Voting By Cell Phone Is A Terrible Idea, And West Virginia Is Probably The Last State That Should Try It Anyway

from the industrialized-incompetence dept

So we've kind of been over this. For more than two decades now we've pointed out that electronic voting is neither private nor secure. We've also noted that despite this several-decade long conversation, many of the vendors pushing this solution are still astonishingly-bad at not only securing their products, but acknowledging that nearly every reputable security analyst and expert has warned that it's impossible to build a secure fully electronic voting system, and that if you're going to to do so anyway, at the very least you need to include a paper trail system that's not accessible via the internet.

Having apparently learned nothing, reports emerged this week that West Virginia is considering launching an initiative that would let some state residents vote via cellphone. To be clear, the effort initially appears focused on letting troops stationed overseas vote. Not surprisingly, more than a few folks were quick to highlight to CNN how this would be an arguably terrible idea:

"Mobile voting is a horrific idea," Joseph Lorenzo Hall, the chief technologist at the Center for Democracy and Technology, told CNN in an email. "It's internet voting on people's horribly secured devices, over our horrible networks, to servers that are very difficult to secure without a physical paper record of the vote."

Marian K. Schneider, president of the election integrity watchdog group Verified Voting, was even more blunt. Asked if she thought mobile voting is a good idea, she said, "The short answer is no."

Given security analysts routinely aren't sure whether or not our existing voting systems may have been compromised by actors foreign and/or domestic, and the federal government just got done making it clear election security isn't a priority with an idiotically-partisan vote, it seems like a pretty terrible time to begin trying to implement new online voting efforts. And if you've watched West Virginia's blistering corruption when it comes to sectors like the telecom industry, the state is probably the last state in the union that should be attempting such a voting system overhaul.

Judging from online conversations, the company that's building the new West Virginia system (Voatz) may not be the best choice either, since it doesn't appear capable of securing its own website:

Comforting. Ideally, the system would involve a user first registering by taking a photo of their government-issued ID and a selfie-video of their face, which are then registered via the app. Voatz claims the company's facial recognition software will then ensure the photo and video submitted are of the same person, with users then able to cast their ballot using the Voatz app. Documents the company circulates at trade shows indicate the company utilizes the blockchain to ensure its systems are more secure and "fundamentally different than touchscreen or online voting." But the company has failed to clarify how.

There's roughly a million and one ways this entire process could go to hell, from SS7 vulnerabilities to man in the middle attacks everywhere along the chain between your device and the Voatz database. And if there's not a hard paper trail, it opens the door to any number of undetectable changes that could happen during transit. Of course this has all been repeatedly stated countless times over the last few decades, but it's a message that's still not apparently getting through.

Filed Under: blockchain, e-voting, electronic voting, mobile voting, security, west virginia
Companies: voatz


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    Stephen T. Stone (profile), 8 Aug 2018 @ 2:58pm

    The larger issue lies in how sites like Twitter and Facebook centralized the one thing that should never have been centralized on the Internet: communities.

    Before centralized social interaction networks—Twitter, Facebook, and even MySpace and Livejournal before them—Internet communities were on entirely different platforms, specifically forums. A fan community for, say, one specific cartoon would rarely have shared space with a fan community of another cartoon. Forums for niche interests remained niche themselves, although the occasional bout of “atrocity tourism” started via email and instant messaging likely struck those at some point. The web was largely decentralized and interests splintered into separate communities, and lo, it was good.

    Then came the centralized services—the silos, if you will. Rather than keep the communities separate, the silos decided that having everyone interacting with each other regardless of interest would be better for…well, the silos, really. Nobody with the power to stop the silos really thought through the ethics and morals and potential ramifications of centralizing social interaction until it was far too late.

    A decade-plus after the first wave of Twitter’s popularity and the complete erosion of trust in the silos, people have begun to tire of this bullshit. Why should they have to put up with harassment and bullying just so they can talk to other people with similar interests? Why should they have to share a platform with avowed racists, liars, and Donald Trump? Mastodon represents the first major step in going back to what we had before—decentralized communities on separate platforms—while allowing people to choose whether they want to bridge those communities together via federation. The move away from the silos also allows for better control of data associated with those services; unless an instance admin is a particularly awful person, Mastodon instances tend to avoid advertising and using data for nefarious/capitalistic purposes. (anticapitalist.party is an actual Masto instance, by the way.)

    Yes, some of these services might one day grow large enough to become a silo in and of themselves. But that is why these new protocols are open-source and freely available: If one instance grows “too big”, anyone can spin off a specialized instance of their own and invite their friends onto it. mastodon.social has no danger of becoming Twitter even if it remains the “flagship” instance of Mastodon. Too many instances already exist as alternatives—or, like in the Before Time, as secondary outlets for exploring different interests and communicating with others who share them.

    Decentralization is the goal. Getting there is gonna be a hell of a fight. Then again, so was getting people to take Twitter seriously…and look how that turned out.


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.