Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Find Critical Backdoor In Swiss Online Voting System (vice.com)

Posted by msmash on from the severe-consequences dept.

An international group of researchers who have been examining the source code for an internet voting system that Switzerland plans to roll out this year have found a critical flaw in the code that would allow someone to alter votes without detection. New submitter eatmorekix shares a report: The cryptographic backdoor exists in a part of the system that is supposed to verify that all of the ballots and votes counted in an election are the same ones that voters cast. But the flaw could allow someone to swap out all of the legitimate ballots and replace them with fraudulent ones, all without detection. "The vulnerability is astonishing," said Matthew Green, who teaches cryptography at Johns Hopkins University and did not do the research but read the researchers' report. "In normal elections, there is no single person who could undetectably defraud the entire election. But in this system they built, there is a party who could do that."

The researchers provided their findings last week to Swiss Post, the country's national postal service, which developed the system with the Barcelona-based company Scytl. Swiss Post said in a statement the researchers provided Motherboard and that the Swiss Post plans to publish online on Tuesday, that the researchers were correct in their findings and that it had asked Scytl to fix the issue. It also downplayed the vulnerability, however, saying that to exploit it, an attacker would need control over Swiss Postâ(TM)s secured IT infrastructure "as well as help from several insiders with specialist knowledge of Swiss Post or the cantons."

7 of 69 comments (clear)

  1. Re:Swiss cheese by youngone · · Score: 5, Insightful

    No, the takeaway is that the Swiss are testing the online voting system they haven't put into production yet, and they have found a major hole.
    Because they're Swiss, the next step will be to fix it.

  2. Re:One vulnerability less by sycodon · · Score: 4, Insightful

    Online voting is folly. Even mail in voting lacks adequate chain of custody policies.

    --
    When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
  3. Don't bother by rickb928 · · Score: 5, Insightful

    The state of the art is inadequate to ensure secure, valid, accurate vote acquisition and tabulation. And there is no reason to expect it will be any time soon.

    Just stop. Those most interested in electronic voting are either profiting from the deployment, or profiting from manipulating the results.

    --
    deleting the extra space after periods so i can stay relevant, yeah.
  4. Re:Swiss cheese by Immerman · · Score: 4, Insightful

    Hey, still beats the U.S. process, where every time a hole is found everybody ignores it, and possibly tries to silence those trying to raise awareness of the problem.

    --
    --- Most topics have many sides worth arguing, allow me to take one opposite you.
  5. Not exactly reassuring by rgmoore · · Score: 3, Insightful

    It also downplayed the vulnerability, however, saying that to exploit it, an attacker would need control over Swiss PostÃ(TM)s secured IT infrastructure "as well as help from several insiders with specialist knowledge of Swiss Post or the cantons."

    Saying that the only people who could steal an election are a small cabal of government insiders is not particularly reassuring.

    --

    There's no point in questioning authority if you aren't going to listen to the answers.

  6. Re:A comment and a question by shilly · · Score: 4, Insightful

    There is *no* way to verify your vote was counted correctly with online voting. It's conceptually impossible -- at the end of the day, you're always reduced to trusting that the thing on the screen in front of you in some way corresponds to reality and isn't just telling you what you want to hear.

    What's worse is, quite a lot of quite clever people -- certainly much cleverer than the average voter -- are heavily invested in saying that you can, in fact, verify an online vote reliably. So they create and describe complex and elaborate protocols that they solemnly swear (or fervently believe) are 100% effective. But an average voter can't begin to know whether the protocols are effective. The complexity of these systems is well beyond their comprehension -- which is no slur on the average voter, I include myself in that category. Ultimately, we're still reduced to being asked to put our faith in a black box coupled with various people saying "trust us, it's totes legit".

  7. Re:A comment and a question by shilly · · Score: 3, Insightful

    It's a bit more than the fact that "overseeing paper ballot counting is within the abilities of far more individuals than overseeing online voting". It's that I don't *need* to check my individual result for a paper count. A big box of paper ballots is emptied in front of lots of people and lots of people then set to work counting. And other people check their counts. And check the sums when the counts from various boxes are added. There's no need to provide traceability of an individual vote because the conceptual model is different from an online vote: I physically place my paper ballot in the box which is in plain view of lots of people who all keep each other honest, and every step from then on is also in plain view of lots of people who keep each other honest. And it can all easily be recounted.