Secondary thoughts on working yet another primary election

Tuesday had a lot in common with the four days I spent last year working as an election officer for Arlington County. Just as in March, June, July and then November, I staggered through a sleep-deprived day that started with a 5 a.m. arrival at the polling place and didn’t end until around 8:30 p.m. As in all of those elections except last March’s Democratic presidential primary, the day left me with a fair amount of downtime to fill with reading a book and chatting with my fellow poll workers. And once again, it felt deeply fulfilling to help my fellow citizens do their part to hire candidates for temporary, taxpayer-funded jobs.

Lillies bloom in the foreground, while the background shows election signs in front of a community center in Arlington, Va.

But since November 3, the subject of election security–a topic I’ve been covering on and off for most of the last two decades–has fallen prey to fever-dream conspiracy theories among Donald Trump followers who refuse to believe that the former president was fired by the largest electorate in American history.

I am tempted to give this post over to yet another rant denouncing those advocates of Trump’s Big Lie–as well as the sedition sympathizers in Congress who kept pandering to those dead-enders after the deadly riot at the Capitol January 6.

But instead, I will talk about my workday Tuesday. Here are some things you should know about how we did our part in Virginia’s primary elections, which I hope map with how elections are run wherever you may read this:

• Trust paper. Arlington uses hand-marked paper ballots that each voter feeds into a scanner that will read the ballot if it’s upside-down, right-side up, forwards or backwards. (We also have ballot-marking devices for voters with disabilities.) That paper trail then becomes part of the risk-limiting audit that Virginia now conducts after each election; the audit run after November’s election (but not reported out until March) confirmed that the votes as scanned accurately recorded how people marked their ballots. If your state is among the minority to still use “direct-recording” machines that leave no paper trail (hello, Texas), direct your ire at the elected officials who haven’t fixed that problem.

• Don’t confuse voter identification with TSA Pre. I checked in one voter who did not have a Virginia driver’s license but did appear in our poll-book app as a registered voter, and I saw other voters show up with the same scenario. That was understandable, as the Virginia DMV is struggling to catch up with a pandemic-inflicted backlog. It would be unconscionable to kick those people out of polling places when one government bureaucracy can’t issue ID cards fast enough while another has already confirmed their eligibility. I should note here that this voter brought their voter registration card; should you get stuck in this situation, bringing that other piece of paper will save a tired poll worker a little time.

• Expect software to fail; design for resilience. The most reassuring paper product I saw Tuesday was the printout of the entire pollbook for our precinct, which meant that we did not have to rely on our pollbook app to stay up all day. Fortunately, that software did work, by which I mean it functioned aside from the feature that was supposed to scan the bar code on the back of a Virginia driver’s license but instead failed at least nine out of 10 times in my experience.

• Check everything at least twice. My day started with opening packs of ballots and counting them, 10 at a time. Each shrink-wrapped pack should have held 100 ballots and did, but we checked that anyway–so that there would be no discrepancy between the number of ballots handed out and the number of voters checked in. We also verified each total at the end of every hour; each time, there was no surplus of voters or ballots. And then we made one last check after polls closed to confirm that we had handed out exactly one ballot per voter.

If the above sounds inefficient, you read this right. Election administration has to suffer some inefficiency to accommodate the conflicting demands of allowing voters secret ballots and yielding an auditable paper record. Deal with it.

Weekly output: TikTok (x3), Apple TV+, social-media satisfaction, AMC, TV metrics, NBCUniversal (x2), 5G flavors, Disney, Fox, tech journalism, Facebook and Twitter vs. Trump, Roku, Instagram Reels, election security, influence operations online

This week was kind of nuts. I knew I’d be busy covering breaking news in the mornings for my trade-pub client FierceVideo while one of their reporters was on vacation, but I didn’t factor in how many entertainment and TV companies would be announcing their quarterly earnings. This put a dent in my ability to follow the now-virtual Black Hat and DEF CON security conferences that, were this a normal year, would have had me in Las Vegas this week. (Hacker summer camp friends, I miss you too and will try to catch up on your talks over the next few days.)

8/3/2020: Microsoft gets Trump green-light to buy TikTok, FierceVideo

I started this week by writing a bit about the biggest story in tech this week.

