Voatz, an online election app increasingly popular in the United States, is riddled with serious security vulnerabilities, according to a new study from researchers at MIT. They conclude that hackers who strike the Voatz app can potentially alter, stop, or expose individual votes.
The news comes just weeks after a hastily made app fell apart during the Democratic Party’s Iowa caucus, a high-profile failure that put a spotlight on how faulty technology can undermine democratic processes.
“We all have an interest in increasing access to the ballot, but in order to maintain trust in our elections system, we must assure that voting systems meet the high technical and operation security standards before they are put in the field,” said Daniel Weitzner, a principal research scientist at MIT’s Computer Science and Artificial Intelligence Lab, who guided the research. “We cannot experiment on our democracy.”
Get out the Voatz: Voatz has already been used as a pilot program in federal elections, most recently the 2018 midterm elections in West Virginia as well as previous ballots in Denver, Oregon, and Utah. Around 600 voters were involved, according to the company. Thousands more are set to use the app this year.
Sticks and stones: In response to the study, the company that produced Voatz accused the researchers of faulty analysis, “untested claims,” and “bad faith recommendations.”
In a lengthy statement, the company said the cybersecurity researchers were aiming primarily for media attention and claimed that they seek to “disrupt the election process, to sow doubt in the security of our election infrastructure, and to spread fear and confusion.”
In fact, the researchers took their findings to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency in January, which led DHS to hold private briefings for election officials using Voatz.
“We want to be clear that all nine of our governmental pilot elections conducted to date, involving less than 600 voters, have been conducted safely and securely with no reported issues,” the company said in a statement. “Pilot programs like ours are invaluable.”
Expert view: “The consensus of security experts is that running a secure election over the internet is not possible today,” said James Koppel, one of the MIT researchers. “The reasoning is that weaknesses anywhere in a large chain can give an adversary undue influence over an election, and today’s software is shaky enough that the existence of unknown exploitable flaws is too great a risk to take.”
“The choice here is not about turnout,” the report said, “but about an adversary controlling the election result and a loss of voter privacy.”
AI-powered 6G networks will reshape digital interactions
The convergence of AI and communication technologies will create 6G networks that make hyperconnectivity and immersive experiences an everyday reality for consumers.
The power of green computing
Sustainable computing practices have the power to both infuse operational efficiencies and greatly reduce energy consumption, says Jen Huffstetler, chief product sustainability officer at Intel.
How this Turing Award–winning researcher became a legendary academic advisor
Theoretical computer scientist Manuel Blum has guided generations of graduate students into fruitful careers in the field.
Using data, AI, and cloud to transform real estate
AI can enable business transformation to deliver positive outcomes for clients and propel sustainability goals, according to Sandeep Davé, chief digital and technology officer at CBRE.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.