[sschueller]

It is brain dead but this is old code from what I recall. We do not have e-voting at this time although the Post which outsourced this first nightmare of a version is still trying to push for it.

I highly doubt we will see e-voting here until there is a verifiable proof that it is verifiable. There was a lot of bad press about this and people don't trust this crap.

They tried a similar thing for E-ID which was supposed to be built by some private cooperation and run on some centralized servers. The people voted against it and now the government has done the right thing and is building an E-ID system that is decentralized and government run. It still has some quirks but it's going in the right direction.

The sad thing is for the governments first version (outsource to private industry) their claim at the poles was that it would take many years for an E-ID if we don't do it this way. Now only 1 year later we have a very good proposal. There is too much corporate interest pushing around pawns in Government at this time even in a direct democracy like Switzerland.

[dbrgn]

Well, unfortunately they do plan to relaunch their e-voting system next year, after having "tested their system against more than 60'000 attacks from hackers" (whatever that is supposed to mean)...

https://www.srf.ch/news/schweiz/elektronische-stimmabgabe-ha...

https://www.heise.de/news/Schweizer-Post-Hacker-konnten-E-Vo...

[hutzlibu]

Hm, but it sounds quite solid(I only know, what is written in the links):

They made an open public intrusion test with a bug bounty and they released the sources. And so far no one could find a real weakness.

[tarakat]

How many nation-states burned their best zero-days on this public intrusion test?

[hutzlibu]

Likely none, but nation-states can also manipulate traditional voting with enough effort.

(classic spycraft, blackmailing of key persons, intercept mailvoting, etc.)

Nothing is 100% secure.

So the question is, is it good enough?

They said they took great effort to verificate the voting and detect manipulation. I cannot confirm or verify it, but since it is open, I could. That is a great step forward, compared to the closed black boxes, e-voting systems I have heard of before.

[tarakat]

Your examples are all less scalable and easier to detect that hacking.

> That is a great step forward, compared to the closed black boxes, e-voting systems I have heard of before.

It's still a black box. You have only their word to go that the published source is what is actually running on the machine in front of you in the voting booth. And they have only the word of their computers.

So yes, it's a great step forward, in the same way that going up a flight of stairs is a great step towards reaching orbit.

[hutzlibu]

"Your examples are all less scalable and easier to detect that hacking."

Less scalable likely yes, but easier to detect depends. How would I know, if my local vote regulator is a russian asset?

"You have only their word to go that the published source is what is actually running on the machine in front of you in the voting booth."

That can be changed. In a way, that I also can voluntarily help with the voting and vote count today, you could have community based people overwatching the technical deployment of the machines.

I am not saying, that what the swiss are doing is enough. But I like voting and I would like voting to happen more often. That would be way easier with digital secure solutions. We can transfer our money digital securly, so why not also our vote?

(well yes, anonymity of vote makes it harder, but not impossible)

More voting, more democracy.

[gerdesj]

"their claim at the poles was"

Sorry for being a bit of a pedant but: A pole is a simple structure (eg flag pole), a Pole is a person from Poland and a poll is what you meant 8)

[hn_zorba]

You might be a pedant but it actually helped me understand that message, I was really confused by the poles.