Don't miss




Egypt, Morocco lose first World cup matches conceding last minute goals

Read more


Macron likes his china fancy

Read more


World Cup: And in the end, Putin wins?; Trump hits back at critics; Migrant crisis divides EU governments

Read more


The Jewish community's place in French society

Read more

#TECH 24

Football and tech: The data game is on!

Read more


John Cameron Mitchell on his new film 'How to Talk to Girls at Parties'

Read more


Iran's water crisis

Read more


Residents of southern Lebanon live in fear of another war

Read more

#THE 51%

Turning pain into hope: Rwanda's children of rape

Read more


Vulnerabilities discovered in German electoral system

© John MacDougall, AFP | Le Chaos Computer Club discovered flaws in software used in German elections.

Text by Sébastian SEIBT

Latest update : 2017-09-09

The Chaos Computer Club (CCC), a group of German hackers, is warning that there are major flaws in software that will be essential to the vote count in Germany's September 24 legislative elections.

The CCC said on Tuesday that hackers could destabilise the German general election if the choice of 61.5 million Germans who will cast their ballots on September 24, to either re-elect Chancellor Angela Merkel or replace her, is not respected.

The CCC published a report online giving details as to how the election could be hijacked. While electronic voting is illegal in Germany, results are transmitted to the electoral commission electronically. It is there that the vulnerabilities lie. The software used in much of the country to send the votes to the Federal Election Commission is not secure, the CCC said. And the weakness is so obvious that it was discovered easily by a 29-year-old computer scientist.

PC-Wahl in the crosshairs

The program used to send results, PC-Wahl, doesn’t adhere to "the basic principles of computer security, and the number of vulnerabilities discovered far surpass our worst fears," said Linus Neumann, spokesman for Berlin-based CCC. The weakness comes from the lack of an electronic signature on the data that is sent that proves that it is genuine. Without that, hackers could intercept the results and modify them.

And the passwords for accessing the PC-Wahl interface are not hard to find. For starters, the same ID is valid for multiple municipalities. "It is like a hotel where all the doors are closed, but where the same key opens them all," Neumann said.

The PC-Wahl software can also be easily modified. The program updates automatically on a regular basis, but the updates aren’t well-protected from hackers. A cybercriminal could fairly easily swap an official update with a version that would allow him or her to control the software.

Insufficient improvements

The defects were discovered at the beginning of the summer and the manufacturer of PC-Wahl was quickly alerted. Several modifications later, the Chaos Computer Club is still not satisfied with the results. The improvements made "do not stand up to even superficial security tests", the report notes.

In an interview with the weekly Die Zeit, the manufacturer of PC-Wahl defended itself by stating that "even in cases of piracy, the final result of the vote will be legitimate because there is always the paper trail for verification." The CCC and the computer scientist who made the original discovery acknowledge that if there is the slightest doubt, the electoral commission will be able to verify the results against the paper ballots.

But the CCC contends that the flaws that still exist in the software might cast suspicion on the election results, which "weakens the democratic process," Neumann said. Some authorities have taken note. In Hesse, the head of the electoral commission asked local election officials to compare the results that will be published online on the evening of the election with those they sent in. And national authorities are now working with the makers of PC-Wahl to make sure the software is as secure as possible come election day.

Date created : 2017-09-09


    Another vote, another wrangle between Germany and Turkey

    Read more


    Merkel leads as rival Schulz fails to make inroads in key debate

    Read more


    Merkel starts Germany's 'strangest' election campaign

    Read more