Hackers uncover ‘significant’ flaw in Swiss Post e-voting
A major bug has been identified in the new Swiss Post’s e-voting system. Hackers reported the flaw to Swiss authorities as part of a public intrusion test. Swiss Post has resolved the issue.
This content was published on
3 minutes
swissinfo.ch/jdp, urs
Español
es
Identificado el fallo en el sistema de votación electrónica
In mid-February, the Swiss government launched a public intrusion test, challenging IT experts to reveal cracks in the country’s new e-voting system by March 24. On March 12, a flaw concerning universal verifiabilityExternal link was discovered in the Swiss Post’s e-voting system by studying the system’s source code, which was released as part of the test. Universal verifiability makes it possible to determine with mathematical evidence whether votes have been manipulated.
While the flaw uncovered by the hackers does not allow the system to be penetrated, the Federal Chancellery still deemed it a “significant flaw” as it means it is not possible to detect whether the votes have been tampered with.
In a statement, the chancellery explained that the flaw means that “the Swiss Post system does not meet the legal requirements,” and it urged Swiss Post to review and improve its security processes to prevent such flaws.
The e-voting system currently being used in the cantons of Thurgau, Neuchâtel, Fribourg and Basel-City is not affected by this gap in the source code. It exclusively affects the system with universal verifiability provided for the intrusion test, which has never been used for a real vote.
In a statement on its websiteExternal link, Swiss Post acknowledged that the error in the source code had already been identified in 2017. However, the correction was not fully implemented by technology partner Scytl, which Swiss Post regrets. “Swiss Post regrets this and has asked Scytl to make the correction in full immediately, which they have done. The modified source code will be applied with the next regular release.”
The public intrusion test of the Swiss Post e-voting system ordered by the Swiss government and the cantons has been running for just over two weeks now. More than 3,000 hackers around the world are testing the system until 24 March.
People’s initiative
Opponents of e-voting say the latest flaw has permanently undermined trust in online voting systems.
They announced that they will officially launch their people’s initiative next Friday, calling for a five-year moratorium on e-voting and an end to ongoing trials with the digital technology.
The committee made up of politicians and computer experts has 18 months to collect at least 100,000 signatures for a nationwide vote on the issue.
In January, the group presented its plans which involve winning pledges from 10,000 people to help collect the necessary signatures.
The Swiss government wants to introduce e-voting as an additional option for citizens to participate actively in democracy.
The Organisation of the Swiss Abroad has called for online voting to be made available for all expatriates Swiss by 2021. It submitted a petition last November.
More
More
Opposition against e-voting project gathers pace
This content was published on
A committee of politicians and IT experts launches an initiative aimed at banning online voting for at least five years in Switzerland.
Bodycams: essential for good law enforcement, or a privacy risk?
Did you ever come across bodycams in your place of residence and if so, how do you think the use of bodycams alter the relationship between the public and (transport) police?
What can be done to protect biodiversity in your country?
Swiss voters are set to decide on a people’s initiative calling for better protection of ecosystems in the country. Have your say on the September 22 vote.
Hotel rates already spiking ahead of 2025 Eurovision in Basel
This content was published on
A week after Basel was chosen to host the Eurovision Song Contest next year, hotel prices are soaring in neighboring cities.
Swiss Post restructure going ahead as planned, says CEO
This content was published on
The postal service is going ahead with planned cuts to its nationwide network of branches, regardless of political initiatives, says Robert Cirillo.
Swiss athletes grab marathon double gold at Paralympics
This content was published on
Catherine Debrunner won her fifth gold at the Paris Games with a victory in the women’s marathon on Sunday, while Marcel Hug took gold in the men’s.
Helicopter evacuations from Saas Valley to continue on Monday
This content was published on
Some 550 tourists were flown out of the Saas valley on Saturday. After further clearance work on Sunday, evacuations will resume on Monday.
Swiss government pensions come under pressure in parliament
This content was published on
A parliamentary committee is favour of scrapping the generous pensions enjoyed by former government ministers and federal judges.
This content was published on
Appointed in April as the EU's incoming ambassador, Slovak man Miroslav Lajčák will ultimately not take up the post in Bern this year.
SNB boss: as a leading financial hub, Swiss must accept risks
This content was published on
The outgoing head of the Swiss National Bank, Thomas Jordan, says the country should aim to preserve its leading financial position.
Top Swiss court rules against prostitution exclusion zone
This content was published on
The Federal Court ruled that a Swiss town went too far in banning prostitution within a 100-metre radius of certain sensitive locations.
Flaw reported in Switzerland’s biggest e-voting system
This content was published on
A hacker claims to have discovered a weakness in canton Geneva’s e-voting system to attacks that could redirect online voters to malicious websites.
You can find an overview of ongoing debates with our journalists here . Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.