An MIT technical paper shows major flaws in an electronic voting app used in Oregon elections.
The paper was authored by graduate students in the Department of Electrical Engineering and Computer Science, Michael Specter and Daniel Weitzner They detail how attackers could exploit the Voatz app to compromise a user’s privacy and interfere with the voting process at almost every level. An attacker could uncover secret votes, alter ballots, suppress ballots, and learn a user’s IP and identity at almost any level of access.
Election security experts have been staunchly against online voting. Now, Oregon Sen. Ron Wyden has commented, “We share a common goal of making it easier for Oregonians serving in the military or otherwise living overseas to vote. I look forward to working with you to explore ways to do so, including, if appropriate, introducing federal legislation to provide states with additional resources. However, the security and integrity of Oregon’s elections must always come first.” Wyden has asked Oregon Secretary of State Bev Clarno to issue warnings about Voatz to counties in Oregon.
The same app is used in West Virginia, Denver and Utah.
Depth of Attacker Capabilities. According to the technical paper an attacker has abilities to exploit the app at the passive and active network levels, through the 3rd party identification service, the device root, and the Voatz API server. With these types of exploitable passages available to a hacker it could easily allow them to significantly undermine the integrity of an election process and compromise a voter’s identity. “Perhaps most alarmingly, we found that a passive network adversary, like your internet service provider, or someone nearby you if you’re on unencrypted Wi-Fi, could detect which way you voted in some configurations of the election. Worse, more aggressive attackers could potentially detect which way you’re going to vote and then stop the connection based on that alone,” said Specter. In addition, he adds, “It does not appear that the app’s protocol attempts to verify [genuine votes] with the back-end blockchain.” However, Voatz claims they do this.
App Developer Responds. The Voatz development team has called the research methods used by the MIT graduate students into question in a statement claiming the students analyzed an outdated version of the app and that in a limited sample size of less than 600 votes there were no reported issues. There is yet to be a reply from the MIT students on this statement.
However. Tim Erlin, vice president, product management and strategy at Tripwire, cybersecurity company, responds, telling SC Magazine, “ “When you have a significant portion of the technical sector calling for the use of paper ballots in order to ensure the integrity of election results, it’s a good indicator that there’s a real problem to address.”
He adds, “We simply cannot ignore the clear security risks presented by these new voting technologies. The research is clear and the necessary level of assurance isn’t.”
By Sam Schultz
Do you have a story for The Advocate? Email editor@corvallisadvocate.com