MIT test of "Secure" Voting App finds multiple vulnerabilities.

The touch screen "unauditable" voting machines are very bad, as far as security. We all know that, I hope! What about Internet voting? *Any closed source "voting app" has a strong possibility of being even worse. MIT found multiple security vulnerabilities in "Voatz" which was recently used in Virginia.

Article by way of Bruce Scheiner and his excellent blog.

https://internetpolicy.mit.edu/wp-content/uploads/2020/02/SecurityAnalysisOfVoatz_Public.pdf


[2020.02.17] [https://www.schneier.com/blog/archives/2020/02/voatz_internet_.html] This paper describes the flaws in the Voatz Internet voting app: "The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections [https://internetpolicy.mit.edu/wp-content/uploads/2020/02/SecurityAnalysisOfVoatz_Public.pdf]."

> Abstract: In the 2018 midterm elections, West Virginia became the first state in the U.S. to allow select voters to cast their ballot on a mobile phone via a proprietary app called "Voatz." Although there is no public formal description of Voatz's security model, the company claims that election security and integrity are maintained through the use of a permissioned blockchain, biometrics, a mixnet, and hardware-backed key storage modules on the user's device. In this work, we present the first public security analysis of Voatz, based on a reverse engineering of their Android application and the minimal available documentation of the system. We performed a clean-room reimplementation of Voatz's server and present an analysis of the election process as visible from the app itself.
>
> We find that Voatz has vulnerabilities that allow different kinds of adversaries to alter, stop, or expose a user's vote,including a sidechannel attack in which a completely passive network adversary can potentially recover a user's secret ballot. We additionally find that Voatz has a number of privacy issues stemming from their use of third party services for crucial app functionality. Our findings serve as a concrete illustration of the common wisdom against Internet voting,and of the importance of transparency to the legitimacy of elections. 

News [https://www.nytimes.com/2020/02/13/us/politics/voting-smartphone-app.html] articles [https://www.vice.com/en_us/article/akw7mp/sloppy-mobile-voting-app-used-in-four-states-has-elementary-security-flaws].

The company's [https://blog.voatz.com/?p=1209] response [https://www.prnewswire.com/news-releases/new-york-times-profiles-voatz-301004581.html] is a perfect illustration of why non-computer non-security companies have no idea what they're doing, and should not be trusted with any form of security.

EDITED TO ADD (3/11): The researchers respond [https://internetpolicy.mit.edu/faq-on-the-security-analysis-of-voatz/] to Voatz's response.