ALL BLOG POSTS AND COMMENTS COPYRIGHT (C) 2003-2019 VOX DAY. ALL RIGHTS RESERVED. REPRODUCTION WITHOUT WRITTEN PERMISSION IS EXPRESSLY PROHIBITED.

Thursday, February 06, 2020

Soros is not buying the best and brightest

The Soros-funded app that ruined the Iowa caucuses was written by amateurs:
Motherboard asked six cybersecurity and app development experts we trust to analyze the app. The app was built on top of React Native, an open-source app development package released by Facebook that can be used for both Android and iOS apps, according to Kasra Rahjerdi, who has been an Android developer since the original Android project was launched, and Robert Baptiste, a white-hat hacker who has exposed security flaws in many popular apps and reviewed the code. Rahjerdi said that the app contains default React Native metadata and that it comes off as a "very very off the shelf skeleton project plus add your own code kind of thing."

"Honestly, the biggest thing is—I don’t want to throw it under the bus—but the app was clearly done by someone following a tutorial. It’s similar to projects I do with my mentees who are learning how to code," Rahjerdi said. "They started with a starter package and they just added things on top of it. I get deja vu from my classes because the code looks like someone Googled things like 'how to add authentication to React Native App' and followed the instructions," Rahjerdi said.

"The mobile app looks hastily thrown together," Dan Guido, CEO of cybersecurity consulting firm Trail of Bits, told Motherboard.
Hey, look at the bright side of the debacle. At least journalists are finally learning to code!

Labels: ,

59 Comments:

Blogger SciVo February 06, 2020 5:56 AM  

Speaking of the Iowa caucuses, has anyone else noticed how swiftly Biden is visibly aging? I suspect that this is a stress symptom of a Bravo (at best) trying to fill an Alpha role, like an anxious yappy little dog with a decrepit old lady as his only other pack member.

Blogger Section 8A February 06, 2020 6:13 AM  

Was an unemployed Buzzfeed blogger the coder? Hopefully a woman POC you go girl.

Blogger Lazarus February 06, 2020 6:15 AM  

It is not voters that count, but the counters who can't count that count.

Blogger Shane Bradman February 06, 2020 6:19 AM  

Most coding is using straightforward functions then spending 3 hours trying to find where you made a boo boo. No wonder the newbies are following tutorials.

Blogger Brett baker February 06, 2020 6:25 AM  

Are there any Russian hackers on the loose the DNC should know about? After all, the Big Tech party wouldn't screw up an app!
Also, waiting for the destruction of the Romney Heresy.

Blogger Francis Berger February 06, 2020 6:27 AM  

Soros has been dropping the ball a lot lately - which is definitely a good thing.

Blogger Section 8A February 06, 2020 6:35 AM  

The greatest site I used on twitter to copy and paste the URL to Buzzfeed and Huffpo types: http://programming-motherfucker.com/

Glorious.

Blogger Critias February 06, 2020 7:03 AM  

Someone help me out, I'm not too bright. It was my understanding that TPTB would sieve off the top percentage of society in terms of IQ. Offer scholarships, lots of bonuses etc if they work for them. Where are they now? All I see are idiots.

Blogger Ron Winkleheimer February 06, 2020 7:08 AM  

Well, merit is just a tool of white supremacy and the patriarchy.

Not OT I think, have you seen the letter sent to the Milwaukee 2020 Democrat Host Committee alleging an hostile work environment? It is interesting.

https://www.jsonline.com/story/news/investigations/daniel-bice/2020/02/04/board-fires-two-leaders-2020-dnc-host-committee/4662792002/

Blogger Doktor Jeep February 06, 2020 7:11 AM  

Funny thing is, it's possible to make parts of an app native code and encypt that part, then use that to put an extra layer of encryption on the data that will move when encoded after encryption.
They did none of that.

Blogger Cataline Sergius February 06, 2020 7:22 AM  

Hey, look at the bright side of the debacle. At least journalists are finally learning to code!

This all day.

This was my reaction when I heard about this. "They did learn to code and this is the best they could come up with."

I'm starting to wonder if the code monkeys that built that app didn't go on to work on Warcraft III: Reforged.

