How the league secures the vote against hacking


Major League Baseball fans could choose a US president and local elected officials, but for 12 seasons they couldn’t be trusted to make the All-Star Game roster. Cincinnati Redlegs fans committed a form of voter fraud in 1957 when, pressured by the media, they played with the system to stack the game.

MLB commissioner at the time, Ford Frick, was not happy and robbed millions of their rights.

Voting rights for the All-Stars were restored in 1970, ushering first an era of paper ballots, then a hybrid of paper and online voting, and going fully online in 2015 for the mid-century classic. the summer that took place, you guessed it, in Cincinnati.

Voting rights were at the heart of MLB’s decision this year to move the All-Star Game and related events to Denver from Georgia, a state that at the end of March changed its voting laws in a way that , according to Democrats and the US Department of Justice, will disproportionately affect black voters but Republicans advocate for fairness and expanded access.

Comparatively speaking, All-Star Game voting is low stakes, but MLB, like state governments, is changing the process over time to keep ballots accessible and safe from ballot stuffing. .


“I had only been writing software for three years, something like that, so it wasn’t that long,” said Chris Nandor, who in 1999 hacked the All-Star Game vote. “That kind of you said it wasn’t that hard.”

In the beginning

Perhaps the best place to start this story is in the black leagues. The first East-West Game – the name of the Black League All-Star Game – took place on September 10, 1933, about two months after the MLB’s first All-Star Game.

But the precedent of the East-West game likely had a wider influence: in its first year, around 1 million votes were garnered from ballots printed in black newspapers across the country.

MLB initially gave fans the right to vote in 1933 and ’34 (although the league told The Post “it is not known how it was handled”) before giving it to All-Star Game managers until. ‘in 1947.

Georgetown history professor Chandra Manning said part of the Negro League’s motivation for fan voting was to “democratize the emotional investment in the game to ensure that … profile platform for black talents.

Associated press kit

Former Major League wide receiver Roy Campanella, center, chats with former tennis star Althea Gibson and Negro Leagues pitcher Satchel Paige during the 29th Negro League East-West game on August 20, 1961, at Yankee Stadium. Paige was a starting pitcher in the game.

The last East-West game was in Kansas City in 1962. But the MLB moved on, straight into the conundrum of the 1957 ballot stuffing and the temporary end of public voting. From 1958 to 1969, managers, coaches and players chose the teams. Commissioner Bowie Kuhn lifted the ban on public voting before the 1970 game, and things were relatively calm until 1999.

In those dawning years of the Internet, security was, well, lax. MLB allowed fans to vote up to 22 times online, but didn’t have a lot of Voter IDs – no email verification, no captchas.

Nandor was in his mid-twenties and worked with a general purpose computer programming language called Perl. He said he first wrote a program that would vote frequently in an Evander Holyfield boxing match against Mike Tyson (and the undercards).

“It was very corrective in that you just had to vote once, wait for a response from the server, and then vote again,” said Nandor, who is a software developer.

The Boston Red Sox fan said he checked the All-Star Game voting website, which he thought his program might work to submit votes to Boston infielder Nomar Garciaparra (who finished that year with a batting average of .357 and 1.022 OPS) and gave him a go. It was a hit, so Nandor put it on a loop.

We’re not talking about a few voices, it was almost 40,000. “I let it run for hours and hours,” he said.

MLB said it canceled Nandor’s votes. Garciaparra still started the 1999 All-Star Game in Boston, beating Derek Jeter on a shortstop by about 20,000 votes, according to the Washington Post.

“People have always filled the All-Star ballot box, and they would just do it with a paper ballot. … That’s why I didn’t think it was a big deal, ”Nandor said. “It’s like, ‘Really, are you going to care?’ Now, okay, it’s on a larger scale and someone can vote tens of thousands of times without doing a lot of work, but still, it’s always been a joke.

From 2015, voting took place entirely online. On June 8, 2015, published the article “Royals Dominating AL All-Star Voting”.

Two weeks later, MLB announced that it had rejected more than 60 million ballots over fears of “inappropriate voting,” according to Sports Illustrated. The MLB said it was common practice to clean up the votes. Kansas City fans, excited for their World Series winning team, said they had done nothing wrong. A blogger from Detroit SB Nation easily found a way to hack the 2015 poll.

National League All-Star Buster Posey # 28 ...

Rob Carr, Getty Images

National League All-Star Buster Posey of the San Francisco Giants takes the field during the 86th MLB All-Star Game at Great American Ball Park on July 14, 2015, in Cincinnati, Ohio.

Validation, voting and integrity

The current fan voting system dates back to 2019, a two-tier process, online only for positional players and the AL designated hitter. Votes can be submitted through, the MLB app, team websites, and through Google search (if you are signed in with a valid account). This year, fans could vote five times per day during Phase 1 (which lasted June 3-24) and once per day during Phase 2 (June 28-July 1).

Major League Baseball told the Post that there are several ways to protect the sanctity of the vote. For everything except a Google vote (since this is a registered account), the MLB sends a confirmation email to the voter, and says “the votes are not counted when the confirmation bounces due to inauthentic email addresses “.

As of this year, MLB had a partnership with Mastercard NuDetect, which the league says includes a “validation process … to ensure that only real votes from real people are counted.” NuDetect’s website examines four categories of data on your computer or phone to check for fraud, including expected IP address, typical typing speed, and account history.

The league also said it is partnering with identity management firm Okta and cloud computing company Fastly, and has a cybersecurity program that oversees the entire universe. If ballot jams were detected, MLB said its cybersecurity team would “investigate any anomalies.”

Overall, the MLB said it garnered 113 million votes between the two phases this year; about 14% of the phase 1 votes were invalid and 21% of the phase 2 votes.

Kent State history professor Leslie Heaphy is skeptical that ballot stuffing is even possible when “you can vote multiple times a day.”

“When you make it a fan vote, haven’t you removed the need for any sort of truthfulness anyway? Because it’s all about popularity, it’s not really the experts who decide who’s the best player, ”said Heaphy, who won the Society for American Baseball Research’s highest honor in 2014.

She added: “To me, the integrity of the vote doesn’t really matter.”

Helen H. Richardson, The Denver Post

Coors Field is ready for the next All-Star Game with large signs on its facade on July 7, 2021.

MLB said it made All-Star Game voting accessible in a number of ways. People who don’t have access to the internet or newer computers get a warning when voting online about what might not work, along with “tips on how to fix and deal with various circumstances.” “. For the visually impaired, ballots on league and team websites have an audio captcha.

The voting system is “constantly under evaluation with the goal of providing a meaningful and fan-friendly process,” MLB said.

For Heaphy, the real goal is not the fan vote: “It’s all about the fanfare. ”

Source link


About Author

Leave A Reply