 Welcome everybody in PAW on SHAR 2017. So, how about those elections in America? And guess what? Guess what happens in the Netherlands? So, Simon Rooof is giving a talk how hackers could have hacked all Dutch elections since 2009. So, give a warm welcome to Simon Rooof. Hi. Yeah, today I'm going to talk about Dutch election security. It's a thing that I came across only this year in January. And, well, I researched it. I was quite shocked at what I could, what I find. But first, a little bit about myself. I'm a professional pen tester since 2005. I'm, since, for almost 20 years, I researched hacking. And, yeah, I do that for government organizations, banks, and IT companies, just to get secure software in production. But apparently the Dutch government has made the flaw and, well, overlooked the Dutch election security systems. These are some of the brands I work for in the Netherlands. Well, first I'm going to tell about how Dutch elections are, processes are run, the weaknesses in it, and what we should do to improve it. And after that I would also look on a more international context to see how other countries are performing digital elections. Well, in Holland we have quite a history with election security. And it all started in 1991 when the cities were handling all these paper ballots with the votes of all the citizens on it. And, well, these papers are quite bulky, they are large. In Holland we have a lot of political parties with a lot of persons per party. So these are quite large. And, well, cities make a lot of errors with it when counting these paper ballots. They move pieces of ballots from one to another place. And, well, sometimes things get mixed up and, yeah, votes get miscounted. But these only happen on a small scale. Ten different vote counts per city are sometimes hundreds, perhaps thousands. These are not the errors that result in some, well, that some guy got into the government that isn't voted for. Well, these are the vote machines we used for almost 16 years in the Netherlands. These were made by Nadop, and you just press a button on the machine. And, well, at the end of the day a paper will be printed with the total votes per political party. And with that paper, these papers will get collected per city. And all these totals on the papers will be totalized. And, well, then there is an election result. And these voting machines were audited by TNO. And, well, TNO is like IBM if everybody trusts them, at least in the Netherlands. And so TNO performed safety checks on the voting machines. If you spoil a glass of water on it, will you get electrocuted? If you take off your hat with snow on it, will you get electrocuted? These kinds of water-conditioned tests were performed by TNO. And TNO didn't find any mistakes in it and said, well, these machines are all safe to use. So the government thought, well, we have an audit, so it's okay. Let's use these machines. And one of the latest cities in the Netherlands that used these voting machines was Amsterdam. And in Amsterdam also lives Rob Grongrijp. And for those who don't know who Rob is, Rob is one of the first hackers in the 80s in the Netherlands that is quite good at what he's doing. And he founded one of the biggest internet service providers in the Netherlands. And also, after that, he founded a hacker company, ITSX. And when he came in contact with these voting machines, in 2006, he thought, well, this is bad. This is really bad if we are now in 2006 using computers to countervote. This is not safe and secure at all. So he founded We Don't Trust Voting Machines Foundation. And for two years he lobbied to get these machines out of a democracy. And he researched the device and he found out quite a lot of security mistakes. For instance, if you remove a chip from a voting machine and replace it with another chip with your own malicious software on it, as Rob has demonstrated, if you use that modified voting machine, then the results will always be in favor of Rob's political party. And he managed to get a manipulated chip on the voting machine to be installed within one minute. And these voting machines were stored when there was not an election. They were stored just in warehouses around the country. Each city has used a different warehouse. So these voting machines, when they were not in use, they were just in some room somewhere with no military protecting it. So it's very easy to tamper with a voting machine if it's not in use. But there was another leak in it, that these voting machines could be from 20 to 30 meters distance, you could read who voted for which party. The keyboard on the voting machine has different radiation per key. If you press a specific key, for example, the political party CDA had a specific frequency. If you push that specific button, then from 30 meters you could see that someone has voted for a CDA. So that broke vote secrecy. And that's a very important thing here in Holland. And the vote secrecy was the final thing that we in Holland were reverting back to pen and paper. So Rob demonstrated these voting machines were insecure and the Dutch Secret Service also got involved and became awake that the software that runs or democracy is insecure. So they agreed with him. But the cities that are in charge of the voting in the Netherlands, they went angry because their