This weekly roundup thread is intended for all culture war posts. 'Culture war' is vaguely defined, but it basically means controversial issues that fall along set tribal lines. Arguments over culture war issues generate a lot of heat and little light, and few deeply entrenched people ever change their minds. This thread is for voicing opinions and analyzing the state of the discussion while trying to optimize for light over heat.
Optimistically, we think that engaging with people you disagree with is worth your time, and so is being nice! Pessimistically, there are many dynamics that can lead discussions on Culture War topics to become unproductive. There's a human tendency to divide along tribal lines, praising your ingroup and vilifying your outgroup - and if you think you find it easy to criticize your ingroup, then it may be that your outgroup is not who you think it is. Extremists with opposing positions can feed off each other, highlighting each other's worst points to justify their own angry rhetoric, which becomes in turn a new example of bad behavior for the other side to highlight.
We would like to avoid these negative dynamics. Accordingly, we ask that you do not use this thread for waging the Culture War. Examples of waging the Culture War:
-
Shaming.
-
Attempting to 'build consensus' or enforce ideological conformity.
-
Making sweeping generalizations to vilify a group you dislike.
-
Recruiting for a cause.
-
Posting links that could be summarized as 'Boo outgroup!' Basically, if your content is 'Can you believe what Those People did this week?' then you should either refrain from posting, or do some very patient work to contextualize and/or steel-man the relevant viewpoint.
In general, you should argue to understand, not to win. This thread is not territory to be claimed by one group or another; indeed, the aim is to have many different viewpoints represented here. Thus, we also ask that you follow some guidelines:
-
Speak plainly. Avoid sarcasm and mockery. When disagreeing with someone, state your objections explicitly.
-
Be as precise and charitable as you can. Don't paraphrase unflatteringly.
-
Don't imply that someone said something they did not say, even if you think it follows from what they said.
-
Write like everyone is reading and you want them to be included in the discussion.
On an ad hoc basis, the mods will try to compile a list of the best posts/comments from the previous week, posted in Quality Contribution threads and archived at /r/TheThread. You may nominate a comment for this list by clicking on 'report' at the bottom of the post and typing 'Actually a quality contribution' as the report reason.
Jump in the discussion.
No email address required.
Notes -
Wowza. Faked registration forms had correct names,addresses, DOBs, SSNs, Driver's License numbers, and phone numbers, but told detectives they didn't send it and that wasn't their signature. Detectives aren't usually coming around and asking about registration forms.
Also, they notified two other counties, who then both found forms with similar issues? Did they maybe then notify the rest of the counties, one would hope? And did the two counties catch the fakes on their own, or only after being notified? I'm curious...
Either way, scary. Even scarier that I suggested this in a comment here earlier asking about how to create disruptions.
I don't understand the middle step here. If you put the correct address on it, doesn't the actual voter get the absentee ballot rather than the bad guy.
What goes in step 2? Do you have to stake out the mail and try to nab the ballot on the way there? At scale?
Seriously, I'm not trying to be too skeptical here, since (1) is already sketchy, but realistically is there a plan here?
So, I had suggested this in response to someone asking about ways to disrupt the process rather than accomplish actual fraud, and so I tossed it out there with that in mind, thinking that the investigations and sorting of good from bad ballots post-hoc would be a wrench in the gears to sow discord. Application to successful fraud with this method would be somewhat limited.
However, in Pennsylvania any registered voter can "Vote In Person By Mail Before Election Day" by providing a valid Penn driver's license number--not a license, but a number--in person at a designated location, and apply for, receive, complete, and submit a ballot all at one time. Problems with this approach are that 1) in-person limits the number you can crank out to one per visit; 2) employees at the designated locations are finite in number, so while you could maybe get away with a couple visits depending on the size of the office, even that would be pushing it, and 3) if those voters ended up trying to vote on Election Day, they wouldn't be able to because a ballot had already been submitted in their name--which is fine for chaos, but not good for successful fraud. The latter of those could perhaps be gotten around if the fraudster limits themselves to inactive voters, but would require eithier getting really lucky none of them pick this year to become active or somehow having knowledge they won't, like perhaps knowing they're dead or have moved states. Alternatively, an associate in the Clerk's office would make things a lot easier.
Generally speaking, though, I think for successful fraud you'd be almost better inventing voters from whole cloth.
I agree there is a kind of DOS attack here where a bad actor can sow chaos. I think we also agree that this probably wouldn't work at any kind of scale or reliability.
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
Where did you see this? The only thing I saw from the linked article was:
It’s a few paragraphs down the Fox 43 article.
