Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Software Democrats Politics

Motherboard Publishes 'Shadow' App That Blew Up the Iowa Caucus (vice.com) 222

Motherboard has chosen to publish the app used to tabulate early voting results in Iowa's Democratic Presidential primary. According to editor-in-chief Jason Koebler, "Trust and transparency are core to the U.S. electoral process," and "that's why Motherboard is publishing the app that malfunctioned in Iowa. From the report: The app, called IowaReporter, ultimately won't affect the vote totals of the Iowa caucuses, which are being recounted with paper ballots and other hard documentation. But the app's failure -- and the widespread attention this failure has received -- spurred chaos on election night, followed by speculation, conspiracy theories, and political jockeying. To try to combat that misinformation, it's necessary to offer complete transparency on what the app is, what it can and cannot do, and why it failed.

Motherboard obtained a copy of the app. By decompiling and analyzing it, it's possible to learn more about how the app was built and what might have gone wrong during the Iowa caucus. We reached out to several security researchers and asked them to analyze it for us, and have published an article about their findings. Motherboard waited to publish the app until Shadow, which controls the app's back-end servers and accounts, confirmed that it had been taken offline. [Shadow Inc. CEO Gerard Niemira] stressed that no voter data could be accessed from the app or from any of the databases it used. What we are publishing is an inert app that is no longer being used for an election, that the DNC has stated will not be used in future elections, and that is no longer connected to backend servers or services.
You can download the Android .apk file here.

UPDATE 2/6/20: A security firm consulted by ProPublica found that the "IowaReporter" app was also vulnerable to hacking. "The IowaReporterApp was so insecure that vote totals, passwords and other sensitive information could have been intercepted or even changed," reports ProPublica. "Because of a lack of safeguards, transmissions to and from the phone were left largely unprotected."
This discussion has been archived. No new comments can be posted.

Motherboard Publishes 'Shadow' App That Blew Up the Iowa Caucus

Comments Filter:
  • by kot-begemot-uk ( 6104030 ) on Thursday February 06, 2020 @02:34AM (#59696722) Homepage
    I run into it in every job - somebody designed something wich works perfectly fine "in test" and is guaranteed to fail once it has to deal with 1000+ inputs. From file descriptor counts to using incorrect system calls and abstractions - there is a lot of roadkill on the information superhighway.
    • by Zarjazz ( 36278 ) on Thursday February 06, 2020 @02:55AM (#59696768)

      Yeah. I the app isn't the major problem here. It's the entire process. From what I've read many of the local managers were of an elderly nature and didn't even have their own smartphone. Kind of the first thing you would have thought anyone would check if you want everyone to use an app.

      • Motherboard, which published the article and the âoedecompiledâ code, is owned by: Shane Smith (20%) The Walt Disney Company (16%) A&E Networks (20%) TPG Capital (44%) Soros Fund Management (10%) James Murdoch (minority stake) https://en.m.wikipedia.org/wik... [wikipedia.org]
        • Also: The developer of the app, Shadow, is funded by PACRONYM, a relatively new Democrat dark money/super PAC hybrid. PACRONYM is a spin-off of ACRONYM, which was founded by Tara McGowan, a former CBS journalist and Barack Obama re-election campaign digital producer. Previously public tweets indicate that McGowan is a Buttigieg supporter. FEC records show that the super PACâ(TM)s largest single donor ($2.6 million) is Soros Fund Management, a hedge fund founded by billionaire George Soros. https://s [saraacarter.com]
          • by polgair ( 922265 ) on Thursday February 06, 2020 @04:04AM (#59696840)

            Well given that McGowan's husband is Michael Halle. He is a senior strategist employed under Buttigieg's presidential campaign.

            There is a huge conflict of interest here.

            • Re: (Score:3, Troll)

              by Mashiki ( 184564 )

              Impossible. /s Everyone knows that what's going on with this DNC stuff this time is absolutely above board! They even changed rules to make it happen. Stay right here, while we do our coin flips then change the result to ensure the desired outcome!

