market, don't have domain expertise in how caucuses are run [at the level of writing an app to administer one], and have no prior work to reference in the space. I have no doubt that's the reason the vendor was selected.
"Such a test from DHS’ Cybersecurity and Infrastructure Security Agency would have focused on security and not the performance issue that Wolf said was most likely responsible for the failure. Still, Wolf said this was a “concerning event” given the amount of scrutiny around elections security after Russians targeted the 2016 presidential election.
“We don’t see any malicious cyber activity going on,” Wolf said. “No one hacked into it -- so this is more of a stress or load issue as well as a reporting issue that we’re seeing in Iowa.”"
I think they had a buggy app collecting caucus votes and I see people claiming it's some kind of vast conspiracy without any evidence. With all the people (metaphorically) tripping over their d*s around the world, it seems odd what kind of coverage this is getting. Particularly since (referencing my other comment: https://news.ycombinator.com/item?id=22239685) a much more egregious issue happened in the same state's caucuses 2012 (not to mention the 2016 NV Democratic party screw up). The reasonable conclusion is caucuses are a mess and should be scrapped (which both parties are gradually doing).
Deleted Comment
Deleted Comment
Deleted Comment
Deleted Comment
Deleted Comment
Such as yours.
> Also, what was DHS going to do here?
Test the app, as they offered.
> This is a private organization doing a [private] caucus in a single state
...So what? How is that a good reason to not care about it?
> DHS should focus on securing the national elections
The national elections are run by the states too. That's how elections work, they are decentralized..
"So what? How is that a good reason to not care about it?" Yes.
"The national elections are run by the states too. That's how elections work, they are decentralized.." Yes, and the FBI, DHS, and a number of federal agencies are consulted and have resources devoted to it. DHS has a webpage describing their involvement https://www.dhs.gov/topic/election-security.
https://mobile.twitter.com/heterodoxious/status/122458084831...
Also loving the profile pic that says "profile photos enable unconscious bias. I code with my brain, not my face."