The Netherlands has decided its vote-counting software isn’t ready for prime time, and will revert to hand-counted votes for its March 15 election.
The voteare’s security came under question when Dutch security bod Sijmen Ruwhof told local newscaster RTL Nieuws that the average iPad is more secure than the electoral software, called OSV.
He warned that Windows XP is still used for some installations of the system, and in his own blog notes that known-to-be-dud SHA-1 was also employed. He also claimed that unsecured USB sticks would be used to move electoral data.
In a letter sent to the House of Representatives, Minister of the Interior Dr. Roland Plasterk says votes won’t even be entrusted to USB keys: they will be counted at polling stations, with paper reports passed up to the municipality level, then on to aggregating locations, and finally to the country’s Electoral Council.
“I said that can not exclude the government that state actors can benefit from influencing political decisions and public opinion in the Netherlands and purpose deploy resources to try also to achieve influence”, Plasterk’s letter says.
Plasterk’s letter says until this decision was made, the software had been used to count votes for all steps after the polling station counts.
Using the software in the March election would “lead to the persistence of publications about the reliability of the software” and erode trust in the election result.
The government has asked Fox-IT to review the software for vulnerabilities. ®
Source: SANS ISC SecNewsFeed @ February 2, 2017 at 01:36AM