8/3/2020: Apple TV+ comes to American Airlines flights, FierceVideo

Writing about this addition to AA’s in-flight entertainment gave me an excuse to get a few quotes from one of my favorite avgeek bloggers, Seth Miller.

8/4/2020: Survey Shows Facebook Barely More Satisfying Than Comcast, Forbes

I got an advance look at the latest report from the American Customer Satisfaction Index, allowing me to have this post up right as the ACSI published these findings.

8/4/2020: AMC’s second-quarter earnings could have been worse, FierceVideo

This was the first of four earnings stories.

8/4/2020: Time spent on TV viewing soars, says Samba, FierceVideo

My editor at Fierce pointed me to this study and asked if I’d heard of Samba TV; I said I had, and that a friend had tried to connect me with their CEO at CES last year.

8/4/2020: Layoffs loom at NBCUniversal, FierceVideo

I wrote up a WSJ report about pending layoffs for my third post of Tuesday.

8/5/2020: Thinking of buying a 5G smartphone? Finding your carrier’s flavor of 5G requires a taste for investigation, USA Today

We had to correct this column because I said a study released in May came out last year, an error I could only laugh about once it was brought to my attention.

8/5/2020: After a disaster movie of a quarter, Disney bets on Mulan, FierceVideo

The big news in Disney’s earnings call: It will debut Mulan in September as a $29.99 extra for Disney+ subscribers instead of sticking to a theatrical release.

8/5/2020: Fox forges ahead despite ad-revenue shortfall in Q4, FierceVideo

The optimism Fox executives voiced on their earnings call about sports returning this fall seemed unfounded at the time.

8/5/2020: Tech journalism, Lobsterclass

My friend Rakesh Agrawal (aka rakeshlobster on Twitter) quizzed me about the state of tech journalism and how startup founders might improve their interactions with the media for the latest in a series of product-management classes he began in May. Our Zoom chat got interrupted a couple of times by incoming WhatsApp calls that I couldn’t answer with “sorry, can’t talk right now” messages because my phone was already in use as my Zoom camera.

8/5/2020: Facebook and Twitter suppress Trump coronavirus video, Al Jazeera

The reason behind those calls: AJ’s English-language channel wanted me to opine about the two social networks taking down Trump shares of a Fox News video in which the president said children are “almost immune” to COVID-19. So at 11 p.m., I put my phone back on the tripod for yet another video call.

8/6/2020: Roku Q2: 43 million active accounts, $43 million loss, FierceVideo

I wrapped up my earnings coverage for Fierce by covering Roku’s quarter.

8/6/2020: First take on Instagram’s Reels: Yes, it’s a TikTok clone, FierceVideo

In addition to gathering quotes from a couple of analysts, I cobbled together my own art for this story by taking screenshots of Instagram’s new TikTok-ish feature.

8/7/2020: What becoming a poll worker taught me about securing the 2020 election, Fast Company

Security researcher and Georgetown Law professor Matt Blaze’s Black Hat keynote gave me an opportunity to share my own experience as a poll worker with a larger audience than this blog ever gets. We had to correct one error after posting; the National Vote At Home Institute, a non-profit whose CEO I quoted in the piece, is based in Denver, not D.C. as listed in its Twitter bio.

8/7/2020: From Russia With Lure: Why We’re Still Beset By Bots And Trolls Pushing Disinformation, Forbes

Stanford Internet Observatory researcher Renée DiResta gave an excellent keynote on day two of Black Hat about influence operations online and how China and Russia’s efforts compare.

8/7/2020: Trump issues executive order to ban business with TikTok, FierceVideo

I scrambled to get an explanation of what, exactly, Trump’s order would ban U.S. companies and users from doing with TikTok, and Public Knowledge’s telecom-law guru Harold Feld came through.

8/7/2020: NBCUniversal reshuffles entertainment leadership, FierceVideo

My week filling in at Fierce wrapped up with this recap of a reorg at NBCU.

8/9/2020: TikTok’s suitors, Al Jazeera

I usually don’t shave on Sundays but had to for this appearance on AJ’s Arabic-language channel to talk about why Microsoft and, reportedly, Twitter, might want to buy TikTok.