beloved software was being ditched by the government because it appears to be insecure. But the thought that these cities had to go back to pen and paper, well, it frightened them because it cost a lot of money and effort to count ballots by hand. And well, the vendor made up of the voting machines promised to fix the issues. And the government trusted the vendor so they tried to put out a patch, but it's broken by design. So Rob sues the government and the judge agrees with Rob. And well, in 2009 we went back to pen and paper in Holland. And well, after you vote, you put it in a bucket and people will manually count all the paper votes. This process is since 2009 in Holland active, as of speaking. So, well, what's the first about then, Simon? How can you hack paper? Well, then it gets interesting. So in January this year, RTL News called me and they heard that somebody told them that in the Dutch election process that weak cryptography was used. Xiaowan. And well, they asked me, well, Simon, you know a little bit about security. So what's the impact of it? And I was like, what, Xiaowan? In our election software, I thought we used pen and paper. Well, so RTL continues and explains that these paper ballots are being manually counted. But then each city enters the manually counted paper totals into a computer program. And well, the computer program generates an XML file and that XML file is being put on a USB stick. And that USB stick for each city is being transferred to one of the 20 voting districts in Holland. And these voting districts accumulate all the USB sticks from the cities below them and insert and read them out with the software program and totalize all the vote totals for each city. And so these 20 vote districts also generate again an XML file on the USB stick. And that USB stick then is brought to the Hague to the Central Election Council. And the Election Council reads 20 USB sticks into the computer and press a button and then the software calculates who won the election. So the first process that everybody knows in Holland is we use pen and paper and well, it's expensive, it's a very time cost, it's expensive. And after that the government employees for each city then use a program to totalize the results. And I thought, well, this can't be true. I mean, well, first we went to all the trouble of paper ballots and then just the last step, we use a computer program just to speed things up. And in Holland it's very important to understand that on election day in the evening all the political parties will want to have the results because on voting day it's a nice day in Holland and it's a party for democracy. So all the political parties party in the evening to get the results. So I thought, well, this needs to be looked into. So I googled how the vote process in Holland goes. Well, I came across a couple of YouTube videos that the government is nice enough and modern enough to create tens of YouTube videos in which the software OSV which totalize all the votes is being demonstrated. And well, I thought, well, what's more easier than watching a few YouTube videos to get an introduction. So I watched them and in the first 30 seconds I noticed this Explorer screen it's a bit hard to reach in the back of the room, but in the left corner there are some network shares from the city of Amsterdam visible. So I thought, well, this is going to be an interesting YouTube video. I was really curious what we would call next. As it appears, this photo totalized software, for each city you had to install a web server and that web server is accessible from the internal network. And workstations on the internal network, they connect to the web server to enter the results for each vote office in the city. And this client server architecture omits HTTPS. So opens some attack servers. And well, multiple computers were involved and these computers were all connected to the internal network of the city. So all the other computers from city employees could access the software. And that's not air-gapped. So that's risky. But it goes further. The PDF documentation that I've read about the software doesn't mention a security policy at all. There are no security checks involved. It's bring your own laptop and bring your own USB stick. And I mean, that's very bad. I mean, no security policy. Come on, it's 2017. Okay, well, there was one policy in the documentation. Wi-Fi should be turned off. But it was funny because I think they put it in because in 2008, Rob showed us that you could read votes from 30 meters distance. So they thought, well, if you put out the Wi-Fi, well, we eliminated that threat. And well, I spoke in the meantime the last couple of months with some system administrators that installed the software on the internal networks of cities. And they told me that these computers were internet-connected computers. I was like, holy shit, this is really bad. But it goes further. The software generates an XML file that will be put on the USB stick. And in order to protect the USB stick, a SHA1 hash was created and printed on paper. So one person is transferring the paper with the SHA1 hash and the USB stick altogether to the next step. Well, ridiculous, of course. It's not the separation of duties. Well, you can just put in the USB stick. It's an unencrypted XML file on