![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Entry tags:
Switzerland repeats evote failure of cryptography group in canton election
The Swiss canton of Basel-Stadt had an election. And the election included some evoting, a system being piloted to help people to vote who are living abroad or who are disabled.
Guess what!
THREE USB sticks supplied with decrypt keys failed to work, and 2,048 ballots could not be counted. The ballots are too small a number to affect any results as they represent less than 4% of the votes cast.
Basel-Stadt election officials have delayed announcing election results, and an investigation has been begun.
Gee, if only they'd also written the keys down on CDs or DVDs. Oh, wait! Computers don't have optical media drives anymore. And it's not really best practices to send decrypt keys via email or cloud services.
NEVER EVER EVER treat USB sticks as permanent media! If you copy a file onto one to move it to another computer, copy it off ASAP! They will fail, and at the worst possible moment. I carry a 512 gig USB stick on my key ring, it's very cool with both USB-C and USB-A ends on it: very useful. But if it fails some day - AND I EXPECT IT TO - not a big deal.
Now, let's talk about the number of ballots that can't be decrypted: 2,048. This is a very curious number to report, because it's a very important number in computers: it's a power of two. Computers only know two numbers: zero and one. Everything is based on binary powers of two: 1, 2, 4, 8, etc. 2048 is 2 to the 11th power. It suggests that this may not be a problem with the USB keys, but rather with the encryption software itself. The implication that I got from the Register article was that the USB keys could be read, but the decrypt key didn't work. Keys usually have built-in checksum, which is a mathematical computation that ensures that the info that you're storing hasn't been tampered with. It's just like your credit card numbers: you can instantly verify that it's a valid credit card number (and it's actually a pretty cool formula, you can look it up). You recompute the checksum, preferably comparing it to a second copy, and it tells you if the key has been tampered with. The article didn't go into this detail.
So let's talk about integer overflow! Every piece of information is represented, ultimately, in binary. Am 8-bit binary number - a byte - can hold a maximum value of 255. That's all eight bits turned on: 1 + 2 + 4 + 8 + 16 + 32 + 64 + 128. What happens when you add one to that number? The obvious answer is that it becomes 256, but that can't happen. It's one byte, eight bits. To represent 256, you need nine bits, we only have eight. You now have an overflow situation. Sometimes the byte flips to -255, sometimes the program just flat-out crashes. You can't say with certainty without more information: what language was used, what compiler, etc.
A problem with some computers was that an overflow could cause the program to write into memory that was not supposed to be accessible to it, which could potentially cause a computer crash. The fun stuff was when hackers figured out how to make programs READ memory where they weren't supposed to: this allowed them into areas that the operating system programmers didn't anticipate and allowed the lifting of system passwords and all sorts of fun stuff! But that was in the past, operating systems are somewhat better designed now.
One VERY famous example of integer overflow was the Sid Meier's game Civilization and Nuclear Gandhi. In the game, as in life, Gandhi as a country's leader, was a peaceful guy and not militarily aggressive. In the game's code, there was a hostility counter, which was a small integer, I don't remember how big it was, let's say it was four bits, for a maximum value of 15 (1+2+4+8). 15 was maximum peaceful civilization. -15 was maximum war state, 'gonna nuke your ass' mentality. The programmers forgot to do a bounds check on that variable, and if India was at 15, and something increased it by 1, rather than ignoring the increase since they were already at Nirvana, it overflowed to -15 and they went total rage-monster and started throwing nukes at all their neighbors. Nuclear Gandhi.
Encryption programs are REALLY complicated! With 2048 being a binary power of two, it's quite possible that there is some sort of subtle bug lurking in the encryption code that didn't show in testing that's preventing the decrypt keys from working, and that it's not actually failed USB keys.
But still, my advice holds: do not trust USB keys for permanent - or critical! - storage.
https://www.theregister.com/2026/03/11/swiss_evote_usb_snafu/
https://it.slashdot.org/story/26/03/11/1953224/swiss-e-voting-pilot-cant-count-2048-ballots-after-usb-keys-fail-to-decrypt-them
Guess what!
THREE USB sticks supplied with decrypt keys failed to work, and 2,048 ballots could not be counted. The ballots are too small a number to affect any results as they represent less than 4% of the votes cast.
Basel-Stadt election officials have delayed announcing election results, and an investigation has been begun.
Gee, if only they'd also written the keys down on CDs or DVDs. Oh, wait! Computers don't have optical media drives anymore. And it's not really best practices to send decrypt keys via email or cloud services.
NEVER EVER EVER treat USB sticks as permanent media! If you copy a file onto one to move it to another computer, copy it off ASAP! They will fail, and at the worst possible moment. I carry a 512 gig USB stick on my key ring, it's very cool with both USB-C and USB-A ends on it: very useful. But if it fails some day - AND I EXPECT IT TO - not a big deal.
Now, let's talk about the number of ballots that can't be decrypted: 2,048. This is a very curious number to report, because it's a very important number in computers: it's a power of two. Computers only know two numbers: zero and one. Everything is based on binary powers of two: 1, 2, 4, 8, etc. 2048 is 2 to the 11th power. It suggests that this may not be a problem with the USB keys, but rather with the encryption software itself. The implication that I got from the Register article was that the USB keys could be read, but the decrypt key didn't work. Keys usually have built-in checksum, which is a mathematical computation that ensures that the info that you're storing hasn't been tampered with. It's just like your credit card numbers: you can instantly verify that it's a valid credit card number (and it's actually a pretty cool formula, you can look it up). You recompute the checksum, preferably comparing it to a second copy, and it tells you if the key has been tampered with. The article didn't go into this detail.