Blogger bodenlose Schweinerei February 06, 2020 7:42 AM  

So all that is necessary to completely founder their already leaky ship is for someone to throw up some fake coding tutorials with a few intentional errors? Not that I'm advocating such a nefarious move, or implying anyone here might try it.

Blogger Ska_Boss February 06, 2020 7:51 AM  

I very much doubt the intent was to make a functional and seamless app in the first place.

If I was in charge of digitally tampering with election results then a pre-written script that could be customized by any random code monkey who doesn't ask too many questions would be an ace up the sleeve.

Blogger CarpeOro February 06, 2020 8:10 AM  

Kind of the result I should expect I suppose. When you dumb down your recruitment pool by imposing idiocy from every side, don't expect to find skilled people in it. Other than the Indian chick(and I have met both brilliant and idiot ones), he may as well have outsourced for the two soyboys also.

Meh, more than willing to let our enemies continue to reap the fruits of their evil.

Blogger CarpeOro February 06, 2020 8:21 AM  

Thought I'd take a look for final results - looks like Sanders eked out a lead over Buttgig, Creepy Joe pretty far behind in 4th:

https://www.kcci.com/article/kcci-iowa-caucus-results/30599739#

Blogger Silly but True February 06, 2020 8:30 AM  

“Tara McGowan exposes her naughty bits.”

Blogger Ominous Cowherd February 06, 2020 8:56 AM  

The silly app isn't the problem, of course, it's the excuse. The problem is that they have to tell an enormous lie about the results, and they aren't sure how to package it, but they are sure that delaying a couple news cycles will help.

Blogger Ken Prescott February 06, 2020 9:14 AM  

"At least journalists are finally learning to code!"

More than one code pig of my acquaintance was saying that code written by journos would be the only thing that could be worse than the code delivered by H-1Bs.

Blogger Johnny February 06, 2020 9:23 AM  

The most remarkable thing was the lack of testing. I was thinking it was a cheat and they couldn't expose it to view, hence no testing. But apparently not. Once again stupidity wins out over venality.

Blogger Henry Lee February 06, 2020 9:45 AM  

My understanding is that they didn't test it because that would increase the exposure to hacking. As a retired programmer of thirty-five years I can't imagine putting something into production without testing. Well, I'm from the mainframe FORTRAN, COBOL, OS/390 Systems days. What do I know?

Blogger Rabid Ratel February 06, 2020 9:47 AM  

Hey, look at the bright side of the debacle. At least journalists are finally learning to code!

Apperently their coding is of the same quality as their reporting.

Blogger Keith February 06, 2020 10:02 AM  

I noticed the same thing about Square’s Bluetooth credit card processing device. You can install Nordic Semiconductor’s “nRF Connect” app on your phone and when you scan a place that uses the Square device you can see that whoever did their firmware basically started with the Nordic demo that shows how to report version strings and bolted on their stuff. The manufacturer is even still listed as “Nordic Semiconductor”

Blogger Nikolai Collushnikov February 06, 2020 10:04 AM  

Hopefully they had a Code Of Conduct.

Blogger Mr.MantraMan February 06, 2020 10:07 AM  

I'll take the odd position that the CrapAp was cover for the super duper secret computer program that received the data from CrapAp then massaged it for the benefit of The Plug. FTR I am a computer illiterate, but I am devious.

Blogger Freeholder February 06, 2020 10:19 AM  

The app is a fake out. Concentrating on the technical flaws and not looking at the process that got them to this point. It doesn't matter how good or bad the app is when the desired results are flawed. That is why there wasn't a backup plan. That is why the democrats have never reported the actual voters in Iowa before. The app's issues are just another layer of obfuscation to buy another 4 years of party control.

Blogger Leahn Novash February 06, 2020 10:35 AM  

There is no need. Most tutorials on the internet are either bad or outdated. Or both. Because of the relevance aspect of Google algorithm, outdated tutorials that have been clicked a lot over the course of years are the top search results.

Blogger Rakshasa February 06, 2020 10:36 AM  

In the era where using distributed blockchains to create trusted ledgers is the gold standard, we have elections decided by buggy apps written in BASIC connecting to a server that can't even handle 12 simultaneous connections.

