Additional flaw found in Swiss Post e-voting system
This is the second flaw in the Swiss Post future e-voting system discovered during the public intrusion test phase.
Keystone
A second error in the Swiss Post planned e-voting system has been discovered as the public intrusion test phase comes to an end. The Federal Chancellery announced the need for action and confirmed a review of the e-voting certification and approval process.
This content was published on
2 minutes
Keystone-SDA/jdp
The same computer experts who discovered a critical error in the source code of Swiss Post’s new e-voting system earlier this month announced they discovered a further security gap. It was identified as part of the public intrusion test that has been running since February 25, during which the e-voting source code was released.
The bug affects universal verifiability – the same area of the system as the first error. However, in this case the error would not make it possible for arbitrary manipulation of any possible votes to go unnoticed, according to the Federal Chancellery. That said, votes could be made invalid without being discovered by the mathematical evidence.
René Lenzin, deputy head of communications at the Federal Chancellery, told the Swiss news agency Keystone-SDA that the error confirmed a “need for action”. The error discovered on March 12 had already shown that universal verifiability and thus the “heart of the system” had not worked. The system had to recognise if manipulation had taken place.
Swiss Post has been asked to review and adapt its security processes to prevent such weaknesses. Lenzin confirmed that Swiss Post did not meet the legal requirements with these vulnerabilities.
More
More
How e-voting became a fight for democracy
This content was published on
After years of tests, Swiss e-voting is at a crossroads. The government wants to extend it; a cross-party campaign wants to stop it altogether.
Swiss Post is currently in the process of clarifying the facts and is in contact with its Spanish technology partner Scytl.
According to Keystone-SDA, Swiss Post indicated that this error would have been discovered during decryption and counting because Swiss Post’s e-voting system does not allow invalid votes to be counted. This means that this error would not allow votes to be changed or elections to be manipulated unnoticed.
The Federal Chancellery is expected to draw conclusions on the public intrusion test, in which over 3,000 hackers around the world tested the Swiss Post e-voting system. It ran from February 25 to March 24.
Lenzin said the intrusion test had showed that the approach of publishing the source code and carrying out a public intrusion test was the right one.
Popular Stories
More
Banking & Fintech
UBS releases ‘hundreds’ of staff in fresh wave of job cuts
Should Switzerland take measures to support its struggling industries?
Industrial policies are back in fashion, not only in the United States but also in the EU. Should Switzerland, where various industries are struggling, draw inspiration from such policies?
As a Swiss Abroad, how do you feel about the emergence of more conservative family policies in some US states?
In recent years several US states have adopted more conservative policies on family issues, abortion and education. As a Swiss citizen living there, how do you view this development?
This content was published on
A committee of Switzerland’s House of Representatives has found the people’s initiative to limit fireworks too extreme, but has suggested a counter-proposal.
UN investigators report evidence of crimes in Syria and call for national dialogue
This content was published on
UN investigators in Geneva report ample evidence of crimes in Syria and urge the regime to follow through on its promise of a national dialogue.
Swiss Trade Union warns EU deal could threaten wages
This content was published on
The Swiss Trade Union Federation warns that the new bilateral agreement between Switzerland and the EU could threaten wage protection and public services.
Credit Suisse fines from Mozambique scandal to fund victims’ compensation
This content was published on
The fines imposed on Credit Suisse for the Mozambique scandal will be allocated to a fund for the victims, amounting to $105.5 million.
‘Confederation is a subsidy machine’: Swiss finance minister
This content was published on
The Swiss government is a machine for distributing subsidies to various actors in the country, says finance minister Karin Keller-Sutter.
Lack of funds ends third bid to salvage Säntis ship from Swiss lake
This content was published on
A third attempt to salvage the steamship Säntis, lying at the bottom of Lake Constance in Switzerland since 1933, has failed before it has even begun.
Nestlé Waters on trial in France over illegal waste dumps
This content was published on
Bottled water producer Nestlé Waters to stand trial, accused of illegally dumping waste and maintaining unauthorised dumps.
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.
Read more
More
The status and stakes of e-voting in Switzerland
This content was published on
The debate around the introduction of e-voting for Swiss citizens at home and abroad has rumbled on for almost two decades. It’s not likely to end soon.
This content was published on
A committee of politicians and IT experts launches an initiative aimed at banning online voting for at least five years in Switzerland.
Flaw reported in Switzerland’s biggest e-voting system
This content was published on
A hacker claims to have discovered a weakness in canton Geneva’s e-voting system to attacks that could redirect online voters to malicious websites.
You can find an overview of ongoing debates with our journalists here . Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.