Profile picture
Sarah Jamie Lewis
@SarahJamieLewis
, 7 tweets, 2 min read Read on Twitter
20 Minuten - «Kein Land kann sicheres E-Voting garantieren» - News 20min.ch/schweiz/news/s… via @20min
Some of this interview got a little lost in translation, but the gist remains the same. I can't see a path towards secure evoting that doesn't feature a full detailed investigation into how the Swiss Post system came to feature so many critical cryptographic flaws.
These issues shouldn't just be patched up, we need to understand how they came to exist in the first place, why internal reviews at Scytl, and external audits by Swiss Post, KPMG et al didn't uncover them.
(Or as in the case of the first critical vulnerability, why it was apparently discovered but never fixed - did we ever get a straight story from Scytl/Swiss Post on that one?)
When designing secure systems the process is as important as, if not more important than, the product. It's not enough to demonstrate a secure system (they didn't), you have to be able to demonstrate how your process catches errors before they become issues.
And, no, relying on an international team of uncompensated researchers to tear your code apart on twitter is not a "process"
btw, I was absolutely serious about this bet

Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Sarah Jamie Lewis
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @SarahJamieLewis see all

Profile picture
Sarah Jamie Lewis
@SarahJamieLewis
After the end of the Swiss Post #evoting PIT the list of (current?) accepted vulnerabilities is incredibly underwhelming: onlinevote-pit.ch/stats/

Especially considering Swiss Post keep wanting to (inconsistently) associate our findings with the PIT.
It will be interesting to see how the next few weeks (months?) play out. I don't believe any specific timelines have been specified? At the moment this still has the aura of a publicity stunt that backfired.
As a brief reminder of the state of that source code:
Read 22 tweets
Profile picture
Sarah Jamie Lewis
@SarahJamieLewis
Good Morning Australia! Good Evening Switzerland! Today @VTeagueAus, Olivier Pereira & I are releasing details of a second critical flaw in the Scytl/SwissPost #evoting code base. As well as several other soundness issues in other zero knowledge proofs in the system.
As before () I am going to use this opportunity to provide some context. And, wow, is there a lot of context to unpack.
Starting with the critical issue: we found a flaw in the Decryption Proof in the system that would allow an insider to spoil votes for candidates they didn't like and, as in the case of the previous shuffle proof issue, create a "proof" that said they had done no such thing.
Read 28 tweets
Profile picture
Sarah Jamie Lewis
@SarahJamieLewis
Scytl have reviewed the findings related to our discovery of a trapdoor in their syste that could be used by administrators (or engineers of the system, like Scytl) to tamper with an election and have concluded that they are "highly unlikely" to be exploited.

All good then.
The thing about fostering constructive dialogue is that you can't criticize researchers for raising concerns about your project & then pretend this was all part of the plan when they find something.

Also you are really going to need to explain why this wasn't fixed 2 years ago.
This is one of those cases where people really need to demand an independent, transparent audit & assessment.

Not that I don't trust Scytl's findings - but there is obviously an inherent conflict of interest in them deciding the risk of something as big as election compromise.
Read 4 tweets

Related threads

Profile picture
Lars Pellinat
@Lars9596
@cenkuygur 1. So #Mueller & the FBI invested massive resources, over 2 years, helped along by most of the MSM & some bloggers who seem to only have a #TrumpRussia-life & yet Mueller could not find reasons for further indictments: Looks like it is time to rest your case!
@cenkuygur 2. The constant anti-#Trump-rants cost the MSM a lot of credibility: They even build their "case" on the likes of #conspiracy-queen #LouiseMensch ("death penalty for #Bannon", "#Hatch to be POTUS soon"), who even wrote a #NYT opinion-piece.
With credibility gone, readers go!
@cenkuygur 3. So you can now return to sanity & attempt to return to good & critical #reporting again (#TrumpRussia was often more of a disinformation & #propaganda-exercise) or you end up being a "Resistance-#FakeNews-sender!
Having a left or liberal slant is OK, going full retard is not!
Read 8 tweets
Profile picture
covert_extrovert
@ExtrovertCovert
1) @realDonaldTrump @WhiteHouse @POTUS
#QAnon post No. 2779...
#Q drops a graphic of the 3 zero delta #QProofs with seconds shown & notes they matter. Three proofs on the same day is really driving it home & on the 17th no less [ ! ]
2) #QAnon post No. 2780...
#Q posts an #Anon's #CNN #Tweet on #McCabe's reactionary response 2being called on his statements about the secret meet on the 25th amendment op.
#Deflection or #DiversionaryTacts.
Dead cat bounce is a stock market term.
#ThePlan won't be stopped!
3) #QAnon post No. 2781...
Link to posted image from @Courtiah22 #Tweet.
"Impressive, most impressive." Q