the USB stick. So you can just open your laptop in the car, obtain some results, and save it. And then you just have to manipulate the SHA1 hash on the paper. But that's easy, just print a new SHA1 hash on paper. But, well, the signature of the major of a city was being put on the paper. But the 20 central election districts don't have a signature database of all the majors in Holland. So they have no clue to verify if the signature is correct. So yeah, there goes your integrity check. Yeah, if you put in USB sticks, bring your own USB sticks in your high-security election system, well, I hope I don't have to tell you guys what can happen if you put in a rubber ducky. The SHA1 hash, which is, of course, a deprecated technology, is printed in a PDF file that's supposed to be printed. And for some important steps in the election process, a SHA1 hash, if you import specific files in the process, the software calculates a SHA1 hash that you have to validate. But here it goes. When I saw this in the video, this screen was just visible for one second because the instructor, he just selects an upload field, selects the XML file, clicks next, next, and goes further. I'm like, hey, what? Next, next. No, you had to mention that you should perform a SHA1 hash check. But, well, the button is already active. So yeah, it's just a stupid check, I think, they think. And, well, there's even for the most secure process steps of the software, they thought, well, let's be smart. You can skip this hash check, but if you reach the highest protection level in the software, you should insert four characters of the SHA1 hash. Okay, well, that's good, but I expected to see the whole SHA1 hash to be filled in, but, well, that's too much effort. Our election security is probably not that worth the effort to fill in all the stream. So if you just, and the instructor also mentions, insert the first four characters and press next. Okay, well, if you calculate what strength these four characters will have, it's just 65,000 possibilities. And almost no cryptographic hash. Yeah, so even if you, if the guy in the car transferring the USB stick with the SHA1 hash to the next station, he doesn't even have to manipulate the SHA1 hash on the paper that is printed. He just has to make sure that the XML file he's manipulating, that the first four characters are corresponding with what's on the printed paper. So, yeah, it's on so many ways you can, yeah, you can hack the system. Well, there's no password policy active. In the screen they have used the username OSV and password OSV, I think. So, yeah, that's quite weak. Well, and this one is, I think, hard to read, the software uses administrator privileges because it saves their temporary XML files with all the vote totals in it in the program files directory. So, if you happen, which I didn't check, if you happen to find the buffer overflow and it's your complete, you have complete routing the application. Yeah, there's no automated hash check in place. So, if you manage to manipulate the XML file, the temporary XML file on the computer in which all these USB sticks are imported, you can just change the memory of the application. Yeah, quite bad, I think. But the most, well, at the end of the video they say, well, it's in Dutch, but I will translate. So, option export election results, you can send the election results to the Central Election Council to this email address. So, people are instructed to email the election results over the internet, unsecured, and I mean, well, and the list goes on and on. I mean, there are no central logs collection, there's no security monitoring. If a hash check fails, it's just, you just have to go drive back and get a new USB stick. There's no national security alarm. Yeah, and the integrity is hard to validate and even optional. And it's not even, well, they built this system with the principle of open source in mind. So, they put up a zip file on the website, but yeah, the zip file is incomplete, so not all the dependencies are in there. So, yeah, it's not even open source. And also a fun thing about this is the software is written by a German company that calculates the Dutch elections. So, I thought it was fun, but quite weird. And I think Dutch programmers should build the Dutch election software. If we even use election software at all, which I don't have, yeah. And these problems have been ignored by a government for years. In 2011, a student did a research into the election system, and he found a few vulnerabilities that I also found, and he presented them to the election council. And the election council, they were scared, and immediately asked them, are you going to go public with this? And I said, well, yeah, I'm responsible disclosing this. Well, and the election council just dismissed the results, and well, the student put up his thesis on the internet, and there it went forgotten for years until this year, where RTL News opened it. And well, they thought, well, this odd, some of the problems have been known and ignored, and it's about the security of a democracy. I mean, that's quite important, right? So, yeah, I only spent one evening to get the most of the research I here presented, and watched a few YouTube videos, a couple of hundreds of PDF documentation, and find all kinds of ways to penetrate the