Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Argentina finds messenger to shoot after e-vote vuln allegations

Programmer says he was raided for Tweeting

Argentinian police have reportedly raided a programmer who went public with vulnerabilities in the electronic voting system used in Buenos Aires elections last June.

Joaquín Sorianello has told La Nacion that police raided both his home and that of a friend, looking for computers and storage devices.

Argentina's e-voting system comprises a terminal that prints out a ballot (tagged with an RFID chip), and a separate communications terminal to send votes for counting.

Security problems in the system have reached GitHub here (discussed here) and include poor security and the chance to cast multiple votes.

The flaws hit the media ten days after the election, with the most serious being SSL keys being held on an unsecured server.

As the GitHub description notes, the SSL certificates were “available through a public HTTP server, no password” and that they were obtained through wget.

“These certs are used after the election to send the result of each e-voting machine to the main computing centre where all votes are summed up.”

It seems that Sorianello is being arrested not for finding the bugs or hacking the system, but for passing on the Twitter-stream of a locked Twitter account @fraudvoter. Sorianello denied any wrongdoing to La Nacion.

He also made what appears to be a big mistake: having seen information about the flaws, Sorianello contact the company in charge of the systems to warn them.

"If I wanted to hack or do something harmful I would not have told the company", he said to La Nacion.

Sroianello Tweets as @_joac. ®

 

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like