Things I learned from working a primary election

After more than 15 years of writing about voting-machine security, I finally got some hands-on experience in the field–by waking up at 4 a.m. and working a 16-hour day.

I’d had the idea in my head for a while, thanks to frequent reminders from such election-security experts as Georgetown Law’s Matt Blaze that the best way to learn how elections work is to work one yourself. And I finally realized in January that I’d be in town for the March 3 Democratic primary and, as a self-employed type, could take the whole day off.

I applied at Arlington’s site by filling out a short form, and about two hours later got a confirmation of my appointment as an election officer. (My wife works for Arlington’s Department of Technology Services but has no role in election administration.) A training class Feb. 11 outlined the basics of the work and sent me home with a thick binder of documentation–yes, I actually read it–and on March 3, I woke up two minutes before my 4 a.m. alarm.

After packing myself a lunch and snacks, as if I were going to grade school, and powering through some cereal, I arrived at my assigned polling place just before the instructed start time of 5 a.m. I left a little before 9 p.m. Here are the big things I learned over those 16 hours:

  • Yes, having people fill out paper ballots and scan them in works. I saw 500-plus voters do that while I tended the scanner in the morning, and none had the machine reject their ballot. There was confusion over which way to insert that ballot, but the scanner accommodated that by reading them whether they were inserted upside down, right-side up, forwards or backwards. (I wish more machines were that tolerant of human variances in input.) And at the end of the day, we had a box full of ballots that will be kept for a year.
  • The technology overall appeared to be of higher quality than the grotesquely insecure, Windows-based Winvote touchscreen machines on which I voted for too many years. This scanner was an offline model running a build of Linux, while the poll-book apps ran on a set of iPads.
  • The “vote fraud” rationale for imposing photo ID requirements is not only fraudulent, but photo IDs themselves are overrated. The state allows a really broad selection of public- and private-sector IDs—unavoidable unless you want to make it obvious that you’re restricting the franchise to older and wealthier voters—and our instructions required us to be liberal in accepting those. I didn’t see or hear of anybody getting rejected for an ID mismatch. (The one surprise was how many people showed up with passports; I quickly grew to appreciate their larger color photos over the tiny black-and-white thumbnails on drivers’ licenses.)
  • Asking people to state their name and address, then matching that against voter-registration records, does work. That also happens to be how voter check-in used to work in Virginia before Republicans in the General Assembly shoved through the photo-ID requirement that’s now been reversed by the new Democratic majority in Richmond.
  • You know who really loves high turnout? Election officers who otherwise have some pretty dull hours in mid-morning and then mid-afternoon. At one point, the person in charge of the ballot scanner busied himself by arranging stickers into a bitmapped outline of Virginia, then added a layer of stickers on top of that to represent I-95 and I-66. Fortunately, precinct 44 blew away past primary-turnout records with a total of 1,046 in-person votes.
  • The attention to detail I saw was almost liturgical. Every hour, the precinct chief did a count of voters checked in and votes cast to ensure the numbers matched; every record was done in at least duplicate; every piece of paper was signed by at least two election officers, and the overall SOR (statement of results) bore the signatures of all eight of us. We closed out the night by putting documents and records in specified, numbered envelopes, each locked with a numbered zip-tie lock; each number was recorded on a piece of paper on the outside of each envelope that was itself signed by two election officers.
  • Serving as an election officer isn’t physically demanding work, but it does make for a long day. We did have coffee delivered, but it didn’t arrive until 9 a.m., and nobody had time for dinner during the rush to close out things after the polls closed.
  • It’s also not the most lucrative work ever. My paycheck arrived Friday: $175, amounting to an hourly wage of $10.94. The value of seeing the attention paid to make democracy work and then watching more than a thousand people show up to exercise their rights: priceless.

Updated 3/23/2020 to fix some formatting glitches.

Weekly output: network security (x2), election security, Google finding Apple’s bugs

Now it can be told: I spent all of the last two weeks on the West Coast, with my stay in Las Vegas for Black Hat and DEF CON sandwiched inside time with my in-laws in California. That let me have a much shorter trip to and from Vegas and then segue from WiFi security to a little wine tasting and, more important, a lot of napping.