software. And well, if you perform a code review or invest a couple of more days into the software, well, I found almost 30 vulnerabilities in it, but if you continue, the list will go on and on. This is terrible software, and we used it in the past eight years in Holland. So, yeah, we didn't learn from the past. It's Groundhog Day again, and well, so I went to the Central Election Council and presented the findings, and they ignored us because they were quite angry that six weeks before the elections were held in Holland, six weeks before we presented our findings to them, and they were all busy preparing for the upcoming elections, and thought, well, we can't have these security problems with it. We need to run an election. So they just said to all the journalists, well, trust us, we know what we are doing. We do this for years, so we are experts at it, and they also told the journalists and threatened me that, well, let's see for which this could be a problem. Well, so far, no one from the government has contacted me, no one. No email, no phone, no SMS, no one. No one in person. I'm just completely ignored, but luckily we have journalists, and RTL, they broadcasted it on television, and when they did that, it went all mainstream, and the government couldn't deny it anymore. So two days after the publication, the Dutch minister banned the software, and the cities again respond angry, well, you took away our software, and now we have to go manually totalize all the totals. I mean, what kind of, how hard can it be to totalize numbers? I mean, I will do it for free. I mean, if that's the problem. So the minister didn't expect all the angry voices of the cities, so he says, okay, the software is insecure, you guys may use Excel, and when I hear this, I was like, oh my God, this story is getting funnier and funnier, but it's that serious, it's Dutch elections, and the minister proposes five weeks before the election to use Excel, but he was smart, he said, well, there have to be two people in front of the Excel sheet, so yeah, it's safe. And yeah, I mean, we have a secret service, we have a national security council, we have all kinds of security departments in Holland, and the minister just blindly does something crazy. I mean, this is weird. So yeah, and again, the vendor just says, well, you can fix it, and then the minister says, okay, Excel may not be the best option, okay, vendor, you may fix it. So, and then it went completely dark. What happened next? I have no idea, nobody has an idea. The vendor put out a patch, and I have no idea what the patch is, they went not open source with it, it would think lower the fate in the Dutch government. But what I've heard is they ditched the USB sticks, and I heard they used SHA-256, and that's the only patch they implemented in the whole system. I mean, the list of problems is so long, they just fixed two issues, and then, well, they went live with it because elections are planned and they can't be rescheduled. And for a government, if elections are rescheduled, it's a big thing because the current government is not allowed to rule anymore. So you can't reschedule elections. So yeah, they had to go through with it. But they hired FoxIT, a Dutch security company, and well, they agreed, well, the software shit. They even found a lot longer list of issues, and it's quite a report. But yeah, there was no time to fix it. So in Holland, we have run an election with this software, and nobody's asking questions if there's manipulation. Nobody knows. All these cities have decentralized voting registrations of the vote totals. Well, after three months, so I think, yeah, we had in March, we had elections, so yeah, at this moment, all the paper vote totals for each city are being shredded because they think they don't need them anymore, and it's bulky to store vote totals. I don't know what's bulky about it, but yeah, there's no option for recounting or election, and I think that's quite an issue. I mean, I have, for the Dutch tax organization, I have to keep my invoices for seven years, and the Dutch government ditches the vote totals after three months. I mean, that's not even equal. But yeah, they can make it, so they do it. Yeah, well, you have to understand that at this time, the elections were held in March, but at this moment, we don't have a fully functioning government in the Netherlands because we have a lot of political parties and they have to make a consensus to get more than 50% of the votes. So I would think, well, if we use paper votes in the beginning of the process, let's add a couple of more days maximum to totalize all the totals, but yeah, they want quick results, so they use software, and they still use software. So yeah, can this current election for the last 26 years in Holland be trusted? I have no idea, nobody knows, nobody performs an audit, nobody checks for hacking attempts. Hacking was not even in the threat model of when developing the software, when running an election, hacking is not there. I think we need to put hacking into the threat model for election security because, well, look at America, look at other countries in Europe, they have quite a lot of hack attacks since last few years. 