22C3 - 2.2

22nd Chaos Communication Congress
Private Investigations

Ulrich Wiesner
Day 3
Room Saal 2
Start time 13:00
Duration 01:00
ID 1134
Event type Lecture
Track Society
Language English

e-Voting: The silent decline of public control

Why German voting machines do not meet the requirements of democratic elections.

The voting machines widely used in Germany's recent elections fail to follow both fundamental democratic principles and German legal requirements. Highlights of a recent Irish report on security issues of these machines will be provided.

In this year's September elections of the Bundestag, more than 2 Million voters had to submit their vote using voting machines of the Dutch automation provider, Nedap. The machines, which have been subject to a (non-public) governmental certification process, do neither allow the voter to verify that his vote has been correctly stored, nor do they provide a transparent and auditable vote counting process. While the a specimen of the software has been reviewed as part of the certification process, the software installed on the Nedap machines is at no time subject to any authentication or validation by the German authorities. This is of specific interest, as a recent report of an Irish government commission claims that the implemented security measures mainly follow the concept "security by obscurity", and that two minutes of unauthorized access might be sufficient to replace the installed software.