Copy link
Increase text size
Decrease text size
Link copied

Moscow’s blockchain-based polling system has a bug that can expose how people voted, claims research

Journalists revealed that there is a vulnerability in Moscow's new blockchain-based polling system.

Image by Michael Siebert from Pixabay

Fri, 03 Jul 2020, 07:38 am UTC

Russia’s new blockchain-based polling system might not be as secure as previously assumed. A recent report revealed that there is a bug in the system, one that might be exploited to allow a third party to view how people voted.

Russian journalists discovered a vulnerability in Moscow’s blockchain-based polling system, according to Coindesk. If exploited, users’ votes could be decrypted revealing the way how they voted in the election.

The bug was reported on Wednesday by Meduza, a Russian online newspaper based in Riga. Meduza published research claiming that by using the HTML code of the electronic ballot, the decryption keys for the votes can be retrieved as well.

From June 25 to July 1, 2020, Russian citizens voted on whether or not they approve of the proposed constitutional amendments. One of the changes is the removal of the two-term restriction for the Russian presidency, which would allow Vladimir Putin to stay in power until 2036.

Residents in the region of Nizhny Novgorod and Moscow had the option to cast their votes electronically. In Moscow’s case, the city’s Department of Information Technologies and Kaspersky Lab created a polling system that recorded votes on an Exonum-based blockchain system.

Poll data was encrypted using TweetNaCl.js cryptographic library for security and to keep the electronic votes confidential. According to Meduza, the system used a deterministic algorithm which meant that it would generate the same cryptographic key if a similar input data.

Since the 2020 Russian constitutional referendum basically asked citizens to either vote “Yes” or “No,” there are two universally used keys in the system. Meduza claimed that it was able to decode voting data published in CSV files by the Department of Information Technologies using the two keys.

Publishing the CSV files was meant for use by independent observers so they can verify the vote count. But Meduza’s discovery meant that third parties can check how a particular person voted, which could mean that voters “may be pressured to vote a certain way in future polls.”

However, the Department of Information Technologies contradicted Meduza’s report. The department’s representative Artyom Kostyrko explained that “people can only decode their own votes on their own devices,” which is opposite to the publication’s claim that one can decode any vote with the same cryptographic keys.

TokenPost | [email protected]

<Copyright © TokenPost. All Rights Reserved. >

To leave a comment, please sign in.
  • Nicky
  • 2020.07.07 08:17:57
☑️☑️ ☑️ DO YOU WANT TO RECOVER YOUR LOST FUNDS ON CAPITAL INVESTMENTS, BITCOIN INVESTMENTS, BINARY OPTIONS, LOANS AND OTHER SCAM TRADING INVESTMENTS ??? TAKE YOUR TIME TO READ

☑️ The COMPOSITE CYBER SECURITY SPECIALISTS have received numerous complaints of fraud associated with websites that offers opportunities for Capital Investments, bitcoin investments and Trading on an Internet-based trading platforms. Most Of The complaints falls into these Two categories:
1. Refusal to credit customers accounts or reimburse funds to customers:
These complaints typically involve customers who have deposited money into their trading or investment account and who are then encouraged by “brokers” over the telephone to deposit additional funds into the customer account. When customers later attempt to withdraw their original deposit or the return they have been promised, the trading platforms allegedly cancels customers’ withdrawal requests, refuse to credit their accounts, or ignore their telephone calls and emails.

2. Manipulation of software to generate losing trades:
These complaints alleged that the Internet-based Investment and trading platforms manipulate the trading software to distort the Trading prices and payouts in order to ensure that the trade results in a Loss. For example, when a customer’s trade is “winning,” the countdown to expiration is extended arbitrarily until the trade becomes a loss.

☑️ Most people have lost their hard earned money through Scam Investments And Trading, yet they would go and meet fake recovery Experts unknowingly to help them recover their money and they would end up losing more money in the process. Guys to be Truthful with you, It’s Only Cyber Security Specialists that are capable of recovering your Funds, and This Is Basically why we (COMPOSITE CYBER SECURITY SPECIALISTS) have come to y’all victim’s rescue. The clue is most of these Brokers have weak Database security, and their vulnerabilities can be exploited easily with the Help of our Special HackTools, Root HackTools And Technical Hacking Strategies because they wouldn’t wanna conduct Bug bounty Programs which would have helped strengthen and protect their Database from Unauthorized accesses, So all our specialists do is to hack into the Broker’s Database Using Technical Hacking Methods and Strategies, Decrypt your Transaction Details, Trace the Routes of your Deposited Funds, Then some Technical Hacking Algorithms & Execution follows then you have your money recovered ✔️

☑️All our Specialists are well experienced in their various niches with Great Skills, Technical Hacking Strategies And Positive Online Reputations And Recommendations
They hail from a proven track record and have cracked even the toughest of barriers to intrude and capture all relevant data needed by our Clients.
We have Digital Forensic Specialists, Certified Ethical Hackers, Software Engineers, Cyber Security Experts, Private investigators and more. Our Goal is to make your digital life secure, safe and hassle free by Linking you Up With these great Professionals such as JACK CABLE, ARNE SWINNEN, SEAN MELIA, DAWID CZAGAN, BEN SADEGHIPOUR And More. These Professionals are Well Reserved Professionals who are always ready to Handle your job with great energy and swift response so that your problems can be solved very quickly.

