Online voting system code published on GitHub: Check your election hacking skills by finding flaws

Application security specialists report that the source code of a Russian remote voting system was published on GitHub. Considering that GitHub is the largest platform for hosting IT projects, access is being provided to all users interested in familiarizing themselves with this code, learning how it works and making sure that the electoral process will be completely secure and reliable.  

According to Alexander Malkevich of the working group of the Public House of the Russian Federation for monitoring electronic voting systems, the publication of the source code is due to the many concerns generated by its implementation: “We want to solve some problems at once; First of all, we hope that researchers will help us fix potential vulnerabilities,” Malkevich says.

La imagen tiene un atributo ALT vacío; su nombre de archivo es russiancode09092020.jpg

However, application security experts report that the main goal is for people to verify that this electronic voting system is fully functional and works correctly, in an unprecedented attempt to demonstrate openness in a nation’s democratic processes.

Rostelecom, Russia’s leading Internet service provider published on GitHub the source code for the main components of the voting system:

  • Counting servers
  • Smart contracts
  • Portal front end (including front-end libraries)

As noted above, this voting system is operated with blockchain technology: “Blockchain technology solves some problems; its main task is to ensure the invariability of information, ensuring the information of each vote, voter lists, encryption keys and other key aspects,” Malkevich reports.

It should be noted that only votes from citizens previously registered in the system will be accepted within a period of time to expire. In this way, the Russian Federation seeks to ensure confidentiality in the electoral process and to maintain social distancing measures for the fight against the pandemic. The Russian Federation also developed a special tool for election observers, which will allow them to monitor all transactions on the blockchain network in real time.