The “Days since last vulnerability found” indicator for the iVote system used in New South Wales’ elections was reset to zero on Wednesday thanks to a new research note from University of Melbourne cryptographer Dr Vanessa Teague. Or rather, the software vendor was notified 45 days earlier to keep with the terms of the source code access agreement while the rest of us found out today. iVote was purchased from Scytl Australia, a subsidiary of Barcelona-based election technology vendor Scytl Secure Electronic Voting, and is based on the system used by SwissPost. In March this year, Teague and her colleagues Sarah Jamie Lewis and Olivier Pereira found a flaw in the proof used by SwissPost system to prevent electoral fraud. Later that month, they detailed a second flaw that could be exploited to result in a tampered election outcome. NSWEC claimed it was safe from the second flaw, and had patched the first. In July, NSWEC ordered Scytl to release parts of the source code in a bid to prove it contained no further vulnerabilities. Vulnerabilities have now been found. “I examined the decryption proof and, surprise, it can easily be faked while passing verification,” Teague tweeted on Wednesday morning. “This exposes NSW elections to undetectable electoral fraud by trusted insiders & suppliers, people who guessed the passwords of the trusted insiders, people who successfully phished the trusted insiders, etc.” Teague’s analysis is detailed in the 8-page Faking an iVote decryption proof [PDF]
In the 2017 Western Australian state election, voters with disabilities can register and vote over the Internet for the first time, using a system called iVote. Voters with disabilities deserve to have just as much confidence in the privacy and security of their votes as able-bodied voters using a polling booth. Unfortunately, a breach of voter privacy, or overt tampering of ballots, may not be noticed if it happens online – and reading or altering someone’s iVote might be easier than it seems. Security vulnerabilities are successfully exploited every day to steal money, commit financial fraud and extract government secrets. US intelligence agencies blamed Russian government hackers for interfering in the US election. The iVote registration and voting servers are protected by Transport Layer Security (TLS), the Internet’s most common security protocol. If you visit your bank and click on the padlock in your browser’s address bar, you can see a TLS certificate that proves you are communicating with the true owner of that domain. However, if you visit the WA Electoral Commission’s online registration page or the iVote log-in page and click on that padlock, you see something surprising: the TLS certificate is owned not by the WA Electoral Commission (WAEC) but by a US company called Incapsula.
Last month, the New South Wales Electoral Commission’s ongoing battle to defend the integrity of its online voting system took chief information officer Ian Brightwell all the way to Switzerland — the last bastion of modern direct democracy. After requests from commissioner Colin Barry were knocked back by two other academic conferences, Brightwell finally got his chance to explain the NSW experience of implementing iVote in direct response to a pair of crusading academics who have doggedly attacked the online voting platform both in Australia and abroad. The organisers of the VoteID 2015 conference, held last month in Bern, Switzerland, deemed the claims and counter-claims interesting enough to design a special session around them. By now, most people who’ve heard about online voting in NSW would have also heard the persistent warnings of Vanessa Teague, a research fellow at the University of Melbourne, and J. Alex Halderman, an associate professor of computer science and engineering from the University of Michigan.
As many as 66,000 votes in the New South Wales state election 2015 could have been tampered with. The election was held on 28 March 2015 and is now closed. Voters used the iVote system which is described by its makers as “private, secure and verifiable” in its operation. Further, the Australian Electoral Commission insists that all Internet votes are and were “fully encrypted and safeguarded” at this time. The iVote system is a form of voting where eligible voters can vote over the Internet or telephone as an alternative to voting at a physical polling station. Security is provided using an 8-digit iVote number, a 6-digit PIN and a 12-digit receipt number for each individual. Australia is arguably a perfect test case for electronic voting with its vast distances that prevent some voters from getting to a polling location. A system like this also benefits the disabled and other less mobile voters. However, the system has been derided by non-profit digital rights group the Electronic Frontier Foundation (EFF), “The problem is that the system was not ready to be one of the biggest online voting experiments in the world.” EFF’s Farbod Faraji says that a FREAK flaw has been discovered in the Australian system by Michigan Computer Science Professor J Alex Halderman and University of Melbourne Research Fellow Vanessa Teague.
