Discover and read the best of Twitter Threads about #EVoting
Most recents (8)
Diese Woche gibts von mir Tweets aus #Estland u #Finnland, wo wir mit einer Delegation des Digitalausschusses im Bundestag lernen wollen, wie man ein Land besser digitalisiert. Mit dabei: @TabeaRoessner @NadineSchoen @mesarosch Hashtag: #btADiEstFinn
Nach dem Briefing durch stellv Botschafter Martin Langer ging es anschlieĂend zum eEstonia Briefingzentrum. 1 Std Info-Lawine dazu, wie Estland so digital wurde u wie digital es inzwischen ist (đ).
Ja, @InesMergel, es ist schon mal "Shock and Awe" (wie erwartet)
#btADiEstFinn/2
Ja, @InesMergel, es ist schon mal "Shock and Awe" (wie erwartet)
#btADiEstFinn/2
eEstonia Briefingcenter:
- 99% der Ăśff. Dienste sind elektr. verfĂźgbar = alles auĂer Heirat u Scheidung
- elektr. Steuererklärung dauert < 3min
- seit 2001 haben alle Kinder "computer classes), die meisten lernen schon in Grundschulen Programmieren u Robotics
#btADiEstFinn/3
- 99% der Ăśff. Dienste sind elektr. verfĂźgbar = alles auĂer Heirat u Scheidung
- elektr. Steuererklärung dauert < 3min
- seit 2001 haben alle Kinder "computer classes), die meisten lernen schon in Grundschulen Programmieren u Robotics
#btADiEstFinn/3
MĂśge die đż-Podiumsdiskussion zum #EVoting bald beginnen - Thread!
PodiumsteilnehmerInnen:
- Mirjam Hostettler / BK
- Adrian Perrig / @ETH
- @claudelongchamp / @gfsbern
- @avongunten / @digiges_ch
Im Aftermath: đˇđ
/@eVoteMoratorium
PodiumsteilnehmerInnen:
- Mirjam Hostettler / BK
- Adrian Perrig / @ETH
- @claudelongchamp / @gfsbern
- @avongunten / @digiges_ch
Im Aftermath: đˇđ
/@eVoteMoratorium
@ETH @claudelongchamp @gfsbern @avongunten @digiges_ch @eVoteMoratorium Die PodiumsteilnehmerInnen der Themenwoche #StaatDemokratieDigitalisierung sind nun da.
Thema heute:
Digitale Demokratie - #EVoting und Manipulation
Thema heute:
Digitale Demokratie - #EVoting und Manipulation
@ETH @claudelongchamp @gfsbern @avongunten @digiges_ch @eVoteMoratorium .@avongunten / @digiges_ch
bezeichnet sich - so in der Vorstellung der Runde - selber als "linkslibertären Humanist". đ
Seine Webseite: andreasvongunten.com
bezeichnet sich - so in der Vorstellung der Runde - selber als "linkslibertären Humanist". đ
Seine Webseite: andreasvongunten.com
Countries that have used Scytl #evoting where Individual Verifiability was a key feature:
* Switzerland
* Australia (iVote - New South Wales)
* Norway
Swiss Post are temporarily suspending evoting because individual verifiability fails. See: people.eng.unimelb.edu.au/vjteague/HowNoâŚ
* Switzerland
* Australia (iVote - New South Wales)
* Norway
Swiss Post are temporarily suspending evoting because individual verifiability fails. See: people.eng.unimelb.edu.au/vjteague/HowNoâŚ
This is a slide from Scytl in 2013 (Source: scytl.com/wp-content/uplâŚ)
How much does that system have in common with the system that was released by Swiss Post? We already know it shared code with iVote.
How much does that system have in common with the system that was released by Swiss Post? We already know it shared code with iVote.
I want to hammer home the severity of this issue. This is now bigger than Switzerland. New South Wales just finished an election on a related system. Other countries have been holding elections on these systems for years.
This is why we need transparency in evoting.
This is why we need transparency in evoting.
After the end of the Swiss Post #evoting PIT the list of (current?) accepted vulnerabilities is incredibly underwhelming: onlinevote-pit.ch/stats/
Especially considering Swiss Post keep wanting to (inconsistently) associate our findings with the PIT.
Especially considering Swiss Post keep wanting to (inconsistently) associate our findings with the PIT.
It will be interesting to see how the next few weeks (months?) play out. I don't believe any specific timelines have been specified? At the moment this still has the aura of a publicity stunt that backfired.
As a brief reminder of the state of that source code:
Good Morning Australia! Good Evening Switzerland! Today @VTeagueAus, Olivier Pereira & I are releasing details of a second critical flaw in the Scytl/SwissPost #evoting code base. As well as several other soundness issues in other zero knowledge proofs in the system.
As before () I am going to use this opportunity to provide some context. And, wow, is there a lot of context to unpack.
Starting with the critical issue: we found a flaw in the Decryption Proof in the system that would allow an insider to spoil votes for candidates they didn't like and, as in the case of the previous shuffle proof issue, create a "proof" that said they had done no such thing.
ICYMI, yesterday we released details of a trapdoor in code that was released as part of Switzerland's #evoting testing. It has since come out that this code & trapdoor also exists in a voting system used in Australia, and that system will be patched during an election period.
Relevant links in this thread:
Regardless of what you think about the Swiss situation, the fact that this issue (which skipped through multiple audits, and that was apparently found 2 years ago but not fixed) has now triggered a patch in a live system raises yet more questions about audit procedures.
It is 9am Swiss Time, @VTeagueAus, Olivier Pereira & I are releasing details of a cryptographic trapdoor that we found in the Swiss Post #evoting system that would allows admins to falsely "prove" mixes that alter votes & undetectably compromise elections: people.eng.unimelb.edu.au/vjteague/SwissâŚ
Along with a detailed paper describing the issue (people.eng.unimelb.edu.au/vjteague/UniveâŚ), we have also released sample false proofs that demonstrate how someone could exploit this trapdoor to change election outcomes.
I am going to use this thread to provide my own opinions on this issue, and how it fits into the wider context of evoting. It's 1am in Vancouver, but I will be awake for a little while.
At @ElectoralWales event discussing changes to Welsh votingâincluding #evoting and #onlinevoting trialsâweâre here to warn it is dangerous
@ElectoralWales People often treat online /evoting as a simple security problemâbut itâs the impacts of getting it wrong that we need to think about
