siv-org siv issues - Githubissues

siv-org / siv

Secure Internet Voting protocol

https://siv.org

Other

12 stars 6 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

results: type=budget, rounds $, doesn't show ¢

#243 dsernst opened 1 day ago
0
Allowing any internet voting may open the door to some jurisdictions use incredibly weak systems

#242 dsernst opened 1 week ago
0
Very hard for anyone else to run or verify the Shuffle & Decryption ZK Proofs

#241 dsernst opened 2 weeks ago
1
Trustee (privacy-protector) page missing "Election Title" in header

#240 dsernst opened 2 weeks ago
2
/api/unlocked-votes not sorted nicely

#239 dsernst opened 3 weeks ago
0
Verification # labeled `tracking` in api/unlocked-votes json

#238 dsernst opened 3 weeks ago
0
type=budget plaintext includes blank question `id`

#237 dsernst opened 4 weeks ago
0
HACK SIV — Public Prize Awards: Now Live

#236 dsernst opened 4 weeks ago
11
Privacy Protector invite allows accidentally sending localhost links

#235 dsernst opened 4 weeks ago
0
HACK SIV - MON 8/12 - END OF DAY REPORT — With a question for you...

#234 dsernst opened 4 weeks ago
1
HACK SIV - END OF DAY REPORT - SUN 8/11

#233 dsernst opened 1 month ago
1
Improving the timing of verification to minimize chaos

#232 GABuras opened 1 month ago
0
2nd Device Malware Verification Check can be defeated by rerouting the QR code to another malicious site (or other non-legit check websites)

#231 dsernst opened 1 month ago
2
Preparing for missing encryption receipts

#230 GABuras opened 1 month ago
6
Duplicate Verification Numbers

#229 GABuras opened 1 month ago
4
Votes can be submitted with the same ciphertexts

#228 pleasework-sh opened 1 month ago
4
lack of did support and human verification system

#227 worldpeaceworker opened 1 month ago
6
Same email can be verified twice

#226 pleasework-sh opened 1 month ago
6
Users may mistype email address for verification

#225 pleasework-sh opened 1 month ago
2
System Integrity Proof?

#224 pmeyerson opened 1 month ago
2
Voter Extortion

#223 pmeyerson opened 1 month ago
1
HACK SIV — Sat Aug 10 — End of Day Report

#222 arianabuilds opened 1 month ago
1
Chrome Client Compromise & Vote Manipulation

#221 anon-person404 opened 1 month ago
1
Vulnerable to chosen hosting service

#220 dglittle opened 1 month ago
1
Vulnerability to malicious pushover?

#219 dglittle opened 1 month ago
1
Vulnerability to malicious supabase?

#218 dglittle opened 1 month ago
1
Pusher as a single point of failure for observer communication

#217 dglittle opened 1 month ago
1
Security concerns with Google Tag Manager

#216 dglittle opened 1 month ago
1
Risks associated with Firebase dependency

#215 dglittle opened 1 month ago
1
Vulnerability to email delivery manipulation by Mailgun

#214 dglittle opened 1 month ago
1
Unclear defense against malicious clients

#213 dglittle opened 1 month ago
1
Missing Merkle tree implementation

#212 dglittle opened 1 month ago
1
Risk of false claims of ballot discrepancies

#211 dglittle opened 1 month ago
1
Too thin docs for voter remediation procedures

#210 dglittle opened 1 month ago
1
Malicious observers could block decryption

#209 dglittle opened 1 month ago
1
SIV webapp could maliciously steal Observer's private key

#208 dglittle opened 1 month ago
1
Unclear role and security of observers

#207 dglittle opened 1 month ago
4
Lack of formal threat model

#206 dglittle opened 1 month ago
1
Potential Denial of Service (DoS) Vulnerability Due to High Volume of Requests

#205 cjackett opened 1 month ago
1
The Frontend & Backend is Open to Supply Chain Attacks

#204 anon-person404 opened 1 month ago
1
Shorten JWT Expiration Time for Improved Session Management

#203 cjackett opened 1 month ago
2
Explicitly Set JWT Signing Algorithm to Ensure Security

#202 cjackett opened 1 month ago
1
Avoid Logging JWT Contents to Prevent Sensitive Data Exposure

#201 cjackett opened 1 month ago
1
HACK SIV — End of Day Report (Fri Aug 9)

#200 arianabuilds opened 1 month ago
1
Vulnerabilites Found Based on Questions

#199 Automatic476 opened 1 month ago
1
No Security.md file for tracking versions within the repo

#198 Automatic476 opened 1 month ago
1
Email disinformation

#197 GABuras opened 1 month ago
1
Verification went to spam

#196 GABuras opened 1 month ago
3
A more formal threat model is needed & third party software vendors can control the election.

#195 mspecter opened 1 month ago
0
Move Sensitive Environment Variables to a Secret Management Service

#194 cjackett opened 1 month ago
1