site banner

Culture War Roundup for the week of May 27, 2024

This weekly roundup thread is intended for all culture war posts. 'Culture war' is vaguely defined, but it basically means controversial issues that fall along set tribal lines. Arguments over culture war issues generate a lot of heat and little light, and few deeply entrenched people ever change their minds. This thread is for voicing opinions and analyzing the state of the discussion while trying to optimize for light over heat.

Optimistically, we think that engaging with people you disagree with is worth your time, and so is being nice! Pessimistically, there are many dynamics that can lead discussions on Culture War topics to become unproductive. There's a human tendency to divide along tribal lines, praising your ingroup and vilifying your outgroup - and if you think you find it easy to criticize your ingroup, then it may be that your outgroup is not who you think it is. Extremists with opposing positions can feed off each other, highlighting each other's worst points to justify their own angry rhetoric, which becomes in turn a new example of bad behavior for the other side to highlight.

We would like to avoid these negative dynamics. Accordingly, we ask that you do not use this thread for waging the Culture War. Examples of waging the Culture War:

  • Shaming.

  • Attempting to 'build consensus' or enforce ideological conformity.

  • Making sweeping generalizations to vilify a group you dislike.

  • Recruiting for a cause.

  • Posting links that could be summarized as 'Boo outgroup!' Basically, if your content is 'Can you believe what Those People did this week?' then you should either refrain from posting, or do some very patient work to contextualize and/or steel-man the relevant viewpoint.

In general, you should argue to understand, not to win. This thread is not territory to be claimed by one group or another; indeed, the aim is to have many different viewpoints represented here. Thus, we also ask that you follow some guidelines:

  • Speak plainly. Avoid sarcasm and mockery. When disagreeing with someone, state your objections explicitly.

  • Be as precise and charitable as you can. Don't paraphrase unflatteringly.

  • Don't imply that someone said something they did not say, even if you think it follows from what they said.

  • Write like everyone is reading and you want them to be included in the discussion.

On an ad hoc basis, the mods will try to compile a list of the best posts/comments from the previous week, posted in Quality Contribution threads and archived at /r/TheThread. You may nominate a comment for this list by clicking on 'report' at the bottom of the post and typing 'Actually a quality contribution' as the report reason.

10
Jump in the discussion.

No email address required.

I just did a search for "dar leaf dominion emails" and didn't find anything substantial. Care to share what you found?

There's a lot of documents, and it looks like the guy has been excerpting individual records as he encounters them to show them to various politicians. The whole tranche is currently up on his Twitter: https://twitter.com/SheriffLeaf/status/1769561564993192198

The documents show:

  • Source code modifications being made during deployment periods during an election - some firmware version needed to be changed, or some extra component needs to be attached at the last minute, or they suddenly need to disable parallelism on the SQL instance to keep concurrency bugs at bay, or whatever... They also talk about the software being able to receive OTA updates in places.
  • Serbian nationals accessing election infrastructure on election night (Dominion has had an office in Serbia for over a decade, where they employ many programmers; however, Serbia does not allow certain rigorous US background checks that should be standard for such employees. Presumably the access is related to bugfix work)
  • Emails that seem to indicate someone made an unauthorized access to Dominion backend systems several months before an election, from a suspicious location, on a company device or IP (extent or severity unknown, but may constitute a significant security breach?)
  • Some of the Serbia machines are behind on SQL server vulnerability patching by as much as two years (sort of a problem since their systems and testing would heavily utilize the affected SQL variants)
  • Numerous references to machines with modems installed, including some that failed acceptance testing for not having modems installed (again, plenty of good reasons for this in practice, but again, perjury)
  • The Serbians discuss sending election data over the internet as one of the use cases in a conversation about certificates
  • A long email chain showcasing the firmware programming process with a Taiwanese OEM (most computer manufacturing takes place in China or Taiwan, including firmware programming, so this isn't unusual, but it's laughably insecure)
  • Eric Coomer suggesting no VPN usage in Cook County systems for technical reasons (I like the proposed explainer where they talk about using unlicensed trial version of something and wiping the machine every 30 days to keep it installed) - seems like they eventually got a VPN up at the end
  • Eric Coomer opining on how Antrim county is full of angry conspiracy theorists, and also, gee whiz, how did that RTR misidentify the cartridges, I thought we fixed that
  • Testimony from some expert witness describing the aforementioned RTR misidentification, and how it could be utilized in conjunction with SQL database management software to trivially edit tallies without privilege escalation and avoid discovery at the end unless a total hand count was kept alongside the results (see https://twitter.com/SheriffLeaf/status/1769745766703374401)
  • Lots of "oh no, disaster, we suck" and "how can we paper over this mess to sell to customer" that I'm sure anyone in a customer-facing role at a tech company recognizes as business-as-usual
  • Numerous small firefighting cases where something didn't work right and Dominion has to cook up an explanation, occasionally beclowning themselves in front of the customer in the process, while everyone stands around waiting for the numbers to add up - a particularly noticeable instance revolved around some weird data duplication issue

It doesn't look like everyone (or anyone, really) at Dominion is twirling their moustaches and cackling as they disenfranchise the American people. It looks like they run like a standard tech company, which is to say all over the place, constantly fighting fires and doing the needful to get their sales. I'm sure 2020 was a complete nightmare scenario for these guys, where suddenly all their customers are radically transforming their deployments and doing novel, untested, gigantic-scale absentee and mail balloting.

But very clearly they're held together with duct tape and prayer in a lot of cases, which is about the opposite of what I'd like to see from critical election infrastructure. The glimpses of the architecture they have put together with all of these machines raises some significant doubts about the security of the enterprise, particularly if rank-and-file technicians can just go pop open the database manager and flip the counts around - surely this is the kind of thing that could be trivially accomplished if one could land a zero-day on any of the long-dated Windows 7 machines floating around in their customer base.

I'm told, with no particular means to corroborate this, that ES&S is about the same.

Thanks. I'll take a look. This sounds like another one of those data dumps that tries to impress by volume but which really contains very little actionable information. But the mere presence of it with the suggestion that it's important convinces motivated bystanders who never scrutinize it themselves. You would think that if there were damning evidence inside, someone would already be highlighting it, specifically.

It doesn't look like everyone (or anyone, really) at Dominion is twirling their moustaches and cackling as they disenfranchise the American people. It looks like they run like a standard tech company, which is to say all over the place, constantly fighting fires and doing the needful to get their sales. I'm sure 2020 was a complete nightmare scenario for these guys, where suddenly all their customers are radically transforming their deployments and doing novel, untested, gigantic-scale absentee and mail balloting.

Since I got downvoted for this skepticism, I think this is key part of the above explainer. Yeah, it sounds like routine software company patchwork, but it's a big leap from there to actionable claims of fraud. "Stop the Steal" is as dumb a mantra as "Most Secure Election Ever." They aim to convince through emotional appeal backed only by weak insinuations. For the kind of election fraud claimed by Stop the Stealers, you do need to find a couple of moustache-twirling villains intentionally changing vote counts through illicit means, not just the implications-without-accusations listed above.