Here's the form they think is real: http://oregonvotes.org/pages/ballots/11032020/Washington/34_...
Ive updated the title to reflect this
Why are you posting 4Chan garbage to HackerNews? Is this even confirmed?
I'll add that anyone can request a replacement, and the cancellation is effective immediately
edit: in fact I think this happened. wasnt there an online quiz we lost at a couple years ago?
To request a replacement ballot you have to fill out a form and send it to your county clerk, and the form asks you for a lot more info than your DOB.
As far as cancelling your vote, when has that EVER been an option and what purpose would it serve?
I've nothing to gain spreading misinformation. As I've said I've hidden the thread until a reputable news org is able to report on this.
It is indeed possible to see addresses where ballots were mailed, and I was able to view a politician’s information using only their name and date of birth gleaned from Wikipedia.
I’m sure this information can be found in any number of ways, however. There is also a disclaimer stating “ If your information is confidential or you are not yet 18 years old, contact your county elections official to confirm your registration status.” which indicates using that site to register has no implication of privacy.
I live in Chicago. I find it absolutely absurd that people don't think politicians steal votes.
you're also assuming its easy for other politicians to use. as if counting votes is just the web app...
Someone in this thread linked the page to the "voting" screen. It's just a form to print a new ballot that you would then mail or bring in person.
who cares if they're looking at obits, great, that's fine, every political party has lawyers to do that and they're better at it anyway.
Their FAQ makes no mention of placing it in a ballot envelope. In fact they offer the ability to print your own from the website.
Where are you getting that information?
It appears one can type in a name and dob, print a ballot, fill it out, and drop it off. What am I missing that is also not in their FAQ?
Step 4: Return your Ballot
After printing your marked ballot summary:
Enclose your ballot in the secrecy envelope.
Then place that envelope in the return identification envelope.
Sign the ballot declaration and the return identification envelope
Here are the instructions for using the alternate ballot:
My aim is not to spread disinformation here. I have hidden the thread until a reputable source can confirm further as there may be other details I'm missing. This is not about changing votes, but the replacement of a ballot that can be initiated using very little information, and can cause a person's mail-in ballot to be invalidated.
In Oregon, there is no such option.
>To print a ballot packet, only click "Continue" if you did not receive your ballot by mail or your ballot is lost or damaged. Continue only if you intend to vote this ballot.
>Print both 1) Replacement Ballot and 2) Ballot Return Packet.
>To view what's on your ballot, select the voters' guide in the navigation menu.
>Frequently asked questions
>This site allows you to mark, review, and print your ballot materials for return to your county elections office.
>Can I just view my online ballot and then vote the paper ballot coming to me in the mail?
>No, the online ballot should only be used if you want to print, vote and return it. Click on Voters' Guide in the >left navigation to see what will be on your ballot and to learn more about the candidates and measures.
>I lost my paper ballot, can I print and return this online ballot?
>Yes, the online ballot is a great replacement ballot option. When printing make sure to print both the 1) replacement ballot and 2) the ballot packet. Follow the ballot packet instructions and make sure you return your ballot on time – the earlier the better!
>Caution: If you continue, a ballot previously mailed to you will be cancelled.
It is specifically this phrase Caution: If you continue, a ballot previously mailed to you will be cancelled. that is concerning. It makes one think that if I press the [Continue] button on that page, then the ballot that has already been mailed to me will be automatically canceled. Can you confirm that that is not the case, and if so what is your evidence?
I don’t believe anyone anymore (only like 1/2 hyperbole).
I don't know what will happen if you click through. You could try it I guess, apparently 4chan has already cancelled everyone's vote anyway.
I will update the link and title as additional information comes in.
EDIT: California requires SSN, so it is not as susceptible
EDIT: Oregon requires further steps, is not susceptible, there has not been any confirmation on Washington and I cannot test that myself
Non ephemeral link: https://web.archive.org/web/20201018061012/https://i.4cdn.or...
Yes, you can change a printable ballot form that you then have to PRINT OUT AND RETURN before it is counted. This is no more an "exploit" than a printing a blank ballot, filling it in, and sending it in under someone else's name, or showing up at a polling place and voting as someone else.
It's also fraud and a felony for anyone who does it...
So the posts about how in Washington they cancel the original ballot when you go through the print process for a new one are not correct?
That seemed like too obvious a flaw!
I can't speak for Oregon, but this is not FUD. I can't imagine any good intentions from someone being so disinterested in the possibility of fraud.
Has anyone but 4chan written about this? I wasn’t able to find anything.
Because that stops people who are planning to tamper an election in the first place?
Edit: Please remember there’s a lot of disinformation going around about voting in general, be extra skeptical before sharing this further because it’ll just cause more unrest about the election.
I've no intention of creating undue panic.
I've hidden the thread and will delete it tomorrow likely.
Others from Oregon confirm what this page implies: you just need name and DOB to mess up a voter’s registration.
In California, to change someone’s voter registration, you also need the last four digits of their SSN and their drivers license number.
does not exist (in Oregon at least)
Because of the amount, I would guess some of the executable files lead to web shells. I am less sure of, but still somewhat confident, that the open GET queries might be pages where someone has discovered a SQL injection flaw.
They are likely trying to prevent these pages from appearing on Google where a regular user might notice. Will try to look shortly on desktop and update further.
 - https://www.oregon.gov/robots.txt
Seems far more likely than that there's anything actually bad going on here.
Also, jumping from "Huh, lots of robots.txt entries" to "SQL injection flaw" doesn't make sense to me. I don't see how those things are related.