Skip to Content
Computing

A major flaw has been found in Switzerland’s online voting system

March 12, 2019

A cryptographic trap door could let someone change votes cast using Switzerland’s online sVote system without being detected, according to a new paper.

Verification: The specific issue is the way the system receives and counts votes before shuffling them and anonymizing voter details (everyone provides a birth date and an initialization code). Once they’ve been shuffled, the votes are counted and then decrypted. The trap door means someone could switch all the legitimately cast ballots for fraudulent ones, undetected.

A recommendation: The Swiss government should immediately halt plans to implement the system more widely, one of the authors said. However, there are ramifications way beyond Switzerland, which had hoped to make online voting an option nationwide for elections in October. A bug bounty program to test the system’s resilience was launched last month.

A wider issue: The software vendor, Scytl, provides electronic voting services to over 35 countries, including the United States. It says it’s working to fix the flaw, but the fact that it managed to creep into the system in the first place is worrying. And researchers say they’ve still only tested a fraction of the code base. It’s one of many issues uncovered with online and electronic voting.

Sign up here to our daily newsletter The Download to get your dose of the latest must-read news from the world of emerging tech.

 

Deep Dive

Computing

Everything dies, including information

Digitization can help stem the tide of entropy, but it won’t stop it.

What’s next in cybersecurity

“When it comes to really cutting off ransomware from the source, I think we took a step back.”

Moving money in a digital world

Security is the critical element to expanding digital-first payments.

Cyber resilience melds data security and protection

Organizations face pervasive and sophisticated cyberattacks, but modern data protection techniques can provide a multifaceted defense.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.