Microsoft Warns of Political Cyberattacks, Announces Free Vote-Verification Software (nbcnews.com) 67
"Microsoft on Wednesday announced that it would give away software designed to improve the security of American voting machines," reports NBC News.
Microsoft also said its AccountGuard service has already spotted 781 cyberattacks by foreign adversaries targeting political organizations -- 95% of which were located in the U.S. The company said it was rolling out the free, open-source software product called ElectionGuard, which it said uses encryption to "enable a new era of secure, verifiable voting." The company is working with election machine vendors and local governments to deploy the system in a pilot program for the 2020 election. The system uses an encrypted tracking code to allow a voter to verify that his or her vote has been recorded and has not been tampered with, Microsoft said in a blog post...
Edward Perez, an election security expert with the independent Open Source Election Technology Institute, said Microsoft's move signals that voting systems, long a technology backwater, are finally receiving attention from the county's leading technical minds. "We think that it's good when a technology provider as significant as Microsoft is stepping into something as nationally important as election security," Perez told NBC News. "ElectionGuard does provide verification and it can help to detect attacks. It's important to note that detection is different from prevention."
Microsoft also said its notified nearly 10,000 customers that they've been targeted or compromised by nation-state cyberattacks, according to the article -- mostly from Russia, Iran, and North Korea.
"While many of these attacks are unrelated to the democratic process," Microsoft said in a blog post, "this data demonstrates the significant extent to which nation-states continue to rely on cyberattacks as a tool to gain intelligence, influence geopolitics, or achieve other objectives."
Microsoft also said its AccountGuard service has already spotted 781 cyberattacks by foreign adversaries targeting political organizations -- 95% of which were located in the U.S. The company said it was rolling out the free, open-source software product called ElectionGuard, which it said uses encryption to "enable a new era of secure, verifiable voting." The company is working with election machine vendors and local governments to deploy the system in a pilot program for the 2020 election. The system uses an encrypted tracking code to allow a voter to verify that his or her vote has been recorded and has not been tampered with, Microsoft said in a blog post...
Edward Perez, an election security expert with the independent Open Source Election Technology Institute, said Microsoft's move signals that voting systems, long a technology backwater, are finally receiving attention from the county's leading technical minds. "We think that it's good when a technology provider as significant as Microsoft is stepping into something as nationally important as election security," Perez told NBC News. "ElectionGuard does provide verification and it can help to detect attacks. It's important to note that detection is different from prevention."
Microsoft also said its notified nearly 10,000 customers that they've been targeted or compromised by nation-state cyberattacks, according to the article -- mostly from Russia, Iran, and North Korea.
"While many of these attacks are unrelated to the democratic process," Microsoft said in a blog post, "this data demonstrates the significant extent to which nation-states continue to rely on cyberattacks as a tool to gain intelligence, influence geopolitics, or achieve other objectives."
Mafia and Russian FSB offer free voting-SW as well (Score:1)
Ditch digital (Score:1)
Paper ballots. Nobody but television needs to know RIGHT NOW who is the new President. The country would work fine for weeks "without" a President but they won't let it happen and have you find out. There would be no more chaos than there was when Colorado and other such states legalized marijuana. Things were cool. The guys who wrote the framework for this country had it all figured out and they were smarter than just about every pol since. Finally, are people still so delusional that they don't realize MS
Re: (Score:2)
How do you know paper ballots weren't hacked in the past?
A little collusion at a few precincts could alter the results of an election. Sure I'm concerned that my vote was counted correctly, but how do I know all the votes were counted and only real votes were reported? Those are things we can't confirm with paper ballots or with individual verification of electronic ballots.
Re: (Score:2)
That's hardly bullet proof. Usually that's one volunteer from each political party who isn't a security expert. Often poll workers don't understand basic aspects of the election much less vigilantly avoid ever taking their eye off the box of ballots.
Still, outside of local machine politics I agree it's pretty safe in that the risk of getting caught if you create the kind of conspiracy needed to substantially alter an election is just too high. But that doesn't mean a hybrid system with paper scans and ra
Re: Ditch digital (Score:2)
Re: (Score:2)
A little collusion at a few precincts could alter the results of an election.
And this was quite common, especially in the South before mechanical voting machines were introduced.
It was the movement away from mechanical voting machines to electronic ones that has caused all the trouble.
foreign vs domestic (Score:2)
Re: (Score:2)
Re: (Score:2)
will it detect things like vote suppression or gerrymandering
I suppose it would detect them, given that the goal is to secure those things.
PLEASE learn what gerrymandering is. (Score:2)
So easy to find out.
Check out how that kind of screwing around got its name, you'll be the smartest guy at the party.
When you find that out you should note that the practice had been going on for ages, it just finally got a name that stuck.
Don't wait for the TV to teach you, take the initiative!
No buzzword?! (Score:2, Offtopic)
How did this get written without using the buzzword blockchain
NOT NEEDED! TRUMP + REPUBLICANS ARE ON IT! (Score:1, Funny)
They have even gotten Putin to help! Nothing to see. Move along. No, nothing hidden. All in sight.
Re: No NEED for voting (Score:2)
Hello verifiable vote buying (Score:5, Interesting)
Show me the verification for your vote for candidate x or you're fired...
BVOD? (Score:3)
...and that's how Bill Gates was elected President...
Re: (Score:1)
You have noticed, haven't you, that he's been working really hard to polish his legacy for the history books. Just like all the robber barons of that other century. Time yet again to remind people of the Americans' memory hole. Never fails those who need it the most.
Re: (Score:2)
We could do worse than having a philanthropist as president.
Now President Ballmer would sic the DOJ on Google (irony!) and couldn't be trusted around chairs.
External Tampering Only (Score:2)
This would allow one to verify that a correct record of their vote has been made. However, if the voting software was designed to keep two records (a genuine record, and a second record modified in favor of $candidate), such a system only would verify that the genuine record is indeed still genuine, even though the final tally is taken from the modified record.
So this could work as advertised, assuming cyberattackers modified the only existing record; if they replaced the software to keep and tally a second
Security software, from MS? (Score:4, Funny)
Securing the Vote (Score:2)
Forget computers (Score:2)
Use paper
Creates A Social Engineering Attack (Score:2)
As a practical matter it may reduce confidence in elections as people fuck up how they voted or don't remember it correctly and then go online and say their vote was counted wrong. Also, remember we should expect to have FAKE reports of people's vote not being recorded correctly so the ability to check seems to make things worse.
I worry that a system that can let one verify that your vote was accurately tallied (in particular that it was recorded as the vote you actually cast) without undermining ballot bo
Re: (Score:2)
That can in the second worry should have been a can't obviously.
I'd also add that I think letting individuals verify their votes is focusing on the wrong thing. It's less important that we count every last vote correctly than we make sure that statistically speaking the person elected doesn't deviate too much from the sample of people who appear at the polls. I mean all sorts of random factors like the weather affect the race in tight races. Rather than opening up a new avenue to call an elections into d