Despite Election Security Fears, Iowa Caucuses Will Use New Smartphone App

The state party worked with the national party’s cybersecurity team, and with Harvard University’s Defending Digital Democracy project, but Price declined to answer directly whether any third party has investigated the app for vulnerabilities, as many cybersecurity experts recommend.

…Unlike many states in which local and state officials oversee the presidential primary election, in Iowa the state party is responsible for administering, staffing and funding the caucuses, relying primarily on trained but unpaid volunteers.

Cybersecurity experts interviewed by NPR said that the party’s decision to withhold the technical details of its app doesn’t do much to protect the system — and instead makes it hard to have complete confidence in it.

…A number of other potential vulnerabilities could also be introduced by using the technology, experts say.

If the app doesn’t work, either because a denial of service attack clogs the system or for any other reason, then there could be confusion at precincts across the state, and a potential delay on a winner being announced.

…Price did confirm that the app again would be downloaded onto the personal smartphones of the caucus precinct and party leaders, and not onto party-provided hardware.

That could make the system a more appealing attack target, according to Betsy Cooper, director of the Aspen Tech Policy Hub at the Aspen Institute, because peoples’ phones also may contain sensitive messages, emails and passwords.

…Jones, the University of Iowa cybersecurity specialist, says transmitting results from precincts to the state party through a smartphone app isn’t as insecure as the virtual caucus plan — but that it’s still insecure for the same reasons.

“The entire ecosystem of smartphones is extraordinarily poorly secured,” Jones said. “And resting security functions on that ecosystem is something I don’t trust at all.”

Despite Election Security Fears, Iowa Caucuses Will Use New Smartphone App : NPR


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s