Skip to Content
Computing

A major flaw has been found in Switzerland’s online voting system

March 12, 2019

A cryptographic trap door could let someone change votes cast using Switzerland’s online sVote system without being detected, according to a new paper.

Verification: The specific issue is the way the system receives and counts votes before shuffling them and anonymizing voter details (everyone provides a birth date and an initialization code). Once they’ve been shuffled, the votes are counted and then decrypted. The trap door means someone could switch all the legitimately cast ballots for fraudulent ones, undetected.

A recommendation: The Swiss government should immediately halt plans to implement the system more widely, one of the authors said. However, there are ramifications way beyond Switzerland, which had hoped to make online voting an option nationwide for elections in October. A bug bounty program to test the system’s resilience was launched last month.

A wider issue: The software vendor, Scytl, provides electronic voting services to over 35 countries, including the United States. It says it’s working to fix the flaw, but the fact that it managed to creep into the system in the first place is worrying. And researchers say they’ve still only tested a fraction of the code base. It’s one of many issues uncovered with online and electronic voting.

Sign up here to our daily newsletter The Download to get your dose of the latest must-read news from the world of emerging tech.

 

Deep Dive

Computing

child outside a destroyed residential building in Kiev
child outside a destroyed residential building in Kiev

Russia hacked an American satellite company one hour before the Ukraine invasion

The attack on Viasat showcases cyber’s emerging role in modern warfare.

hacked telecom concept
hacked telecom concept

Chinese hackers exploited years-old software flaws to break into telecom giants

A multi-year hacking campaign shows how dangerous old flaws can linger for years.

stock image of robots in a car plant
stock image of robots in a car plant

Transforming the automotive supply chain for the 21st century

Cloud-based tech solutions are helping manufacturers manage a new ecosystem of suppliers with greater agility and resilience.

gitee censored
gitee censored

How censoring China’s open-source coders might backfire

Many suspect the Chinese state has forced Gitee, the Chinese competitor to GitHub, to censor open-source code in a move developers worry could obstruct innovation.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.