Security News > 2020 > September > Infosec big names rally against US voting app maker's bid to outlaw unsanctioned bug hunting via T&Cs

Infosec big names rally against US voting app maker's bid to outlaw unsanctioned bug hunting via T&Cs
2020-09-15 01:08

About 70 members of the computer security community on Monday challenged US voting app maker Voatz's effort to dictate the terms under which bug hunters can look for code flaws.

Earlier this month, Massachusetts-based Voatz filed an amicus brief in Van Buren v. United States, a case being heard by the US Supreme Court that will determine the scope of the US Computer Fraud and Abuse Act, a cybersecurity law long criticized for its ambiguity.

They then criticized Voatz for claiming that the MIT researchers who found bugs in the Voatz app did so without authorization.

Via Twitter, Mike Spectre, one of the co-authors of the MIT report on the Voatz app, pointed to the company as an example for all the policy arguments they're trying to make about the need for CFAA reform.

In a statement emailed to The Register, a spokesperson for Voatz told us the following regarding its amicus brief and the subsequent open letter against it... .


News URL

https://go.theregister.com/feed/www.theregister.com/2020/09/15/voatz_bug_hunting_letter/