back to article Microsoft demos end-to-end voting verification system ElectionGuard, code will be on GitHub

Microsoft has demonstrated its ElectionGuard electronic vote system at the Aspen Security Forum under way in Colorado and warned that nearly 10,000 of its customers have been targeted by nation-state attacks. ElectionGuard aims to enable end-to-end verification of voting. Voters receive a tracking code and can check via a web …

  1. kain preacher

    See at first I was like you might hate MS but the fact that they are allowing folks to look at the code puts them miles ahead of vendors like die bold . Then I saw the will not be selling the kit directly but to voting machine vendors. You know the same folks that refuse to let people look at the code . The same folks that sued to stop people from looking the code.

    1. Anonymous Coward
      Anonymous Coward

      Still, it is Microsoft - they are about as new to open code as Trump is to racial equality, and have a long and presumably proud history of doing as little as possible on proper security. Better than Diebold et al, but still give the feel of replacing one problem with another.

      I do recall there being some FOSS projects out there for quite a few years that have a less questionable origin, and also won't set up a government for license payments ad infinitum, but it starts with making sure there are baseline enforceable standards, audits thereof and sufficiently heavy penalties that they cannot be paid from petty cash if someone takes (again) a shortcut for profit - by preference with jail sentences so a fine cannot be turned into just an annoying accounting trick.

      However, it is exactly the standards and enforcement that take time to set up and exercise. I have a suspicion that that is the exact reason why Mitch McConnell has stopped investment and research into this for so long - this won't be nowhere near stable and auditable for the 2020 election.

  2. Warm Braw

    It will not be possible to 'hack' the vote ...

    Experience suggests that interfering with the count is a second-order problem.

    An accurate count simply legitimises malign misinformation, gerrymandering and selective disenfranchisement.

  3. Pascal Monett Silver badge

    "there is little cause for optimism"

    Sorry to disagree, but in this case Microsoft is doing exactly what I said needed to be done : make voting secure and posting the code for the world to see.

    I fail to see how things can be worse than they already are, what with Diebold being utterly incapable of doing anything properly and having tried to sue people to keep them quiet.

    Microsoft is on the right track, and when the code gets posted, people will be able to scrutinize and validate it, and maybe even improve on it.

    Except NSA guys. They can keep their stinking paws off our liberty.

    Of course, the real problem is how to make the popular vote actually count, but no software company can do anything about that.

    1. jgarbo
      Facepalm

      Re: "there is little cause for optimism"

      So the open source code is the same as the voting code? And Santa Claus will oversee it with the help of his reindeer...

    2. JohnFen

      Re: "there is little cause for optimism"

      "make voting secure and posting the code for the world to see."

      I don't think the security of this system has been determined, and there is no mechanism that I can see that ensures the code that has been open-sourced is the code that will end up being used.

      Regardless, it still seems like electronic voting is a terrible idea. It doesn't solve any problems and introduces a lot of new risk vectors. It looks to me like the better way to go is to stop doing it entirely.

      1. tentimes

        Re: "there is little cause for optimism"

        "it doesn't solve any problems"

        Yes it does. Computer counting and remote voting. I will cheer the day that I no longer have to do the annoying journey to my polling station in person. And we don't have to wait ages for humans to count the votes. The system can choose the winner and shoot the loser automatically.

  4. Chris G

    Manipulation

    The current talk of voter manipulation, electiral interference etc is spoken as if it is something new but is actually as old as voting.

    Canvassing door to door is no different, nor are political opinions, editorials or ads in the newspapers and on TV.

    Think of the crap about £350M of European money that could go to the NHS few campaigners tell the truth in real terms.

    So how is anyone going to address misinformation in the lead up to elections?

    Maybe ban all campaigning?

    We either have censorship or we don't, most voters have always been ill informed but the fix for that does not lie in legislation. Who decides what is or isn't misinformation?

    I wouldn't trust electronic voting much either, if anyone does breach the security they have access to everything, with local paper and pencil voting it is far more difficult to interfere on a large scale.

    1. PerlyKing
      Unhappy

      Re: Manipulation

      I think that the new issue with manipulation is that people are being targetted more specifically. In the good old days the politicians had to tell the same lies to everyone, but with the power of technology they can tell different lies to different people more easily than ever before.

      1. Tim Hughes

        Re: Manipulation

        This. Absolutely - this is a most dangerous thing for democracy.

        Allowing any politician to 1) know and/or extrapolate, and 2) privately pander to each individual's position on any particular topic basically breaks any form of representative democracy. How could anyone be held accountable in that case? (Not really sure that they are now, but still.)

      2. Chris G

        Re: Manipulation

        In the good old days, canvassers would go door to door and tailor their response according to what reception they received from the householder.

        That's very personalised targeting.

  5. Anonymous Coward
    Anonymous Coward

    There's always paper

    Which we've used successfully for hundreds of years

    1. Joeyjoejojrshabado

      Hate to have to tell you

      but vote fraud has also been attempted successfully for hundreds of years.