Australia: New South Wales Attacks Researchers Who Found Internet Voting Vulnerabilities | Electronic Frontier Foundation
A security flaw in New South Wales’ Internet voting system may have left as many as 66,000 votes vulnerable to interception and manipulation in a recent election, according to security researchers. Despite repeated assurances from the Electoral Commission that all Internet votes are “fully encrypted and safeguarded,” six days into online voting, Michigan Computer Science Professor J. Alex Halderman and University of Melbourne Research Fellow Vanessa Teague discovered a FREAK flaw that could allow an attacker to intercept votes and inject their own code to change those votes, all without leaving any trace of the manipulation. (FREAK stands for Factoring RSA Export Keys and refers to the exploitation of a weakness in the SSL/TLS protocol that allows attackers to force browsers to use weak encryption keys.) But instead of taking the researchers’ message to heart, officials instead attacked the messengers.
As the count for the NSW Legislative Council creeps to a conclusion, there remains an outside possibility that an error in the NSW Electoral Commission’s iVote system could put the result at risk. For the first two days of voting for the election, the electronic ballot paper used for iVoting contained an error. Two of the groups on the ballot paper, the Outdoor Recreation Party in Group B, and the Animal Justice Party in Group C, were shown on the ballot paper without an above the line voting square. Around 19,000 iVotes were cast before the error was spotted. The error did not prevent votes being cast for candidate of the two parties, but it made voting for the two parties above the line impossible.
Australia: NSW state election 2015: Legal challenge looms over upper house iVote error | Sydney Morning Herald
A micro-party that is gunning for the final spot in the NSW upper house is likely to mount a legal challenge if it loses, potentially sending voters back to the ballot box. The Animal Justice Party is battling it out with the No Land Tax Party, and the three major parties, for the last of 21 upper house seats being contested at Saturday’s election. However an early hiccup with the state’s electronic voting system, iVote, saw AJP and another party left off the “above the line” section of the ballot paper. About 19,000 votes were cast before iVote was suspended and the problem, which was due to human error, was fixed.
Australia: There’s a huge design flaw in the NSW online voting system which Labor wouldn’t be happy about | Business Insider
New South Wales goes to the polls today and despite incumbent Liberal Premier Mike Baird being the clear favourite there’s a huge design flaw on the online voting platform which could cost the Labor government votes. It’s all got to do with the user experience of the NSW Electoral Commission’s online iVote system which is clunky to start with. After registering to use the platform and figuring out how to commence the voting process the ballot paper for the lower house appears on the screen, all candidates can be viewed, you can scroll up and down, fine. The problem becomes apparent when voting above or below the line. Even when the paper is enlarged on a 24 inch monitor, it doesn’t render to fit so this is what voters see. However, to the right of that are all the other options (including the Labor party). And while there are big red arrows at the top, that’s not where a user usually focusses their attention, a user experience designer, who wished to not be named, told Business Insider.
Australia: NSW iVote security flaw may have affected thousands of votes: Researchers | Computerworld
Australia: International experts warn of the risks of Australian online voting tools | Sydney Morning Herald
Australia and other countries are a decade or longer away from safe methods of online voting in state and national elections and current tools pose a serious risk to democratic processes, people at a public lecture heard on Monday night. University of Michigan researcher J Alex Halderman and University of Melbourne research fellow Vanessa Teague said online voting in Saturday’s New South Wales election could have been seriously compromised through security weaknesses in the iVote system, being used in the upper house. The pair, in a a public lecture at the Australian National University, said that internet voting continued to raise some of the most difficult challenges in computer security and could not be considered completely safe. They reported faults in the NSW system to electoral authorities last week, ahead of as many as 250,000 voters using online systems to participate in the ballot.
