Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon

Switzerland launches a bug bounty program ‘Public Intrusion test’ to find vulnerabilities in its E-Voting systems

Save for later
  • 2 min read
  • 12 Feb 2019

article-image

Switzerland’s national postal service, Swiss Post, says that it has developed a fully verifiable system that can make e-voting widely available in the country. Yesterday, Swiss Post announced that it is launching a bug bounty program, in which hackers from all over the globe can participate to conduct penetration testing on both the frontend and backend of the e-voting system. The program, called as Public Intrusion test (PIT), will be conducted between February 25 and March 24. White hat hackers can sign up on onlinevote-pit.ch to participate. The security of the e-voting system has already been pen-tested and certified under the legal framework of the Swiss Confederation.

Hackers who discover vulnerabilities that can be exploited to manipulate votes--without being detected by voters and auditors--will be rewarded between $30,000 and $50,000. Server-side loopholes that give an attacker the information of who voted and what they voted will be rewarded up to $10,000. Vote corruption issues are worth $5,000 and $100 will be paid out for server configuration weaknesses. Source code vulnerabilities must be reported by the ethical hackers separately if they cannot be exploited against the test system.

All-in-all, out of the total $250,000 allocated for this project by the government, $100,000 will go to the Swiss cybersecurity firm that helps run the bug bounty program, and the rest could go to the researchers who find vulnerabilities. After finding the vulnerability, participants can then go ahead and make their findings public.

The bug bounty program is open to anyone and the e-voting system is only available in German, French, Italian and Romansh – there is no English version. Researchers who take part in the PIT project will also be given voting cards for testing purposes, but they will be sent electronically.

You can head over to E-Voting PIT to know more about the terms of this program.


EuroPython Society announces the ‘Guido van Rossum Core Developer Grant’ program to honor Python core developers

Microsoft announces Azure DevOps bounty program

Hyatt Hotels launches public bug bounty program with HackerOne

Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at $19.99/month. Cancel anytime