West Virginia’s Awful, Terrible, Really Bad Idea to Pilot Mobile Voting
You’d have to have been living under a rock (or maybe in an alternate universe) for about the past two years to not know that (1) the U.S. election system is horrifically insecure, (2) foreign hackers have already taken advantage of this and tampered with our elections, and (3) internet voting is out of the question because if there’s anything more insecure than the system we’re already using, it’s online polling.
The federal government has shown little interest in doing anything about any of this, having recently shot down additional funding to help states shore up their elections systems. Meanwhile, Bloomberg reports that cyber attacks on the midterms, ranging from phishing schemes targeting individual candidates to social media misinformation campaigns, have already commenced in earnest.
In the midst of all of this, the State of West Virginia has come up with the absolutely genius idea to allow residents serving in the military overseas to vote by mobile phone in its upcoming midterm elections. It’s just a “pilot” project, you see, on a limited basis, and it’s totally and completely safe because they’ve enlisted this innovative company called “Voatz” (really, that’s what the company they’re entrusting their elections to is called) with this really great and secure system and…
HELLO? IS THIS THING ON?
You can read more about West Virginia’s foolish foray into the world of mobile voting — and security experts’ horrified reactions — on multiple sites, including Vanity Fair and Ars Technica. However, the best blow-by-blow breakdown of this fiasco is arguably this very long but highly informative Twitter thread by security architect Kevin Beaumont. Here’s a highlight reel.
First, their setup is an antiquated, insecure joke:
Why is it not surprising that such a company wouldn’t have anyone in charge of cyber security?
Among the claims of the pinhead proponents of the West Virginia project is that it’s safe because blockchain. Yeah, about that…
Oh, and it turns out that Voatz has ties to our nation’s closest and most trusted ally, Russia!
Even a first-year computer science undergrad who is barely pulling C’s can understand why these things are, like, really, really bad:
BTW, this also isn’t Voatz’s first rodeo.
Security audits? We don’t need no stinkin’ security audits!
Yep.
The thread goes on and on, with Voatz themselves showing up to throw down with Beaumont and accuse him of “propaganda.”
I’ll leave everyone who’s read this far with this comment, which pretty much sums it up.
Way to go, West Virginia! If someone decides to make a Cybersecurity version of the Darwin Awards, you’ve got my (paper) vote!
Originally published at wildowldigital.com on August 9, 2018.
