New research published by the Massachusetts Institute of Technology (MIT) uncovered security vulnerabilities in a mobile voting application that was used during the 2018 midterm elections in West Virginia.
The mobile voting application, Voatz, has vulnerabilities that allow different kinds of adversaries to alter, stop, or expose a user’s vote, including a sidechannel attack in which a completely passive network adversary can potentially recover a user’s secret ballot. The researchers, Michael A. Specter, James Koppel and Daniel Weitzner, say that Voatz has a number of privacy issues stemming from their use of third party services for crucial app functionality.