              • Re: (Score:2, Insightful)

                by SharpFang ( 651121 )

                Looking at how they handle the democratic process inside their party, the "Democratic" in "Democratic National Congress" starts increasingly to resemble that in "Democratic People's Republic of Korea", "Democratic Republic of the Congo" or "German Democratic Republic".

                • I'm not sure exactly how because the Republicans in Trump's orbit haven't testified yet but this is all somehow Trump's doing. Once the Mueller Report comes in, Trump and his entire criminal family ARE GOING TO JAIL!!11. You can trust me on that one!
            • by Ogive17 ( 691899 )
              Everything in politics is a conflict of interest. Even our local sheriff election has drama surrounding it.
            • Given the current US political climate, everyone has a conflict of interest.

      • Yeah. I the app isn't the major problem here. It's the entire process. From what I've read many of the local managers were of an elderly nature and didn't even have their own smartphone. Kind of the first thing you would have thought anyone would check if you want everyone to use an app.

        Probably the same kind of people who insist on saying application.

      • by petes_PoV ( 912422 ) on Thursday February 06, 2020 @06:27AM (#59697008)

        Kind of the first thing you would have thought anyone would check

        Nah. The biggest and longest running error that app designer/developers make is assuming everyone is just like them.

        From designing UIs that are "obvious" to them, using fonts that people with less than perfect vision find unreadable, colour schemes that they think are "cool", nonsensical or non-existent workflows, functions that do nothing useful except highlight how clever the author is with obscure features, documentation that only makes sense to the developer, assuming that everyone has (or only trying it on) the latest / fastest / biggest device.

        But worst of all, assuming that everyone is a native English speaker and understands deep technical terms ... just because thhe author does.

        • Yeah, I know this sort. "How can people know we made this configurable if we don't force them to configure it? Delete ALL the defaults!" "What do you mean number of minutes in an hour should be fixed? What if they redefine hour to be 62 minutes? This must be a configuration entry and it must be entered before you start your work!"

          Plus a documentation that lists every single function, option and object in alphabetic order, giving the type of data it accepts (but not what the input actually means), type of o

        • You are vastly over-complicating this. These are public votes done in an open forum, which get paper-checked afterwards. The candidates themselves had apps that their supporters were using to track how the evening was going.

          All the app was supposed to do was replace calling up a central office and reading vote counts to them. That's it.

          There's no UI or workflow or documentation or anything needed. This could have been a google form, and it would have worked just fine.

          List of candidates, space for how many v

      • by whitroth ( 9367 )

        That was not the problem - stop blaming someone older than you. The real problem is that they took $60k - that's sixty measly thousand dollars, and did it in three months, *and* DID NOT TEST FULL SCALE UNTIL HOURS BEFORE THE CAUCUSES.

        That's fraud. The company should be sued out of business, and the CEO tried and jailed for fraudulent representation that "oh, sure, we can do it for couch change in no time at all".

    • (I am a liberal)
      Sounds like the Democratic Party incarnate.

    • Well given the amount of time they were given, of course stress/load/synthetic tests (heck even probably unit tests) were left off the agenda. They probably were running late on the delivery and there is only so much human QA can achieve.
      • by PPH ( 736903 )

        They probably were running late on the delivery and there is only so much human QA can achieve.

        They should have given the project to the Boeing MCAS group. We all know how they are at delivering sound applications on tight delivery schedules.

    • by hey! ( 33014 )

      There's human factors to consider too -- what designers who get caught really screwing up call "human error".

      Who ends up running elections? Elderly retirees. Repositories of valuable wisdom and life experience, maybe, but not the most facile at picking up new technology. Their being hard to design for isn't *their* problem. It's yours.

      It's like in the Princes Bride; the one thing the Domingo Montoya wanted as a craftsman was a challenge, like make a sword for an 80 year-old man to fight a duel.

