Hacking the Voters’ Brains

With the U.S. presidential election less than two months away, we are exposed to more and more political coverage day by day. Sasha Issenberg (author of The Victory Lab: The Secret Science of Winning Campaigns), reporting for The Wall Street Journal, pens an interesting post about hacking the voters’ brains:

4. Get them to confess (indirectly) to bias.

Throughout 2008, Barack Obama’s advisers never entirely trusted polls that showed their candidate to be ahead. There was, after all, a long history of white voters misleading pollsters about their willingness to vote for a black candidate. The phenomenon was known as “the Bradley effect,” after Los Angeles Mayor Tom Bradley, who did far worse at the polls in his 1982 gubernatorial race than polls had predicted. Obama’s advisers didn’t want to risk such an election-night surprise and used their statistical-modeling prowess to hedge against one.

The challenge was separating voters who were resisting Obama (or remained undecided) because of his race from those who were drawn toward John McCain for other reasons. Obama’s top microtargeting consultant, Ken Strasma, focused on a small group of white voters who reported themselves to be supporting John McCain at a much higher rate than the campaign’s scores predicted they should. Mr. Strasma looked for variables that defined this group and found one when he tried a new question in his surveys: “Do you think your neighbors would be willing to vote for an African-American for president?”

People who answered “no” were likely to be Mr. Strasma’s problem voters. Everything his databases signaled about their political attitudes—based on their partisanship, age or socioeconomic status—suggested they would be likely to support Mr. Obama, but they said they planned to vote for Mr. McCain. So Mr. Strasma created a new category in his microtargeting: a so-called “openness score,” measuring the likelihood that someone was open to voting for a black candidate.

The campaign could isolate those with low scores and deal with them in one of two ways. They could be ignored or, if they looked like habitual voters who were likely to turn out, the campaign could approach them with targeted communications that focused on urgent economic themes rather than on Obama’s charisma (“hope and change”) and the historic nature of his candidacy.

5. Let them know (gently) that they are being watched. Few campaigns want to be associated with tactics like Mark Grebner’s threat to expose nonvoters to their neighbors, because it looks a lot like blackmail. But campaigns have figured out how to soften such approaches. One version widely used today tells a voter “our records indicate that you voted in the 2008 election” and says that the sender hopes to be able to thank the recipient again after this election day for his or her “good citizenship.”It may fail to meet Mr. Grebner’s goal of shaming those who don’t go to the polls, but it still works. It’s been tested.

You should read items 1 to 3 here.

A Cautionary Tale about iCloud

Mat Honan, technology writer based in San Francisco, got hacked over the weekend. He describes his experience in a blog post (it is quite a story):

At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash. My password was a 7 digit alphanumeric that I didn’t use elsewhere. When I set it up, years and yearsago, that seemed pretty secure at the time. But it’s not. Especially given that I’ve been using it for, well, years and years…

The backup email address on my Gmail account is that same .mac email address. At 4:52 PM, they sent a Gmail password recovery email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had changed. 

At 5:00 PM, they remote wiped my iPhone

At 5:01 PM, they remote wiped my iPad

At 5:05, they remote wiped my MacBook Air.

A few minutes after that, they took over my Twitter. Because, a long time ago, I had linked my Twitter to Gizmodo’s they were then able to gain entry to that as well. 

Honan confirmed with the hacker and Apple that it happened when the hacker got in touch with Apple tech support and via “some clever social engineering” let the hacker bypass the security questions. I want to know more details about this clever social engineering. Because I have an iCloud account of my own and it shouldn’t be this simple to have the password reset. I wonder if Apple will make a formal acknowledgement of the issue and provide some guidance on how iCloud will be made more secure.

The World’s Creepiest Stalker

After reading David Kushner’s piece “The Hacker is Watching” in this month’s GQ, the primary and overwhelming thought I had was this: better place a tape over my webcam as soon as possible. You will probably agree after reading the piece about Luis Mijangos, perhaps the world’s creepiest stalker:

He lived at home with his mother, half brother, two sisters—one a schoolgirl, the other a housekeeper—and a perky gray poodle named Petra. It was a lively place, busy with family who gathered to watch soccer and to barbecue on the marigold-lined patio. Mijangos had a small bedroom in front, decorated in the red, white, and green of Mexican soccer souvenirs, along with a picture of Jesus. That’s where he spent most of his time, in front of his laptop—sitting in his wheelchair…

Mijangos hadn’t always been disabled. As the child of a federal police officer in Mexico City, he’d grown up literally on the run. Whenever he heard a neighbor shout “¡Vienen!” he’d scramble onto his rooftop, watching in fear as strange men approached his front door. “I was terrified, because I knew that my father was in there,” he recalls. The men, federales, used to work with his father, but his dad tired of the corruption on the force and quit to open a seafood restaurant. Now he was just another target for extortion.

It’s a fascinating, yet disturbing, story of someone who felt reborn going into the dark depths of hacking:

Mijangos had one thing to help make him an expert hacker: time, and plenty of it. He spent all day in his wheelchair, digging deeper online. Hackers coalesced as teams, just like his old soccer club, and Mijangos printed up a T-shirt with the name of his squad, cc power (as in credit card). Working with one guy in particular, code name Manhattan, the scam went like this: Using a stolen Social Security number and other personal information, Mijangos would open a bogus merchant account at a bank. He’d then contact Manhattan, who’d charge money to the account using stolen credit card numbers. All the pair needed to do was withdraw cash at will from an ATM and split the profits evenly.

He wasn’t getting rich, but Mijangos says he earned enough to buy a $5,000 titanium wheelchair that he tricked out with $400 wheels. He felt reborn. “When it comes to hacking, yes, I’m not going to deny it—it’s like you feel like you accomplish something,” he says.

The stalker’s reach was unprecedented:

After casing the place for weeks, the feds had finally attained a warrant to search his home. They took everything they could find: four laptops, scattered thumb drives and memory sticks, and a BlackBerry. The archive of voyeurism was staggering: over 15,000 webcam-video captures, 900 audio recordings, 13,000 screen captures. In total, he had infiltrated more than 230 victims, including juveniles. At least one was as far away as New Zealand.

What set off Luis Mijangos on this dangerous, voyeuristic path? Opinions vary, and the author visited the stalker after his sentencing to get a better idea. You should read the piece to assemble a judgment of your own.