Skip to main content

Microsoft’s ElectionGuard a Trojan Horse for a military-industrial takeover of US elections

“The fact that we are handing over the keys of American democracy to the military-industrial complex — it’s like giving the keys to the henhouse to a fox and saying, ‘here come in and take whatever you want.’ It’s obviously dangerous.” — Investigative journalist Yasha Levine

by Whitney Webb 

Part 5 - ElectionGuard isn’t immune to manipulation

Microsoft’s press release announcing ElectionGuard highlights its claim that its system would make elections more verifiable, secure, and auditable; be open source-based; and improve the voting experience. While all of these things sound nice enough, there is reason to believe — based on the description given by Microsoft — that some of these claims are dubious and misleading. Unfortunately, for now, analysis of ElectionGuard is restricted to Microsoft’s description of the software as it is not yet available for public examination. The ElectionGuard software kit is expected to be released later this year on the GitHub platform.

The first aspect of the “verifiable” claim relates to a voter tracking system, where each voter is given a unique tracking ID which allows them “to follow an encrypted version of the vote through the entire election process via a web portal provided by election authorities.” Voters can choose the option of confirming “that their trackers and encrypted votes accurately reflect their selections.

Yet Microsoft notes that “once a vote is cast, neither the tracker nor any data provided through the web portal can be used to reveal the contents of the vote,” meaning that while a person can track whether their vote was counted, they cannot verify whether the content of the vote (i.e., who they voted for) is counted correctly or not. Microsoft goes on to note that only “after the election is complete” will the tracker page allow the content of the vote to be seen.

The second “verifiability” component of ElectionGuardis an open specification – or a road map – which allows anyone to write an election verifier.” Microsoft then notes that this open specification would mean that “voters, candidates, news media and any observers can run verifiers of their own or downloaded from sources of their choosing to confirm tabulations are as reported.

Microsoft describes these two features as constituting “end-to-end verifiability” (E2E-V), which Free & Fair describes as “cryptographic technology that enables voters to vote in a normal fashion in a polling place and have evidence that the election is trustworthy.

Another focus of ElectionGuard is security, for which the system employs “homomorphic encryption, which enables mathematical procedures – like counting – to be done with fully encrypted data” and this allows individually encrypted votes to be “combined to form an encrypted tabulation of all votes which can then be decrypted to produce an election tally that protects voter privacy.”  Notably, homomorphic encryption is the only ElectionGuard security measure named in the press release.

Election forensics analyst Jonathan Simon, author of CODE RED: Computerized Elections and the War on American Democracy, was not fully persuaded by the E2E-V claim. “Pardon my skepticism,” Simon told MintPress, “but I’ve read Microsoft’s ‘good news’ ElectionGuard flyer and it reminds me very much of the flyers and PR material long served up by the vendors and programmers of the current voting equipment — the very computers that IT experts discovered could be hacked by outsiders and programmed to add, delete, and shift votes by insiders.

Simon continued:

"Right now, for example, they’re hawking expensive and completely unnecessary ballot-marking devices (BMDs) that turn your votes into a barcode, a code that no voter can read or verify. Very slick but yet another level of non-transparency, another step away from public, observable vote-counting, and another vector for fraud."

"I’ve spent the last 17 years examining vote-count patterns and drawing attention to a parade of egregious red flags indicative of computerized vote-count manipulation. It has been a system designed for concealment and about as non-transparent as a process can be. It would be great if more advanced technology would bring transparency at last, as Microsoft seems to promise."

"But what I see so far is even more complexity — encryption that, whether open source or not, requires the most rarefied experts to penetrate or understand. And just a short step to full-on internet voting — even more convenient and about as secure as, say, Facebook."

"Pending a demonstration showing with perfect layperson-accessible clarity how a third-party entity can verify aggregate vote-counts without having to take on faith some step in the pipeline (individual verification that ‘your’ vote was ‘counted’ is a useless bell-and-whistle), it still feels like the same old ‘trust us’ game. I’m willing to be persuaded but the historical context here is very cautionary.

Simon’s concerns reflect some controversial aspects of the ElectionGuard approach. While encryption would ostensibly protect votes from tampering and thus elections results, it is important to point out that homomorphic encryption is a malleable form of encryption.

According to Brilliant.org:

"A malleable crypto-system is one in which anyone can intercept a cipher text, transform it into another cipher text, and then decrypt that into a plain text that makes sense. Malleability is generally considered undesirable in a crypto-system. Imagine you’re trying to send the message ‘I love you’ to your friend using encryption. You encrypt it and send it off. But, it is intercepted by a hacker on the way. All they see is some cipher text, but they can change that cipher text to something that will decrypt to ‘I hate you’ when your friend tries to decrypt it. That is why malleability is not usually wanted.

If that’s the case, then what stops a “hacker” or another third party — say a U.S. government agency like the NSA or a political operative with access to the electoral cyber-pipeline — from changing a person’s vote from Democrat to Republican or vice versa, or altering the encrypted tabulation of all votes?

