Two weeks after a malfunction in a vote-reporting app helped make a mess out of the Iowa caucuses, another election app is stirring up anxieties.
Voatz, which allows voters to submit their ballots virtually, is facing scrutiny—not for the first time—as researchers at the Massachusetts Institute of Technology published a report on Thursday identifying what they claim to be major security flaws in its infrastructure that should deter anyone from using it. This comes just as an undisclosed number of counties are set to start implementing it in the presidential election for absentee voters. As the report states, “Given the severity of failings discussed in this paper, the lack of transparency, the risks to voter privacy, and the trivial nature of the attacks, we suggest that any near-future plans to use this app for high-stakes elections be abandoned.”
As is the case with any election technology, the specter of interference is a major obstacle to implementation. Voatz purports to harness end-to-end encryption, facial recognition, and blockchain, which is the network technology that facilitates cryptocurrency, to identify voters and make sure that ballots are not tampered with. The researchers say, however, that these measures still leave open a number of vulnerabilities that would allow a malicious party to negate or change votes, as well as spy on a user’s ballot. The paper claims, for example, that a hacker could launch a brute force attack to discover a user’s PIN for their account or gain administrative privileges to a smartphone to manipulate the app.
Because of Voatz’s alleged “lack of transparency,” the researchers reverse-engineered the app by using information that the company had made publicly available in order to run their tests. In a blog post responding to the study, Voatz stated, “With qualified, collaborative researchers we are very open; we disclose source code and hold lengthy interactive sessions with their architects and engineers.” The company has also alleged that the MIT study is inherently flawed, in part because the version of the app that the researchers were testing was outdated, not connected to Voatz’s servers, and only the Android version. And in a particularly barbed portion of the post, Voatz attacks the researchers for trying to “deliberately disrupt the election process, to sow doubt in the security of our election infrastructure, and to spread fear and confusion.”
The New York Times reported that Mason County in Washington has decided not to use the Voatz app for its primaries at the end of March. The county had planned to allow troops overseas to vote with the app, and some had already done so according to the company, but Auditor Paddy McGuire told Slate that he got cold feet after attending a meeting that the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency had convened with the researchers and the counties that were set to use the app. The app-related debacle in Iowa further convinced him that relying on Voatz would be a risky move, at least from an optics standpoint.
“We had just had the hysteria around Iowa and I had watched talking heads on CNN say that the elections needed to be nationalized,” McGuire said. “Given the media storm around Iowa, I was reluctant to become the Iowa Democratic Party.” While the Iowa app failed due to a coding issue, rather than a security breach, it’s made people wary of similar products. McGuire is still open to using the app in the future, positing that while there will never be an absolutely invulnerable app, the technology is acutely needed for people serving overseas; he finds the alternative of using an email attachment to be too unsecure and physical mail to be too unreliable. “I’m unwilling to say to a Marine that you don’t get to vote because some guy at MIT said it’s not safe.” While Mason County will not be offering Voatz as an option this primary cycle, West Virginia still plans to go ahead with its plans for the app.