Election Voting App has Exposed Vulnerabilities

In a democracy we all get a vote. Unfortunately, in a digital world–votes can be tampered with.  This past presidential election was incredibly controversial, and one of the main reasons is because Americans weren’t confident their votes were secure.

So how easy is it to hack a voting system or application, thus influencing the results? With upcoming election season this is sure to be a topic discussed on an almost daily basis.

MIT researchers have “identified bugs that could allow hackers to “alter, stop, or expose how an individual user has voted,” in the commonly used voting app Voatz.

Voatz was used in the 2018 US midterm elections and is slated to be used again for the 2020 presidential election. On the good side, Voatz is far easier to use than counting paper ballots, but how do we know our electronic votes will be “counted” accurately?

MIT’s research team finds that the vulnerabilities in Voatz, stem from the app’s use of third-party services for app functionality, “Our findings serve as a concrete illustration of the common wisdom against Internet voting, and of the importance of transparency to the legitimacy of elections.”

They’re obviously in favor of traditional paper ballots.

Their reason is based on transparency, allowing the voting process to be observed by citizens and politicians alike. MIT researcher James Koppel says the voting application has no transparency, “Voatz’s app and infrastructure were completely closed-source.”

With only access to app itself installed on voter’s devices, Koppel and MIT aren’t able to address possible additional security issues on the app’s backend.

The Department of Homeland Security’s Cybersecurity and Infrastructure Agency has been notified, and although “Voatz acknowledged the vulnerabilities,” they’ve disputed the severity and downplayed MIT’s research and methodology. Adding also that the researcher’s goal is to “deliberately disrupt the election process, to sow doubt in the security of our election infrastructure.”

Voatz has (and will continue) to be used in our upcoming presidential elections, while only eligible to “military personnel, overseas voters, voters with disabilities — there is mounting pushback against its use and the use of any over-the-internet voting system, in general.”

Koppel adds, “the consensus of security experts is that running a secure election over the internet is not possible today,” reasoning that any weakness in a large chain can be a risk and give undue influence over an election.

We recommend extra caution this upcoming election season and suggest using the old fashioned method of voting– a traditional paper ballot.

If you need assistance with cybersecurity services contact DarkHound at [email protected].

Source:
https://www.zdnet.com/article/mit-researchers-disclose-vulnerabilities-in-voatz-mobile-voting-election-app/?ftag=TRE-03-10aaa6b&bhid=28837826891618282212917048574090

Image Source: https://www.pexels.com/photo/i-voted-sticker-lot-1550340/