Another Step in Testing ElectionGuard | Microsoft on the Issues

Another Step in Testing ElectionGuard | Microsoft on the Issues

After the debacle in the Iowa Caucuses early this month (though not directly related due to other circumstances) trust in the voting and election process continues to be under attack both internally and externally. The goal is to get it right, and Microsoft is doing it’s part to make it work for everyone.

Microsoft On the Issues Photo Credit

Feb 17, 2020   |   Tom Burt – Corporate Vice President, Customer Security & Trust

Tomorrow I’ll be in Fulton, Wisconsin, with a team of people from Microsoft taking one of many steps needed to prepare our ElectionGuard technology for broad adoption. Together with election officials from the state of Wisconsin and the election technology company VotingWorks, we will be piloting ElectionGuard in an actual election for the first time.

As voters in Fulton go to their polling place tomorrow to cast ballots in a primary election for Wisconsin Supreme Court candidates, the official count will be tallied using paper ballots as usual. However, ElectionGuard will also provide an encrypted digital tally of the vote that will enable voters to confirm their votes have been counted and not altered. Tomorrow’s pilot is one step in a deliberate and careful process to get ElectionGuard right before it’s used more broadly across the country.

Preparing technology for wide adoption is accomplished through incremental steps that enable iteration and improvement. We first demonstrated an implementation of ElectionGuard to cybersecurity experts and others at the annual Aspen Security Forum last summer. Then, in September, we shared the code for ElectionGuard as an open source project on GitHub so voting machine manufacturers, security researchers and others could begin testing it. We announced a bug bounty program, offering up to $15,000 to people who report security vulnerabilities with ElectionGuard so they can be fixed. The code was also tested for security vulnerabilities by NCC Group. Tomorrow’s pilot gives us the first chance to see ElectionGuard in action in a real election, to assess its performance and observe voter reaction. We hope to learn from this so we can continue to work with election officials in Wisconsin and other states – and with technology partners such as VotingWorks – to improve ElectionGuard. This is by no means the last step in our preparation; we anticipate many more pilots of ElectionGuard technology as we get it ready for prime time.

To be clear, the biggest credit for tomorrow’s pilot goes to the Wisconsin Election Commission and its Administrator Meagan Wolfe, as well as Rock County Clerk Lisa Tollefson for making the decision to try ElectionGuard so they can evaluate it for future use, and to VotingWorks, which designed and built much of the physical voting experience used in Fulton tomorrow. We’ve worked closely with the Commission and VotingWorks in recent months to test the system and voting machines for pilot use tomorrow, to conduct a public test of the machines even before the pilot, and to train polling place workers. We are also grateful to Connie Zimmerman, the Fulton Town Clerk, for enabling and supporting this pilot in the polling place she’s run for years, and to the Fulton Town Board, which voted to approve the pilot…

The rest of the post Another Step in Testing ElectionGuard appeared first on Microsoft on the Issues.

from Microsoft on the Issues

Open government data – more critical than ever. | Microsoft on the Issues

Open government data – more critical than ever. | Microsoft on the Issues

What strikes me as interesting that there was no mention of former CEO Steve Ballmer’s USAFacts website, that is one of his first post-MS initiatives.

Today, in Washington, D.C., Microsoft was pleased to participate in an event hosted by  the Business Software Alliance, focused on Data Innovation Policy:  Enabling Access and Promoting Use. We were honored to have U.S. Rep. Derek Kilmer (D-WA) provide introductory remarks. Rep. Kilmer is a strong advocate for open data, having served as sponsor of the OPEN Government Data Act, which was signed into law in January 2019. As Rep. Kilmer noted, Congress and the administration have recognized that the availability of useful government data is essential for the U.S. to lead a digital economy powered by AI and data analytics. The OPEN Government Data Act’s mandate – to encourage every federal agency to publish information as open data – is fundamental to achieving this goal. This mandate is ambitious and presents a range of policy, structural and technical challenges. Multiple agencies need to develop and implement effective approaches to identify, maintain and publish relevant data inventories, in a standardized, machine-readable format. Important progress has been made toward these ambitions.

And yet, there is more that can be done to achieve this vision. One idea I mentioned at the event is the idea of creating a Federal Chief Data Officer role to help spearhead the goals of the OPEN Government Data Act. The creation of such a role would help agencies coordinate and prioritize the work to unlock high value government data.

