Security Vulnerabilities in Voatz Mobile voting platform

Voatz, which is a 2016 mobile election voting application headquartered in Brookline, Massachusetts is hitting Google news headlines for all wrong reasons. Technically speaking, this application is seen allowing voters to cast their votes from their supported mobile devices. And the company then re-evaluates the votes with the help of Blockchain technology and the user’s geographic location.

 

News is now out that the Voatz application is filled with 48 security vulnerabilities, out of which 16 were highly serious issues.

 

Note- This application was audited by researchers from Cybersecurity firm Trial of Bits and Tusk Philanthropies. But Voatz only fixed some of them and neglected others as it considered them as acceptable risks.

 

Coming to the usage of the mobile voting app- It has already been used in the elections of West Virginia, Denver, parts of Oregon, Utah, and Washington State.

 

“Architecturally, the Voatz’s central server is filled with multiple flaws which can be compromised on a software note putting a big dent on the integrity of the held elections”, said Matthew Green, a Cryptographer, and computer science professor at John Hopkins University.

 

Note- In Oct’19, the FBI discovered in its investigation that the central server of Voatz app was infiltrated by hackers suspecting an influence in the results of the 2018 midterm elections. Later it found in its investigation that some Computer science students from the University of Michigan could have participated in the breach and could have done it as a part of a “Class CSC Assignment” and not to alter the votes.

 

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display