The story identifies Voatz as the first and only voting app available for consideration by election officials to explore additional technology for better voting access. This attention is especially significant for Voatz as a young company that has spent five years building and piloting a voting platform that first and foremost offers better accessibility, security and resilience when compared to any of the existing options available to those whose circumstances make it difficult to vote in person. This includes our overseas military servicemen and women and those with disabilities.
We are often the subject of doubt, and new technologies are frequently the target of skeptics. A group of researchers, in an effort to trigger a media campaign geared to systematically disrupt a live election process, contacted The New York Times with allegations of vulnerabilities in our system. This effort resulted in a story.
After receiving and reviewing the full report, Voatz concluded that the report is fundamentally flawed, as detailed by our analysis below. Most telling, the foundation of the research is based on an Android version of the Voatz mobile voting app that was at least 27 versions old at the time of analysis. We highlight the flaws within the research and expose the agenda of the researchers below, which is aimed to thwart the process of innovation and progress for better voting access.
Voatz Analysis & Response to Researchers’ Flawed Report
Voatz wishes to acknowledge the enormous effort it must have taken for the team of researchers, two student researchers at MIT with Daniel Witzner, founder of MIT’s Internet Policy Research Initiative, to produce “The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S.”
Our review of their report found three fundamental flaws with their method of analysis, their untested claims, and their bad faith recommendations.
First, the researchers were analyzing an Android version of the Voatz mobile voting app that was at least 27 versions old at the time of their disclosure and never used in an election. Had the researchers taken the time, like nearly 100 other researchers, to test and verify their claims using the latest version of our platform via our public bug bounty program on HackerOne, they would not have ended up producing a report that asserts claims on the basis of an erroneous method.
Second, as the researchers admitted, the outdated app was never connected to the Voatz servers, which are hosted on Amazon AWS and Microsoft Azure. This means that they were unable to register, unable to pass the layers of identity checks to impersonate a legitimate voter, unable to receive a legitimate ballot and unable to submit any legitimate votes or change any voter data.
Third, in the absence of trying to access the Voatz servers, the researchers fabricated an imagined version of the Voatz servers, hypothesized how they worked, and then made assumptions about the interactions between the system components that are simply false. This flawed approach invalidates any claims about their ability to compromise the overall system. In short, to make claims about a backend server without any evidence or connection to the server negates any degree of credibility on behalf of the researchers.
The researchers have labeled Voatz as “not transparent”. With qualified, collaborative researchers we are very open; we disclose source code and hold lengthy interactive sessions with their architects and engineers. We educate them on the critical demands of election security; they give us feedback and educate us on new best practices based on their practical knowledge of security drawn from other industries.
Voatz has worked for nearly five years to develop a resilient ballot marking system, a system built to respond to unanticipated threats and to distribute updates worldwide with short notice. It incorporates solutions from other industries to address issues around security, identity, accessibility, and auditability.
We want to be clear that all nine of our governmental pilot elections conducted to date, involving less than 600 voters, have been conducted safely and securely with no reported issues. Pilot programs like ours are invaluable. They educate all election stakeholders and push innovation forward in a responsible, transparent way. For nearly two decades, the researchers and the community to which they belong have waged a systematic effort to dismantle any online voting pilots. These attempts effectively choke any meaningful conversation and learnings around the safe integration of technology to improve accessibility and security in our elections. The effect is to deny access to our overseas citizens, deployed military service men and women, their families, and citizens with disabilities.
It is clear that from the theoretical nature of the researchers’ approach, the lack of practical evidence backing their claims, their deliberate attempt to remain anonymous, and their priority being to find media attention, that the researchers’ true aim is to deliberately disrupt the election process, to sow doubt in the security of our election infrastructure, and to spread fear and confusion.