#EnjoyTheShow🇺🇸🍿
Read 43 tweets
Profile picture
Tunde Omotoye 🇳🇬
@TundeTASH
Practical way of approaching an #Interview.
(A guide to an exceptional performance for your next interview.)

Thread.
1. Know your resume like the back of your left hand.

Ever gone for an interview and you blank out when asked the question “tell us about your background?” Don’t worry it happens to most of us.
Or they ask a question related to a part of your resume and you begin with “erm erm”
As simple as it may seem, knowing the entire info on your resume from your objectives to your experience gives you 'un-matchable' confidence.

It’s okay if your resume was drafted by a professional CV writer. You should still take time out to digest its entirety.
Read 24 tweets
Profile picture
Friend or Foe?
@starknightz
1.) Jan 12, 2019 pm News ~ President Trump Slams ‘Crooked Cop’ Comey, Former FBI Leaders, Over NY Times Report FBI Investigated Trump as Russian Agent After He Fired Comey thegatewaypundit.com/2019/01/presid…

#News #Trump #Qanon @realDonaldTrump #WWG1WGA
2.) Jan 12, 2019 pm News ~ Friday on MSNBC’s “Deadline,” Brennan on Shutdown: ‘Trump Has Been Reaching into the Authoritarian’s Toolbox’ breitbart.com/clips/2019/01/…

#News #Trump #Qanon @realDonaldTrump #WWG1WGA
3.) Jan 12, 2019 pm News ~ President Trump Fondly Recalls Firing
‘Total Sleaze’ James Comey breitbart.com/politics/2019/…

#News #Trump #Qanon @realDonaldTrump #WWG1WGA
Read 103 tweets
Profile picture
poxxk
@poxxk
"Le Monde" identifie sur une vidéo un proche conseiller de #Macron frappant violemment un manifestant le 1er mai à Paris. #AlexandreBenalla était équipé d’un casque à visière des forces de l’ordre, alors qu’il n’est pas policier. #MacronLaMatraque lemonde.fr/politique/arti…
↕️ La #vidéo montrant le proche conseiller de #Macron frapper un jeune manifestant à terre, place de la Contrescarpe, à Paris, le #1erMai. #AlexandreBenalla #GérardCollomb #MacronLaMatraque
↕️ Réaction d'@ericcoquerel après l'article du Monde révélant qu'un proche conseiller de Macron (qui a toujours son bureau à L’Élysée!) a frappé violemment un manifestant à terre à Paris, le #1erMai2018. #AlexandreBenalla #GérardCollomb #MacronLaMatraque
Read 559 tweets
Profile picture
Olufemi Osasona
@OsasDapheel
Have you been buying lands in the Ibeju Lekki axis of Lagos? Cheap cheap lands right and you probably thought everything is good? Well i hate to break it to you, There are no cheap lands in Lagos. If it is cheap, there are risks involved. I'll explain.
Thread!!!!!!!
1. Often times i've had people call or message me to ask about cheap lands they can buy & build in Lagos state. Talking about d lands advertised by their church members for 800k or less. Well, patronize your members o but their are some facts #realestate agents wont tell you
2. Majority of the lands you buy for cheap comes with a #Land title called Excision in process, Okay good. I guess you will say but “#Excision is the right of the indigenous land owners” right? YES you are very correct but...
Read 19 tweets

Trending hashtags

#AffaireBenallaMacon #MotionDeCensure #propaganda #ClimateControl #MacronDestitution #Children #PANIC #bigdats #excision #AlexandraLouis #QClearance #DeclasFISA #EdouardPhilippe #LockThemUp #GSPR #CNN #Land #SaveTheChildren #RichardFerrand #News #aii #WA08 #TheStormIsUponUs #CROOK #SteeleDossier
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!