
Our Full Report on the Voatz Mobile Voting Platform - galapago
https://blog.trailofbits.com/2020/03/13/our-full-report-on-the-voatz-mobile-voting-platform/
======
tprynn
Systemic issues:

* Creds scattered throughout source code, including DB / AWS creds, "fixed" by removing but still present in git history

* Numerous crypto vulns: nonces / AES-ECB

* What's even the point of blockchain, it just makes everything worse

Selected quotes:

"Trail of Bits was only provided a backend for live testing on the second-to-
last scheduled day of the assessment"

"The system is unusually complex, with an order-of-magnitude more custom code
than similar mobile voting systems we have assessed."

"Voatz's voting processes are error prone and manual, relying on manual
verification of voter identity and long-term storage of this identity on
Voatz's premises"

"E2E-V systems allow voters to cast encrypted ballots such that ballot counts
are verifiable to anyone, but individual voters’ preferences are not revealed.
... Voatz is not E2E-V."

"Storing voting data on a blockchain maintains an auditable record to prevent
fraud, but this comes at the expense of both privacy and increased attack
surface. Clients do not connect directly to the blockchain themselves, and are
therefore unable to independently verify that their votes were properly
recorded. Anyone with administrative access to the Voatz backend servers will
have enough information to fully reconstruct the entire election, deanonymize
votes, deny votes, alter votes, and invalidate audit trails."