      1. John Robson Silver badge

        Re: Hate to have to tell you

        But we've had hundreds of years of defending against those attacks, and they are generally understood, and counteracted.

        They also don't scale well.

      2. Anonymous Coward
        Anonymous Coward

        Paper ballot fraud is difficult

        At least as voting is practiced in the US, where every state manages its own elections and the winner of the presidential election is determined by the number/size of the states won not by total votes cast.

        That means that even if you had a corrupt governor in one state and could totally control its results, you can only affect that one state's outcome, and if that state was already going to swing that way (which it probably is if it can vote in a corrupt governor) you have accomplished nothing, at least not as far as the presidential election.

        With electronic voting machines, the software could be corrupted either in the counting or the tabulation process, and affect all the states those machines are used in. You could easily swing an election if you had a popular brand of voting machine. If there's no paper trail you can't even go back and audit the process to find out there was fraud, unless they do something really stupid and have more voters than there are registered voters.

        What's worse, that software could be corrupted by the company that supplies the machines, by the a subcontractor (how carefully do the check the Microsoft updates they apply?) or by hackers either foreign or domestic. So even if you can prove fraud, you might not be able to prove who was responsible.

        1. tentimes

          Re: Paper ballot fraud is difficult

          Or you can just pay the Russians to fix it for you via Facebook, where the sheeple can be bought with a couple of good meme's and the odd comment.

    2. Lee D Silver badge

      Re: There's always paper

      Difficulties for blind people, postal votes (the entire military), when a polling station has to close, massive problems with queues at some if there's a problem, etc. etc. etc.

      It's a stupid system if it requires, in 2019, people to turn up, in person, at a SINGLE designated polling station (others are just further hassle) within a small time period.

      The infrastructure around a vote is expensive and actually used as reasons not to have them (e.g. if we could just flick a switch and have a "no-Brexit vote" now, there is no excuse not to. But if it costs millions and has to be prepared months in advance, they can just say "Oh, we can't possibly do that!").

      Voting on paper is open to just as many attacks... how does the polling officer inform the central government of their voting outcome? How do you know that didn't get changed along the way, the guy at the other end "misread", etc. Same thing, just slightly further down the line.

      Now imagine an official government gateway page, just visit it, verify your identity, vote. Any time. Any day. Anywhere on the planet. Right up to the deadline. On one, ten, a million different things that you feel are important to you. With verifiable results. And "paper votes" basically becoming the "postal vote" of the next century... you only do that for particular reasons.

      Now you know the results of the vote instantly. No "counting" required. You could literally put it in between "Someone attacked us" and "Should we go to war", it could be that simple and quick. In fact, you could know the results of the poll *at any time* you liked... anonymously, but you could tell that it was 52-48 and then went to 51-49, etc. in real-time.

      Done properly, there's no reason *not* to have online voting, like there's no reason not to have online car tax discs, online checking of your state pension, online benefit application, etc. Collecting millions of bits of paper and counting them is literal dark-ages stuff in comparison. You're not saving anything, you're not defeating anything. You're just spending lots of money to do it slowly and poorly because "we've always done it like that".

      1. iron Silver badge

        Re: There's always paper

        "there's no reason *not* to have online voting... tax discs... state pension... online benefit application, etc"

        Except for the people who don't have internet access which is most likely to include the old and poor such as those on state pension or benefits. And, that's before we get into the problem of verifying your identity for an ANONYMOUS vote.

        1. Will Godfrey Silver badge
          Linux

          Re: There's always paper

          Also, don't underestimate the blind. I know one or two, and am in awe of what they can do in a sight orientated world.

          P.S. Including coding!

      2. JohnFen

        Re: There's always paper

        "Difficulties for blind people, postal votes (the entire military), when a polling station has to close, massive problems with queues at some if there's a problem"

        Those are all solved problems, though. All that's required is for the states who haven't adopted the solutions to do so. There's literally no need to have the extra attack surface that electronic voting brings.

    3. vtcodger Silver badge

      Re: There's always paper

      Absolutely!!! Why -- other than being a basically silly person -- would anyone replace a simple and proven mechanical system with something complex, electronic, non-transparent, possibly buggy and probably insecure? If some Silicon Valley startup was selling electronic paper weights, nutcrackers, and paper clips would any reasonable person buy/use them?

      AFAICS, the **ONLY** advantages of electronic voting are the dubiously necessary ability to make last minute ballot changes and the ability to get a quick count. A quick count can be achieved with paper tabulated by OCR. Paper+OCR is, unlike electronic voting, auditable and recountable if problems are identified or suspected.

      1. Claptrap314 Silver badge

        Re: There's always paper

        The reason for a voting machine--ANY voting machine--is to add a new way to steal the vote.

        Every voting machine made has been subject to gross manipulation of the vote. Not so paper.

        1. JohnFen

          Re: There's always paper

          Well, paper voting has its own vulnerabilities. The problem with electronic voting is that it doesn't eliminate the already-existing vulnerabilities, it just adds a new set on top of them.

