Additional flaw found in Swiss Post e-voting system
A second error in the Swiss Post planned e-voting system has been discovered as the public intrusion test phase comes to an end. The Federal Chancellery announced the need for action and confirmed a review of the e-voting certification and approval process.
This content was published on
2 minutes
Keystone-SDA/jdp
The same computer experts who discovered a critical error in the source code of Swiss Post’s new e-voting system earlier this month announced they discovered a further security gap. It was identified as part of the public intrusion test that has been running since February 25, during which the e-voting source code was released.
The bug affects universal verifiability – the same area of the system as the first error. However, in this case the error would not make it possible for arbitrary manipulation of any possible votes to go unnoticed, according to the Federal Chancellery. That said, votes could be made invalid without being discovered by the mathematical evidence.
René Lenzin, deputy head of communications at the Federal Chancellery, told the Swiss news agency Keystone-SDA that the error confirmed a “need for action”. The error discovered on March 12 had already shown that universal verifiability and thus the “heart of the system” had not worked. The system had to recognise if manipulation had taken place.
Swiss Post has been asked to review and adapt its security processes to prevent such weaknesses. Lenzin confirmed that Swiss Post did not meet the legal requirements with these vulnerabilities.
More
More
How e-voting became a fight for democracy
This content was published on
After years of tests, Swiss e-voting is at a crossroads. The government wants to extend it; a cross-party campaign wants to stop it altogether.
Swiss Post is currently in the process of clarifying the facts and is in contact with its Spanish technology partner Scytl.
According to Keystone-SDA, Swiss Post indicated that this error would have been discovered during decryption and counting because Swiss Post’s e-voting system does not allow invalid votes to be counted. This means that this error would not allow votes to be changed or elections to be manipulated unnoticed.
The Federal Chancellery is expected to draw conclusions on the public intrusion test, in which over 3,000 hackers around the world tested the Swiss Post e-voting system. It ran from February 25 to March 24.
Lenzin said the intrusion test had showed that the approach of publishing the source code and carrying out a public intrusion test was the right one.
Swiss car importer ordered to pay CHF4.2 million CO2 penalty
This content was published on
In finding that a car importer engaged in dishonest practices must pay a multimillion-dollar fine, the court also clarified the penalties in general.
Large viewership tuned into controversial 2024 Eurovision Song Contest
This content was published on
Switzerland was one countries boasting more viewers than ever before. A large proportion of younger viewers were also found to have tuned in.
Switzerland Tourism takes stock of three years of pandemic recovery
This content was published on
2023 saw an unprecedented number of overnight guests, suggesting that the industry has been able to bounce back through additional funding, marketing and development.
This content was published on
The bank's CEO acknowledges that the institution is "too big to fail." There is however disagreement with certain of the proposed regulations.
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.
Read more
More
The status and stakes of e-voting in Switzerland
This content was published on
The debate around the introduction of e-voting for Swiss citizens at home and abroad has rumbled on for almost two decades. It’s not likely to end soon.
This content was published on
A committee of politicians and IT experts launches an initiative aimed at banning online voting for at least five years in Switzerland.
Flaw reported in Switzerland’s biggest e-voting system
This content was published on
A hacker claims to have discovered a weakness in canton Geneva’s e-voting system to attacks that could redirect online voters to malicious websites.
You can find an overview of ongoing debates with our journalists here . Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.