blockchain

On Blockchain Voting

On Blockchain Voting

Blockchain voting is a spectacularly dumb idea for a whole bunch of reasons. I have generally quoted Matt Blaze:

Why is blockchain voting a dumb idea? Glad you asked.

For starters:

  • It doesn’t solve any problems civil elections actually have.
  • It’s basically incompatible with “software independence”, considered an essential property.
  • It can make ballot secrecy difficult or impossible.

I’ve also quoted this XKCD cartoon.

But now I have this excellent paper from MIT researchers:

“Going from Bad to Worse: From Internet Voting to Blockchain Voting”
Sunoo Park, Michael Specter, Neha Narula, and Ronald L. Rivest

Abstract: Voters are understandably concerned about election security. News reports of possible election interference by foreign powers, of unauthorized voting, of voter disenfranchisement, and of technological failures call into question the integrity of elections worldwide.This article examines the suggestions that “voting over the Internet” or “voting on the blockchain” would increase election security, and finds such claims to be wanting and misleading. While current election systems are far from perfect, Internet- and blockchain-based voting would greatly increase the risk of undetectable, nation-scale election failures.Online voting may seem appealing: voting from a computer or smart phone may seem convenient and accessible. However, studies have been inconclusive, showing that online voting may have little to no effect on turnout in practice, and it may even increase disenfranchisement. More importantly: given the current state of computer security, any turnout increase derived from with Internet- or blockchain-based voting would come at the cost of losing meaningful assurance that votes have been counted as they were cast, and not undetectably altered or discarded. This state of affairs will continue as long as standard tactics such as malware, zero days, and denial-of-service attacks continue to be effective.This article analyzes and systematizes prior research on the security risks of online and electronic voting, and show that not only do these risks persist in blockchain-based voting systems, but blockchains may introduce additional problems for voting systems. Finally, we suggest questions for critically assessing security risks of new voting system proposals.

You may have heard of Voatz, which uses blockchain for voting. It’s an insecure mess. And this is my general essay on blockchain. Short summary: it’s completely useless.

Judge allows suit against AT&T after $24 million cryptocurrency theft

An AT&T store in New Jersey.

Enlarge / An AT&T store in New Jersey.
Michael Brochstein/SOPA Images/LightRocket via Getty Images

When Michael Terpin’s smartphone suddenly stopped working in June 2017, he knew it wasn’t a good sign. He called his cellular provider, AT&T, and learned that a hacker had gained control of his phone number.

The stakes were high because Terpin is a wealthy and prominent cryptocurrency investor. Terpin says the hackers gained control of his Skype account and tricked a client into sending a cryptocurrency payment to the hackers instead of to Terpin.

After the attack, Terpin asked AT&T to escalate the security protections on his phone number. According to Terpin, AT&T agreed to set up a six-digit passcode that must be entered before anyone could transfer Terpin’s phone number.

But the new security measures didn’t work. In January 2018, “an AT&T store cooperated with an imposter committing SIM swap fraud,” Terpin alleged in his August 2018 lawsuit against AT&T. The thieves “gained control over Mr. Terpin’s accounts and stole nearly $24 million worth of cryptocurrency from him.”

Terpin sued AT&T, seeking at least $24 million in actual damage and millions more in punitive damages. Terpin also asked the court to void terms in AT&T’s customer agreement that disclaim liability for security problems—even in cases of negligence by AT&T. Terpin argued that these boilerplate terms are unconscionable because customers never have an opportunity to negotiate them.

But AT&T asked the judge to dismiss the case, arguing that Terpin didn’t adequately explain how the phone hack led to the loss of his cryptocurrency. Terpin’s lawsuit provided no details about how Terpin had stored his cryptocurrency, how the hackers had gained access to it, or if they might have been able to carry out a similar attack without control of Terpin’s phone number. In any event, AT&T argued that it shouldn’t be held responsible for the misconduct of the hackers who actually carried out the theft of cryptocurrency.

A mixed ruling

On Thursday, Judge Otis Wright—a man we once depicted as a hulking green giant preparing to smash the copyright trolls at Prenda Law—issued a ruling that provided some reason for each side to celebrate.

Wright agreed with AT&T that Terpin had not adequately explained how the hack of his account led to the theft of his cryptocurrency or why AT&T should bear responsibility. As a result, he dismissed claims that relied on Terpin’s claimed $24 million loss.

However, Wright dismissed the claims with “leave to amend,” meaning that Terpin has 21 days to file a new version of his lawsuit that more fully explains how the cryptocurrency was stolen and why AT&T should be held responsible.

At the same time, Wright allowed the case to move forward with Terpin’s arguments against AT&T’s one-sided customer agreement. Wright hasn’t yet voided the terms, but he found Terpin’s arguments on the issue plausible enough to let the case continue.

“We are pleased the court dismissed most of the claims,” AT&T said in an emailed statement. “The plaintiff will have the opportunity to re-plead but we will continue to vigorously contest his claims.”

This kind of phone hacking incident is of particular concern in the cryptocurrency world because of the non-reversibility of most virtual currencies. If a hacker steals funds from a conventional bank account, a fast-acting victim can usually get the transaction reversed and the funds restored. By contrast, if a hacker steals someone’s bitcoins, they’re likely to be gone permanently, since no one has the authority to cancel transactions once they’re committed to the blockchain.

As a result, cryptocurrency is much more of a “user beware” world than the conventional banking system. If you own a significant amount of cryptocurrency—and especially if you’re publicly known to have a significant amount of cryptocurrency—then it’s wise to store it in a way that doesn’t depend on the security of your phone number.