Blogger Balkan Yankee February 06, 2020 10:46 AM  

@1: "Speaking of the Iowa caucuses, has anyone else noticed how swiftly Biden is visibly aging?"

Yes. He looks like Joe the Crypt Keeper.

Blogger RC February 06, 2020 10:53 AM  

"Well, I'm from the mainframe FORTRAN, COBOL, OS/390 Systems days. What do I know?"

I've been at this as long or longer than you Henry. Some has stayed the same but much has changed. The modern programmer works in levels of abstraction that an old FORTRAN guy would not believe. Each of these layers introduce error vectors and, as general competency decreases, the problems compound. The sheer number of UI devices is its own complicating factor. And so on. A comprehensive, repeatable test plan is difficult and very time-consuming, making most developers take a very iterative approach, moving fast, with limited testing, and fixing errors as they're discovered in the wild.

One would suppose that flight test, nuclear, and other high-risk applications would be the exception but recent evidence indicates otherwise. The modern web programmer would be as astounded with the thoroughness of a typical test plan of 30 years ago as you would be with their toolset.

Blogger Uncompliant February 06, 2020 11:03 AM  

@8 -- TPTB must first utterly destroy what exists; then we, the suffering will DEMAND -- DEMAND!, I tell you! -- that a glorious global government be created to SAVE us!! Thus, incompetence is unleashed, criminals are set free to prey upon us, illegals and homeless and drug addicts are lured in to ruin our cities, etc. When the Collapse is complete, THEN, the best and brightest will ascend to the glory of the properly and efficiently managed utopia. /s (sort of)

In all seriousness, this has been done before. The history of ancient Greece provides many how-to-manuals on how to destroy a democracy.

Blogger Out of Nod February 06, 2020 11:26 AM  

I'm skeptical. Dan Guido's quote is especially telling. The dev's are being thrown under the bus when the reality is that the process to create the app was hurried - bad logistics plus hurried process equals crappy software.

A saying amongst devs is: Quality vs low cost vs on time. Pick two.

Blogger Azure Amaranthine February 06, 2020 11:33 AM  

"It was my understanding that TPTB would sieve off the top percentage of society in terms of IQ. Offer scholarships, lots of bonuses etc if they work for them. Where are they now?"

See there's the kicker, they sell meritocracy and they might practice it a tiny bit just to get you on board if you're the absolute cream of the crop, but then they'll chain you to an assembly line with minimum possible pay while they promote ingroup preference only.

They're not playing for you, they're playing for them. Once they get on top of the dogpile it generally only takes a generation or two before, among other decadence, they start having less children. Any remaining pretense of merit inevitably falls by the wayside under the pressure needed to sustain that degree of nepotism without enough children to back it up.

Even before that, if you have, have, have to hire all of your ingroup into good positions regardless of their capability... output quantity/quality will decline. Even if you somehow manage to avoid producing poor quality ingroup, and have lots of kids, you end up with a topheavy structure of too many chiefs and not enough indians.

Turns out that cheating is never a winning strategy over a long enough period of time. It doesn't just have consequences for the people you cheat, but it sets up a sort of interference pattern in you yourself that will inevitably propagate.

Blogger Noah B. February 06, 2020 11:35 AM  

It's also the perfect excuse. Oh no, the coders screwed up! Let's just have the Party assign delegates however it wants.

Blogger furor kek tonicus ( no need to be racist, Ratchets can Karen better than anybody ) February 06, 2020 11:55 AM  

15. CarpeOro February 06, 2020 8:21 AM
Thought I'd take a look for final results


a - those still aren't the final results. +3% of precincts have still not been reported.

b - even though Bernie is winning the popular vote, he's losing the "State Delegate Equivalent" ... much as Hillary lost the Electoral College.

c - Klobuchar is a Senator in MN which is immediately adjacent to IA. expect her to collapse in the rest of the country except for MN, WI, ND, SD.



19. Johnny February 06, 2020 9:23 AM
Once again stupidity wins out over venality.



as i've pointed out about Marion Barry, if you institutionalize incompetence it often gets very difficult to prove intentional malfeasance.

