TL; Dr
- The Bundestag election on February 23 requires extensive organization and software support.
- Experts from the Chaos Computer Club (CCC) warn of problems with the election software on election evening, which could temporarily deliver false seat distributions.
- The federal election manager believes in the safety of the software, but there is inconsistencies about the actual security and handling of the software.
- The CCC requires an improvement in software security standards, while rejecting online elections as too risky.
- The responsible Votegroup GmbH dominates the electoral software market in Germany, which raises concerns about poor competition.
The upcoming Bundestag election on February 23rdbrings enormous effort with it - both financially, personnel and organizational. Even though the choice itself runs by boxes of boxes on paper and is counted by hand, software is used in the transmission and processing of the data. This is irreplaceable, especially for the rapid finding of results on the election evening.
However, the experts report from the Chaos Computer Clubs (CCC) provide:The end result is certainly determined correctly, but on the election evening, problems with the software used could lead to the wrong seat distribution in the Bundestag for several days. This would have to be corrected afterwards. The result would be further loss of trust in democracy.
The CCC sees the causes in:
- Poor requirements by responsible authorities
- Market control (quasi-monopoly) of an individual
Different versions of election software are used across Germany, but they are all products of a company, Votegegroup GmbH.
We spoke to Linus Neumann from CCC. Furthermore, you will find the reaction of the federal election manager in a box below, to the fears and allegations by the CCC.
Linus Neumannis a spokesman for the CCC. Together with his hacker colleague Thorsten Schröder, he has one a few weeks ago at the 38th Congress of the CCCLecture gave. In this detail, they respond to the problems and also illuminate where in the past there have been proven to be mistakes when using the Votegegroup software.
Interview with Linus Neumann
Mr. Neumann, could you sign the following? The choice is safe. The authorities have done everything reasonable and legally required to secure them analogously and digitally.
No, unfortunately I can't sign that. It would not only have been reasonable, but also necessary to formulate technical requirements for evaluating software. Unfortunately, this did not happen - not even after we demonstrated hair -raising weaknesses and catastrophic attacks in 2017.
What exactly is the software used for and is a correct end result in danger?
Not, no. Ultimately, all results are checked for multiple because of. So we will have a correct election result - the only question is when and how much trust on the way is falling by the wayside. The software distributed by the Votegegroup is used for fast registrations. This is the first transmission of the results by phone or in this case via the Internet, and its evaluation. Each single polling station will pass on its results on the election evening.
So the quick reports are the basis for all official information to which the media refer to in the evening?
Yes, exactly at the time when most people are right, how the choice went out and the emotions cook up, she almost becomes a secret star. With it, all numbers regarding gains, losses, seat distributions and so on to the television, radios, cell phones and tablets get to the television. Possible coalitions are also explored on their basis.
Errors and technical problems occur again and again, such asExample 2024 in Saxonywhere the seat distribution was calculated incorrectly. Occasionally local failures are also troubled by the election managers.
Before we come to the software. There can be several days or even weeks between this preliminary official result and the final. If there are discrepancies on the way, would seats in the Bundestag be distributed differently than specified on the election evening?
Exactly, like last in SaxonyAfter the recent state election. The AfD and CDU have lost, Greens and SPD won. You can imagine what such corrections do afterwards with trust in the votes. Only calculation errors were responsible in Saxony, the number of votes was transferred correctly. However, they could be changed by a targeted attack. The damage to our democracy would certainly be immense if, for example, safe majorities were corrected 14 days later.
What problems have you identified for yourself?
The software currently used by us is catastrophically programmed. Hanebüche technical solutions can be found everywhere. Peculiar programming practices should not be tolerated in such a product because they offer the area of the attack. The many ways to configure the software are also tragic. In the worst case, an attacker only has to advise two numbers to results in resultssign
to be able to.
Other in the lecture linked above by Linus Neumann and Thorsten Schröder addressed criticisms:
- Passwords can be read.
- Passwords are guided or similar or even identical between individual computers.
- Long -term initial initiating at the start of the program could irritate users and is unnecessarily lengthy.
- Eugen -willing solutions, such as even programmed encryption, which does not meet the standard of industry.
- No open source approach. If the existence, then (security) problems could be found in advance by external and with their help.
What is such a signature for?
A digital signature guarantees that (a) the content is unchanged and (b) comes from a trustworthy source. It is a test sum that is created and checked with cryptographic keys. You cannot manipulate digitally signed data without noticing it.
Upon request, the federal election manager stated that the software you examine is used exclusively in local elections in a federal state ...
