European Parliament Election 2009

June 7th, 2009 | by Stefan Esser |

Today there is the european parliament election 2009 in germany and around 11:55 I went to the St. Nikolaus elementary school here in cologne to vote. For me it was the first time to vote in this district and therefore I was happy that several other people were heading in the same direction, which allowed me to just follow them.

Once in the building there were lots of signs directing you to the room. And then something happened that makes you really wonder about the strength of our system. I gave the letter that contains the invitation to vote (Wahlbenachrichtigung) to the girl sitting behind the desk and she started looking me up in their book.

After she found me I was allowed to vote. They did not check my id or my passport.

So in my district you can obviously vote for others just by stealing their letter of invitation…

  1. 10 Responses to “European Parliament Election 2009”

  2. By Uroš on Jun 7, 2009 | Reply

    In Slovenia is enough that somebody from commission knows you.

  3. By Johann on Jun 7, 2009 | Reply

    The same here in Düsseldorf :(

  4. By Roberto Scaccia on Jun 7, 2009 | Reply

    In italy it doesn’t happen. Every time I go to vote, they ask me the passport and the identification phase is respected.

    Probably the problem is after the voting phase… ;-)

  5. By Sven Türpe on Jun 8, 2009 | Reply

    In order to exploit this and achieve a measurable impact you will have to steal (or fake) a number of invitation cards and sucessfully use them during a limited period of time. Your attack fails if (1) you are cought trying to vote more than once under different names in the same place; (2) the legitimate owner of the invitation card shows up to vote; or (3) the impact of your actions on the overall result is negligible. Mind that the card is not a prerequisite for voting. If you are eligible to vote you may also show up with your ID card or passport, which will be verified against the directory of voters.

    I haven’t done the calculations (which might be an interesting thing to do) but I conjecture that an effective attack would require a cabal of considerable size.

    Could it be that ordinary people with common sense are sometimes a little smarter than us paranoid security nerds?

  6. By Stefan Esser on Jun 8, 2009 | Reply

    @SvenTürpe:

    (1) Who says that I try to vote several times in the same place. If I just look at my brother, cousin (other people of my age). We all vote in different districts.

    (2) I pretty much know that some of my friends don’t care about elections. They are of the type that believe to not vote is a statement. If I take their cards there is no way they will show up. Keep in mind… only about 43% actually voted.

    (3) The impact of one person is always very small… But WHO has to gain from this election most? The parties themself. So if every member of the young braindeads tries this stunt you suddenly can change several/many votes.

  7. By Sven Türpe on Jun 8, 2009 | Reply

    My point is that your attack scenario, though it seems plausible per se, does not scale up very well. Attacker capabilities are limited by time and geographical factors. You are not going to vote in Dresden, Düsseldorf, Kiel and Konstanz within the same 10 hours period. You are also not going to vote under someone else’s identity in a place where the polling station volunteers happen to know that person.

    In addition there are a number of situations that would spoil the attack either for a single polling station or altogether. Any inconsistency with the voters directory, if noticed and properly handled, spoils your attack for the polling station affected. A larger number of noticed problems spoils your attack altogether, as will do any defecting conspirator.

    Even if an entire political party conspires and each member manages to cast three additional votes, the impact remains limited. CDU and SPD, the largest political parties in Germany, have some 500,000 members each. At three votes per member they could produce 1.5 million fake votes using your strategy. There are more than 60 million voters in Germany, of which more than 45 million actually do cast their vote in national elections. Your 1.5 million hypothetical fake votes would thus amount to about 3.5% of the result. While this is no longer negligible, it is still a limited impact — achieved at a high risk on the attackers’ part.

    I conclude that the most likely effect of a large-scale identity attack against national elections would be denial of service.

  8. By Johann on Jun 9, 2009 | Reply

    The point is not the probability of a successfull fake vote.
    The election helpers *have to* check your identity - regardless of the impact on the whole election, they know you or don’t care about. Its their job!

  9. By Casper on Jun 9, 2009 | Reply

    Same here in DE/Karlsruhe. New vote district for me.. and no legitimation of my person.

  10. By Dominik Jungowski on Jun 9, 2009 | Reply

    Same here in Munich. I took the letter and the ID since usually you need the ID at least. When I wanted to show them both, they said “No, I only need the letter” - wtf

  11. By Sven Türpe on Jun 9, 2009 | Reply

    Johann,

    they might but they don’t have to. You just believe they should. You probably also believe in formal, as opposed to effective security. Otherwise you would have noticed what you just requested: that people perform security theatre for you to feel better. Improving identity checks at the polling station remains pointless as long as you don’t do the same for absentee ballot.

Post a Comment