      • It's like in the Princes Bride; the one thing the Domingo Montoya wanted as a craftsman was a challenge, like make a sword for an 80 year-old man to fight a duel.

        The sword you are (probably) referencing was made for Count Rugen - the six fingered man - not an 80 year old man.

    • This wasn't an infrastructure failure. Report I read from one of the caucus managers trying to use it was that only half of the apple keyboard popped up, so they couldn't enter numbers properly.

      How the fuck does this feature OF THE PHONE OS work when tested one day, but fail on another???
    • by hey! ( 33014 )

      There was also a misstep in the security for the fall back system -- reporting results by phone. The phone line was overwhelmed by prank calls from Trump supporters.

    • I run into it in every job - somebody designed something wich works perfectly fine "in test" and is guaranteed to fail once it has to deal with 1000+ inputs. From file descriptor counts to using incorrect system calls and abstractions - there is a lot of roadkill on the information superhighway.

      The terrible part of all of this is that, apparently, the app was field-tested for the first time... one week prior to election day... and failed the test.

  • Yikes (Score:4, Interesting)

    by Aighearach ( 97333 ) on Thursday February 06, 2020 @02:48AM (#59696758)

    Oddly, they don't say they got permission to publish it, they say they waited until the CEO of Shadow confirmed it has been taken offline.

    They're publishing the full apk, in addition to decompiling it.

    This is not going to end well for Vice, unless they secretly got permission and don't want to admit it. There is no "fair use" in republishing the whole thing! Especially when the purpose is so people can decompile it.

    • in republishing the whole thing!

      But they're not republishing the whole thing!

      Without the backend, the app is just a front-end leading to nowhere. It can't work. It can't be stress tested. Very little of it can be tested at all. And most likely, the failure didn't occur at the front-end anyhow.

      With that said, since we don't have access to the backend, we might as well verify the front-end, just to make sure there is nothing funny going on there. I doubt we'll find anything though.

      • The DNC said THEY werenâ(TM)t planning on using it any longer. Shadow didnâ(TM)t say it had no other clients... state and local elections maybe? Iâ(TM)ve heard rumor RNC used it as well. This was not so harmless as posting some old end of life program.

    • Re: (Score:3, Insightful)

      by Entrope ( 68843 )

      There is no "fair use" in republishing the whole thing!

      Copyright law explicitly protects commentary and criticism of a work as fair use. In this case, it would be quite inadequate to provide commentary or criticism without considering the whole app. Good luck finding a court that agrees with your view of the public interest trade-off between commercial interest in, and commentary or criticism of, a tool that was intended to play a key role in a political nomination process -- and utterly failed at its job

    • Don't be in such a hurry. While yes, the law is on side of Shadow in this case, if you look at the broader image - it's unlikely they'll sue. For the simple reason that both sides come under severe scrutiny and get subpoenaed for a lot of stuff during such a lawsuit. And Vice would make sure the lawsuit is very, very public. And they'd publish every little dirty piece of evidence uncovered, even if it happened to be irrelevant to the case (which only becomes apparent in the discovery process; plausibility t

  • by Canberra1 ( 3475749 ) on Thursday February 06, 2020 @02:54AM (#59696764)
    Lets see how the lowest bidder won that tender. In the analysis it was not secure and written by beginners using a framework for rank amateurs. Cheaper won the day, and she selection criteria was not done in daylight either. Every time unreviewable unaccountable decisions get made, competent people anger at top level incompetence. Facebook, Google should not never be trusted go-to's in any election process. We do not yet know if the login could be tricked by defaulting to flawed crypto. But Wireguard is in time for the next election. As the process is sequential, a command line GUI'less app could have done it, or a form for fax machines or even emailed as a picture. Finding people with an IQ over 100 is another requirement in any position of trust.
    • by Mashiki ( 184564 ) <mashiki.gmail@com> on Thursday February 06, 2020 @06:44AM (#59697030) Homepage

      This is "inside man" tendering on a no-bid contract, you can bet your ass on it. The people related to the app, and the organization around it are all DNC insiders, and the people who work behind the scenes. This was a chance for someone to get a cash payout.

