Skip to Content
Computing

A major flaw has been found in Switzerland’s online voting system

March 12, 2019

A cryptographic trap door could let someone change votes cast using Switzerland’s online sVote system without being detected, according to a new paper.

Verification: The specific issue is the way the system receives and counts votes before shuffling them and anonymizing voter details (everyone provides a birth date and an initialization code). Once they’ve been shuffled, the votes are counted and then decrypted. The trap door means someone could switch all the legitimately cast ballots for fraudulent ones, undetected.

A recommendation: The Swiss government should immediately halt plans to implement the system more widely, one of the authors said. However, there are ramifications way beyond Switzerland, which had hoped to make online voting an option nationwide for elections in October. A bug bounty program to test the system’s resilience was launched last month.

A wider issue: The software vendor, Scytl, provides electronic voting services to over 35 countries, including the United States. It says it’s working to fix the flaw, but the fact that it managed to creep into the system in the first place is worrying. And researchers say they’ve still only tested a fraction of the code base. It’s one of many issues uncovered with online and electronic voting.

Sign up here to our daily newsletter The Download to get your dose of the latest must-read news from the world of emerging tech.

 

Deep Dive

Computing

A chip design that changes everything: 10 Breakthrough Technologies 2023

Computer chip designs are expensive and hard to license. That’s all about to change thanks to the popular open standard known as RISC-V.

Modern data architectures fuel innovation

More diverse data estates require a new strategy—and the infrastructure to support it.

Chinese chips will keep powering your everyday life

The war over advanced semiconductor technology continues, but China will likely take a more important role in manufacturing legacy chips for common devices.

The computer scientist who hunts for costly bugs in crypto code

Programming errors on the blockchain can mean $100 million lost in the blink of an eye. Ronghui Gu and his company CertiK are trying to help.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.