Over 70 different security research firms and independent researchers came together to write a letter detailing issues with Voatz, a mobile voting firm. The researchers claim that the company misrepresented its security practices to the US Supreme Court. The case could expand the Computer Fraud and Abuse Act to include prosecuting usage of technology deemed “improper.”
The letter was published on September 14 and includes scientists from the University of Michigan and Johns Hopkins University as well as firms such as BugCrowd, HackerOne, and Trail of Bits. The groups are condemning Voatz for a legal filing on behalf of the mobile voting company that could potentially expand the definition of “exceeds authorized access” under the CFAA. Voatz has reported a student researcher to state officials, dismissed serious vulnerabilities, and downplayed a third-party audit performed by Trail of Bits, according to the letter.
Read More: Researchers, Companies Slam Mobile Voting Firm Voatz for ‘Bad Faith’ Attacks