Additional flaw found in Swiss Post e-voting system
This is the second flaw in the Swiss Post future e-voting system discovered during the public intrusion test phase.
Keystone
A second error in the Swiss Post planned e-voting system has been discovered as the public intrusion test phase comes to an end. The Federal Chancellery announced the need for action and confirmed a review of the e-voting certification and approval process.
This content was published on
2 minutes
Keystone-SDA/jdp
The same computer experts who discovered a critical error in the source code of Swiss Post’s new e-voting system earlier this month announced they discovered a further security gap. It was identified as part of the public intrusion test that has been running since February 25, during which the e-voting source code was released.
The bug affects universal verifiability – the same area of the system as the first error. However, in this case the error would not make it possible for arbitrary manipulation of any possible votes to go unnoticed, according to the Federal Chancellery. That said, votes could be made invalid without being discovered by the mathematical evidence.
René Lenzin, deputy head of communications at the Federal Chancellery, told the Swiss news agency Keystone-SDA that the error confirmed a “need for action”. The error discovered on March 12 had already shown that universal verifiability and thus the “heart of the system” had not worked. The system had to recognise if manipulation had taken place.
Swiss Post has been asked to review and adapt its security processes to prevent such weaknesses. Lenzin confirmed that Swiss Post did not meet the legal requirements with these vulnerabilities.
More
More
Democracy
How e-voting became a fight for democracy
This content was published on
After years of tests, Swiss e-voting is at a crossroads. The government wants to extend it; a cross-party campaign wants to stop it altogether.
Swiss Post is currently in the process of clarifying the facts and is in contact with its Spanish technology partner Scytl.
According to Keystone-SDA, Swiss Post indicated that this error would have been discovered during decryption and counting because Swiss Post’s e-voting system does not allow invalid votes to be counted. This means that this error would not allow votes to be changed or elections to be manipulated unnoticed.
The Federal Chancellery is expected to draw conclusions on the public intrusion test, in which over 3,000 hackers around the world tested the Swiss Post e-voting system. It ran from February 25 to March 24.
Lenzin said the intrusion test had showed that the approach of publishing the source code and carrying out a public intrusion test was the right one.
Related Stories
Popular Stories
More
International Geneva
A Geneva-based global health foundation came close to ‘collapse’. Where were regulators?
Figurine heads in Zurich school not considered discriminatory
This content was published on
The 16 carved figurine heads in the auditorium of the Hirschengraben school building in Zurich are not discriminatory, according to an independent expert report.
Swiss political parties report income of CHF22.4 million for 2024
This content was published on
Ten parties reported income totalling CHF22.4 million for 2024, less than in the 2023 election year. The reports are based on the regulations for transparency in political financing.
FIFA loses multi-million lawsuit against Blatter and Kattner
This content was published on
Former FIFA officials Joseph Blatter and Markus Kattner do not have to pay back their own bonuses or the bonus totalling CHF 23 million paid to another FIFA official to FIFA. This was decided by the Zurich Labour Court.
How cancer cells makes healthy cells work for them
This content was published on
Cancer cells manipulate neighbouring cells for their own purposes: a research team at ETH Zurich has discovered that they can reprogram neighbouring cells in such a way that they help the tumour to grow.
This content was published on
The ban on non-residents entering the swimming pool in Porrentruy, canton Jura, expires on Sunday and would be extended until the end of the season, the mayor said.
Natural disasters: most Swiss back forced resettlement
This content was published on
The authorities should be allowed to order forced relocations if there is a medium-term risk of a natural event, according to 58% of participants in a survey.
US ends duty-free for parcels from all over the world
This content was published on
Postal service providers in numerous countries such as Switzerland have announced that they will no longer accept most parcels destined for the US.
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.
Read more
More
The status and stakes of e-voting in Switzerland
This content was published on
The debate around the introduction of e-voting for Swiss citizens at home and abroad has rumbled on for almost two decades. It’s not likely to end soon.
This content was published on
A committee of politicians and IT experts launches an initiative aimed at banning online voting for at least five years in Switzerland.
Flaw reported in Switzerland’s biggest e-voting system
This content was published on
A hacker claims to have discovered a weakness in canton Geneva’s e-voting system to attacks that could redirect online voters to malicious websites.
You can find an overview of ongoing debates with our journalists here . Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.