      • Re: (Score:3, Informative)

        by guruevi ( 827432 )

        Shadow Inc. was produced by Clinton campaigners and its parent company is owned and operated by Buttigieg staffers. Moreover, Shadow Inc. was paid by Buttigieg and Biden campaigns for undisclosed reasons.

        • by Dunbal ( 464142 ) *
          Yeah totally nothing to see there, move on... I'll just pay someone to write an app that will vote for me.
    • There was no bid, this was Democratic Party nepotism. This company was founded by high level Hillary 2016 staffers.

      "At the center of the confusion is an app reportedly built by a for-profit company called “Shadow Inc.” ... The LA Times notes that Shadow began life as Groundbase, which was founded by former Clinton 2016 digital campaign staffers Gerard Niemira and Krista Davis."
      https://techcrunch.com/2020/02... [techcrunch.com]

      When will the Democratic Party learn that the Clinton machine members have to g
  • Shadow? (Score:5, Insightful)

    by BanHammer ( 5567450 ) on Thursday February 06, 2020 @03:06AM (#59696786)
    Who came up with name?Were they trolling at a national level?
  • Why an app (Score:5, Informative)

    by llZENll ( 545605 ) on Thursday February 06, 2020 @03:17AM (#59696804)

    You literally enter 5 numbers, three of them being passwords. Why the hell is this an app? Just make a fucking webpage.

    • too cheap.

    • Web pages were never meant for tiny screens. That said I always use desktop mode in my mobile browser.

      • That's why you do <meta name="viewport" content="width=device-width, initial-scale=1"> on modern web pages, after you make sure they resize the elements in a way that makes sense and use css media tags to handle it if it doesn't.
    • by Zemplar ( 764598 )

      You literally enter 5 numbers, three of them being passwords. Why the hell is this an app? Just make a fucking webpage.

      If I had a million mod points, you'd have them all. Exactly this.

    • Apps these days are webpages...
    • Well it's for a caucus, which is generally an in person event. There was probably something (hackable) to verify where the person was caucusing. Websites can't do that nearly as well.

  • by jandoe ( 6400032 ) on Thursday February 06, 2020 @03:19AM (#59696808)

    Since no one is going to read the actual article... They are saying that the app worked fine but whey they tried moving data from their system to the Democratic Party quality control system they formatted in the wrong way and it got rejected. So yeah, they didn't do end-to-end testing and one step of the process failed.
    They also say that the logic to calculate the number of delegates was in the app. For me it's also strange. Why put any logic in the app? Why not just send number of votes?

    • Re: (Score:3, Insightful)

      Because it does not matter who votes. It matters a great deal WHO COUNTS the votes. Sure, they could have just sent the votes on. But obtaining the power of counting the votes was the whole idea.
    • Re: (Score:2, Informative)

      by Anonymous Coward

      Because of the caucus process. The app was helping the local organizers by calculating who was below the 15% mark so they could realign to those above 15%.

      They could have let the central server do that part, but that would require interactions with the central server during the actual caucus process, not just for counting the results.

      Or they could have left out the helpful bit, but since the helpful bit actually worked, that seems like a loss.

    • by Dan East ( 318230 ) on Thursday February 06, 2020 @08:08AM (#59697160) Journal

      Thank you for pointing that out. The fact that it was a dedicated app of some kind has nothing to do with this. If the front end had been a webpage the same issue would have occurred - the problem was totally on the back end. In the article, I find comments like this to be pointless...

      "...the app was clearly done by someone following a tutorial. It’s similar to projects I do with my mentees who are learning how to code," Rahjerdi said. "They started with a starter package and they just added things on top of it. I get deja vu from my classes because the code looks like someone Googled things like 'how to add authentication to React Native App' and followed the instructions," Rahjerdi said.

