▼ Iowa’s caucus fracas shows we’re still too ignorant about how apps work

By now you probably know the broad outlines of what went down in Iowa on Monday night: a hastily built, poorly written, badly distributed, slipshod app crashed and the Iowa Democratic Party utterly failed to plan sufficient backup solutions, delaying the reporting of caucus results. The web was awash with postmortems yesterday and rightly so. It's not the absolute worst way to kick off real voting in the 2020 presidential election, but it's within spitting distance of it.

The votes themselves are secure — thankfully there are paper backups for everything — but our sense of election security has been shaken again. The fiasco has opened the door to conspiracy theorists and bad actors who want to call this and future results into doubt. Some of that frankly irresponsible speculation came from major cable news outlets trying to fill the dead air the very night of the caucuses.

Shadow's CEO finally gave an interview late last night to Bloomberg:

"I'm really disappointed that some of our technology created an issue that made the caucus difficult," said Gerard Niemira, the CEO of political technology company Shadow Inc., in his first interview after the caucus. "We feel really terrible about that."

You're not the only one who feels terrible, bub.

But the thought that keeps running around my head is simply this: it should have been obvious that the app would fail. The warning signs were manifold, both before the voting started and the day of the caucuses.

I'll explain why after the links.

- Dieter

Coronavirus

It's not looking great for the biggest mobile phone show of the year, Mobile World Congress, which is set to take place in Barcelona this month:

└ Coronavirus pushes ZTE to cancel its press conference at the year's largest phone show

└ LG Electronics is withdrawing from Mobile World Congress due to coronavirus

└ iPhone maker Foxconn will stay shut in China for another week at least

└ The new coronavirus is not an excuse to be racist


Ad from our sponsor

More on Google

└ Google admits it sent private videos in Google Photos to strangers

Google's note on this seems wildly insufficient. At minimum, people should be informed exactly what videos of theirs were accidentally provided to other users.

└ Google has paid Android developers about half of what Apple has

In yesterday's newsletter I was a little sloppy and quoted an old number from a story for Apple's developer payouts ($120 billion) instead of more clearly citing the newer one ($155 billion). A couple of readers wanted me to expand on the reasons for the gap between Apple's number and Google's $80 billion, specifically that Apple's number included money distributed in China while Google's doesn't. Fair, but I don't know if that difference really makes up the gap for Android developers — the overall point still stands that despite Android's larger numbers, there still seems to be more money in making iPhone apps.

└ Creators finally know how much money YouTube makes, and they want more of it

Here's that promised analysis of YouTube's $15 billion revenue number from Julia Alexander.

More from The Verge

└ Dyson patent application imagines building an air purifier into headphones

When all you have is a hammer...

└ Nvidia's GeForce Now finally leaves beta, challenges Google Stadia at $5 a month

└ Google Fiber is dropping its TV package to focus solely on high-speed internet service

We talk a lot about how the central problem with broadband access is the lack of fiber cable infrastructure. Google Fiber's travails are a good example of how hard it is to actually get that done. Nick Statt points out that Google was paying much higher fees to get access to TV content than other broadband providers who also just happen to be cable companies, which is another limiting factor to new players trying to lay fiber that I hadn't considered.

└ Netflix's new original series commands viewers to click through to the next episode

Ashley Carman is one of the world's best reporters on how seemingly small product decisions influence personal behavior and — in this case — culture. It's absolutely wild to think about how multi-million dollar productions feel pressure to adopt the same tropes that YouTubers use to engage their audiences as a way to boost their chances in the algorithm.

A source familiar with the show says the shoutouts were a creative decision rather than a Netflix-required one, which could speak to the pressure creators feel when competing within Netflix itself and against other original series.

Verge Deal of the day 

Samsung's 15.6-inch Chromebook 4 is only $279.99 at Amazon

The 15.6-inch version of Samsung's Chromebook 4 is down to its lowest price on Amazon. Normally $349.99, it's $279.99 right now. This model was introduced in late 2019, and it served as a successor to the woefully outdated Chromebook 3. It's a great value as far as Chromebooks are concerned. You'll be getting a laptop with a sizable 1080p display, a modern design, USB-C charging, and 6GB of RAM.

Samsung also makes an 11-inch version of the Chromebook 4, though with just a $50 price difference, you're better off avoiding its 720p display (not to mention its egregiously thick bezels) and going with the bigger model that's on sale right now.



Iowa's caucus fracas shows we're still too ignorant about how apps work

"It should have been obvious that the app would fail" is not exactly a keen insight, but the reason I can't stop thinking about it is that even in 2020, too many people are weirdly deferential to the idea of an app. We've gotten wiser to misinformation on social networks, concerns about privacy violations, and even encryption, but we are still pretty dumb about how cloud computing and apps actually work.

