Journal Journal: Hacking the WA State Democratic Caucus
The WA State Democratic Caucus has definitely been infiltrated by Republicans and most likely also infiltrated by those not elligible to vote. Republicans can go if you "consider yourself a Democrat" that day. As a Republican myself, my natural instinct is to do some security testing in this forum, esp. one as full of holes as this, but since my wife is a real Democrat, I had to behave myself and observe.
The setting is a suburban middle school on a Saturday afternoon. The turnout was huge, and there was also a basketball match scheduled at the same time. This was a minor inconvenience for both crowds in terms of parking space. Once inside, there was no structure - you had to ask random people what to do, and only a few people per precinct actually tried to explain the process. The only sign-in was a piece of paper, and there was no id check. Also, unlike election day voting, there is no voter registration sheet to cross-reference with your sign-in. Once the thing started, our precinct leader, wearing no identification, pulled us (~30 people) into the gym to occupy vacant bleachers next to spectators watching the basketball game.
We were then separated into groups according to which candidate we supported. Late arrivals kept trickling in, so it took a while to settle. There were 4 precinct delegates at stake that would represent us at the next round. Initially, there were 2 for Obama, 1 for Clinton, and 1 undecided. On of the more vocal Clinton supporters tried different tactics to convince the undecided voters to switch to Clinton. His first tactic was to assure them that it is ok to send an undecided delegate to the next level. That delegate would keep the debate open and ultimately decide. The undecided people definitely didn't like that, because they did not really know how the person they select would base any decision at the next level. His next tactic was to convince the undecided to add their votes to Clinton to send 2 delegates for Obama and 2 for Clinton (since both were such great candidates). This didn't work as intended, because the undecided individuals ultimately split between Clinton and Obama, leaving Clinton with 1 delegate and Obama with 3.
The main take-away for me is that there are ample opportunities to engineer the system:
- Spoofing
- This is easy. You can spoof a registered voter. The precinct leader is known by other precinct leaders, so it would be hard to do anything here.
- Tampering with Data
- The best results here are achieved by convincing others to either make up their mind or change their opinion. Since the process is unfamiliar, it is easy to do some social engineering - as evidenced by the fellow Clinton supporter.
- Repudiation
- Sign in sheets are not well-guarded. However, even if you were to take one, it wouldn't affect the outcome of the voting. In theory, these sign-in sheets can be used to validate the voting, but people can change their minds later on in the process.
- Information Disclosure
- Your signatures and voter addresses can be copied from the sign-in sheet. This information is not well guarded.
- Denial of Service
- Since the premises are so disorganized, you could redirect precinct members to another location to vote and not have those votes count. It would be hard to detect within the timeframe, since many people don't know the process and have never attended a caucus before.
- Elevation of Privlege
- This was exploited by many Republicans. I had no idea Obama was so popular among obvious upper middle class White Anglo-Saxons over 40 years old. Also, a statistically high number of high school kids were voting in my district. Since ids are not checked, it is conceivable to elevate foreign nationals and other not elligible to vote. In my case, basketball spectators could also scoot over a few feet and start voting - they didn't do this.
