Scytl Asks NSW to ‘Study’ Swiss Electronic Voting Penetration Tests – Security – Software

Scytl, the vendor behind the suspended iVote system in New South Wales, has asked state election officials to “investigate.” “Public Penetration Test” run by Switzerland Since 2019, we have been implementing electronic voting technology as a way to improve “voter and system integrity.”

NSW Shelves iVote After Election Day Trouble In a local government poll in late 2021. I’m currently testing if an alternative exists.

in submissions [pdf] In a review of tech-assisted voting options by NSW, Scytl said, “While NSW continues to be a pioneer in internet voting implementation, security and accessibility, we have also studied recent developments in Switzerland. can do,” he said.

Its research proposal included “organizing public penetration tests and publishing source code, which indicated that hackers would not be able to operate the system in the context of a mock election (up to 3000 hackers tried to exploit the system but failed).) Monetary rewards are offered for hacker success.”

It is not immediately clear from the filing whether Scytl believes NSW authorities should replicate the exercise or simply take into account the results of the Swiss tests.

Researchers have previously discovered vulnerabilities Swiss testing confirmed that it is in Scytl’s source code and is also present in iVote.

At that time, Still Disputed how the vulnerability was disclosed criticized the researcher’s intentions.

In addition to public penetration testing studies, Scytl suggested that a “scientific expert group discuss potential improvements to regulation and auditing. [an] The Internet Voting System’ – another Swiss initiative – may also be investigated by NSW.

“The group worked for several months and proposed some medium- to long-term potential improvements to pave the way for Internet voting adoption,” said Scytl.

Elsewhere in the filing, Scytl suggests that myGovID can be investigated as a way to verify the identity of e-voting participants, but it should not be the only authentication option.

Additionally, Scytl said there are “technical advantages” to more stringent pre-registration of voters, especially in terms of capacity and load.

It suggests that pre-registration with an early cut-off may limit the blast radius of system outages and other problems that may arise.

iVote issues in late 2021 It was mainly due to the bottleneck It means you failed to vote when handing out ballot numbers to last-minute applicants.

However, Scytl said decisions about pre-registration should not be made solely for technical reasons.

“[There] Not a clear black and white answer here – visually impaired voters are more likely to know this before the election and can choose to pre-register, but those affected by emergencies or unplanned travel may lose their right to vote. The ability to register is unavailable and elections are underway,” it said.

Sctyl opposed technical standards for adding vote verifiability to electoral law and the use of geolocation to determine who can vote electronically.

Scytl Asks NSW to ‘Study’ Swiss Electronic Voting Penetration Tests – Security – Software

Source link Scytl Asks NSW to ‘Study’ Swiss Electronic Voting Penetration Tests – Security – Software

Back to top button