A critical flaw in Switzerland's e-voting system is a microcosm of everything wrong with e-voting, security practice, and auditing firms

Switzerland is about to have a national election with electronic voting, overseen by Swiss Post; e-voting is a terrible idea and the general consensus among security experts who don't work for e-voting vendors is that it shouldn't be attempted, but if you put out an RFP for magic beans, someone will always show up to sell you magic beans, whether or not magic beans exist.

Swiss Post contracted with Barcelona firm Scytl to build the system, then consulted with outside security experts and KPMG to audit the system, and then announced a bug-bounty program that would allow people who promised to only disclose defects on Swiss Post's terms to look at some of the source code.

This kind of bug bounty is pretty common, and firms like to assert that they can be trusted to be responsible stewards of bad news about their own products and should have the right to decide who can make truthful disclosures about their mistakes and the defects in their offerings. During the fight over DRM standardization for browsers at the W3C, we pointed out that one side-effect of adding DRM to browsers would be that browser vendors and media companies would acquire a new right to silence security researchers who wanted to make factual statements about security defects in their products. At first, the commercial members and browser vendors denied that this was the case, but eventually they decided that it was true, and that this was a feature, not a bug, and set about trying to craft rules for when it would be OK for companies to decide that users couldn't know about defects in their products. Read the rest