Student Finds Flaw in E-Voting, Seeks Nullification of Result
A university student claims to have found a fatal flaw in the online election software that could make it possible for a virus to block certain candidates without the voter ever knowing that tampering had occurred.
"Those who are operating the system have unfortunately not done their work well as they have not explained these risks to the electoral committee and candidates," said Paavo Pihelgas, a student at the University of Tartu, who has sent the election committee a complaint seeking nullification of the election result.
Pihelgas - who has no evidence that any intrusions occurred, only a potential security hole - said he started poring over the system earlier this year looking for flaws after hearing project manager Tarvi Martens say on TV that e-elections were more secure than old-fashioned paper voting.
On February 8-10, the program to be used for e-elections was announced during a public system test and Pihelgas downloaded it into his computer and began programming code on the basis of that application.
Pihelgas said on ETV that it took him 4-5 days to find a major flaw that he said he believes the system developers are aware of - a hypothetical virus could block a vote given to a certain candidate and make it appear as if the vote had in fact been given and sent to the electoral committee.
Pihelgas sent a letter of caution to the committee and the media in late February.
Project head Martens met Pihelgas face to face on February 28, and Martens acknowledged that individual computers were the weakest link. "It is a fundamental problem, that the state of the user's computer cannot be checked. What we can do and what we do do is that we identify such anomalies," said Marten on ETV.
Three IT specialists interviewed by ETV said that the malicious scheme looked good on paper but nearly impossible to implement in real life.
Martens, too, said: "It is not possible if only because it would take time to spread such a virus and since each time the voter application is different, it would have to be attacked in a different manner. If the voter application is released on the first day of election, it would be impossible so quickly to construct such malware and circulate it in sufficient quantity," said Martens.
Pihelgas accuses the election committee of "waffling" and says risks could be hedged further by giving voters a passcode with their electronic voter cards, and by implementing a vote confirmation system where the user is prompted for the passcode.
Martens says such a solution is not realistic and that there is no such thing as absolute security. He says a battery of security observers working with CERT Estonia, including the Cyber Defense League, monitor the web on a volunteer basis at all times, especially during elections.
Pihelgas's complaint will be passed on to the Supreme Court, which has seven days to respond.