The presentation that the software we tested wouldOnly for a local election
used is definitely wrong. In the productelect
distinguishes the Votegegroup inWes election system
andWhat election evaluation system
. Every relevant software provided by third parties comes from the Votegegroup.
The federal election manager explains on request:
- The choice is decentrally organized in Germany. The countries, circles and municipalities are free in their decision when using software for election processing and do not have to report them to the federal election manager.
- There has been a concentration on a few manufacturers of election software.
- The Votegegroup provides the software that is used to accept the state results and the summary of the federal result. This also includes the calculation of the seat distribution in the next Bundestag.
- In tests, technical and technical scenarios were tested to ensure the functionality of the software and processes. The basis for this is the "BSI-Webcheck"As well as the current status of" "IT basic protection"des Bsi.
The Federal Election Manager's answer to the question:Do you guarantee and the BSI for digital security in the upcoming Bundestag election?
In short:There are plausibility tests in several places during the "quick registration phase" on election evening. The final election result is determined on the basis of the electoral writings - i.e. based on physical documents. The federal election manager is convinced of both technical and technical security and functionality of the software used.
The complete answer:
Click out
The tasks of the federal election manager are the proper preparation and implementation of the election and the determination of the election result. In the preliminary election result, when the results are sent in an electronic way between the individual levels from the constituency to municipalities, circles, countries and the Federal Election Manager, the plausibility tests are always carried out. In the case of unplausible reports, the level below is due to feedback.
For the determination of the final result, the federal election manager receives all the voting of the district and state election committees in the original. The final election result is determined on the basis of the electoral writings - i.e. based on physical documents.
Of course, IT is also used here in certain places. In this way, the multi -stage calculation of the seat allocation takes place. For this purpose, the federal election manager has developed its own manual procedures that are used in terms of technology and multi -stage. The final result determined with these tools based on the original rod writings is also verified by means of the election software developed on behalf of the federal election manager.
By using the ballot papers and the creation of the writings by the election committees that determine the result, all individual steps can be carried out manually if necessary, but also the entire determination of results. In addition, checking the result is possible at any time. In principle, the minutes will be kept up to 60 days before the next election.
As part of tests, the federal election manager checks the interaction between the countries and the federal election manager intensively before each election. Both technical and various technical scenarios are played through. This ensures that the process for determining the provisional result is technically correct and the processes work safely and reliably.
The federal election manager is convinced of both technical and technical security and functionality of the software used. This is regularly checked in various test formats (BSI web checks and tests between the countries and the federal election manager).
Is there no competition for the Votegegroup?
No real, no. She has in recent yearsAll relevant providers bought on the electoral software market. There are still small solutions in isolated areas, but a large part of the German votes is in the hands of the Votegegroup. As a result, the company no longer has a relevant competition and accordingly there is no reason to improve the products.
The same applies, for example, to the Netherlands, where another branch of the same software is in use. It seems to me that this is used to give the impression that it is completely different software. Of course, this is not the case and would also be business madness.
Do the Netherlands have stricter requirements for election software?
Yes, harder guidelines have been formulated in the Netherlands, and the Votegegroup has met them, what should it do? Germany prefers to be dancing on the nose. Does it have to do with the fact that parts of the Votegegroup are in regional possessions?
Are you assuming that German municipalities earn in the lack of quality and protection of the choice in digital?
I don't assume that, that's the way it is. However, “earning” is a big word. The profit distributions to the municipalities are quite clear in terms of sales and profits. In addition, the money must also be paid by the municipalities beforehand. So the public sector makes a lot of minus. If you want to know more about it,finds a detailed presentation in network policy.
Do you know how the deficiencies discovered should be used if you had time, money, personnel and the will?
In order to have a significant influence in a federal election, a coordinated procedure would be necessary on a broad front. Thorsten Schröder and I couldn't do that in our free time. For an attacker with state funds, however, it would be more of a small side project. By the way, it's not thatSince 2017, warns that Russia hack electionswould want. I only look at the infrastructure since the federal governments warn of this danger.
So is our lack of digitization ultimately our strongest protection against manipulated elections? I mean if we imagine such software in even more extensive responsibility ...
Binding more and more risk to the software is of course the only way to grow for the Votegegroup. Therefore, the managing directors are already looking at online elections.
We also sent the Votegegroup a comprehensive questionnaire that was not answered until the time of going to press.
Would you even advise you to keep official elections online, even with optimal software?
No, definitely not. The risks would always be too big. Paper elections, regardless of whether by post or in person, are more secure and no digital solution will ever come. The main decisive factor is that all significant steps of the election process for the voters are understandable. This is simply not the case with online systems.
