Editorials: Will Vote-by-App Ever Be Safe? | Scott White/Dark Reading
Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders. The push for online voting has been happening for years, but now that a major pandemic has hit the US, there is more incentive than ever for states and counties to try out online and mobile voting services. This summer, Delaware and West Virginia will allow online voting in their primaries, and New Jersey is also testing it in a municipal election. The Utah GOP recently used mobile voting in a virtual state convention. Other states and counties are likely to follow. These solutions are far from perfect; to call them “experimental” is putting it nicely. Most of the current providers are new companies with relatively small development teams. Multiple researchers like MIT and Trail of Bits have found vulnerabilities in the voting app created by Voatz. It’s also concerning that the app developer appears to be antagonistic to the security community about such vulnerability research. And let’s not forget what happened to Shadow Inc.’s IowaReporterApp during the Iowa Democratic presidential caucus this past February. The inherent vulnerability of app-based voting is a serious cause for concern, but governments and political parties are likely to pursue them anyway. So, let’s take a closer look at where the problems are.