Critical Flaw in Swiss Internet Voting System

0
7
Critical Flaw in Swiss Internet Voting System
Critical Flaw in Swiss Internet Voting System

Critical Flaw in Swiss Internet Voting System

Critical Flaw in Swiss Internet Voting System

Researchers have discovered a important flaw in the Swiss Internet vote casting machine. I used to be going to write down an essay about how this demonstrates that Internet vote casting is a silly thought and will have to by no means be tried — and that the program in explicit will have to by no means be deployed, even supposing the discovered flaw is fastened — however Cory Doctorow beat me to it:

The trust that businesses will also be depended on with this energy defies all good judgment, however it persists. Someone discovered Swiss Post’s include of the theory too odious to endure, and so they leaked the supply code that Swiss Post had shared beneath its nondisclosure phrases, after which a world group of probably the most international’s best safety professionals (together with a few of our favorites, like Matthew Green) set about inspecting that code, and (as each safety professional who does not paintings for an e-voting corporate has predicted for the reason that starting of time), they discovered a shockingly robust malicious program that may permit a unmarried untrusted birthday celebration at Swiss Post to undetectably regulate the election effects.

And, as everybody who is ever advocated for the appropriate of safety researchers to talk in public with out permission from the firms whose merchandise they had been assessing has predicted for the reason that starting of time, Swiss Post and Scytl downplayed the significance of this objectively very, very, essential malicious program. Swiss Post’s place is that for the reason that malicious program simplest permits elections to be stolen via Swiss Post workers, it is not a large deal, as a result of Swiss Post workers would not scouse borrow an election.

But when Swiss Post agreed to run the election, they promised an e-voting machine in response to “zero knowledge” proofs that may permit electorate to agree with the end result of the election with out having to agree with Swiss Post. Swiss Post is now shifting the goalposts, pronouncing that it would not be this kind of large deal when you needed to agree with Swiss Post implicitly to agree with the end result of the election.

You may well be pondering, “Well, what is the massive deal? If you do not agree with the folk administering an election, you’ll’t agree with the election’s result, proper?” Not in point of fact: we design election programs in order that more than one, uncoordinated folks all act as tests and balances on each and every different. To suborn a well-run election takes large coordination at many polling- and counting-places, in addition to unbiased scrutineers from other political events, in addition to outdoor observers, and so forth.

Read the entire thing. It’s very good.

More information.

Posted on March 15, 2019 at nine:44 AM

6 Comments

http://platform.twitter.com/widgets.js

LEAVE A REPLY

Please enter your comment!
Please enter your name here