The Voatz electronic-voting company argued in a brief filed with the U.S. Supreme Court that security researchers should only seek flaws in e-voting systems with companies' permission.
The company said, "Allowing for unauthorized research taking the form of hacks/attacks on live systems would lead to uncertain and often faulty results and conclusions, [and] makes distinguishing between true researchers and malicious hackers difficult."
Voatz in February disputed Massachusetts Institute of Technology researchers' conclusions that its e-voting platform was rife with vulnerabilities, claiming their findings were "relatively useless" because the investigation was unauthorized.
Researchers are pushing for the high court to consider such work shielded from the Computer Fraud and Abuse Act, which deems any intentional, unauthorized access to a computer a federal crime.
They warned that malefactors will exploit the knowledge gap created if flaw detection and disclosure are allowed only with companies' explicit consent, rendering security research ineffective.
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA