Security Review of Shadow’s Iowa Caucus App Found Hackable ‘Vulnerabilities’

Tobias Hoonhout

February 6, 2020 at 8:41 AM·2 min read

A cybersecurity firm contracted by ProPublica has reviewed the failed Iowa caucus app and concluded that a skilled hacker could have breached the app and altered vote totals.

An Iowa precinct chair gave the app to ProPublica, which in turn sent it to Massachusetts-security firm Veracode for review. The results showed that the app lacked basic transmission protections, which allowed for data to be intercepted or even changed.

Chris Wysopal, Veracode’s chief technology officer, said the review revealed “elementary” problems, and that it was a “poor decision” by Shadow Inc. to release the app in the first place.

“It is important for all mobile apps that deal with sensitive data to have adequate security testing, and have any vulnerabilities fixed before being released for use,” he said.

Shadow’s CEO Gerard Niemira admitted that the review found a “vulnerability” which the firm had not previously been aware of. “As with all software, sometimes vulnerabilities are discovered after they are released,” he said. But Niemira defended the app’s integrity, telling ProPublica that no “hack or intrusion” occurred during the caucuses, and that “the vote in Iowa was not compromised in any way.”

“We are committed to the security of our products, including the app used during the Iowa caucuses,” he said. “While there were reporting delays, what was most important is that the data was accurate and the caucus reporting process remained secure throughout.”

Last year, Niemira criticized the Democrats’ 2016 election technology as a “sh*tshow” and a “tangled morass.”

Caucus chairs explained in the aftermath of the reporting debacle — which delayed the tallying of results to such an extent that vote totals had not been released as of Thursday morning — that they had known “the app was a problem” days before the caucus began. Despite complaints, state officials did not train county officials on how to use the app in the run-up to the caucus, and local party members experienced difficulties downloading the app, obtaining a PIN to log in, and even opening the app after obtaining a PIN.

The Nevada State Democrat Party said on Tuesday that it would not use Shadow’s app to report results for the state caucus on February 22.

More from National Review

Yahoo Sports
Former MLB infielder, Little League World Series star Sean Burroughs dies at 43
The seven-year major leaguer collapsed while coaching his son's Little League game on Thursday.
Yahoo Sports
The best RBs for 2024 fantasy football, according to our experts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
Yahoo Sports
Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’
The 2024 Yankees have rediscovered their bravado and hold the second-best record in the AL, thanks in large part to the superstar outfielder.
Yahoo Finance
How rich homebuyers are avoiding high mortgage rates
Homebuyers with means are turning to an old strategy to get around a new crop of high mortgage rates: all-cash deals.
Yahoo Finance
The FDIC change that leaves wealthy bank depositors with less protection
Affluent Americans may want to double-check how much of their bank deposits are protected by government-backed insurance. The rules governing trust accounts just changed.
Yahoo Sports
Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race
The value of the Dolphins and Formula One racing is enormous.
Yahoo Sports
Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'
Murray made a bad night on the court worse during a moment of frustration on the bench.
Autoblog
Which pickup trucks get the best fuel economy? Here are the tops for gas mileage (or diesel)
Trucks aren't known for being fuel efficient, though times are changing. These are the trucks with the best gas mileage in various segments.
Yahoo Finance
Here's 1 big investing mistake you are probably still making
Maybe a 5% CD isn't the best choice for your hard-earned money.
Yahoo Sports
Tight end rankings for fantasy football 2024
The Yahoo Fantasy football analysts reveal their first tight end rankings for the 2024 NFL season.
Yahoo Sports
Wide receiver rankings for 2024 fantasy football
The Yahoo Fantasy football analysts reveal their first wide receiver rankings for the 2024 NFL season.
Yahoo Finance
Former House Speaker Paul Ryan says he’s not voting for Trump : 'Character is too important'
Ryan says he would be writing in a Republican candidate instead of voting for Donald Trump.
Yahoo Sports
2024 Fantasy Football Mock Draft, 1.0
The Yahoo Fantasy football crew got together for their very first mock draft of 2024. Andy Behrens recaps the results.
Engadget
The best budgeting apps for 2024
Budgeting apps can help you keep track of your finances, stick to a spending plan and reach your money goals. These are the best budget-tracking apps available right now.
Yahoo Sports
Derrick Lewis strips off shorts, moons crowd in St. Louis after KO win over Rodrigo Nascimento
“I appreciate St. Louis for letting me show my naked ass tonight."
Yahoo Finance
Bud Light sales still falling as Modelo, Coors fight to keep their gains
The competition among beer giants is still brewing.
Yahoo Sports
Is Pacers coach Rick Carlisle right to be upset about officiating in Knicks series and a big-market bias?
Indiana's head coach refused to blame the officiating following Game 1, then looked at the high road two days later and went a step away from nuclear.
Yahoo Sports
The Fantasy Baseball Numbers Do Lie: Are we missing the right reliever in Detroit?
Fantasy baseball analyst Dalton Del Don puts some fraudulent stats under the magnifying glass as we move through Week 6 of the season.
Yahoo Sports
Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap
Jake Mintz & Jordan Shusterman discuss the Padres-Marlins trade that sent Luis Arraez to San Diego, as well as recap all the action from this weekend in baseball and send birthday wishes to hall-of-famer Willie Mays.
Yahoo Sports
Yahoo Fantasy staff's Mock Draft 1.0: Shocking picks are plentiful
Teams have made their big splashes in free agency and made their draft picks, it's time for you to do the same. It's fantasy football mock draft time. Some call this time of year best ball season, others know it's an opportunity to get a leg up on your competition for when you have to draft in August. The staff at Yahoo Fantasy did their first mock draft of the 2024 season to help you with the latter. Matt Harmon and Andy Behrens are here to break it all down by each round and crush some staff members in the process.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Security Review of Shadow’s Iowa Caucus App Found Hackable ‘Vulnerabilities’

More from National Review

Recommended Stories

Former MLB infielder, Little League World Series star Sean Burroughs dies at 43

The best RBs for 2024 fantasy football, according to our experts

Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’

How rich homebuyers are avoiding high mortgage rates

The FDIC change that leaves wealthy bank depositors with less protection

Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race

Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'

Which pickup trucks get the best fuel economy? Here are the tops for gas mileage (or diesel)

Here's 1 big investing mistake you are probably still making

Tight end rankings for fantasy football 2024

Wide receiver rankings for 2024 fantasy football

Former House Speaker Paul Ryan says he’s not voting for Trump : 'Character is too important'

2024 Fantasy Football Mock Draft, 1.0

The best budgeting apps for 2024

Derrick Lewis strips off shorts, moons crowd in St. Louis after KO win over Rodrigo Nascimento

Bud Light sales still falling as Modelo, Coors fight to keep their gains

Is Pacers coach Rick Carlisle right to be upset about officiating in Knicks series and a big-market bias?

The Fantasy Baseball Numbers Do Lie: Are we missing the right reliever in Detroit?

Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap

Yahoo Fantasy staff's Mock Draft 1.0: Shocking picks are plentiful