70 to 80% of the Americans, I've read things that Russia might be behind some election hacking. So yeah, it's a big deal nowadays, and I hope our government doesn't ignore these issues, but tries to solve it. So how can we do it better? Simon, I'm sorry, I have to interrupt. There is a German car blocking the fire escape, it's FBY 5363, could you please move your car if you are here? Okay, so how should we improve it? Well, I think paper should always be in the lead from the beginning to the end, and you could use some software to validate if the paper counting is being done correctly, but it should always be in the lead. Well, in Germany they used software of the same manufacturer, but Germans have a different way of finalizing an election, and in Germany paper is always in the lead, they use software to check if there were count mistakes, but the result of the software could never be used as a final outcome. In Holland we use software to calculate who wins, and we don't perform a final paper audit. That's a really big difference. So Germany was luckily not, well, could not be hacked this way. And also it's a thing. The Dutch election council thinks PDF files, you can print PDF files, right? So it becomes paper, and so yeah, paper is in the lead. Printed PDF files is paper, so yeah, PDFs are in the lead, so digital is in the lead. It's a thing of using words. And I think we need complete transparency in the election process. Each vote office should publish their results on their own website, on the window in the physical vote office. Each city should publicize their vote totals on their website. So if you want to hack an election, if you use, then you would need to change all these copies floating around. And so I think transparency is in a democratic process really valuable. And from all the people that are helping in the election process, they should be made aware of security mistakes, of hacking attacks. It's really important. And the government should test if elections could be hacked. There's never been performed yet. So yeah, I think it's worthwhile. And yeah, so in the last 26 years, the Dutch elections could be hacked. We have no idea if it has happened. Even the government doesn't know. We don't do a recount. We don't do an audit. We always have trusted the outcome of voting machines till 2009. And until today, we trust the outcome of a software program, which has, well, all kinds of vulnerabilities in it. So the Dutch elections are open for hacking. And I think that's quite shocking, that people are just, I think, too comfortable in their houses with television with a soccer, that they don't pay attention to what is happening around us. I think we need to wake up with this democratic election processes. And we've seen it in the international context also. Last year, there was a very interesting story went out by Bloomberg. Some guy in Latin America for almost 10 years hacked their elections. And he's now in jail, but he spoke to Bloomberg, and you should all read this article. A whole continent almost. He hacked it for 10 years, and nobody noticed it. And he went out on his own in the jail because he felt remorse. And he told, well, via this article, the public about what he did. And it's quite a story. And, yeah, the freaky thing is everything just runs normally there, and everybody thinks they have a democratic government, while manipulation is being performed in the, well, behind the doors. But also, a month ago, the Washington Post came with a news article that Russian governmental actors had tried to hack election systems in 21 states. And that's not the only story about Russian hackers. Last week at the DEF CON hacking congress, they put out a village full with electronic voting machines that were used, were in use and were used in the past in America. And after a couple of days, all the attendees came along these machines, played with it, and broke them all down. All these vote machines in use in America can be hacked. And this was performed by people that had no previous experience in hacking voting machines. If just a bunch of hackers can just walk by a voting machine and hack it. I mean, that's shit, right? And, well, we know that these kinds of devices and software are vulnerable, but I think we should, as a group, as a community, come together and make a fist to fight for our democratic rights. That we, yeah, make everybody else in the world aware that these voting systems, yeah, can easily be hacked. And in America, you have to register yourself in order to make a vote. And these vote databases, in the last year, a couple of them have been leaked on the Internet. So hundreds of millions of details of American voters are downloadable on the Internet. And, well, if the government can't even protect their personal details, I mean, how can they protect their election? I mean, yeah, that makes us all wonder. Well, I think to finalize and summarize this presentation, that paper should always be in the lead. In a democratic process, computers cannot be trusted with running an election. They are too easy to tamper with. And, yeah, so a democratic process is the most important process that a country has. And I think we are not being aware of that fact, that it's such an important process that computers are not secure enough to have a use in them. These voting machines in America, they cost over one million euros of dollars to certify them that they are secure. So, yeah, and