Friday, January 15, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

NSW Electoral Commission claims physical separation mitigates Swiss voting flaw

March 13, 2019
in Internet Security
NSW Electoral Commission claims physical separation mitigates Swiss voting flaw
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

(Image: Joe McKendrick)

The NSW Electoral Commission (NSWEC) has claimed it is not impacted by the security issues that were disclosed about the Swiss e-voting system overnight, thanks to using an air-gapped machine, even though the flaw exists in its iVote system.

“The identification of this issue does not affect the use of iVote for the NSW State election,” the NSW Electoral Commission said in a statement.

You might also like

Toyota slapped with $180 million fine for violating Clean Air Act

More than 10mil users installed Android apps that showed out-of-context ads

Xiaomi added to US list of alleged Communist Chinese military companies

As described by security researchers Sarah Jamie Lewis, Olivier Pereira, and Vanessa Teague, the flaw is found in the mixnet component that shuffles votes in an effort to remove the ability to link votes to individual electors.

“The implementation of the commitment scheme in the SwissPost-Scytl mixnet uses a trapdoor commitment scheme, which allows anyone who knows the trapdoor values to generate a shuffle-proof transcript that passes verification but actually alters votes,” the researchers said.

“This allows undetectable vote manipulation by an authority who implemented or administered a mix server.”

Must read: E-voting is still the wrong answer to the wrong question

However, the NSWEC claims it is unaffected because its mixnet is not connected to any systems, and is “securely housed” at the NSWEC.

“In order for this weakness to be an issue, a person would need to gain access to the physical machine. They would need all the right credentials and the right code to alter the software,” a spokesperson for NSWEC said.

“Our processes reduce this risk as we specifically separate the duties of people on the team and control access to the machine to reduce the potential for an insider attack.”

The electoral commission said Scytl is still delivering a patch for the flaw, and that it is confident in the security of iVote.

“iVote is an important voting channel to ensure equal access to democracy, particularly for people with disability and remote voters, and we will continue working to strengthen its operation,” the spokesperson said.

Tell ’em they’re dreaming: Australia Post details plan to use blockchain for voting

On Twitter, Lewis pointed out the high level of auditing the system was subjected to.

“I also think it’s very important that everyone who might find themselves in a nation implementing electronic voting is aware of how many audits, and public puffery the Swiss election system has gone through. It is very important you understand how well audited this system was,” the researcher said.

Two other researchers also discovered the mixnet flaw.

In 2015, Teague was part of a team that discovered iVote was susceptible to the FREAK vulnerability.

Once again, the findings appeared close to a week out from polling day.

“The commission has now had time to review the claims made by Dr Teague and Dr Halderman, and has received advice from our information security auditors,” the NSWEC said at the time. “The commission’s principal security advisers CSC Cyber Security ANZ noted that Dr Teague and Dr Halderman’s claims about the vulnerabilities in iVote are overstated.

Previously: NSW Electoral Commission scrambles to patch iVote flaw

“The proposed FREAK attack requires a high level of technical expertise and a number of pre-conditions to be successful, and as such is not considered a real threat to iVote. We have been advised that the likelihood of someone intercepting votes online using this approach is as real as a malicious postman replacing a postal vote.”

The similarities between the incidents do not end there, with Scytl questioning the motivation of the researchers, as the NSWEC did four years ago.

The iVote system has been subsequently used in elections in Western Australia.

Related Coverage

Online voting: Now Estonia teaches the world a lesson in electronic elections

In this month’s Estonian parliamentary elections, a whopping 44 percent of the ballot was cast using e-voting.

EU to tech giants: Step up fake news fight before European elections

Facebook, Google, Twitter and Mozilla have all made progress fighting disinformation campaigns, but they “need to go further and faster before May,” the European Commission warns.

Australian Electoral Commission wants money to fix ageing IT systems

The Australian Electoral Commission has said it needs money to update its election IT systems, warning that the existing ones are at the end of their useful life.

NSW iVote ballot mistake put down to human error

The NSW Electoral Commission’s CIO Ian Brightwell has said that human error was at the core of an electronic ballot problem on the NSW iVote system that may have the potential to see some of the results from last month’s state election thrown into question.


Credit: Source link

Previous Post

Executive Branch Initiatives Mask Unfunded Government AI Mandate

Next Post

How to Set Commit Author

Related Posts

Toyota slapped with $180 million fine for violating Clean Air Act
Internet Security

Toyota slapped with $180 million fine for violating Clean Air Act

January 15, 2021
More than 10mil users installed Android apps that showed out-of-context ads
Internet Security

More than 10mil users installed Android apps that showed out-of-context ads

January 15, 2021
Xiaomi added to US list of alleged Communist Chinese military companies
Internet Security

Xiaomi added to US list of alleged Communist Chinese military companies

January 15, 2021
Security software maker Tufin soars on raised Q4 outlook
Internet Security

Security software maker Tufin soars on raised Q4 outlook

January 15, 2021
Cisco says it won’t patch 74 security bugs in older RV routers that reached EOL
Internet Security

Cisco says it won’t patch 74 security bugs in older RV routers that reached EOL

January 15, 2021
Next Post
How to Change the WordPress Admin Login Logo

How to Set Commit Author

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Apologetic AI Is A Somewhat Sorry Trend, Especially For Autonomous Cars  
Artificial Intelligence

Apologetic AI Is A Somewhat Sorry Trend, Especially For Autonomous Cars  

January 15, 2021
Machine Learning

BlackRock invests in data science & machine learning | Corporate Finance

January 15, 2021
Toyota slapped with $180 million fine for violating Clean Air Act
Internet Security

Toyota slapped with $180 million fine for violating Clean Air Act

January 15, 2021
AI Research at Amazon: Brand Voice, Entanglement Frontier, Humor Recognition  
Artificial Intelligence

AI Research at Amazon: Brand Voice, Entanglement Frontier, Humor Recognition  

January 15, 2021
Machine Learning in Manufacturing Market 2020 Report Forecast By Global Industry Trends, Future Growth, Regional Overview
Machine Learning

Machine Learning in Manufacturing Market 2020 Report Forecast By Global Industry Trends, Future Growth, Regional Overview

January 15, 2021
More than 10mil users installed Android apps that showed out-of-context ads
Internet Security

More than 10mil users installed Android apps that showed out-of-context ads

January 15, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Apologetic AI Is A Somewhat Sorry Trend, Especially For Autonomous Cars   January 15, 2021
  • BlackRock invests in data science & machine learning | Corporate Finance January 15, 2021
  • Toyota slapped with $180 million fine for violating Clean Air Act January 15, 2021
  • AI Research at Amazon: Brand Voice, Entanglement Frontier, Humor Recognition   January 15, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates