In a report published by the Department of Homeland Security (DHS), they uttered that Voatz had no active threats on its network during the week-long operation, conducted in September and DHS (Department of Homeland Security) has taken it as a technical pitfall. The technical issue has come under sight during a cybersecurity audit of the mobile voting app vendor’s Boston headquarters. MIT researchers reportedly claimed to detail several major vulnerabilities in the Medici-backed Voatz’s app. The CISA, Cybersecurity and Infrastructure Security Agency, developed a series of suggestions to boost Voatz’s security. Another report, made by MIT, mentions that the app has limited transparency. CISA basically focuses more on Voatz’s internet network rather than the app. These issues can bear future risk to the Voatz’s network.
What Did MIT Unearthed?
As said by researchers that the app is afflicted with privacy vulnerabilities and adversaries can lead to a number of problems like inferring user vote choice, corrupt the audit trail and even change the ballot. Reportedly, the MIT report depends on a reverse engineering of the Voatz app and reimplemented ‘’clean room’’ server. But no issue has been created by the researchers about the Voatz’s use of blockchain. The report said the Voatz app never submits vote information to any ‘’blockchain-like-system.’’ Researchers think the company’s ‘’black box’’ approach to public documentation could erode public trust. As per the report, democratic process should be cogent so that legitimacy can be well maintained and make sure the outcome is not affected. The researchers recommended elected officials ‘’abandon’’ the app outright. According to Amelia Powers Gardner, election auditor, at least some of the bugs cannot be exploited in practice.
Whether the strict security requirements on election system can be overcome by any electronic-only mobile or internet voting system is vague. Amelia Powers Gardner said these claims have not been substantiated by the researchers. She said while these concerns of around mobile loading can be valid, they don’t rise to a level of a security that causes her to even question the use of the mobile app. Compared to the, current technological solution: email the software is a far better alternative for otherwise disenfranchised voting groups as thought by Powers Gardner. Another comment came that a number of the researchers’ concerns still stand despite comment of Powers Gardner. John Sebes said they can’t validate Voatz’s claims that newer versions were better, but it’s still the case that the version inspected had some fairly basic issues. Claims of researchers were speculative in response to Power Gardner’s claims. The objective is to find vulnerabilities in the software that could enable adversaries to conduct a successful cyber operation.
Will there be any issue with voting?
Voatz insinuated in MIT report to the researchers saying that they were embarking on a fear campaign. And they said it in a statement which includes that it is clear that from the theoretical nature of the researchers’ approach….that the researchers’ true aim is to intentionally disrupt the election process to sow doubt in the security of our election infrastructure and to spread fear and confusion. Reportedly, Voatz had taken action on most of their recommendations. But West Virginia found no issues yet using the app.