The Ballot is Busted Before the Blockchain
As faithful blog readers, you've figured out that we are concerned about online voting apps, particularly unverified systems being pushed with the smokescreen of "blockchain" as the miracle cure to the security issues around internet voting. The Blockchain Papers series was created with the aim of collecting expert statements on this topic.
Here is the latest contribution to the series - no less than an actual security analysis of a certain blockchain system, Voatz, executed by a group of experts from the Massachusetts Institute of Technology (MIT). You will find this analysis fascinating; in particular, the exposure of the use of third parties for voter authentication and the potential privacy violations that may ensue. The privacy risk to the voter, compared to other voting methods, is exponentially higher. Such risk, coupled with the lack of transparency, is enough to put an "Iowa chill" into anyone's bones. I invite you to read the report from Specter, Koppel and Wietzner; and the insightful articles published at the time of its release.
The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S.Federal Elections
By Michael A. Specter, MIT; James Koppel, MIT; and Daniel Weitzner, MIT; February 13, 2020
MIT researchers identify security vulnerabilities in voting app
Mobile voting application could allow hackers to alter individual votes and may pose privacy issues for users.
By Abby Abazorius | MIT News Office, February 13, 2020
Voting on Your Phone: New Elections App Ignites Security Debate
Excerpt: "...researchers at the Massachusetts Institute of Technology say the app is so riddled with security issues that no one should be using it."
By Matthew Rosenberg | New York Times, February 13, 2020 'Sloppy' Mobile Voting App Used in Four States Has 'Elementary' Security Flaws
MIT researchers say an attacker could intercept and alter votes, while making voters think their votes have been cast correctly, or trick the votes server into accepting connections from an attacker.
by Kim Zetter | VICE, February 13, 2020
Security experts raise concerns about voting app used by military voters
Excerpt: "The vulnerabilities could allow nation-state hackers to view, block or even change smartphone ballots before they're counted..."
By Brian Fung | CNN, February 14, 2020