TSE Releases Electronic Voting Machine Security Test Results
The Superior Electoral Court (TSE) announced today (29) the result of the Public Security Test (TPS) of the electronic system for the 2022 elections. electronics. The test is a standard procedure carried out since 2009.
According to the president of the TSE, Minister Luís Roberto Barroso, investigators found five vulnerable points, called “findings”, in the system. However, there was no successful attack on the software responsible for the operation of the ballot box and the application responsible for storing the names of voters and candidates.
Public Electronic Voting System Safety Test - TSE - Abdias Pinheiro/SECOM/TSE
“None of them are truly serious, considering anything that has the potential to affect the outcome of the election. Nobody was able to break into the system and pose a risk to the election result," he said.
Attempts to circumvent the security system occur through the availability of the source code, a procedure in which the court gives participants the key to the programming of the machines that make up the ballot box, such as the components that perform the reception, transmission and counting of votes .
During the tests, Federal Police (PF) investigators entered the TSE's data network, but were unable to alter system data.
Public Safety Test - Electronic voting machines - TSE - Abdias Pinheiro/ASCOM/TSE.
Other teams of investigators considered that it would be possible to introduce a fake panel in front of the ballot box in order to break the secrecy of the vote. In addition, the secrecy of the vote of people with visual impairments could also be broken in the case of coupling a bluetooth device to the headphone output.
In one of the attacks it was possible to unscramble the ballot paper, a document printed at the end of the voting. In the TSE's assessment, despite the vulnerability, the eventual attack would not bring any problems, because the bulletin's data are public and distributed to party inspectors.
Investigators also managed to bypass a security barrier in data transmission, but were blocked by another security port on the court's network.
According to the president of the TSE, from now on, the vulnerabilities found will be fixed and, in May 2022, the investigations that found the problems will return to test the fixes.
“That's what we do the security test for. With each election, with each passing year, the attack mechanisms become more sophisticated, and we use these attacks to sophisticate our own defense mechanisms”, commented Barroso.
The first phase of the voting security check procedures was carried out in October of this year, when the TSE held an opening ceremony of the source codes of electoral systems.
Text translated using artificial intelligence.
