Swiss Governemnt Starts E-Voting PIT Bug Bounty Program in February

Editorial_Staff_Team's picture

Internation Bug Bounty Program to PenTest E-Voting System

The federal government of switzerland offers hackers who can uncover vulnerabilities, privacy issues or simple bugs in its e-voting system up to 44,000 euros.

International White Hat or ethics hackers are given the opportunity to search for vulnerabilities during a four-week voting simulation - the duration of a Bundestag election - from 25 February to 24 March. Swiss Post, the organisation behind this "Public Intrusion Test" (PIT), has provided 150,000 francs (132,000 euros) for the reward of the hackers. Hackers receive between 30,000 and 50,000 francs (up to 44,000 euros) for the undetectable manipulation of votes and 20,000 francs (17,600 euros) for the manipulation of votes in a way that can be proven by trustworthy auditors. Smaller sums of money are spent on hackers who can find ways to violate voters' privacy, infiltrate servers or uncover best practices that have not been followed.

Details: https://onlinevote-pit.ch/details

Since 2004, e-voting - or voting on the Internet - has been tested in 15 of Switzerland's 26 cantons so that polticians can cast their votes. However, only three cantons currently use the system on a regular basis. In 2017, the Federal Council voted in favour of plans for increasing the digitalisation of voting in order to make it as accessible as the ballot box or the regular postal vote. In order to extend online voting to a wider public, Swiss Post is obliging the cantons to "fulfil additional requirements" under the federal ordinance.

The Federal Council explained "With the implementation of the PIT, the Confederation and the cantons hope to gain a valuable external view of the system from a large number of competent persons". Security concerns have restricted the dissemination and general use of e-voting at the international level.

Some countries allow e-voting at the local level, albeit usually only to a limited extent, which means that not all municipalities have introduced the system. These include countries such as Canada and India. For example, half of the US states now allow certain military personnel to vote online. In 2005, the small Baltic state of Estonia was the first country to hold nationwide elections by e-voting. France did not intend to give expatriates the opportunity to vote electronically in parliamentary elections in 2017 because the National Cybersecurity Agency warned in a vote against an "extremely high risk" of cyber attacks.

With this news article we want to challenge and inform all white hackers and bug bounty hunters worldwide to take part in the competition to help. The system is designed so that currently only registrations are accepted until the start on 24-25 February. Demonstrate the world and switzerland that digital voting can be manipulated. Our team will as well participate with a small but skilled team to score.

Registration: https://onlinevote-pit.ch/accounts/sign-up/

 

Rate this article: 
Average: 5 (4 votes)

Comments

JusofRema's picture

result of the program is no surprise but however a wise decision. e voting can not be establish that way.

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.