Blogger Scuzzaman February 06, 2020 12:00 PM  

The numbers that have been bandied about for funding of the developers run into tens if not hundreds of thousands of dollars. If I was the customer I’d be talking to the police about a fraud case.

Blogger RandyB February 06, 2020 12:05 PM  

Also basic engineering:

"Good, fast, or cheap. You only get two."

Many variations, all saying the same thing.

Blogger Akulkis February 06, 2020 12:06 PM  

"A saying amongst devs is: Quality vs low cost vs on time. Pick two."

You must be young.

This is hardly new.

In the pre-internet age half a century ago, most people having a choice between 2 or 3 TV stations at most, an Interstate Highway system over a decade from completion, TV and Radio stations that signed off every night, your saying there was already common among automobile mechanics.

Another saying among mechanics (hot-rodders):

"Speed costs money. How much you got???"

Blogger Rakshasa February 06, 2020 12:09 PM  

"The modern programmer works in levels of abstraction that an old FORTRAN guy would not believe."

The real issue is that so very few people are able to work in levels (plural) of abstraction, while most can only manage one, or two, in the same workflow.

As Donald Knuth has pointed out those of us who can quickly and easily jump between those levels of abstraction are rare, and that even being highly skilled in math or physics doesn't necessarily mean you have this ability.

While VD likes to complain about the degeneration of quality, we have had an inflation in the quantity of software.

And the only solution to this issue is mandatory breeding programs for highly skilled programmers, and you need to provide a high enough stock of potential mates to get us... ehm... them to get distracted from programming.

Blogger Azure Amaranthine February 06, 2020 12:10 PM  

"I'll take the odd position that the CrapAp was cover for the super duper secret computer program that received the data from CrapAp then massaged it for the benefit of The Plug."

Inclined to agree. Bad programming is just the excuse of the present moment to let them do what they wanted to anyway.

Blogger tublecane February 06, 2020 12:13 PM  

My entire experience in coding consists of minute changes to graphing calculator games, on account of not wanting to pay attention in high school. Is that about on the level these folks were operating?

Blogger Archimedes2017 February 06, 2020 12:50 PM  

My suspicion is that the Democrats have mastered "Strategic incompetence" vote counting. The if the actual count is close but not quite "correct" then "lost" votes can be found. So morons are hired that can't even figure out how to round up a decimal number will randomly screw up and then, if needed, the smart people can swoop in and "find" votes from favorable districts.

Blogger Unknownsailor February 06, 2020 1:07 PM  

Out of Nod wrote:I'm skeptical. Dan Guido's quote is especially telling. The dev's are being thrown under the bus when the reality is that the process to create the app was hurried - bad logistics plus hurried process equals crappy software.

A saying amongst devs is: Quality vs low cost vs on time. Pick two.


Telling quote" "A lot of volunteers were onboarded close to caucus day or even the night before, so a lot of them didn’t have the chance to properly get set up before the event started, so that’s an important thing to note," he said."

It isn't like they knew this event was coming for more than three flipping years, or anything. They need to learn the six Ps: Prior Planning Prevents Piss Poor Performance.

Blogger Patrick Kelly February 06, 2020 1:07 PM  

"developers take a very iterative approach, moving fast, with limited testing, and fixing errors as they're discovered in the wild."

Sounds like our Dev Dept mission statement.

Blogger swiftfoxmark2 February 06, 2020 1:37 PM  

Soros only hires the best from India.

That is, only the best who haven't been taken by Google, Facebook, Microsoft, etc.

Blogger Out of Nod February 06, 2020 2:43 PM  

It's a saying stolen from engineering, I'm sure

Blogger Out of Nod February 06, 2020 2:49 PM  

The unaware business types tend to think that software development magically appears overnight. Describes the democrat party to a T!

Blogger Ominous Cowherd February 06, 2020 2:55 PM  

Unknownsailor wrote:They need to learn the six Ps: Prior Planning Prevents Piss Poor Performance.
They got the performance they wanted, I suspect.

Blogger Macs February 06, 2020 3:29 PM  

Hey now, those yappy dogs can be quite Alpha! They can and will bite your face off if you're not careful!