At the event today, we heard about many compelling examples where open government data has been used to advance research in important areas. For example, our speaker from the Fred Hutchinson Cancer Research Center spoke about how government data was being used by a scientist to help look at new ways to identify and treat endometriosis. We also heard from Rep. Kilmer about how environmental data was being used to help forecast weather and transportation trends.

The rest of the post Open government data – more critical than ever. appeared first on Microsoft on the Issues.

from Microsoft on the Issues

Why Microsoft won’t unplug government agencies despite opposition to Trump policies | GeekWire

2019-10-01 01.23.12 70b6c3d59021

From Wikipedia, who left out the other author in the main credit place, Carol Anne Browne

Why Microsoft won’t unplug government agencies despite opposition to Trump policies:

Microsoft has been known to go against the grain when it sees fit to do so. Actually, I’m kind of glad they are here. Easier said than done when you are a distant 2nd in the cloud space, but I still admire their stance on this, though part of me wouldn’t want to deal with anything this administration does. via Tumblr and IFTTT

ElectionGuard available today to enable secure, verifiable voting | Microsoft on the Issues

ElectionGuard available today to enable secure, verifiable voting | Microsoft on the Issues

What I find coincidental about this posting on the same day history-making news was announced surrounding national political events. The announcement of impeachment inquiries has in part been a result of insecure voting. As the great national security philosopher, Malcolm Nance, once stated: Coincidences take a lot of planning.

In May, Microsoft CEO Satya Nadella announced ElectionGuard, a free open-source software development kit (SDK) from our Defending Democracy Program. ElectionGuard is accessible by design and will make voting more secure, verifiable and efficient anywhere it’s used in the United States or in democratic nations around the world. Today we’re announcing that ElectionGuard is now available on GitHub so that major election technology suppliers can begin integrating ElectionGuard into their voting systems.

The ElectionGuard resources available on GitHub today extend across four GitHub repositories, or storage spaces, each described below.

ElectionGuard specification. The ElectionGuard specification includes both “informal” and “formal” road maps for how ElectionGuard works. The informal spec is authored by Dr. Josh Benaloh of Microsoft Research and provides the conceptual and mathematical basis for end-to-end verifiable elections with ElectionGuard. The formal spec contains detailed guidance manufacturers will need to incorporate ElectionGuard into their systems, including a full description of the API – which is the way voting systems communicate with the ElectionGuard software – and the stages of an end-to-end verifiable election.

Software code. This repository contains the actual source code vendors will use to build their ElectionGuard implementations. It is written in C, a standard language commonly used by open-source software developers and includes a buildable version of the API. This documentation is also viewable here. This code was built together with our development partner Galois.

Reference verifier and specification. As we announced in May, ElectionGuard enables government entities, news organizations, human rights organizations, or anyone else to build additional verifiers that independently can certify election results have been accurately counted and have not been altered. The resources available on GitHub today include a working verifier as well as the specifications necessary to build your own independent verifier.


The rest of the post ElectionGuard available today to enable secure, verifiable voting appeared first on Microsoft on the Issues.

from Microsoft on the Issues via IFTTT

Continue reading

Extending free Windows 7 security updates to voting systems | Microsoft on the Issues

Extending free Windows 7 security updates to voting systems | Microsoft on the Issues

Today, as part of Microsoft’s Defending Democracy Program, we are announcing that we will provide free security updates for federally certified voting systems running Windows 7 through the 2020 elections, even after Microsoft ends Windows 7 support. I would like to share more on why we help customers move away from older operating systems and why we’re making this unusual exception.

We launched Windows 7 in 2009, the same year the Palm Pre launched, Twitter took off, mobile phone navigation was just coming to market, and floppy disks were still selling by the millions. Software built for that era cannot provide the same level of security as a modern operating system like Windows 10. When we released Windows 7, we committed to supporting it for 10 years, and we’ve honored that commitment. We’ve also reminded customers about this along the way including, most recently, in January and again in March. This process is similar to how we’ve ended support for other operating systems in the past, and the majority of our customers have already made the move to Windows 10.

As we head into the 2020 elections, we know there is a relatively small but still significant number of certified voting machines in operation running on Windows 7. We also know that transitioning to machines running newer operating systems in time for the 2020 election may not be possible for a number of reasons, including the lengthy voting machine certification process – a process we are working with government officials to update and make more agile.

