One Article Review
| Source |  Reversemode |
|---|---|
| Identifiant | 8654608 |
| Date de publication | 2023-02-14 14:58:31 (vue: 2025-03-07 20:12:10) |
| Titre | Trouver des vulnérabilités dans le futur système de vote électronique Swiss Post \\ Finding vulnerabilities in Swiss Post\\'s future e-voting system - Part 1 |
| Texte | In September \'21, I came across this story "Swiss Post Offers up to €230,000 for Critical Vulnerabilities in e-Voting System" while catching up with the security news. The headline certainly caught my attention as it looked like an outlier from the regular bug bounty programs or well-known exploit contests, not only for the announced rewards but mainly because of the target. So essentially Swiss Post, the national postal service of Switzerland, was opening to the general public a bug bounty program, using the YesWeHack platform, intended to uncover vulnerabilities in its future e-voting system.The first part of this blog post series will detail the approach used to analyze the Swiss Post e-voting system, as well as the first round of vulnerabilities that I reported during September/October \'21.IndexIntroductionApproachAttack SurfaceVulnerabilities 1. Insecure USB file handling during \'importOperation\' 2. Insecure \'ReturnCodeGenerationInput\' signature generation allows vote manipulation 3. Lack of consistency check allows an adversary to forge the verificationCardId in SecureLog entries 4. Improper parsing of the request body when validating signatures for secure requestsIntroductionE-voting systems immediately raise concerns in a significant part of the security community. Not in vain, we are talking about systems that should be considered a critical infrastructure, as they are intended to support a democratic election process. Therefore, this kind of systems should provide the same guarantees regarding confidentiality, integrity and availability that current, let\'s oversimplify and say \'analog\', election processes provide. However, security people usually don\'t trust computers and everyday we see examples that certainly do not facilitate changing your mind on this aspect. That said, we implicitly trust the outcome of safety-critical computer operations happening everyday in our life: from the state estimator that guarantees we have a stable power-grid, the train control systems providing a safe commute, or the avionics systems that keep you alive while flying. It doesn\'t mean those systems can\'t be hacked but supposedly they are being supported to keep up with the attacks they may face, while still successfully performing the tasks modern societies rely on. I know, it\'s not a perfect scenario but it\'s what it is.Although e-voting may not be suitable for every country, Switzerland seems to have a long tradition on referendums, and actually, they have been already using e-voting for many years. However, when the Swiss Post e-voting platform was published, back in 2019, it faced some public scrutiny, mostly from the academic community. As a result, some significant issues were uncovered, so eventually Swiss Post decided to suspend the deployment of the system. The first version had been developed by |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | $2m €230 * 3 also e1= and e1 = anyway e1 file: https://gitlab i improper insecure into it lack protocol the under when /** /blob/master/operations/recommendation /config /import /issues/4#5 /issues/5descriptionthe /p> 0/av:a/ac:h/pr:h/ui:n/s:c/c:n/i:n/a:h3lack 0/av:a/ac:h/pr:h/ui:n/s:u/c:n/i:l/a:l4insecure 0/av:a/ac:h/pr:l/ui:n/s:u/c:n/i:l/a:n 0/av:l/ac:h/pr:h/ui:n/s:c/c:l/i:l/a:l/e:u/rc:u5lack 0/av:l/ac:h/pr:h/ui:n/s:u/c:n/i:h/a:n/e:u6uncaught 0/av:n/ac:h/pr:n/ui:n/s:u/c:n/i:n/a:l7improper 0/av:p/ac:l/pr:h/ui:n/s:c/c:h/i:h/a:h2insecure 000 002: 003: 004: 005: 006: 007: 008: 009: 010: 011: 012: 013: 014: 015: 016: 017: 018: 019: 020: 021: 022: 023: 024: 025: 026: 027: 028: 029: 030: 031: 032: 033: 034: 035: 036: 037: 038: 039: 040: 041: 042: 043: 044: 045: 046: 047: 048: 049: 050: 051: 052: 053: 054: 055: 056: 057: 058: 059: 060: 061: 062: 063: 064: 065: 066: 067: 068: 069: 070: 071: 072: 073: 074: 075: 076: 077: 078: 079: 080: 081: 082: 083: 084: 085: 086: 087: 088: 089: 090: 091: 092: 093: 094 094: 095: 096: 097: 098: 099: 100 10032 100: 101 101: 102: 103: 104: 105 105: 106: 107: 108: 109: 110 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120034 120: 121: 122: 123 123: 124: 125: 126: 127: 128: 129: 130: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144 144: 145: 146: 147: 148: 149: 14: 150 1500017 150: 151: 152: 153 153: 154: 155: 156: 157: 158: 159: 15: 160: 161: 162: 163: 164 164: 165 165: 166: 167: 168: 169: 16: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 17: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 18: 190: 191: 192: 193: 194: 195: 196 196: 197: 198: 199: 19: 20033 200: 2019 201: 202021 2021 202: 203: 204: 205: 206: 207: 208: 209: 20consultation 20for 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245/246 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255 255: 256: 257: 258: 259: 25: 260: 261: 262 262: 263: 264: 265: 266 266: 267 267: 268: 269: 26: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279 279: 27: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 28: 290 290: 291: 292: 293: 294: 295: 296: 297: 297:return 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 30: 310 310: 311 311: 312: 313: 33: 34: 35: 36: 37: 38: 39: 39file: 3rd 403 404 40: 415: 416: 417: 418: 419: 41: 420: 421: 422: 423: 424: 425: 426: 427: 428: 429: 42: 430: 431: 432: 433: 434: 435: 436: 437: 438: 439: 43: 440: 441: 442: 443: 444: 445: 446: 447: 448: 449: 450: 451: 452: 453: 454: 455: 456: 457: 458: 459: 460: 461: 462: 463: 464: 465: 466: 467: 468: 469: 470: 471: 472: 473: 474: 475 475: 476: 477: 478 478: 479: 480: 481: 482: 483: 484: 485: 486: 487: 488 488: 489: 490: 491: 492: 493: 494: 495: 496: 497: 498: 499: 500 500: 501: 502: 503 503: 504: 505: 506: 507: 508: 509: 510: 511: 512: 513: 514: 515: 516: 517: 518: 519: 520: 521: 522: 523: 564: 565: 566: 567: 568: 569: 570 570: 571: 572: 573: 574: 575: 576: 577: 659: 660: 661: 662: 663: 664: 665: 666: 667: 668: 669: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: ::new :this ;after = vote ==null @apioperation @apiresponse @apiresponses @entity @id @jsoncreator @jsonignoreproperties @jsonproperty @jsonpropertyorder @link @notnull @override @param @pattern @postmapping @rabbitlistener @requestbody @return @size @suppresswarnings @table @throws New ZPGroupelement ability able abort about above absk absolutely absolutepathresolver abuse academic accessed accessing according accurate acquiring across actors actual actually add addall added addition additionally addressed admin adminboardid adminboardpublickey adminboardpublickey; adminboardservice administrationboardprivatekeypem administrator administrators advanced advantage adversary after against aggravate air algorithm alive all allmatch allow allowing allows already also al |
| Tags | Vulnerability Threat |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.