Blogger GAHCindy February 06, 2020 3:36 PM  

"Someone help me out, I'm not too bright. It was my understanding that TPTB would sieve off the top percentage of society in terms of IQ. Offer scholarships, lots of bonuses etc if they work for them. Where are they now? All I see are idiots."

The smart ones didn't take the ticket.

Blogger Uncompliant February 06, 2020 3:43 PM  

I agree with @41 ... incompetence is strategically planned and promoted; the chaos masks the election theft; platitudes abound; the sheep continue in their blissful belief that their "votes matters" and "every vote counts." People refusing to see the purposefulness. Never let a manufactured crisis go to waste.

Blogger Uncompliant February 06, 2020 3:47 PM  

@42 ... yep, the DNC understand. -- previously planned poor performance performed perfectly -- Bernie's rise is checked; gay guy's rise is manufactured.

Blogger SciVo February 06, 2020 5:09 PM  

@Critias:

Someone help me out, I'm not too bright. It was my understanding that TPTB would sieve off the top percentage of society in terms of IQ. Offer scholarships, lots of bonuses etc if they work for them. Where are they now? All I see are idiots.

It was a one-two punch from reality. They couldn't actually co-opt people smarter than themselves, because that would threaten their own applecarts, gravy trains, and rice bowls. And also, meritocracy is racist.

Fast-forward a few generations,and now matriculating college freshmen have an average IQ of 100-ish dull normal. It was a devious scheme in theory, but they were too flawed themselves to pull it off in practice.

Blogger Akulkis February 06, 2020 5:12 PM  

"My entire experience in coding consists of minute changes to graphing calculator games, on account of not wanting to pay attention in high school. Is that about on the level these folks were operating?"

No.

You understood what you were doing well enough for your modifications to work.

Blogger Up from the pond February 06, 2020 5:44 PM  

>>"Hey, look at the bright side of the debacle. At least journalists are finally learning to code!"

And the shiv goes in.

But can it be the result of mere incompetence that the CIA candidate came up like a bad penny? Yes, it can. Bad begets bad in an ever-growing downward spiral.

>>"fixing errors as they're discovered in the wild"

What do you mean in the wild? Wild how? Are we jungle animals to you? Stop with the racism already, you geeks.

Blogger Damelon Brinn February 06, 2020 7:06 PM  

"The app was built on top of React Native, an open-source app development package released by Facebook"

If you hear about a language/platform getting a lot of buzz these days, there's a good chance it came from Facebook, Mozilla, Google, or one of the other heads of the beast. They all come with pre-converged "communities" that you want nothing to do with. If you talk about "the C community," you just mean the general population of people who use C and talk about C. If you talk about "the Go community" or "the Rust community," you're talking about a group of people who act like a damn cult and spend more time gatekeeping and polishing the CoC than writing code.

Is that about on the level these folks were operating?

No. They would be more likely to go looking for a different tutorial, hoping to find one that works and already does what they want. When he says it looks like someone followed a tutorial, he's not exaggerating. That's how a lot of development is done now, and it's how a lot of documentation is being written. Instead of a straightforward list of function calls and options, you get an assortment of sample code. You try to find samples that do what you want, and hope you can assemble them into something that works.

Or you go back to a real language, which means at least 20 years old, but then you have to know what you're doing again.

Blogger Canada78Bear February 06, 2020 8:10 PM  

I think the aging is the realization that *his* party won't honor the deal and he is getting taken to behind the woodshed. The stress of "we had a deal!"

Blogger MrNiceguy February 07, 2020 5:56 PM  

Winning comment

Blogger MrNiceguy February 07, 2020 6:01 PM  

The good news is that they're hiring more experienced programmers for the next version. Real hot shots. I hear a lot of them even used to write flight control software for Boeing!

Blogger matism February 08, 2020 8:14 AM  

They may indeed finally be "learning to code", but they surely don't do it very well. Although their work would probably get them a top grade in an Ivy League computer science major today...

Post a Comment

Rules of the blog
Please do not comment as "Anonymous". Comments by "Anonymous" will be spammed.

<< Home

Newer Posts Older Posts