      So what was he expecting? This is a trivially simple data entry app. Was he expecting them to create their own compiler language and libraries, so that it looked totally foreign and unfamiliar to him compared to anything else? I mean who doesn't create an app in an IDE using one of the starter templates and build off that? I guess people as brilliant as him always start totally, completely from scratch and invent everything they need as they go. I especially liked this part "'how to add authentication to React Native App' and followed the instructions" because obviously he wanted them to invent their own authentication method. LOL

      • Was he expecting them to create their own compiler language and libraries, so that it looked totally foreign and unfamiliar to him compared to anything else? I mean who doesn't create an app in an IDE using one of the starter templates and build off that? I guess people as brilliant as him always start totally, completely from scratch and invent everything they need as they go. I especially liked this part "'how to add authentication to React Native App' and followed the instructions" because obviously he wanted them to invent their own authentication method.

        Entirely agree. Skipping over the testing/deployment debacle, having a gaggle of security pros come in after the fact to take a couple free whacks at the dead horse is ... bizarre. Not a good look guys.

  • by BytePusher ( 209961 ) on Thursday February 06, 2020 @04:58AM (#59696880) Homepage
    This is smoke and mirrors. The app also includes the backend, which is more important to voter trust than this shell of an app they are publishing.
  • And I'll bet CEO Gerard Niemira walks away unscathed and millions richer.
  • They say one of the problems was that Shadow sent the data to the IDP in a format the IDP's side rejected. I'm curious as to what that format was, and why it was rejected. Did they leave a column or header off a .csv? Did they send a .xlsx when the IDP was stuck in the past, looking for a .xls? Who designed the IDP's side? Why wasn't this found during testing?
    • by rho ( 6063 )

      Oh, you know it's a CSV file. Probably going into an Access database running on Win98.

  • These issues only prove what a lot of us have always said: If you want people to trust your election, use paper ballots and a transparent process. E-voting, apps, and technology remove the tangible element of the vote and replace it with an opaque system that's impossible to fully secure.

    I question the ulterior motive of anyone who tries to convince me that electronic voting systems are the ideal for holding trustworthy, fair elections. If you don't question them, it's probably time for you to reread Orwel

  • How does third party fiber force your customers to reboot?

  • by Targon ( 17348 ) on Thursday February 06, 2020 @10:32AM (#59697702)

    There is a huge issue going on with Iowa, and it has NOTHING to do with the app. The app is just an excuse the DNC is using to delay putting out the results. The caucus process isn't like your typical election. You have each station, but the way you have it public means that at every stage, supporters for each candidate are there to see the official numbers. If the person in charge of the location is playing with things, that is one issue, but you have first round numbers, they see how many people are supporting each candidate, then the supporters of non-viable candidates then have the option to switch to another candidate in the hopes of helping that candidate become viable or to just go home. The second round results are recorded, and again, non-viable candidates are written off, getting nothing for that location.

    The ONLY place the app comes into play is in the reporting from whoever runs the location to the Iowa Democratic Party. Yes, there were clearly bogus results, but at each station, the actual number of people voting for a candidate was done locally, and the only possible thing to check is the exact number of delegates awarded to each candidate at that location(so if it was Pete with 5 and Sanders with 5, that could potentially be wrong, so checking the MATH from each location might be needed, but the actual numbers of people who sided with a candidate in first or second round should be fully documented, and no app should be able to change those numbers. A reporting app should only report, and not do ANYTHING else, because it isn't being used as a calculator to decide who wins.

    Honestly, a spreadsheet could easily have been set up, put in the numbers, bingo, there's your numbers. App has zero to do with ANYTHING. The Iowa Democratic Party is looking for a way to hand pick the candidate and allow Hillary fans to decide who wins in 2020, even when Hillary isn't running.

It is clear that the individual who persecutes a man, his brother, because he is not of the same opinion, is a monster. - Voltaire

Working...