[FFmpeg-devel] Vote Investigation of "GA voters list updates E_029f7195fed7aadf"

Michael Niedermayer michael at niedermayer.cc
Sat Nov 18 21:01:45 EET 2023


Hi all

This are the results of my investigation of issues in "Poll: GA voters list updates E_029f7195fed7aadf"
This has been reviewed by Alexander and Anton and comments from them have been incorporated.
It has also been shown to jb and Thilo at the same time as Alexander and Anton, but no comments have been received.
The "Recommended action section is mostly my recommendations but they too have been adjusted based on comments.
All names of people have been stripped after review but are available on request for research purposes.

Mistakes done:
1. the voter list in 2023 did not match the list used in 2020 nor 2021, the exact reason is not known
1a. the 3 "extra members" where missing from the new list. It seems this was unintended but later explained by partially applying the GA rules
1b. There was one developer who voted in 2023 but did not receive a mail in 2020, it is unclear if he was on the 2020 list as i found 2 lists, one with him and one without
1c. There was one developer who was on the 2023 list but was not eligible in 2020, his mail bounced and its unlikely he could vote.
1d. There was one developer who contacted the supervisor and asked why he did not receive a mail, the supervisor added him though he was not eligible in 2020
1e. There was one developer who was on the 2023 list but was not eligible in 2020, his mail did not bounce and he likely could vote
2. Three people had multiple email addresses on the used list, the vote supervisor had no way of knowing for certain if one, two or none of these addresses would produce bounces
   Also it was assumed that tokens from bounced emails would be inaccessible. 2 of the 3 people had one address bounce the 3rd seems not to have had bounces
3. In addition to the bounces mentioned above, 2 more addresses produced bounces, these people where likely unable to vote.
4. The option to update before, was not well defined and could not have been implemented had it won.
5. The mail account used reached a send limit (100), It is believed this did not affect anyone's ability to vote as the first 53 batch should not have triggered this. But rather the repeated batch triggered it
   The send limit was 100 because the first payment for the mail.de account was not received yet, it is 500 now

Conclusion:
It is unlikely the vote result is affected as it was not close. But these issues must be resolved for future votes as they could affect votes when the results are close.

Recommended action:
1. Two people should replace a single vote supervisor, they should work together and cross check each others action. Similar to a pilot and co-pilot in an aircraft
2. The server should log email addresses, this will make future investigations MUCH simple (done)
3. When the decision maker(s) have any doubt, action should be delayed, no action should be rushed, its always better to wait a few days longer
4. Every step should be announced and the Community should have the chance to verify and suggest amendments.
5. The implementability of all options should be thought through before starting a vote with an option.
6. Maximal transparency should be attempted. Any issues occurring during a vote should be published.
7. Before every new series of votes a test vote with the same set of voters should be done
7a.In this test vote, if any addresses bounced and working addresses are known then the bouncing addresses should be replaced by the working address. Per person only one address may be used in a (non test) vote.
8. The vote supervisor and admin should clearly state before a vote that they act in the best interest of FFmpeg, and have the time, will and ability to do so.
9. The vote supervisor and admin must disclose any conflict of interest that may apply to them.
10.Voters should always pair a random number with their ballot, write it down and verify it afterwards.
11.The formalities and time frames regarding announcements and votes should be written down.

thx

PS: If more anomalies are found then i may update this. (please contact me
in case you stumble accoss any serious anomalies not listed above)

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Dictatorship: All citizens are under surveillance, all their steps and
actions recorded, for the politicians to enforce control.
Democracy: All politicians are under surveillance, all their steps and
actions recorded, for the citizens to enforce control.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20231118/591e7e51/attachment.sig>


More information about the ffmpeg-devel mailing list