More options
Context Copy link
More options
Context Copy link
Scary indeed, but for the sake of completeness, let’s wargame the putative fraudster’s next steps.
Plan A: Pick up a bunch of mail-in ballots from the county clerk, fill them in with the details of the “voters” whom you have fraudulently registered, and mail them in/drop them off. This plan hinges on the ability to collect an arbitrary number of blank mail-in ballots: if ballots are (for example) only mailed to the address of registration, this plan is a no-go. Does anyone know if this is the case in PA?
Plan B: On Election Day (or during the ~2 weeks prior, if early voting is a thing), hit up a bunch of different polling stations and vote multiple times, posing as a different fraudulently-registered voter each time. Obviously this is much easier in the absence of mandatory voter ID. Also, if the voter you are impersonating actually registers and votes (perhaps on the same day, in places where that is allowed—again, PA?), you risk blowing the whole operation.
I don’t mean to suggest that the potential failure modes of such a scheme mean that potential voter fraud is no big deal—it absolutely is. But simply fraudulently registering voters is only one piece of the overall theft of an election. Vigilance at other stages of the process can, in theory, head off obvious cases of fraud.
Then again, the fact that these false registrations were so sophisticated and were only caught so late in the game should perhaps be Bayesian evidence of just how much “vigilance” actually exists in practice.
For plan B, even without voter ID, you're limited by the number of people in on the fraud. A single person would be only able to vote a couple times in a day. Ten, maybe? I can imagine a conspiracy of one or two people doing this, but it becomes much more risky the more people you have doing it.
Plans similar to A seem much more manageable, but do any jurisdictions allow you to pick up unfilled ballots in bulk?
More options
Context Copy link
In Washington state at least you can print the ballot from your home computer if you claim that the one mailed to you was lost or ruined. You can even have it printed with selections you make online: https://wa.omniballot.us/sites/53033/site/app/ob/ballot/mark
I can't find any evidence that this is the case in Pennsylvania.
But also what are the security measures? I doubt there's anything like a cryptographic signature or even a hologram, or even a ballot ID that you can't easily guess or look up. Likely you'd just need the right paper stock and a decent printer and you could create passable mail in ballots. You already have all of the identifying information you need. The only hitch is maybe the people at the addresses you used would send the ballots back and the elections office would catch on, but maybe most people just aren't so concientious that they'll return to sender rather than throw it away.
Printer manufacturers make it so that printers fingerprint themselves on anything that's printed (as requested by the feds), with a pattern of dots imperceptible to the human eye acting as the identifier. So you could see if there's a third party printer printing hundreds of ballots, and then track it to the purchaser.
You can acquire printers that don't do this, but if you found a bunch of ballots lacking the identifier, I'd consider it a strong sign of fraud.
I thought that the identifiers are only on color printers (and maybe only inkjets?). So black & white lasers are generally safe.
You can also similarly encode the printer's identity (and all the metadata associated with the print job--time, originating user, document name, local network information) into the depth of grays on the printout, edge noise, kerning, and probably a thousand other things. No confirmation by manufacturers or the government that that's done, but the yellow dot trick has been around for decades, and I would be very surprised if there haven't been significant advances implemented since then.
I wouldn't trust any printer made in the last two decades for printing anything you don't want traced back to you.
Interesting... I have to go return some videotapes.
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
Knowing what printer was used isn't that much of a threat if you plan around it. People leave out perfectly good printers on the street when they move. They sell them in yard sales without taking ID. Collect a few without being traced, print the fraudulent ballots, then dump them somewhere.
Also wonder how hard it would be to hack a printer to change the dot pattern it imparts.
I imagine the dot pattern is probably pretty hard to hack--AIUI, it was created to make tracking money counterfeiters easier, and the US government definitely takes counterfeit cash seriously.
More options
Context Copy link
It would help for identifying the ballots as fraudulent, at least, unless someone only printed a few ballots per printer.
As far as hacking a printer, it's a question of how much of the steganography is implemented in software vs physical components. At least the printer identity could be done with just physical components.
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
If any of the polling stations are compromised you can just directly add the fake votes there.
Adding fake votes greater than the number of registered people is risky. But if you know you have a bunch of leeway with registered voters that can't possibly vote ...
More options
Context Copy link
You can't register day-of in PA; registration has closed for this election.
First time voters are required to show ID, but it doesn't have to be a government issued ID - school IDs count, for instance.
Our "early voting" is basically picking up a mail-in ballot at certain locations and then immediately sticking it in the mailbox there. I'm not sure if an ID is needed for that or not, though. Our early voting stuff is weird.
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link