Researchers at the Massachusetts Institute of Technology (MIT) say they have found security vulnerabilities in a voting app used by both Republicans and Democrats in Utah, Colorado, Oregon, and West Virginia.
Those vulnerabilities could allow hackers to see how you vote and even the ability to change that vote.
The app in question is called Voatz, and it was most recently used in West Virginia's 2018 midterm elections. The app was also used for prior Utah elections, the 2016 Utah Republican Convention, the 2016 Massachusetts Democratic Convention, as well as elections in Denver and Oregon. This is not the same app that caused major issues in the 2020 Democratic Iowa caucuses.
MIT researchers say they've pinpointed several weaknesses in the app, according to a news release, including:
The opportunity for hackers to alter, stop, or expose how an individual user has voted. Additionally, the researchers found that Voatz’s use of a third-party vendor for voter identification and verification poses potential privacy issues for users.
After finding vulnerabilities in the Voatz app, the researchers disclosed what they found to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA).
Daniel Weitzner, a principal research scientist at MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) and founding director of the Internet Policy Research Initiative, says:
We all have an interest in increasing access to the ballot, but in order to maintain trust in our elections system, we must assure that voting systems meet the high technical and operation security standards before they are put in the field. We cannot experiment on our democracy.
The MIT researchers say they worked closely with CISA agents to alert affected election officials and the app's vendor before these findings were made public. Those findings include:
An adversary with remote access to the device can alter or discover a user’s vote, and that the server, if hacked, could easily change those votes.
James Koppel, a graduate student in MIT’s Department of Electrical Engineering and Computer Science (EECS) says:
The consensus of security experts is that running a secure election over the internet is not possible today. The reasoning is that weaknesses anywhere in a large chain can give an adversary undue influence over an election, and today’s software is shaky enough that the existence of unknown exploitable flaws is too great a risk to take.
The alarming findings are in a new paper by Michael Specter, a graduate student at EECS. Specter says:
Perhaps most alarmingly, we found that a passive network adversary, like your internet service provider, or someone nearby you if you’re on unencrypted Wi-Fi, could detect which way you voted in some configurations of the election. Worse, more aggressive attackers could potentially detect which way you’re going to vote and then stop the connection based on that alone.
Specter and Koppel also found that Voatz has privacy issues that could allow a third party to access your driver's license, photo, and other forms of identification.
The researchers warn that software developers should prove their systems are as secure as paper ballots. Specter says:
The biggest issue is transparency. When you have part of the election that is opaque, that is not viewable, that is not public, that has some sort of proprietary component, that part of the system is inherently suspect and needs to be put under a lot of scrutiny.