Don't miss




Syria: Russia and Israel seek to avoid spiral over plane downing

Read more


Mexico's seaweed invasion: Disaster or opportunity?

Read more


Joaquin Phoenix: 'Jacques Audiard is unique, even among French directors'

Read more


Iwao Hakamada, the Japanese boxer still fighting... for his life

Read more


Should supermodels' catwalk strut be protected by copyright?

Read more


Child development: Inside a child's incredible brain

Read more


US hits China with trade tariffs on $200bn of goods

Read more


Venezuela's exodus: How long can Latin America cope?

Read more


Spaniards divided over future of Franco monument

Read more


Vulnerabilities discovered in German electoral system

© John MacDougall, AFP | Le Chaos Computer Club discovered flaws in software used in German elections.

Text by Sébastian SEIBT

Latest update : 2017-09-09

The Chaos Computer Club (CCC), a group of German hackers, is warning that there are major flaws in software that will be essential to the vote count in Germany's September 24 legislative elections.

The CCC said on Tuesday that hackers could destabilise the German general election if the choice of 61.5 million Germans who will cast their ballots on September 24, to either re-elect Chancellor Angela Merkel or replace her, is not respected.

The CCC published a report online giving details as to how the election could be hijacked. While electronic voting is illegal in Germany, results are transmitted to the electoral commission electronically. It is there that the vulnerabilities lie. The software used in much of the country to send the votes to the Federal Election Commission is not secure, the CCC said. And the weakness is so obvious that it was discovered easily by a 29-year-old computer scientist.

PC-Wahl in the crosshairs

The program used to send results, PC-Wahl, doesn’t adhere to "the basic principles of computer security, and the number of vulnerabilities discovered far surpass our worst fears," said Linus Neumann, spokesman for Berlin-based CCC. The weakness comes from the lack of an electronic signature on the data that is sent that proves that it is genuine. Without that, hackers could intercept the results and modify them.

And the passwords for accessing the PC-Wahl interface are not hard to find. For starters, the same ID is valid for multiple municipalities. "It is like a hotel where all the doors are closed, but where the same key opens them all," Neumann said.

The PC-Wahl software can also be easily modified. The program updates automatically on a regular basis, but the updates aren’t well-protected from hackers. A cybercriminal could fairly easily swap an official update with a version that would allow him or her to control the software.

Insufficient improvements

The defects were discovered at the beginning of the summer and the manufacturer of PC-Wahl was quickly alerted. Several modifications later, the Chaos Computer Club is still not satisfied with the results. The improvements made "do not stand up to even superficial security tests", the report notes.

In an interview with the weekly Die Zeit, the manufacturer of PC-Wahl defended itself by stating that "even in cases of piracy, the final result of the vote will be legitimate because there is always the paper trail for verification." The CCC and the computer scientist who made the original discovery acknowledge that if there is the slightest doubt, the electoral commission will be able to verify the results against the paper ballots.

But the CCC contends that the flaws that still exist in the software might cast suspicion on the election results, which "weakens the democratic process," Neumann said. Some authorities have taken note. In Hesse, the head of the electoral commission asked local election officials to compare the results that will be published online on the evening of the election with those they sent in. And national authorities are now working with the makers of PC-Wahl to make sure the software is as secure as possible come election day.

Date created : 2017-09-09


    Another vote, another wrangle between Germany and Turkey

    Read more


    Merkel leads as rival Schulz fails to make inroads in key debate

    Read more


    Merkel starts Germany's 'strangest' election campaign

    Read more