So let's talk about integer overflow! Every piece of information is represented, ultimately, in binary. Am 8-bit binary number - a byte - can hold a maximum value of 255. That's all eight bits turned on: 1 + 2 + 4 + 8 + 16 + 32 + 64 + 128. What happens when you add one to that number? The obvious answer is that it becomes 256, but that can't happen. It's one byte, eight bits. To represent 256, you need nine bits, we only have eight. You now have an overflow situation. Sometimes the byte flips to -255, sometimes the program just flat-out crashes. You can't say with certainty without more information: what language was used, what compiler, etc.
A problem with some computers was that an overflow could cause the program to write into memory that was not supposed to be accessible to it, which could potentially cause a computer crash. The fun stuff was when hackers figured out how to make programs READ memory where they weren't supposed to: this allowed them into areas that the operating system programmers didn't anticipate and allowed the lifting of system passwords and all sorts of fun stuff! But that was in the past, operating systems are somewhat better designed now.
One VERY famous example of integer overflow was the Sid Meier's game Civilization and Nuclear Gandhi. In the game, as in life, Gandhi as a country's leader, was a peaceful guy and not militarily aggressive. In the game's code, there was a hostility counter, which was a small integer, I don't remember how big it was, let's say it was four bits, for a maximum value of 15 (1+2+4+8). 15 was maximum peaceful civilization. -15 was maximum war state, 'gonna nuke your ass' mentality. The programmers forgot to do a bounds check on that variable, and if India was at 15, and something increased it by 1, rather than ignoring the increase since they were already at Nirvana, it overflowed to -15 and they went total rage-monster and started throwing nukes at all their neighbors. Nuclear Gandhi.
Encryption programs are REALLY complicated! With 2048 being a binary power of two, it's quite possible that there is some sort of subtle bug lurking in the encryption code that didn't show in testing that's preventing the decrypt keys from working, and that it's not actually failed USB keys.
But still, my advice holds: do not trust USB keys for permanent - or critical! - storage.
https://www.theregister.com/2026/03/11/swiss_evote_usb_snafu/
https://it.slashdot.org/story/26/03/11/1953224/swiss-e-voting-pilot-cant-count-2048-ballots-after-usb-keys-fail-to-decrypt-them
no subject
The issue has to do with the software counting the number of axles on a train. When it hit 256 axles, the train would vanish.
The solution was not to fix the software -- that would cost money! -- but to limit all trains to having 255 or less axles.
no subject
Hah! Yeah, clearly an overflow issue. How funny! I have Humble Pi, haven't gotten around to reading it. I'll have to move it up my priority list.
no subject
no subject
Slightly off track, when I was first in the military, we still had C-rations (rations in cans), and there was a small, folding, metal can opener (called a P38) which could go on your dog tag chain. Shortly afterwards, we changed to MRE's, but I still kept the P38 on my dog tags. When USB keys started to be widely used, I then hung one of those on my tags to show I covered both eras.
no subject
Heh! Very cute. I owned a Walther P38 at one time, it probably wouldn't be comfortable to hang from your dog tags chain.
no subject
James Bond fantaisies? (Actually Walther PPK iirr)
no subject
I also owned a PPK. Both were excellent guns, VERY simple to take apart and clean. A Beretta 25 was the original Bond gun in the books, then later a PPK. In the movies it has varied.
no subject
no subject
You are making me very angry, verrrrry angry indeed.
no subject
And even then, do you trust the machines doing the counting?
Hugs, Jon
no subject
Paper ballots are sampled, i.e. hand-counted, to see that they statistically match outcomes. They also verify counts of people who sign the books vs what the tabulator counts. It's about the easiest and most practical solution that can be done.
no subject
And I know I may be an old fart, but I also don't support Rank Choice voting that's getting pushed here.
Not sure if both Parties are pushing or if it's just the Democrats.
no subject
I can't see the GOP supporting it because it can increase the awareness of parties outside the Big Two. You can vote for a third-party candidate as your #1 because you know they can't win. They're eliminated first round, your vote drops to your #2.
This two-party system needs to be up-ended. BIGLY. So does the "debate" system since it isn't an actual debate, just a moderated Q&A prime time event.
no subject
I couldn't agree more on the laughable debate system we have.
Currently involves no debate, just talking points and attempting to talk over each other.
no subject
I think you're mistaken on ranked choice voting. Let's say your candidate voting choices are Gary Green, Ronny Republican, Carl Communist, Danny Dem, and Sally Social. You've got five people on the ballot. You don't have to vote for all five. Just for discussion's sake, you like the Green candidate, but you know they won't win. So you rank Gary #1 and Danny #2. And that's all you mark on your ballot. Gary doesn't make it past the first round, so your vote is transferred to Danny. And that's where it stays. Maybe Some people voted Gary/Sally/Danny. If Sally didn't make it past the first round, their vote pops to Danny, or maybe it takes the third round of processing for the vote to transfer. But in the end, all of the votes for that particular race still equals the number of people who voted, it just looks weird as the processing goes on - but every round the number of votes assigned equals the number of people who voted. As I said, it provides an instant run-off: there will be two candidates in the end and one will have a majority of the votes. That part of the mechanism is very elegant. But I think implementing RCV requires the electorate to be educated for it, and our electorate doesn't want to be educated.
no subject
I guess I would rather vote for my guy and take my chances the correct person wins.
Don't know if I am making sense for anybody but me. LOL..........
no subject
I'm still fond of paper ballots, or at least, paper trails of ballots, so that one can be assured that the thing that you input into the machine is what the machine actually tabulated and recorded. A receipt from an e-vote that you could then bring to the in-person space in case of dispute is the best idea if you're going to do entirely electronic voting.
But I also live somewhere that sensibly uses mail-in voting for everyone as their paper option, and that's pretty good, too.