they are then outdated a couple of months later. And these voting machines are running Windows XP in America. I mean, come on. And in Holland, we had, a few years back, there was an extensive research performed by, if there was any chance that after the 2009 debacle, that we could introduce voting machines back in Holland. And the outcome of that research was that it's way more expensive to properly build secure voting machines than you should play an old paper. So, why are we then still proposing voting machines if paper is cheaper? I mean, yeah, there has to be a business case with it. So, yeah, paper is excellent in a digital world, I think, if it's about elections and, well, full transparency of all the reports, of all the processes, it took quite an effort to reverse engineer how the Dutch voting process worked. And I think it should be completely open. There should be no questions about the legitimacy of a government. And, yeah, there are quite a lot of questions now that still aren't answered. And it's also important to know that current governments will never admit that the elections were insecure. I mean, if they say that these elections were insecure, they immediately say that they themselves have a position within the government that is not a democratic vote, perhaps. So, in America, you see that the government is actively denying that there is any involvement in the government, because if they would acknowledge it, people would get angry and they would demand new elections. And, yeah, the current government doesn't want new elections, because they are finally in power. So it will be us here and journalists that should be really awake and aware that a democracy is not being trusted by a government. And, well, I think, and I hope with this talk, that to have inspired you a little bit to get a bit more involved in election security, because, well, there are a lot of people from all around the world here at SCIA. And I hope that you guys also review your election systems in your own countries to see if it can be hacked. And, yeah, that's what I want to conclude with. Thank you all. So, thank you, Saven. We have time for questions and answers. So, if you have a question, there are microphones in the middle. So, I saw the gentleman over there with the colored shirt. He was first. Hi. First of all, if you want to help the election, become a volunteer. I've been a volunteer at the election process. Yeah, sure. But I've also experienced, personally, that a lot of the things that you say should happen have already happened. The process, the digital process that you would describe, is used to make an unofficial result on the same evening. The official result takes a couple of days and uses a written process where paper is in the lead. All of the results for each of the different polling stations are published in local newspapers and on the website of municipalities. And they're there for indefinitely. And they can be inspected. Journalists do inspect them. They do offer manual recounts. There have been manual recounts even by the voting council. And, finally, you mentioned the paper ballots. They're bulky. If you have one polling station, and I experience this myself, one polling station is one garbage bin full of paper. I don't know how many voting stations we have in the Netherlands, but it's a couple of hundreds and storing a couple of hundred garbage bags for seven years is not going to cut it. Well, these vote totals for each city, it's just one piece of paper with all the signatures of the people in the voters. But for each of the polling stations, the results are published. There's an official document saying that that is the result of the polling station and they are stored. Those are destructed. The reason why they actually destruct the manual voting counting data, I'm also a bit involved with the whole sketch from the political point of view. But the reason they destroyed the garbage bin is actually to make the election result not disputable after three months. So that has a valid point, but there actually now are like ten municipalities that destroyed the voting total of the polling stations. Okay, there are a few things over here. After the research went live, the government has indeed changed some things. They still use the software, but also performed manual counting. So this year was the first year in which not on the same day the election results were published, but a few days later. So there was more manual counting involved, but the exact procedures in how the counting process would go, they aren't public. There's a lot of things that aren't still transparent about the elections, and it's true that the vote offices have publicized their totals on the websites and on the screens, on the windows. So that's a very good progress, and I would see that this will be continued and broadened to get more transparency. Yeah. So next question? Yeah, most of my points were made by the previous gentleman, but I had a question, so I was puzzled by your counter-proposal that the totaling of the votes should be done manually, but then you trust the people performing this operation. I don't think that's a solution. I mean, the solution is in fact now that in the election offices you have observers of the different political parties, all of them take notes, all