Researchers at MIT say the voting app Voatz, which is being used by at least 4 states in the 2020 elections, has major security flaws that could allow an attacker to intercept and alter votes, while making voters think their votes have been cast correctly, or trick the votes server into accepting connections from an attacker.
Here’s the MIT research paper on Voatz.
Excerpt from Kim Zetter’s reporting for VICE:
An attacker would also be able to alter the user’s vote and trick the user into believing their vote was transmitted accurately, researchers from the Massachusetts Technology Institute write in a paper released Thursday.
The app, called Voatz, also has problems with how it handles authentication between the voter’s mobile phone and the backend server, allowing an attacker to impersonate a user’s phone. Even more surprising, although the makers of Voatz have touted its use of blockchain technology to secure the transmission and storage of votes, the researchers found that the blockchain isn’t actually used in the way Voatz claims it is, thereby supplying no additional security to the system.
Read the full report at VICE NEWS:
‘Sloppy’ Mobile Voting App Used in Four States Has ‘Elementary’ Security Flaws
[Kim Zetter Feb 13 2020]
Election security is hard enough without snakeoil salesmen like Voatz trying to distract election officials into buying inherently defective products like Internet voting schemes.
— matt blaze (@mattblaze) February 13, 2020
You can tell more about the security of a product from the reaction by the vendor to a vulnerability than from the vulnerability itself. By this measure, Voatz has failed miserably. They have squandered any reason anyone might have had to trust them.
— matt blaze (@mattblaze) February 13, 2020
[via techmeme.com]
A U.S. judge on Thursday ordered the Pentagon to temporarily halt work on the cloud computing ‘JEDI’ contract, in what represents a major win for Amazon.com and Jeff Bezos.
READ THE REST
White House plans to divert $3.8 billion from DoD to build Trump’s long-promised wall along the U.S.-Mexico border, for which he lied that Mexico would pay
READ THE REST
Canned air is a big help in dusting tight spaces, particularly keyboards, shelves or servers. But the first thing you should know about canned air is that it’s not air at all. More likely, what’s blowing out of that bottle is fluorocarbons or other mildly toxic substances. Luckily, there’s an easy alternative: The X3 Hurricane […]
READ THE REST
With the rise of the gig economy, it’s easier than ever to either make extra money or work on something you’re passionate about. If one of your passions happens to be photos—taking or editing them—you’ve got lots of options for jumping in, including starting your own business. Seriously. Even with no prior experience, you can […]
READ THE REST
The gym is a responsibility for most of us, not a calling. We go because we need to shore up damage from a sedentary lifestyle and bad eating choices. So as we dutifully work to battle gluttony and decay, all we want is some help to make those hours of sweating a little less painful. […]
READ THE REST
Source: https://boingboing.net/2020/02/13/researchers-say-voting-app-has.html