If somebody told you their summer project was building a kit car, you'd have a sense of how much work that entails and how likely that person would be to succeed. But we don't seem to have built up a similar sense of scale for apps. I don't think everybody needs to "learn to code," but I do think we've done a terrible job with literacy about code.

I'm not here to call anybody ignorant, but it seems clear to me that the leadership of the Iowa Democratic Party not only didn't know about how apps work, but it didn't know what it didn't know and preferred not to.

Below is a not-so-brief and nevertheless incomplete list of warning signs that I think anybody conversant with computers should have recognized as a red flag. I don't mean they should have recognized exactly why exactly each thing was wrong, but that they should have had the sense of tech scale to see that urgent questions needed to be asked and expertise sought out. These should have been emergency-brake moments, especially with an election at stake:

  • The consulting group that made the app, Shadow, was paid just over $60,000 to develop the app, far less than it should actually cost to develop.
  • The party insisted on "security through obscurity," arguing that talking about the app too much would give hackers a heads-up to attack it.
  • The app was rushed out so quickly it had to be distributed via two platforms mobile developers use to beta-test their software, TestFlight and TestFairy.
  • Installing an app via these methods is not simple even for savvy users, and having voters install it on their personal phones has security implications that I can't even begin to enumerate.
  • The app required two-factor authentication (good!), but the instructions were apparently not sufficient, leading to yet more frustration. The New York Times reports that "some [precinct chairs] also took pictures of the worksheets they had been given — the PINs fully visible — and tweeted them out in frustration. Had the app worked, the information might have given trolls or hackers a chance to download the program and tamper with it." Yikes.
  • What's more, as Nick Statt notes, "the app was distributed using the TestFairy platform's free tier and not its enterprise one. That means Shadow didn't even pony up for the TestFairy plan that comes with single sign-on authentication, unlimited data retention, and end-to-end encryption."
  • Shadow itself reportedly didn't have the coding chops to pull off the app in the first place, especially on such a tight timeline. How carefully was this outfit vetted?
  • The whole ecosystem of tech for campaigns is dysfunctional in the first place, with the wheel getting reinvented every four years and widespread distrust in publicly available tools. Here's an eye-opening Twitter thread about the issue.
  • Shadow's previous products caused alarm among security experts. That includes members of the Biden campaign, which ended its partnership with Shadow after its texting platform "did not pass our cybersecurity checklist," a Biden staffer tells the NYT.
  • The app itself wasn't stress-tested, and the errors it showed on election night were singularly unhelpful, as Motherboard reported.
  • Local volunteers realized the fiasco was coming and the party didn't adjust to open up more phone lines to accommodate the change.

I remember all of the drama and concern around Diebold's election machines in the early 2000s. I remember the distrust and the widespread call for paper ballot backups. Luckily, Iowa at least learned the latter lesson.

But the difference between then and now is that our understanding of computing has moved from discrete machines to the cloud and apps. Computing has become so diffuse and the language around it so arcane that it's easier to just see it all as [waves hands] "cloud stuff." Companies have taken to calling your laptop "the intelligent edge," for heaven's sake!

What that means is that when it comes to integrating, securing, and trusting technology in our elections, there is a huge miasmic cloud of "tech stuff" to worry about, and it's all too easy to just assume somebody else is handling it. Knowing the basics of how apps get installed on phones and interact with the cloud is no longer the stuff of expert coders, and we need to raise our expectations for basic literacy on that.

We shouldn't expect everybody to know how to navigate the tech maze, but at the very least we all need to do a better job of knowing when to stop and ask for directions.

(p.s. I know "caucus" and "fracas" don't technically rhyme but I couldn't help myself.)

You are reading Processor, a newsletter about computers by Dieter Bohn. Dieter writes about consumer tech, software, and the most important news of the day from The Verge. This newsletter delivers about four times a week, at least a couple of which include longer essays.

If you enjoyed this email, please feel free to forward to a friend. You can subscribe to Processor and our other newsletters by clicking right here and here is an RSS feed. You can also follow Dieter on Twitter: @backlon.

Processor is also a video series with the same goal: providing smart and surprising analysis with a bit of humor (there will be dad jokes). Subscribe to all of The Verge's great videos here - please do!

Facebook
Twitter
Instagram

Vox Media has affiliate partnerships. These do not influence editorial content, though Vox Media may earn commissions for products purchased via affiliate links. For more information, see our ethics policy. View our Privacy Policy and our Terms of Service.

This email was sent to theverge.com@quicklydone.com. Manage your email preferences, or unsubscribe to stop receiving this email.

Vox Media, 1201 Connecticut Ave. NW, Washington, DC 20036.
Copyright © 2020. All rights reserved.

No comments:

Post a Comment