Full Disclosure: I am the co-chair of the Communications Committee of the International Academy of Web Television as well as one of the candidates for election to the Board of Directors. However, the opinions expressed here are entirely my own.
It was announced this morning that due to flaws discovered in the IAWTV online voting system for the Board of Directors elections, the current election process was nullified and a new election process will take place from the beginning. Though it is still too soon to tell how the membership as a whole is going to process this news, I can personally say that the news definitely came to me as a double-edged sword and I had to consider which side of the blade I would let cut the deepest.
Side one: as a candidate, the process of any election is a stressful one. If you are extremely passionate about what you are running for, which I am, you spend a considerable amount of time analyzing your every action and every word you put out into the world, because you want so badly for it to accurately portray yourself and and how you hope to serve the organization and the members of it. It’s an exhausting process on the first go-around, not to mention having to do it a second time wondering if you should/would change anything if you had it to do over again.
Which leads to side two: this is an opportunity, not a setback. This is only the second election process the IAWTV has gone through and this go around, several key issues became heavily discussed at points in time where it seemed they were being brought to light after-the-fact. The largest issue being the lack of candidate options from outside LA and NY or International candidates.
Obviously, the thing that should not change this time around is that the most qualified candidates should ultimately take office regardless of location. But perhaps someone in Omaha, Nebraska or Llanfairpwllgwyngyllgogerychwyrndrobwllllantysiliogogogoch, Wales (yes, it’s a real place) is infinitely passionate about telling stories on the web, or editing content for the web, or sound designing for the web, and especially for seeing us work together to grow legitimacy for this space.
Now is your chance.
There are of course a lot more discussions that may spring out of this, including the fact that the flaws in the system were discovered in part by someone taking the time to try to cheat the system in the first place. That is indeed unfortunate and something that should make the organization wiser in the future but let’s not take this opportunity to focus on finger-pointing and witch-hunting and instead move forward to make our second go-around fairer and stronger. Not to mention get this Board fully-formed so we can all get back to work!
Jenni -
Do we know that the person who discovered the vulnerability was trying to rig the election? It seems to me (based upon everything that I’ve heard) this was not the case. As I understand it, a technically proficient member curious about election security probed the system for vulnerabilities, found them, and reported them almost immediately. If this person had actually wanted to cheat or rig the election, given the small size of our organization (and therefore the small voting pool), it would have been easy to do so without anyone knowing. The fact is was reported rather than exploited says, to me, that the intention was not to cheat but rather to expose vulnerabilities.
We should not make the mistake so many governments and big corporations do when security problems are discovered. Many reactionary, non-technically-minded organizations brand those people who explore and expose security issues as criminals and hackers (with a bad connotation, not a cool one) when, in fact, these very people are improving our security and protecting our important processes by exposing vulnerabilities.
Until it is definitively proven someone was trying to rig votes (which, again, is an accusation wildly contrary to everything I’ve heard), I believe it is wrong-headed to state or even imply that the person who discovered and, again, *quickly reported* the issue was trying to cheat. Rather, it seems to me, this person was trying to ensure a sound election.
Otherwise, I agree with you – this is an opportunity for us to learn and grow. It seems we and the IAWTV have lots of these
Some of my best friends are hackers, it would deeply sadden me if anyone believed I was trying to incriminate anyone especially as members of a field I actually greatly admire.
The fact of the matter is that duplicate votes were discovered in the process of looking over the system. Whether these were entered maliciously or by complete accident is a matter of debate. But I think as an organization, we would be naive to not at least keep in the backs of our minds that for whatever reason, whether done with good intention or not, the time was taken to try to cheat the system and they succeeded. That was the point I was trying to get across.
Thanks for the clarification, Jenni. I learned about the issue in a different manner (more as I described it). It seems clear the vulnerabilities were detected from multiple directions.
It should be said as well that duplicate votes, even from a duplicate IP, given the system we were using and its limitations, do not necessarily indicate someone was trying to game the system – it could as easily have been a mis-vote, a duplicate submission (if timestamps are close together) or even someone who voted again after forgetting they voted the first time (especially on a machine automatically set to clear caches/cookies on a set schedule, as mine is), or even two members who share the same computer and voted the same (there are numerous couples and roommates in our organization). Or, it could, as you suggest, be deliberate tampering. Hence the need to upgrade to a more robust voting system.
Anyone who has spent 5 minutes on the Internet, really it only takes 5 minutes, knows that if you delete your cookies you can revote in most online surveys. It doesn’t exactly take Zero Cool to figure out how to do that.