8/12/2019: WiFi can be a free-for-all for hackers. Here’s how to stop them from taking your data, USA Today

I e-mailed this to my editor with the following note: “I’m sending this over the DEF CON conference WiFi, so if you only see pirate-flag emoji I trust you’ll call or text to warn me.” If you don’t want to read all 600-ish words in this piece, the top three are “encryption is your friend.”

8/12/2019: This tech could secure voting machines, but not before 2020, Yahoo Finance

One of the big reasons I decided to stick around Vegas for DEF CON–even though it meant I’d have to pay $300 in cash for that conference badge–was the chance to see the exhibits and presentations at its Voting Village. The proceedings did not disappoint, even if a DARPA demo from a project with the delightful acronym of SSITH is far from yielding shipping voting hardware.

8/12/2019: Google got Apple to fix 10 security flaws in the iPhone, Yahoo Finance

Black Hat offered a two-course serving of Apple-security news. Its first day featured a briefing from Google Project Zero researcher Natalie Silvanovich about how her team uncovered 10 serious iOS vulnerabilities, and then its second day brought a talk from Apple security-engineering head Ivan Krstić that ended with news of a much more open bug-bounty program.

8/14/2019: This Morning with Gordon Deal August 13, 2019, This Morning with Gordon Deal

I talked about my USAT column on this business-news radio program; my spot starts just after the 13th minute.

Weekly output: new Macs, online absentee voting, Tech Night Owl, DuckDuckGo

LISBON–I’m here for my fourth Web Summit, which is also my third in a row to have me moderating panels and away from the U.S. during election day. I like this conference, but I’m missing the experience of casting a ballot in person on the big day. American citizens reading this: You will be doing just that Tuesday if you haven’t already voted early or absentee, right? Because if you don’t, you’re inviting the dumbest person in your precinct to vote in your place.

10/29/2018: Why it’s a big deal that Apple is finally updating its computers, Yahoo Finance

When I wrote this curtain-raiser post for Apple’s news this week, I didn’t factor in Apple charging so much more for memory and storage upgrades. I will try to revisit that topic sometime soon.

11/1/2018: Experts disagree on how to secure absentee votes, The Parallax

This article started as questions I had left over after writing a post about the Voatz blockchain absentee-voting app a few weeks ago.

11/3/2018: November 3, 2018 — Rob Pegoraro and Jeff Gamet, Tech Night Owl

I talked to host Gene Steinberg about some puzzling aspects of Apple’s finally-updated computer lineup, along with its decision to stop revealing unit-sales numbers in future earnings releases.

11/4/2018: What it’s like to use a search engine that’s more private than Google, Yahoo Finance

Not for the first time, a topic I tried out as a post here became a separate story for a paying client. Did that piece get you to set the default search in one of your browsers to the privacy-optimized DuckDuckGo? I’ll take your answer in the comments.

Weekly output: John Brennan on election security, Saudi Arabia’s Twitter operations (x3)

For most of this past week, the conference badge was on the other lanyard: My wife was out of town for work.That brief spell of solo parenting ended with the house miraculously not much messier than before and me needing a nap more than usual.

10/17/2018: Ex-CIA chief’s take on election security: Don’t panic, do stay paranoid, Yahoo Finance

When I filed a first draft of my interview with former CIA director John Brennan two weeks ago, my editor said it read more like two posts and asked if I wouldn’t mind turning it into a pair of stories. This covers the second half of our conversation, folding in some quotes from some subsequent election-security events around D.C.

10/20/2018: Saudi Arabia’s Twitter mole, Al Jazeera

The New York Times reported Saturday that Saudi Arabia’s attempts to suppress dissidents like murdered Washington Post contributor Jamal Khashoggi extended to recruiting a Twitter insider. Several hours later, I told viewers–as overdubbed into Arabic–that this development represented a serious departure from Silicon Valley’s traditional definition of espionage as “an employee takes trade secrets to a competitor.”

10/21/2018: Saudi Twitter operations Al Jazeera

As part of what looks like the same kind of flood-the-zone coverage strategy I usually associate with Apple events, AJ had me on two more times Sunday to talk about this Twitter mole and Riyadh’s other attempts to change the social-media conversation.