☑️ Also, If You Have NON-SPENDABLE BITCOINS And wish To Activate It To SPENDABLE, Don’t Hesitate to reach Out To Us

✅ COMPOSITE CYBER SECURITY SPECIALISTS are Basically the ANSWERS to your PRAYERS.

CONTACT US TODAY:
Email:
[email protected]


☑️ We Also Have a Separate Team that Provides-LEGIT HACKING SERVICES SUCH AS:
▪️ WEBSITE AND DATABASE HACKING
▪️ CREDIT REPAIR.
▪️ PHONE HACKING & CLONING
▪️ SOCIAL MEDIA ACCOUNTS HACKING
▪️LOCATION TRACKING
▪️BITCOIN MINING And More.


CONTACT:
Email:
[email protected]


2020 © composite cybersecurity specialists
Want faster service? Contact us!
All Rights Reserved ®️
  • 0
  • ·
  • 0
  • delapaz
  • 2020.07.07 06:12:35
RECOVERY OF STOLEN BITCOIN RECOVERY OF LOST MONEY TO SCAMMER LEGIT RECOVERY EXPERT REFERRAL Have  you ever been a victim of a scam?  or have you lost your money to fake hackers online? I implore you to contact this trustworthy hacker and   recovery expert [email protected] , I was a victim of fake people posing as  binary options and bitcoin investors,  I lost a sum of $4,000 and 2BTC from my bitcoin wallet to these fakes. it took a while before I realized they were scams and this really hurt me. Then an in-law of mine heard about it and recommended to me a specialist with the address -  [email protected]  . He helped me recover my lost bitcoins  in less than 72hrs  and the fakes were caught and made to pay for what they did to me .if you have lost any amount to online scams and you're seeking to recover them, in fake hackers,  online dating scams,btc wallet hack, fake binary investors  .Reach out to Quadhacked  to help you ,and you will be so glad you did so, best believe .
  • 1
  • ·
  • 0
More
  • Bitcoin (BTC) $11,759.90 (-0.18%)
  • Ethereum (ETH) $389.80 (-1.25%)
  • XRP (XRP) $0.224600 (+0.84%)
  • Bitcoin Cash (BCH) $308.09 (-3.54%)
  • Bitcoin SV (BSV) $232.76 (-2.35%)
  • Bitcoin (BTC) $11,759.90 (-0.18%)
Feb 21, 2020 (Friday)
12:01
Paxos launches blockchain-based securities settlement solution with Credit Suisse and Instinet
12:00
Brazil to launch new payment system in response to cryptocurrencies
11:59
Digital currency exchange Coinbase Pro lists Kyber Network token
11:57
Norwegian Air to soon start accepting crypto payments
10:21
Swedish central bank begins CBDC pilot with Accenture
09:51
Italian soccer team Juventus launches ethereum-based digital collectibles with Sorare
Feb 20, 2020 (Thursday)
14:16
Telecom companies complete cross-carrier mobile payments using blockchain
11:53
National Stock Exchange of Australia to develop DLT-based digital securities trading platform
11:00
South Korean ICO project discontinued, to return $7.5M to token holders
10:36
Samsung maintains crypto support in soon-to-launch Galaxy S20
09:41
BIS appoints Innovation Hub heads to lead Singapore and Switzerland
09:15
Coinbase becomes first crypto company to receive Visa principal membership
08:59
Dubai Economy and six banks launch KYC Blockchain Consortium
08:26
Crypto Technicals: ETH/USD under downside pressure after 'Bearish Engulfing' pattern
07:12
Tim Draper buys $1M worth of Aragon Tokens to create digital courts for DAOs
06:13
Renewable energy firm Acciona commits to take CBI’s blockchain-based carbon credits trading platform global
05:02
Crypto Technicals: BTC/USD trades below 21-EMA, break below 4H 200 MA (9386) to trigger further downside
04:56
Crypto exchange Coinfloor to launch a simplified bitcoin buying service
04:35
Indonesia’s customs department joins IBM- Maersk blockchain shipping platform “TradeLens”
Feb 19, 2020 (Wednesday)
12:46
Crypto custodian BitGo acquires digital securities startup Harbor
Subscribe to the TokenPost newsletter!
Don't show me this again today.
Back to top
Copyright ⓒ TokenPost. All Rights Reserved.
PUBLISHsoft