A “major security hole” that could allow an attacker to read or change someone’s vote has been discovered in the New South Wales online iVote platform, security experts say. The iVote system allows people to lodge their votes for Saturday’s state election online, instead of visiting a physical polling station. It aims to make voting easier for the disabled or for people who live long distances from polling booths. However computer security researchers said they found a critical issue and alerted the NSW Electoral Commission on Friday afternoon. University of Melbourne research fellow Vanessa Teague, who found the security vulnerability, said it was a difficult hack to pull off, but could potentially affect ballots en masse. “We’ve been told repeatedly that votes are perfectly secret and the whole system is secure and it can’t be tampered with and so on, and we’ve shown very clearly than that’s not true – that these votes are not secret and they can be tampered with,” Ms Teague said.
A political party accidentally left off online versions of ballot papers has indicated it could take court action after the New South Wales election. The iVote online voting system was suspended for much of yesterday after the NSW Electoral Commission was alerted to the error by the Outdoor Recreation Party’s Peter Whelan. The system is available to voters who are vision impaired, have reading difficulties, live more than 20 kilometres from a polling station or will be out of the state on election day. Mr Whelan said he was shocked when he logged on to the website yesterday. Despite his party having drawn a sought-after Group B “above the line” position on the Upper House ballot paper, it did not appear there on the electronic version. The Animal Justice party, which drew Group C on the ballot, was also omitted.
Australia: New South Wales poll result could be challenged after parties are left off electronic ballot paper | The Guardian
The result of the upper house election in New South Wales could be contested after 19,000 early voters cast their votes on electronic ballot papers that left off the names of two of the parties above the line. The Animal Justice party and Outdoor Recreation party were left out on the electronic voting site iVote. About 19,000 people cast their vote before the error was noticed, but the NSW Electoral Commission has declared their votes will still be valid. Online voting was suspended for about five hours on Tuesday when the error was discovered.
Up to 250,000 votes are expected to be cast using the iVote electronic voting system between March 16 and the close of polls on March 28 in the New South Wales election. That would represent a massive increase on the 46,864 votes at the 2011 state election and could mean about 5% of the total vote is cast electronically, using a telephone or via the internet. It looks set to be by far the biggest test of electronic voting in Australia, which has largely been limited to small trials in the past, and one of the largest online votes worldwide. If the NSW election proves to be close, those electronic votes could prove crucial. But before electronic voting begins on Monday, people in NSW should be warned: there are many unanswered questions about the integrity and privacy of those votes. Late last year, the federal Joint Standing Committee on Electoral Matters recommended against electronic voting in federal elections. Its report concluded that:
Australia is not in a position to introduce any large-scale system of electronic voting in the near future without catastrophically compromising our electoral integrity.
Sydney-based Secure Logic has signed a contract to host the NSW Electoral Commission’s iVote system for the next five years. Secure Logic will provide the NSWEC with infrastructure and platform-as-a-service in a deal worth $990,000. The platform will be able to be scaled during peak election periods, according to head of sales and marketing for Secure Logic, Fergus Brooks. Spanish company Scytl was awarded the contract to provide the online voting software for iVote in May last year, after the state government announced plans to expand iVote for the 2015 election.
Sarong-clad anti-coal hippies have been marked as a chief threat to online voting at the election scheduled to take place in 2015 in the Australian state of New South Wales (NSW). The protestors are identified as a threat in a report penned by CSC for the NSW government. The Reg has seen a copy of the report, which suggests developers feared protesting farmers and fire fighters could launch an attack against New South Wales’ iVote online ballot system in objection to various coal mining projects across the state. “Anti-coal lobby groups could lead to the targeting of the SGE (state government election) in 2015,” the document read. The document also outlines scenarios in which protestors could launch denial of service attacks, knocking out the ability for 250,000 remote and blind users to vote online.