Since we announced our Defending Democracy Program, we’ve focused on bringing the best of Microsoft’s security products and expertise to political campaigns, parties, the election community, and democracy-focused nongovernmental organizations. This includes our AccountGuard service, which we offer at no additional cost, and ElectionGuard, which we’re making available for free and open-source…

The post Extending free Windows 7 security updates to voting systems appeared first on Microsoft on the Issues. from Microsoft on the Issues


Also, here is ZDNet’s version of the same story.

The Green New Deal from AJ+

Though I’ve been to Detroit in my younger years and still have family in the area, this also applies to the greater Charlotte area, where I live, and other communities throughout North America and beyond. I’m heartened to see a group address this, though getting through to some will be next to impossible. H/T AJ+, who does great work in their storytelling.

New cyberthreats require new ways to protect democracy

New cyberthreats require new ways to protect democracy
Man and woman look at Microsoft ElectionGuard demos
Microsoft ElectionGuard demos on July 17, 2019 at the Aspen Security Forum in Aspen, Colorado. 

With the elections coming up, regardless of who you support, this is vital. I haven’t seen any other major tech company coming up with solutions, though it’s mentioned inside the full blog post.

Starting today at the Aspen Security Forum we’re demonstrating the first voting system running Microsoft ElectionGuard as an example of how ElectionGuard can enable a new era of secure, verifiable voting. The demo shows how it’s also possible to make voting more accessible for people with disabilities and more affordable for local governments while increasing security. Finding new ways to ensure that voters can trust the election process has never been more important. The world’s democracies remain under attack as new data we are sharing today makes clear. ElectionGuard and the range of offerings from Microsoft’s Defending Democracy Program, as well as tools from others in the technology industry and academia,  are needed more than ever to help defend democracy.


So the problem is real and unabated. It is time to find solutions. Governments and civil society have important roles to play, but the tech industry also has a responsibility to help defend democracy. As part of our contribution at Microsoft, we believe ElectionGuard will be an important tool to protect the voting process and to ensure that all voters can trust the outcome of free democratic elections.


Our ElectionGuard demo will showcase three core features.


First, people will be able to vote directly on the screen of the Microsoft Surface or using the Xbox Adaptive Controller, which Microsoft originally built in close partnership with organizations like the Cerebral Palsy Foundation to meet the needs of gamers with limited mobility. We hope this will help show the community how accessibility hardware can be built securely and inexpensively into primary voting systems and no longer requires separate voting machines to meet the needs of those with disabilities – ultimately making it easier for more people to vote.


Second, people using the demo will be provided with a tracking code that, when voting is complete, they will be able to enter into a website to confirm their vote was counted and not altered; the website will not display their actual votes. In the ElectionGuard software development kit (SDK) this verification feature will be enabled by homomorphic encryption, which allows mathematical procedures – like counting votes – to be done while keeping the data of people’s actual votes fully encrypted. The use of homomorphic encryption in election systems was pioneered by Microsoft Research under the leadership of Senior Cryptographer Josh Benaloh. This tracking code is a key feature of the ElectionGuard technology. For the first time, voters will be able to independently verify with certainty that their vote was counted and not altered. Importantly, in its final form, the ElectionGuard SDK will also enable voting officials, the media, or any third party to use a “verifier” application to similarly confirm that the encrypted vote was properly counted and not altered.


Third, the demo will show how ElectionGuard can enable end-to-end verifiable elections for the first time while retaining the familiarity and certainty of paper ballots. The demo will provide voters with a printed record of their votes, which they can check and place into a physical ballot box, with verification through the web portal serving as a supplemental layer of security and verifiability.


ElectionGuard is free and open-source and will be available through GitHub as an SDK later this summer. This week’s demo is simply one sample of the many ways ElectionGuard can be used to improve voting, and the final SDK will also enable features like Risk Limiting Audits to compare ballots with ballot counts and other post-election audits.


No one solution alone can address cyberattacks from nation-states. As we’ve seen, attackers will take any avenue to gain intelligence and disrupt the democratic process. That’s why Microsoft’s Defending Democracy Program has also offered Microsoft 365 for Campaigns and AccountGuard to protect political campaigns, parties and democracy-focused NGOs, and it’s why we’ve partnered with NewsGuard to defend against disinformation.


The post New cyberthreats require new ways to protect democracy appeared first on Microsoft on the Issues.


from Microsoft on the Issues via IFTTT