On Thursday,A Busty Girl Caught Having Sex While Taking A Lookbook Photo researchers at MIT published an injurious study about vulnerabilities in a "blockchain-based" voting app called Voatz. They found that malicious attackers could penetrate the app and then view, disrupt transmission, or even alter voters' choices.
Despite the niche nature of the app (it's geared towards overseas and disabled voters) and the technicality of the study, the New York Timespicked up the news; the integrity of electronic voting is on everyone's mind in the wake of the disastrously botched use of a voting app in the Iowa caucus.
Broadcasting the troubling findings in the Timeshas prompted public criticism of the app across the internet, and worry by public officials of its use in elections: One county that was planning to use the app has already decided against doing so in the wake of the report.
Voatz vehemently objects to the findings of the study, calling out what it sees as serious flaws in the way in which it was conducted. Namely, it says that researchers used an outdated, reverse-engineered, and partially theoretical version of the app and its server infrastructure instead of the real thing. If they had taken advantage of access to the product through Voatz' bug bounty program, Voatz said, the researchers would have found a much more secure system than what the researchers encountered.
Security experts aren't so sure. Even with the alleged shortcomings of the study, experts see it as a valuable contribution to understanding a new facet of democracy and technology with extremely high stakes.
"By no means is it going to be perfect, but it lays out a pretty good claim that we need some more scrutiny of Voatz," Maurice Turner, a deputy director at the Center for Democracy & Technology, told Mashable. "And it’s a good opportunity for Voatz to take another look and share the security research that they’ve already done."
Founded five years ago, Voatz is a platorm that aims to increase voter turnout and assist overseas citizens (like military personnel) with casting ballots. In 2018, it made headlines (including on Mashable) when West Virginia contracted it as the first "blockchain-based" voting app or a small pilot program.
Its introduction to the world was not entirely smooth. It has been criticized for a lack of transparency about how it functions, for structural flaws in its blockchain auditing system, for use of third party software, and for the fact that experts say blockchain is actually not well-suited at all to voting systems. Moreover, it developed a combative relationship with the security community after it reported a University of Michigan security researcher to the FBI as a "malicious actor."
"We've learned that Voatz responds badly to public research attempting to verify their claims of security," Jacob Hoffman-Andrews, a senior staff technologist at the Electronic Frontier Foundation, told Mashable. "Voatz' approach to third-party security testing raises serious questions about whether they should be trusted, over and above the fundamental unsafety of any e-voting scheme."
All off this led researchers at MIT's Computer Science & Artificial Intelligence Lab to take a deeper dive into Voatz — without the company's knowledge or cooperation. In the introduction to the paper, the researchers specifically cite the Michigan conflict as a reason they didn't engage with the company.
While Turner said he was "surprised" that the researchers neither took advantage of access to the system through the bug bounty program, nor worked with Voatz, he also understands the impetus.
"I’m well aware that Voatz has a mixed reputation amongst security researchers," Turner said. "I could see why there could be some trepidation about engaging with Voatz." However, he also added "It just seems unusual that they wouldn’t have taken an extra step of engaging."
Harri Hursti, a security researcher and co-founder of Nordic Innovation Labs, put it more bluntly. First, Hursti pointed out that there are technical limitations to the bug bounty program that make it not entirely useful for analysis; the researchers also explain their decision not to access the program itself in the paper's discussion.
"Choosing to evaluate this bounty app alone would introduce additional threats to validity, and as the differences between this version and the ones that have been fielded are unclear... Crucially, the bounty does not provide any additional helpful insight into Voatz’s server infrastructure, nor does it provide any source or binary for the API server to test against."
Given Voatz's alleged past behavior and attitude toward researchers, as well as the technical limitations of the bug bounty program, Hursti views the tack the researchers took — of reverse engineering the app, and simulating server communication — as best practices, and their findings as legitimate.
"Voatz has been very hostile towards security research," Hursti said. "The MIT research in my opinion is legitimate. Under these circumstances when the subject of the research is uncooperative, they have done a very good job."
The EFF's Hoffman-Andrews agreed that the MIT research holds up.
"The report is sound," Hoffman-Andrews said. "It relies on common security best practices and reveals some very worrying things about the Voatz app."
