Hackers uncover ‘significant’ flaw in Swiss Post e-voting
A major bug has been identified in the new Swiss Post’s e-voting system. Hackers reported the flaw to Swiss authorities as part of a public intrusion test. Swiss Post has resolved the issue.
This content was published on
3 minutes
swissinfo.ch/jdp, urs
Español
es
Identificado el fallo en el sistema de votación electrónica
In mid-February, the Swiss government launched a public intrusion test, challenging IT experts to reveal cracks in the country’s new e-voting system by March 24. On March 12, a flaw concerning universal verifiabilityExternal link was discovered in the Swiss Post’s e-voting system by studying the system’s source code, which was released as part of the test. Universal verifiability makes it possible to determine with mathematical evidence whether votes have been manipulated.
While the flaw uncovered by the hackers does not allow the system to be penetrated, the Federal Chancellery still deemed it a “significant flaw” as it means it is not possible to detect whether the votes have been tampered with.
In a statement, the chancellery explained that the flaw means that “the Swiss Post system does not meet the legal requirements,” and it urged Swiss Post to review and improve its security processes to prevent such flaws.
The e-voting system currently being used in the cantons of Thurgau, Neuchâtel, Fribourg and Basel-City is not affected by this gap in the source code. It exclusively affects the system with universal verifiability provided for the intrusion test, which has never been used for a real vote.
In a statement on its websiteExternal link, Swiss Post acknowledged that the error in the source code had already been identified in 2017. However, the correction was not fully implemented by technology partner Scytl, which Swiss Post regrets. “Swiss Post regrets this and has asked Scytl to make the correction in full immediately, which they have done. The modified source code will be applied with the next regular release.”
The public intrusion test of the Swiss Post e-voting system ordered by the Swiss government and the cantons has been running for just over two weeks now. More than 3,000 hackers around the world are testing the system until 24 March.
People’s initiative
Opponents of e-voting say the latest flaw has permanently undermined trust in online voting systems.
They announced that they will officially launch their people’s initiative next Friday, calling for a five-year moratorium on e-voting and an end to ongoing trials with the digital technology.
The committee made up of politicians and computer experts has 18 months to collect at least 100,000 signatures for a nationwide vote on the issue.
In January, the group presented its plans which involve winning pledges from 10,000 people to help collect the necessary signatures.
The Swiss government wants to introduce e-voting as an additional option for citizens to participate actively in democracy.
The Organisation of the Swiss Abroad has called for online voting to be made available for all expatriates Swiss by 2021. It submitted a petition last November.
More
More
Opposition against e-voting project gathers pace
This content was published on
A committee of politicians and IT experts launches an initiative aimed at banning online voting for at least five years in Switzerland.
Swiss climate activists block vehicles near Gotthard tunnel
This content was published on
Around ten climate activists briefly blocked the A2 motorway near the northern entrance of the Gotthard tunnel on Thursday.
Watches belonging to Michael Schumacher up for auction
This content was published on
Schumacher's family is auctioning off eight rare watches from his collection in Geneva. The Christie's auction will take place on Monday.
Joya Marleen and Baschi named best solo acts at Swiss Music Awards
This content was published on
St. Gallen singer Joya Marleen and Baschi from Basel were named artists of the year at the Swiss Music Awards 2024 on Wednesday night.
Swiss authorities announce cost-cutting in asylum sector
This content was published on
The government notably wants to improve integration into the labour force, particularly for people with protection status S.
Various leaders confirm participation at Ukraine peace conference
This content was published on
The presidents of Poland, Finland, and Latvia and the prime ministers of Spain and Belgium will be at the Swiss-hosted talks in mid-June.
This content was published on
In the winter season up to April 2024, railway and cable car operators ferried 3% more visitors compared to the previous winter, and 5% more than the five-year average.
Rhine flooding: Swiss to invest CHF1 billion with Austria
This content was published on
As part of an international agreement with Austria, the Swiss government wants to pump CHF1 billion ($1.1 billion) into flood protection measures along the Rhine over the next three decades.
Swiss government proposes CHF10 million UNRWA donation
This content was published on
After months of debate, Switzerland plans to give CHF10 million ($11 million) to the UN agency this year, rather than the CHF20 million initially foreseen.
Flaw reported in Switzerland’s biggest e-voting system
This content was published on
A hacker claims to have discovered a weakness in canton Geneva’s e-voting system to attacks that could redirect online voters to malicious websites.
You can find an overview of ongoing debates with our journalists here . Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.