A funny thing happened to our recent reader poll about University of Louisville President James Ramsey.
On Tuesday afternoon, we posed the following question to readers in a story:
If you were on the University of Louisville’s Board of Trustees, how would you vote in the April 20 vote for a motion expressing no confidence in President Ramsey?
- No Confidence
Almost immediately, the little orange bar accompanying “No Confidence” skyrocketed and remained the leading answer by a landslide for almost 24 hours.
Last time I checked on Wednesday afternoon, around 80 percent of respondents had indicated they support a vote of no confidence.
An hour later, the poll had flipped; it now appeared a large majority of readers suddenly supported a vote of confidence in the embattled president, who narrowly escaped such a vote by the Board of Trustees last month.
Suspicious? To say the least.
Curious how this happened given our polling system is set up to only allow one vote per user (per web browser), we got our IT guy on the case and were able to determine the following:
In a matter of hours, more than 700 votes expressing confidence in Ramsey were cast from a handful of University of Louisville IP addresses.
That’s not supposed to happen. So how did it?
Here’s my layman’s interpretation of our IT guy’s explanation: If a reader disables his “cookies,” he can override the one-vote limit and stuff the virtual ballot box. The words “script kiddie” also were used, which apparently is a common term among hackers. I’d never heard of it, and here’s the definition I found:
“… an unskilled individual who uses scripts or programs developed by others to attack computer systems and networks and deface websites. It is generally assumed that script kiddies are juveniles who lack the ability to write sophisticated programs or exploits on their own and that their objective is to try to impress their friends or gain credit in computer-enthusiast communities. However, the term does not relate to the actual age of the participant. The term is generally considered to be pejorative.”
Given the IP addresses we identified, it’s safe to assume these kiddies were in fact adults employed at the University of Louisville.
And based on the definition, I think it’s fair to say the offenders didn’t have to be particularly clever — just unethical.
Our reader poll is by no means scientific, but it does serve a valid purpose — to engage readers and generate discussion on topics of interest to the community. Sometimes the subject is inconsequential, such as where you can find the best French fries in Louisville. Other times, however, a poll gauges reader opinion on a topic of the utmost importance — like the leader of a public university plagued by scandal and dissension.
So a breach we might typically have laughed off or addressed via social media in this case warranted a bit more exposure.
We have no plans to overhaul our polling system, which up until now has worked just fine. But we most definitely will keep a watchful eye on the responses, because even though it’s informal, we want it to be an accurate reflection of our readership.
On that note, we’ve turned off the James Ramsey poll — so I guess that means U of L’s prolific voters can get back to work.