New finding in the source code 25.03.2019
It can be excluded that it can be used to change votes or manipulate elections unnoticed.
Swiss Post has received a new observation from researchers concerning the e-voting system source code, which Swiss Post published a few weeks ago.
The scenario aims to make individual votes cast invalid. This would be noticed during decryption and counting in any case, as it is not possible to submit invalid votes to the e-voting system of Swiss Post.
It can therefore already be excluded that it can be used to change votes or manipulate elections unnoticed.
In reality, the scenario is very difficult to put into practice, as an attacker would have to override numerous protection measures. For example, they would need to have control over the secure Swiss Post IT infrastructure and would also have to install malware on the voter’s device.
Swiss Post is currently working on clarifying the details of this issue and collaborating closely with its technology partner Scytl to find a solution.