of them do their own totaling. I mean, if any of those political parties would be able to contest the result, they would do so. So the security isn't the fact that you have citizens controlling the process and the competing political parties controlling the process. Yeah, everybody in the election process has a political vapor preference. So it's indeed true that everybody in a vote office has their own party which they favor. But performing fraud on such a low level in a voting office with a couple of thousands of votes, it's nothing compared to what software can do with millions of votes. But the software can't do this because these local results are known and people do the calculations for themselves. I mean, political parties do the calculations for themselves. Yes, sure. So each of there are 20 voting districts in Holland and each voting district receives tens of USB sticks. So on a voting district level, all the totals are communally elit. So then it's not, you can't say from a voting district perspective which city has which kinds of political votes per political party. So it gets anonymized how higher it reaches the government tree in depending on the results. So yeah, I think it's much harder to tamper with an election if there are paper votes because for one vote office, it might be easy to tamper results, but to tamper results from 20 vote offices, it's hard. And so it becomes robust. And if you use software, for example, from 1991 to 2009, there were only three people that knew exactly how the vote machine worked. So, well, that's too much trust in a small group of people. And I believe it's better if you put that trust in a lot of people. So it takes a lot of people to manipulate something big. I think it's more robust. So next question, Orange? Yeah, I would also invite everyone to look at the Dutch AML data because I found out after nine months they put it open, actually they published corrupt XML. And they changed that later, but I was the first one to find out because nobody does the checking of the XML, does XML link on it, or does statistical analysis, or some people from political parties. That's new information. An EML file is the XML file I talked about. So these EML files contain the photo totals. And if it's true that some are corrupt, that's a big thing, I think. They fix this after my complaints. Okay, but they didn't run their own checks. No. So yeah, they're still not in control of the integrity of the... Okay. Okay, do we have another question? Hi. Is there a reason why everything past the polling station isn't completely open from the outset? So why not let everybody do the counting? Why isn't there a very simple way for polling stations to publish their results and that anybody can add them and check it? The polling stations are now required by the government to publish their results on their own. So yeah, it's getting better this year. But there's no particular reason that we know why it has to go through a centralized system in a sense. But yeah, because you want official centralized results. Yeah, for each vote office, I think decentralization is key because a centralized system is very easy hackable. And if you hack a centralized system, you'll get the whole system. So if each vote office has their own way of publicizing these documents, it will get very hard to hack a day in one go. So let's... Hi. Two questions. The first is that University of Melbourne academics found some bugs in the electronic voting system in Australia, reported on it, and at least one of them suffered attempted retaliation via the Electoral Commission. Some of it's subtle, some of it not so much. I'm interested to know if you or people you've worked with have suffered retaliation for your revelations. The second question is around the increase in voter suppression methods in the U.S. election, whether or not there's a risk of imposing greater security on elections leading to manipulation of this process to lead to voter suppression. Yeah, voter suppression is a very important topic that has only recently been discussed. We've seen it in England, for example. They had an election. And you have to register yourself before you can vote. And this registration website can be put offline. It went offline the last time it was in use. And by putting electronic voting systems offline, you can also change an election. You don't have to change a vote specifically, but if you deny someone to vote, and especially if you deny young people to vote, their votes won't be represented in the outcome of the election. For example, if you take down a voter registration website just two days before an election, it is known that young people are waiting for the last moment to register themselves while old people generally are taking weeks before to register themselves just to be in time. So taking down these kinds of systems can have quite an interesting effect. For example, if you want your county to stay in the European Union or not, it makes sense to take offline a voter registration website days before an election because young people want to stay in the European Union generally and old people don't. So these kinds of things can also, you can also manipulate an election with these DDoS attacks. So any more questions? Then I ask you to give Simon Ruhoff a warm applause. Thank you.