  6. Anonymous Coward
    Anonymous Coward

    Whether evoting was accurate or not people would always suspect it and there would be constant claims of fraud by the losers.

    Stick to paper and pen at a poll booth which is inherently safer.

    If you really want to cut fraud then heavily restrict postal voting and overseas voting which are both open to widespread fraud. Recent Peterborough election will probably need to be rerun due to concerns (again) over postal fraud.

  7. Anonymous Coward
    Anonymous Coward

    Still requires a visit to the polling booth... surely accurate, verifiable, secure and easy-to-use voting should be possible from any modern device anywhere by now?

    It would improve voter turnout no end. If you can have postal votes with the risks that they involve surely a secure, simple electronic system could be more resilient than that.

    1. silent_count
      Mushroom

      That could go very bad. There are already enough yanks who can't get their heads around the idea that Trump really got elected - it MUST have been the Russians who somehow brainwashed enough people to swing the election for him!

      Could you imagine the spectacular hissy-fit they'd chuck if he got elected a second time? Evidence be damned! The voting app MUST have been hacked by the Russians. Or possibly the North Koreans. Or maybe both.

      Your imminently sound suggestion for an easy-to-use voting app could well bring about WWIII.

      1. martinusher Silver badge

        >There are already enough yanks who can't get their heads around the idea that Trump really got elected - it MUST have been the Russians who somehow brainwashed enough people to swing the election for him!

        It only needed about 75000 votes in three states to move the election. The overall vote tally was 3 million or so in the other direction. The problem wasn't interference or anything like that, it was understanding how the Electoral College system works. (A bit of voter suppression also helps...but that's a whole different topic.)

      2. Robert Moore
        Unhappy

        "Could you imagine the spectacular hissy-fit they'd chuck if he got elected a second time?"

        Imaging the EPIC HISSY-FIT he will throw if he doesn't get reelected.

        For the record I don't like him, and would be very happy if he didn't get a second term, but so far I do not see a viable opponent.

        Also electronic voting is a STUPID idea.

  8. John Robson Silver badge

    PENCIL

    https://www.youtube.com/watch?v=w3_0x6oaDmI

  9. Angry IT Monkey

    When voting becomes digital how do you draw a penis on the ballot paper?

    It's happened before and been counted as valid.

    1. Chemist

      "When voting becomes digital how do you draw a penis on the ballot paper?"

      Plenty of Dicks there already !!

  10. Mage Silver badge
    Coffee/keyboard

    April Fool?

    There is no way electronic voting can be trusted, ever.

    Paper and pencil is slower but far better.

    And the idea that MS can do it securely is nonsense.

    Even Bruce Schneier thinks he can't do it.

  11. Anonymous Coward
    Anonymous Coward

    'Defending democracy'

    I see "defending", I read "defeating". Why am I being so negative? :(

  12. A random security guy

    All the source code open sourced?

    Just wondering if ALL the source including the OS, drivers, communication protocols, etc. will be open sourced or just the voting application. This is not a trivial project. If MSFT decides to open source everything, good. Else democracy will be held hostage to a trillion dollar company.

  13. beep54
    Meh

    Hum

    I read that as "Microsoft demos end-to-voting" and didn't bat an eye.

  14. martinusher Silver badge

    Voting systems aren't fragile at the moment

    In the US the actual voting is run by part time volunteers with the county workers organizing and supervising the ballot. I work as a Precinct Inspector which gives me a close look at how systems work in our county (elections are organized by county in the US). Up to the last election we used one of two systems, one being a optical card reader, the other being a touch screen system (required because it was ADA compliant). The vast majority of ballots were cast on optically read cards. The machines that tabulate the votes are hacker proof because their technology was so old that there's no way into them. Any weakness would be in the removable memory pack that kept the results but even that was secure because of statistics and the backup of the ballot cards. Starting next year we're going over to these new voting systems. I'm skeptical that they will be as secure as the older systems but I'll reserve judgment until I start working with them.

    The reason why we need these systems is that we hold numerous elections on the same day. An election like last year's midterms may require two cards per voter (filled on both sides) and if nothing else those cards are *heavy*. The real weakness in the system isn't the voting machines, its the postal ballots (and, as ever, voter suppression in certain key states). You don't have these problems in the UK so I'd just stick with a bit of paper with an 'X' on it.

    1. Halfmad

      Re: Voting systems aren't fragile at the moment

      Electrion fraud still happens in the UK, it may not be as common but it's no easier to detect and prove.

      https://www.electoralcommission.org.uk/find-information-by-subject/electoral-fraud/data-and-analysis/cases-of-alleged-electoral-fraud-in-2017

    2. JohnFen

      Re: Voting systems aren't fragile at the moment

      "The machines that tabulate the votes are hacker proof"

      Literally nothing is hacker-proof, not even entirely offline systems. Better to say that the legacy systems are more difficult to hack.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like