Voatz – WindowsTechs.com

Security researchers slam Voatz brief to the Supreme Court on anti-hacking law

Posted on September 14, 2020 by Sean Lyngaas

A group of high-profile cybersecurity specialists doesn’t want mobile voting firm Voatz to have the last word before the Supreme Court takes up a case with major implications for computer research. The security practitioners, including computer scientists and vulnerability disclosure experts, on Monday criticized Voatz’s argument that a federal anti-hacking law should only authorize researchers with clear permission to probe computer systems for vulnerabilities. An amicus brief filed by Voatz earlier this month, the security specialists charged, “fundamentally misrepresents widely accepted practices in security research and vulnerability disclosure.” At issue is the Computer Fraud and Abuse Act (CFAA), a more than 30-year-old law that legal experts say could be abused to target good-faith researchers who break systems while trying to them more secure. The Supreme Court is set to consider whether corporate terms of service can be considered an inviolable boundary under the CFAA when it resumes in October. Legal experts and technologists see the […]

The post Security researchers slam Voatz brief to the Supreme Court on anti-hacking law appeared first on CyberScoop.

Continue reading Security researchers slam Voatz brief to the Supreme Court on anti-hacking law→

Voatz urges Supreme Court to not protect ethical research from prosecution

Posted on September 4, 2020 by Jeff Stone

If the mobile voting firm Voatz actually is interested in working with security researchers who can examine their technology, the company sure has an odd way of showing it. Massachusetts-based Voatz on Thursday filed an amicus brief to the Supreme Court, arguing that only security researchers with clear permission should be authorized to probe systems for vulnerabilities. The filing came as part of a Supreme Court case in which justices are poised to reconsider the Computer Fraud and Abuse Act, a 1986 federal law that prohibits access to computers without the owner’s consent. Researchers have said the anti-hacking law is overly vague, and could criminalize activities ranging from innocuous internet habits, like sharing passwords, to important anti-discrimination research. A group of law scholars previously asked the court to allow ethical security tests. Voatz, which advertises an internet-based voting platform in a market dominated by more established voting machine manufacturers, has […]

The post Voatz urges Supreme Court to not protect ethical research from prosecution appeared first on CyberScoop.

Continue reading Voatz urges Supreme Court to not protect ethical research from prosecution→

DHS memo: ‘Significant’ security risks presented by online voting

Posted on May 11, 2020 by Sean Lyngaas

The Department of Homeland Security has told election officials and voting vendors that internet-connected voting is risky to the point that ballots returned online “could be manipulated at scale” by a malicious attacker. The advisory that DHS’s Cybersecurity and Infrastructure Security Agency sent states on Friday is perhaps the federal government’s sternest warning yet against online voting. It comes as officials weigh their options for conducting elections during a pandemic and as digital voting vendors see an opportunity to hawk their products. While the risk of election officials delivering ballots to voters via the internet can be managed, the return of those ballots by voters “faces significant security risks to the confidentiality, integrity, and availability of voted ballots,” CISA said in the guidance, which CyberScoop reviewed. “These risks can ultimately affect the tabulation and results and, can occur at scale.” The guidance, which is marked “For Official Use Only” and […]

The post DHS memo: ‘Significant’ security risks presented by online voting appeared first on CyberScoop.

Continue reading DHS memo: ‘Significant’ security risks presented by online voting→

Why you can’t trust your vote to the internet

Posted on April 13, 2020 by cyber_admin

A common adage in information security is that most startups don’t hire their first full-time security engineer until they’ve got around 300 employees. If an app only stores public data and has no need to authenticate users, that might not present much of a problem. But when an app needs to be trusted to protect the confidentiality of a person’s political preference, it’s something else entirely. It’s why Tusk Philanthropies — an organization devoted to bringing mobile voting to the masses — is playing matchmaker between a half-dozen mobile voting startups and the security experts that can help bring them up to snuff. The team at Trail of Bits — a boutique software security firm based in New York — was commissioned by Tusk in late 2019 to conduct a thorough ‘white box’ security test of mobile voting app Voatz, an app used in five states. The testers would have […]

The post Why you can’t trust your vote to the internet appeared first on CyberScoop.

Continue reading Why you can’t trust your vote to the internet→

Experts: Internet voting isn’t ready for COVID-19 crisis

Posted on April 8, 2020 by cyber_admin

Internet technologies are set to play a critical role in the 2020 presidential election, but precisely which voting alternatives will be pursued – and whether they can adequately be secured – is now a $400 million question. COVID-19 doesn’t – at this point – present an excuse to postpone the general election in November. Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency told a recent Axios forum that 42 U.S. states have mechanisms in place that allow for alternatives to in-person voting, and the other eight have break-glass provisions for doing the same when emergencies require it. A global pandemic would most certainly meet that threshold. The $2.2 trillion coronavirus relief bill (CARES Act) signed into law last week included $400 million of grants the Election Assistance Commission can give to states to help them “prevent, prepare for and respond to Coronavirus.” Earlier versions of the bill stipulated […]

The post Experts: Internet voting isn’t ready for COVID-19 crisis appeared first on CyberScoop.

Continue reading Experts: Internet voting isn’t ready for COVID-19 crisis→

Hackers Can Seize Control of Ballots Cast Using the Voatz Voting App, Researchers Say

Posted on February 14, 2020 by Elizabeth Montalbano

Flaws in the blockchain app some states plan to use in the 2020 election allow bad actors to alter or cancel someone’s vote or expose their private info. Continue reading Hackers Can Seize Control of Ballots Cast Using the Voatz Voting App, Researchers Say→