An 'Off-the-Shelf, Skeleton Project': Experts Analyze the App That Broke Iowa

The app used to report early results in Iowa's Democratic Presidential primary caucus was rudimentary in many ways, according to analyses by multiple Android app development experts and cybersecurity professionals who decompiled and studied the app after it was obtained by Motherboard.

The app, called IowaReporterApp and developed by a company called Shadow Inc., malfunctioned during the caucus, causing mass chaos and delaying the public reporting of results until Tuesday evening. The app was designed to rapidly report early results, not tabulate final vote counts. That means its failure will not result in the election result being altered.

But, until now, very little has been published about how the app was designed, how it was supposed to work, and what went wrong on caucus night.

Motherboard asked six cybersecurity and app development experts we trust to analyze the app. The app was built on top of React Native, an open-source app development package released by Facebook that can be used for both Android and iOS apps, according to Kasra Rahjerdi, who has been an Android developer since the original Android project was launched, and Robert Baptise, a white-hat hacker who has exposed security flaws in many popular apps and reviewed the code. Rahjerdi said that the app contains default React Native metadata and that it comes off as a "very very off the shelf skeleton project plus add your own code kind of thing."

Snip

https://www.vice.com/en_us/article/3a8ajj/an-off-the-shelf-skeleton-project-experts-analyze-the-app-that-broke-iowa?utm_source=digg