FBI Investigating Alleged Hacking Attempt Into Mobile Voting App During 2018 Midterms

The FBI is investigating after someone allegedly tried to hack into West Virginia's mobile voting app during the 2018 midterm elections. From a report: One or more people allegedly attempted to hack into Voatz, an experimental app that lets voters who are active military or registered to vote abroad cast their votes from their phones, Mike Stuart, the US attorney for the Southern District of West Virginia, announced Tuesday. Stuart said in a statement that "there was no intrusion and the integrity of votes and the election system was not compromised," but that an investigation had begun, was "ongoing and no legal conclusions whatsoever have been made regarding the conduct of the activity or whether any federal laws were violated." West Virginia is the only state that currently allows for the system, though it's been used and is being considered in several cities and counties across the country.

"We just noticed a certain group of people from a certain part of the country tried to access the system. We stopped them, caught them and reported them to the authorities," Voatz co-founder and CEO Nimit Sawhney told CNN. "Somebody downloaded, registered and then tried to tamper with it, do something. We caught unauthorized activity, and they immediately got stopped," Sawhney said. He said he did not think the culprit was a sophisticated nation-state hacker looking to disrupt the election. Because Sawhney caught the activity last October, and elections are considered critical infrastructure, he felt he needed to report the incident to the FBI.

Solution is easy

[drnb]

The solution is easy. Maybe we could all go to some locally designated place, plug our phones into a dock, have local ballots uploaded to the phone, vote, submit the votes and the dock shows them on a printed piece of paper for confirmation before formally accepting the votes. ;-)

Re:Solution is easy

[drnb]

Because, you know, a pencil would be too complicated compared to a phone or dedicated computer. :-P

Re:

[BringsApples]

Regardless of what item is used to write, type, chisel, or carve the vote, it's all a stupid scam if it's all done in secrecy. As long as I cast my vote into a dark hole where only special people get to retrieve them, it's all a scam.

Vote for candidateA in buildingA
Vote for candidateB in buildingB
Vote for candidateC in BuildingC

Have a huge score-board placed outside each of the buildings that displays the count of people that've voted. This way, each time someone votes, they can see that vote change the c

Re:

[jgdnavy]

No, it explicitly doesn't preserve that privacy. If you pick a building based on your chosen candidate, if they see you go in, they know who you voted for. You could somewhat prevent vote stuffing if you didn't separate by candidate, but being able to know who someone voted for specifically opens the door for intimidation (even if only peer pressure).

Re:

[BringsApples]

If you drive by someone's house where they've posted a huge sign featuring their candidate, do you worry about that person getting attacked? Bumper-stickers on cars... do you worry about them too? If not, then why worry about people going into a building to vote?

It's just funny to me that there are so many people that have such a high level of concern for people voting in secrecy, all the while people will go to almost any extreme these days to voice their opinions on anything, including politics. For Go

Re:

[AHuxley]

No real profit in only supplying printed paper.

Re:

[paralumina01]

The easiest solution is a paper ballot.

Re:

[Pascoea]

The easiest, yes, but it doesn't make for good TV. If we had to dig in, I'm assuming the push for computerized systems is nearly entirely from the major network's desires to have "live" results. I'm fine with the "scantron" ballots my district uses. I fill out a bubble sheet, they feed it through the machine that keeps the ballot, I keep the "receipt". Best of both worlds, it's auditable, hacker-proof*, and automated enough that results can be reported as soon as the polls close. *Hacker-proof in that

Re:

[paralumina01]

Yeah, that's about the best system. The government wasn't even designed for instant results. That's why there is a period that the House has to confirm the votes before they are sworn in to Office. Crap news media trying to squeeze every dollar they can from the politics industry.

Re:

[PolygamousRanchKid]

Maybe we could all go to some locally designated place

FTFS:

an experimental app that lets voters who are active military or registered to vote abroad cast their votes from their phones

The app is meant for folks who are overseas, and can't go to a locally designated place.

Re:

[drnb]

Maybe we could all go to some locally designated place

FTFS:

an experimental app that lets voters who are active military or registered to vote abroad cast their votes from their phones

The app is meant for folks who are overseas, and can't go to a locally designated place.

Right, because people in the military aren't on a base when they can be handed ballots and a pencil.

Re:

[drnb]

Maybe we could all go to some locally designated place

FTFS:

an experimental app that lets voters who are active military or registered to vote abroad cast their votes from their phones

The app is meant for folks who are overseas, and can't go to a locally designated place.

They are LOCAL to a government installation, a military base. It doesn't matter that they are not local to their home town.

Re:

[fibonacci8]

Thank you Ivan.

Internet Voting: the only thing worse than Mail-In

[davide marney]

One of the key security features of American voting is PRIVACY. No one can coerce your vote. Doesn't matter how much they spend, what they say, or who says it. You can't be threatened or cajoled. Your vote is _your vote_ and no one knows how you voted. Your vote literally cannot be bought.

At least, that is how it's supposed to work. But in the desire to make voting easier (if I assume the best motives of others, which one should), some are championing voting processes that seriously undermine this foundational security practice.

Internet voting CANNOT be private because the Internet is a public resource and it is impossible to be private in public. I know, I know; what about encryption? There are tons of encrypted transactions on the web. Well, we accept the use of the public Internet for trusted transactions like banking because banking is ultimately NOT a completely private transaction: it is a transaction between real people. If you see an electronic bank transaction you want to dispute, you can physically adjudicate it. Not so with a vote. Only you know how you voted. Who are you going to dispute with?

Likewise, mail-in voting CANNOT be private, because the voter isn't in a guaranteed-private setting when they fill out the ballot. Even after you fill in your ballot insecurely, you have the problem of getting it to the voting agency. The postal service does not provide any guarantees of privacy; heck, it doesn't even guarantee delivery. No one can guarantee you delivery.

No, if you want your vote to count, then you need to do your duty and show up and be counted. It's not really that onerous a duty. It doesn't need to be made radically easier or simpler. Just do it.

Re:

[dev-in-seattle]

In Washington State we only have vote by mail. It's works really well. You can drop your ballot off at special ballot boxes (like at libraries or city hall or us mail the ballots. At first they only had mail-in ballots in seattle, other places didn't want to pay for them. Then they noticed that there was a good bit more voting because of the convenience and then they insisted on having mail in voting. Once you do it, it seems stupid to try anything else. You can track if your ballot was received and if your

Re:

[davide marney]

I'd go along with drop-off ballots, but not to an unmonitored location such as a public library. No chain of custody, no confidence that the ballot wasn't tampered with.

But really, is voting all that hard? Maybe an hour out of your day once every couple of years is all it takes. It doesn't seem like too much to ask, given we're talking about hiring the people who are going to spend 40%+ of your earnings. The benefits of showing up in person to vote are almost too numerous to count. Why make something easier

Do we really need the results instantly?

[VeryFluffyBunny]

Physical paper ballots are the only "secure" way to vote. Yes, there are ways of tampering, ballot stuffing, etc. but they're a lot harder to get away with than e-voting fraud. (I've worked on projects for training election observers. Learnt quite a bit about election misconduct along the way).

Re:

[VeryFluffyBunny]

P.S. Everything you need to know about e-voting: https://xkcd.com/2030/ [xkcd.com]

he felt he need to report it?

[martinX]

"he felt he needed to report the incident to the FBI." That's nice of him to feel that way, but surely that should be a part of state law governing the use of this form of voting.