SoylentNews is people
SoylentNews
Arthur T Knackerbracket has found the following story:
Flaws in the blockchain app some states plan to use in the 2020 election allow bad actors to alter or cancel someone’s vote or expose their private info.
Security researchers have found key flaws in a mobile voting app that some states plan to use in the 2020 election that can allow hackers to launch both client- and server-side attacks that can easily manipulate or even delete someone’s vote, as well as prevent a reliable audit from taking place after the fact, they said.
A team of researchers at MIT released a security audit of Voatz—a blockchain app that already was used in a limited way for absentee-ballot voting in the 2018 mid-term elections—that they said bolsters the case for why internet voting is a bad idea and voting transparency is the only way to ensure legitimacy.
West Virginia was the first state to use Voatz, developed by a Boston-based company of the same name, in the mid-term election, marking the inaugural use of internet voting in a high-stakes federal election. The app primarily collected votes from absentee ballots of military service personnel stationed overseas. Other counties in Utah and Colorado also used the app last year in a limited way for municipal elections.
However, despite the company’s claim that the app has a number of security features that make it safe for such an auspicious use—including immutability via its use of a permissioned blockchain, end-to-end voting encryption, voter anonymity, device compromise detection, and a voter-verified audit trail–the MIT team found that any attacker that controls the user’s device through some very rudimentary flaws can brush aside these protections.
“We find that an attacker with root privileges on the device can disable all of Voatz’s host-based protections, and therefore stealthily control the user’s vote, expose her private ballot, and exfiltrate the user’s PIN and other data used to authenticate the server,” MIT researchers Michael A. Specter, James Koppe and Daniel Weitzner wrote in their paper (PDF), “The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S.Federal Elections.”
[...] One voting district in Washington state—Mason County–already has pulled its plans to use Voatz in November, according to the New York Times, while West Virginia is moving ahead with its plans to expand Voatz used to disabled voters, the paper reported.
(Score: 3, Interesting) by canopic jug on Sunday February 16 2020, @05:39AM (7 children)
I would not call a vote that what the software, especially that software, produces. A vote is instead something which can be verified on demand indefinitely yet keeps the caster anonymous. Instead, I would call what that "app" produces as a vote surrogate or even a pretend vote.
The story here, yet again, is not that these voting apps fail miserably, it is that the nation's experts in voting, electronic voting, and computer security have been consistently silenced* and fully ignored for over two decades despite their unanimity in opposition to electronic voting. Sadly that comes down to who owns the little that remains of the media. The fourth estate has held politicians to task for a very long time. However, Nixon was the last one. Reagan and every president since has hacked away large chunks of it so now we have only that which is tame, weak, and very obedient to the politicians' wealthy friends.
* That inludes frequent, credible death threats which are yet somehow not addressed by the police.
Money is not free speech. Elections should not be auctions.
(Score: 2) by Runaway1956 on Sunday February 16 2020, @07:41AM (3 children)
So, this is why Trump gets a free pass from the press? He can do anything, and the press doesn't report it. He could grab women by the pussy on Times Square, in broad daylight, and the press wouldn't report it. Got it.
(Score: 5, Informative) by canopic jug on Sunday February 16 2020, @08:43AM
Yep. He's one of the worst and has gotten a completely free pass from what's left of the press. The press failed to touch any of his lies and bullshit during the 2016 campaign and have backed off considerably since then even from their already timid position then. They haven't even called him out for cancelling the Whitehouse press briefings several years ago.
Money is not free speech. Elections should not be auctions.
(Score: 1, Touché) by Anonymous Coward on Sunday February 16 2020, @05:55PM (1 child)
You're the asshole that's been spewing "TDS" anytime people criticize him, and you're the same asshole who would crow about fake news liberal media.
Go fuck your gaslighting bunghole with nail studded bat.
(Score: 2, Touché) by Runaway1956 on Sunday February 16 2020, @06:13PM
Correct. I'm the asshole who spews "TDS" everytime people make irrational accusations based on partisan bullshit. Meanwhile - all those TDS 'tards help to prove that Trump doesn't actually get a free pass. Bite my gaslighting bunghole, you goober smoocher!
(Score: 2) by FatPhil on Sunday February 16 2020, @11:47AM (2 children)
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by hemocyanin on Monday February 17 2020, @01:45AM (1 child)
Americans are apparently too stupid and uninformed for us to require ID cards for voting. At least according to Democrats.
(Score: 2) by dry on Monday February 17 2020, @06:02AM
The problem with ID is it another means to disenfranchise people if the implementers so choose.
I've needed ID to vote for the longest time and up till the Conservatives, with advice from the Republicans got to change the rules, it worked fine and after those arseholes got voted out, it is once again working fine.
What's funny is that I can get American ID, legally and then I guess vote as I'd have a drivers license and look and sound American. I'd imagine there are a lot of permanent residents and illegals with ID.