nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Netherlands reverts to hand-counted votes to quell security fears

Windows XP? SHA-1? USB sneakernet? What were they thinking? Or smoking?

By Richard Chirgwin, 2 Feb 2017

The Netherlands has decided its vote-counting software isn't ready for prime time, and will revert to hand-counted votes for its March 15 election.

The voteare's security came under question when Dutch security bod Sijmen Ruwhof told local newscaster RTL Nieuws that the average iPad is more secure than the electoral software, called OSV.

He warned that Windows XP is still used for some installations of the system, and in his own blog notes that known-to-be-dud SHA-1 was also employed. He also claimed that unsecured USB sticks would be used to move electoral data.

In a letter sent to the House of Representatives, Minister of the Interior Dr. Roland Plasterk says votes won't even be entrusted to USB keys: they will be counted at polling stations, with paper reports passed up to the municipality level, then on to aggregating locations, and finally to the country's Electoral Council.

“I've stated that the Cabinet cannot rule out state actors benefiting from influencing the political decision-making process and public opinion in the Netherlands, and deploying means to attempt to achieve this influence”, Plasterk's letter says.

Plasterk's letter says until this decision was made, the software had been used to count votes for all steps after the polling station counts.

Using the software in the March election would “lead to the persistence of publications about the reliability of the software” and erode trust in the election result.

The government has asked Fox-IT to review the software for vulnerabilities. ®

The Register - Independent news and views for the tech community. Part of Situation Publishing