Swiss government invites public to find holes in e-voting system

Switzerland's federal government has thrown down the virtual gauntlet and asked the public to hack its e-voting system, in an attempt at complying with the transparency requirements for it.

The Public Intrusion Test (PIT) is open to anyone, and offers large cash rewards for those who find vulnerabilities and report them to the Swiss government.

Individual vote manipulation that's undetectable by votes and trusted auditors will earn testers a minimum of 30,000 Swiss francs (A$42,165), and up to CHF 50,000 (A$72,268) if it's scalable to many ballots.

A smaller bounty of CHF 20,000 is paid for manipulation of individual votes after they've been cast, and the alteration is detected by trusted auditors. Elector privacy breaches earn hackers CHF 10,000, and vote corruption nets CHF 5,000 - the latter incluse "destruction of the electronic ballot box" as well.

In total, 150,000 Swiss franc are on the table between February 25 to March 24 Central European Time and beyond a limited number of single-use voting cards required for the system, any number of participants are allowed.

Swiss Post that runs the e-voting system has also published the source code for it and made it publicly available to registered users with Gitlab accounts.

Any vulnerabilities found in the source code won't be accepted as part of the PIT however, and have to be reported separately.

The public-facing link to the e-voting service instance to test is pit.evoting-test.ch and the administrative site is pit-admin.evoting-test.ch.