Full report: https://webrootsdemocracy.files.wordpress.com/2016/01/secure-voting-webroots-democracy.pdf
Just read the report. Two questions:
- You say you will utilize mobile devices as they have the best security models. My first thought was "W00T?", really? I mean I am not very good at evaluating smart phones regarding their security, but I have the subject feeling that my phone is the device where I have least control over it, regarding security.
- You say it is possible for voters to revoke votes in case they notice something went wrong. Is that a technical solution, like revokation certificates in PGP? Or is that simple the possibility to go to voting officials and state that something went wrong. Couldn't that be abused?
For average Joe/Jane, this is (somewhat sadly) true. At least for Android, I don't know much about iOS but it should be about the same.
Why? Simple.
99.999% of desktop/laptop users out there will run all of their stuff without any virtualization, under a single user account in the operating system, and more often than not, with an account that has administrator access (or can escalate without much/any authentication)
Essentially what that means is that it takes one bug in any one program to potentially compromise ALL of the users' data.
With mobile it's different, it's not virtualized but each app runs as its own user id in the operating system, therefore app A data is isolated from app B which is isolated from app C and so on. And since by default they don't come with administrator (root) access enabled, this boundary is clearly enforced.
Of course, both android and iOS come from the manufacturers with giant backdoors in them (google play store, apple store) .. backdoors, you say?
Well, let's just say that the google stuff in your android (to make an example out of android again) can remotely install apps on your device, without any notification.. need I say more?
It's equally obvious that such a capability will not be used often in the wild, or there would be massive backlash. Anyway, the point I'm trying to make is that at least on mobile, average joe/jane would have to be specifically targetted by a government/3 letter agency.
There are also exploits for android/iOS (android is a glorified linux, after all), and there have been some epic examples last year, which can break the security model, but once again .. for the average joe/jane, there are MANY more in desktop computing.
For people who take advantage of all the possibilities that today's technology can offer, mobile (even w/o the google/apple crap on them [not sure if one can eviscerate the apple crap from iThings]) is no match in terms of security -- one can do much, much better with a "normal" computer.
But for the average, nontechnical person, that's simply not true. Mobile does a much better job by default.
Which is exasperating seeing as people have no idea just how much their phones are tracking them. But I digress.