Despite recent mainstream worry about voting apps and a legacy of hair-pulling in security about the nightmare of electronic voting, Voatz and other companies are soldiering on. Because of this reality, Turner sees both sides of this story — the app, and the research — as imperative.
"There is definitely a need for continued investment and development, because without that, we can’t actually answer the question 'is this good enough to use in a general election,'" Turner said. "Security researchers are a critical part of that learning and sharing process, which is why overall I appreciate the MIT researches to going to the effort of putting out the report, so vendors like Voatz can incorporate these findings and improve their products."
One can only hope.
NYT Strands hints, answers for April 26
Airlines ban MacBooks from checked baggage, even non
President Donald Trump complained to the CIA about the media
Yes, you can still visit Bob Dole's 1996 campaign website. Here is its story.
Nvidia DLSS: An Early Investigation
Rihanna just gave you a reason to cry with this touching Obama tribute
Sir Ian McKellen sign was a Sir Patrick Stewart meme at Women's March
Barack and Michelle Obama send their first post
Japan orders Google to stop alleged antitrust violations
The Amazon rainforest has a point of no return
Operation Rock Wallaby rains food down on wildlife hurt by bushfires
We made a bracket to crown the greatest scammer in recent history
Women's March attendees give 'Trump' skywriting the finger
Emma Watson hugging her mom at the Women's March is total sweetness
The State of 5G: When It's Coming, How Fast It Will Be & The Sci
How to talk to your kids about consent
This is how self
Yes, you can still visit Bob Dole's 1996 campaign website. Here is its story.
Watch how an old Venus spacecraft tumbled before crashing to Earth
KFC's first
Photos and videos show wildfire devastation across Southern CaliforniaSupreme Court allows Trump's travel ban to proceedAmazon launches in Australia, and it's about freaking timeDownload this: Top Nine helps you find your best Instagrams of 2017California's worst fire season just got even more devastatingChinese developers make almost a quarter of global App Store earnings, says Tim CookIvan Chermayeff, designer of America's recognisable logos, has diedFor millennials, sending your first text message was a rite of passageMark Hamill and John Boyega are trolling 'Star Wars' fans on Twitter againBTS gets Twitter's 'golden tweet' for 2017, thanks to fan engagementGerman pilots have stopped more than 200 flights to deport Afghan refugeesDanny Masterson to be written off 'The Ranch' due to rape allegationsWinter is coming to the U.S., but will there be snow, or just cold?Joy Photo Album curates family photos from Instagram, Facebook, moreYou could soon be able to change the direction of your emojiPop rockers Cheap Trick release a vibrant holiday album 'Christmas Christmas'Patagonia fights back hard against Trump's national monument land grabA few ways to check if your Airbnb host is secretly filming you'House of Cards' will resume final season in 2018 without Kevin SpaceyWindows 7 users are officially dropping like flies Google, online ad industry accused of abusing intimate personal data in GDPR complaint 'Anthem' gets off to a rocky start as EA's 'VIP' weekend falls apart Super Bowl stadium has parking lots full of EV charging plugs Perfect timing: Facebook hires top privacy law activists Twitter is testing a morning news brief to help you 'catch up' on tweets NFL ball boy pulls off spectacular one Why Apple wants you spending more time in stores even if you're not buying 'The Hong Kong Massacre' wears its influences proudly, to great effect Networking helps women land leadership roles Tesla launches new cheaper Model S and Model X Apple receives lawsuit over FaceTime bug Vulnerable software that helped cause Equifax breach still being used by major U.S. corporations Huawei charged with fraud and money laundering Google ups its anti Nick Clegg says Facebook to open another 'war room' to fight fake news Pantsuit flashmob takes over Union Square in homage to Hillary Clinton Everything coming to Amazon Prime Video in February 2019 Adam Driver is at his very best in CIA torture drama 'The Report' How millennials can contribute to their financial futures while supporting their values Tim Kaine shows his family values by inviting married lesbian couple to VP debate
2.2334s , 10132.96875 kb
Copyright © 2025 Powered by 【A Busty Girl Caught Having Sex While Taking A Lookbook Photo】,Miracle Information Network