Online voting vendor Voatz urges Supreme Court to limit security research

Posted on 2020-09-08 by pappp

Source: Ars Technica

Article note: Do you want to get vulnerabilities sold on the dark web instead of responsibly disclosed? Because refusing to engage with outside parties who spot things in your software is how you get 0days.
Online voting vendor Voatz urges Supreme Court to limit security research

Enlarge (credit: Traitov | Getty Images)

The Supreme Court is considering whether to adopt a broad reading of the Computer Fraud and Abuse Act that critics say could criminalize some types of independent security research and create legal uncertainty for many security researchers. Voatz, an online voting vendor whose software was used by West Virginia for overseas military voters in the 2018 election, argues that this wouldn't be a problem.

"Necessary research and testing can be performed by authorized parties," Voatz writes in an amicus brief to the Supreme Court. "Voatz’s own security experience provides a helpful illustration of the benefits of authorized security research, and also shows how unauthorized research and public dissemination of unvalidated or theoretical security vulnerabilities can actually cause harmful effects."

As it happens, we covered a recent conflict between Voatz and an independent security researcher in last Thursday's deep dive on online voting. And others involved in that altercation did not see it the way Voatz did.

Read 27 remaining paragraphs | Comments

This entry was posted in News. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *