Swiss Post e-voting intrusion test: a farce!

Feb 10, 2019

Swiss Post, totally unimpressed by the previous devastating hacker attacks on the e-voting system, is now about to launch its own official hacking „intrusion test”. For a pocket money, 400 people from all over the world are to test the proven unsafe system in a more controlled and limited setting. The initiators of the popular initiative «For a secure and trustworthy democracy (e-voting moratorium)» are dismayed at the useless exercise.

The Swiss Confederation is trying to establish e-voting since 2000. By 2019 it wanted to see two thirds of the cantons to provide electronic voting. But cantons are far from jumping the bandwagon as expected. Several of them have again withdrawn from the experiment — the latest being the Canton of Jura. Previously, the Canton of Geneva had decided to abandon development of its own e-voting system by 2020 after more than 10 years of development, allegedly for cost reasons. Previously, this e-voting system had been demonstratively hacked by the Chaos Computer Club Switzerland (CCC-CH) showing its weaknesses by all rules of cyber art: the demo hack passed the system like a hot knife through butter. The CCC-CH is unsurprisingly one of the most vehement supporters of the e-voting moratorium.

For Jean Christoph Schwaab, former SP National Councillor from the Canton of Vaud and co-initiator of the e-voting moratorium, the intrusion test is “a farce costing 250,000 Swiss francs. The idea of being able to exclude all relevant hacking methods is a well-intentioned illusion.”

Adding even further to the absurdity of the staged «intrusion test», all known weak spots of the system, those which easily permit to falsify votes and elections, are forbidden attack surfaces. It remains to be seen if organized criminals and secret services will also stick to these rules. Much higher sums than those offered by the Swiss are taken to hands by criminals and strategic organizations to develop attacks. It is unlikely that these actors will ever disclose their cyber arsenal to the Swiss for a 100 to 50.000 Swiss francs.

National Councillor Franz Grüter, head of the committee, commented that “the security of e-voting cannot be bought. Professional darknet hackers would never show themselves in public, thus never register for such a test. In addition, so-called nation-state hackers act at a much more sophisticated level and never take part in public penetration tests.”

Also Nicolas A. Rimoldi, campaign leader of the popular initiative sees nothing positive in this large-scale hacking trial with 400 participants: “The decisive findings have long been available: Swiss e-voting is fundamentally insecure, and the goals associated with it (generally higher voter turnout, motivation of internet-savvy young people) were all not achieved. Swiss Post is only interested in pushing out the project, while security has no priority whatsoever. The fundamental attacks pointed out by the CCC-CH haven’t been fixed and are still feasible today on both systems in use as of the current voting term on the 10th of february (Geneva’s system in in use for six cantons and Swiss Post’s for four cantons); the official claim — security before speed — is not enforced. Regardless of this, the Confederation is keeping the e-voting platforms up and running which is irresponsible. Ironically, Swiss Post is now disclosing the cyber risks for which it has no remedy. Swiss Post and the software supplier Scytl have no remedy against all those banned attack surfaces that often and successfully occur in the real world. Thus, they openly admit that the security of e-voting cannot be guaranteed.”

Rimoldi thinks it is overhearted of the authorities to invite potential attackers — not even excluding foreign secret services and criminal organizations — to test their attack tools for a little payment. “The so-called intrusion test is a pure PR campaign by Swiss Post to divert attention from fundamental and proven flaws in the system,” said Rimoldi.

The limited accessibility to the source code is also impractical: security holes and issues cannot be openly debated and thus hardly be closed, instead they should be reported exclusively to Swiss Post. This approach is out of touch with reality and does not correspond to the working principles of IT security engineering. Especially in an area as sensitive as democracy, maximum transparency and a free software license would have been appropriate. Swiss Post together with Scytl is failing in both respects.

The Swiss Federal Government’s insistence on e-voting has isolated Switzerland internationally. With the exception of Estonia, where a minority of the voting population votes electronically, all European states have rejected or abandoned e-voting.

Post-Debakel: Nur E-Voting-Moratorium schafft Sicherheit

Die folgenschweren Enthüllungen zeigen endlich Wirkung: Die Schweizerische Post kündigt an, ihr E-Voting-System «befristet auszusetzen». Das Initiativkomitee für ein E-Voting-Moratorium begrüsst, dass bei der Post langsam aber sicher die Einsicht einkehrt, dass ihr...

mehr lesen

Kantonsrat auf Irrwegen

Medienmitteilung vom Montag, 25. März 2019 Heute entschied der Luzerner Kantonsrat, E-Voting weiterlaufen zu lassen. Er lehnt ein Moratorium, einen Marschhalt, mehrheitlich ab. Obwohl heute Morgen erneut1 massive Sicherheitslücken im E-Voting-System der Schweizer Post...

mehr lesen

Neue Sicherheitslücke entdeckt

Medienmitteilung im PDF herunterladen Sarah Jamie Lewis, jene Kryptologin und Sicherheitsforscherin, die entdeckte, dass im E-Voting-System der Post Stimmen unbemerkt manipuliert werden konnten, schlägt erneut Alarm. Obwohl Lewis nicht am Intrusionstest der Post...

mehr lesen