While homomorphic encryption seems a reasonable choice in one sense, for allowing votes to be tallied without decrypting, there is an added layer of concern given Microsoft’s past, particularly Microsoft’s history of actually working with U.S. government agencies to bypass encryption. 

Indeed, documents leaked by Edward Snowden revealed that Microsoft actually helped the National Security Agency bypass its own encryption so the agency could decrypt messages sent via certain Microsoft platforms including Outlook.com Web chat, Hotmail email service, and Skype. In addition, in 2009, a senior NSA official testified before Congress that Microsoft and the NSA worked together to create its Windows 7 operating system, leading some to worry that Microsoft had built a “backdoor” into the operating system to aid government surveillance activities. Now that Microsoft’s ties to the U.S. military and intelligence community are deeper than ever, it begs the question whether Microsoft’s covert cooperation with government agencies to the detriment of consumers is also a factor guiding its role in creating and promoting ElectionGuard.

Furthermore, with Microsoft’s president having vowed to hand over all its technologies to the U.S. military, one wonders if this type of encryption and methodology was not chosen on purpose, especially given the fact that the NSA is quite accomplished at breaking much more secure types of encryption even without help from Microsoft.

Another of Microsoft’s talking points used to promote ElectionGuard is the fact that it will be open source, meaning the program’s code will be publicly available, a move apparently aimed at assuaging concerns that ElectionGuard’s code could contain hidden manipulations or vulnerabilities.

However, investigative journalist Yasha Levine likened Microsoft’s promotion of ElectionGuard’s still unreleased open source code to a “PR move.” Levine told MintPress:

"Open source inevitably has bugs and vulnerabilities that are there accidentally because all code has vulnerabilities. This is true for open source and closed source systems. Open source just means that people can look at it, but then that code has to be run through a compiler that actually runs an executable program. So there you already have a degree of abstraction and separation from the open source code. But even if the executable code and the source code are the same, there are bugs which can be exploited."

"So, what open source does is give a veneer of openness that leads one to think that thousands of people have probably vetted the code and flagged any bugs in it. But, actually very few people have the time and the ability to look at this code. So this idea that open source code is more transparent isn’t really true because few people are looking at it.

Levine went on to note that there are many examples of open source systems — including widely used open source systems — having major vulnerabilities that go undetected for years. One of the best examples, in Levine’s opinion, is the “Heartbleed” bug, which was a security vulnerability in the open source OpenSSL software, a system that allows for the basic encryption of web traffic by encrypting “http” connections. The Heartbleed allowed hackers access to the memory of data servers for an estimated half a million websites and went undetected for years, despite the fact that OpenSSL is an open source system.

Levine also underscored the fact that both American and foreign intelligence agencies “more than any other person or group” are involved in seeking out such vulnerabilities and exploits, which they keep hidden from the public in order to give themselves an advantage in cyberwarfare. Some of the CIA’s lists of such exploits or vulnerabilities were revealed in the WikiLeaks Vault 7 release.

Source, links:


[1] [2] [3] [4] [6] [7]



Comments

Popular posts from this blog

It's definite: Elizabeth Warren is the female Obama, can't be trusted

globinfo freexchange

One year from the 2020 US presidential election, things start to become clearer day by day. In the US political scene, we can now recognize the authentic progressives from the fakes, and certainly, from the establishment neoliberal centrists. 
In the presidential-candidates level we can now identify only Bernie Sanders and Tulsi Gabbard as the ones who are willing to fight the establishment and try to implement progressive, anti-imperialist policies. After her latest position, concerning the military coup in Bolivia against the democratically elected Evo Morales, Elizabeth Warren could be considered a pseudo-progressive, equal to a female Barack Obama. Therefore, progressives definitely can't trust her.
Warren tweeted:
The Bolivian people deserve free and fair elections, as soon as possible. Bolivia's interim leadership must limit itself to preparing for an early, legitimate election. Bolivia's security forces must protect demonstrators, not commit …

Latest WikiLeaks revelation and its treatment by the mainstream press explicitly demonstrate why the imperialists are determined to eliminate Julian Assange

globinfo freexchange
On November, 23, WikiLeaks published an e-mail, sent by a member of an OPCW fact-finding mission to Syria to his superiors, in which he expresses his gravest concern over intentional bias introduced to a redacted version of the report he co-authored.
The Organisation for the Prohibition of Chemical Weapons sent a team of experts to investigate allegations that a chemical attack took place in the Syrian city of Douma on the 7th of April 2018. The author of the e-mail was a member of that team and claims the redacted preliminary version of the report, misrepresents the facts he and his colleagues discovered on the ground. The e-mail is dated 22nd of June. It is addressed to Robert Fairweather, Chief of Cabinet, and forwarded to his deputy Aamir Shouket and members of the fact-finding mission to Douma.  


In short, the OPCW whistleblower actually claims that the report has been somehow altered. And it was done in a way to fit the scenario, according to which, the Assa…

LIVE: Bolivians resist military coup in La Paz

Οργανισμός Αμερικανικών Κρατών: Στην υπηρεσία της Ουάσινγκτον

του Ανδρέα Κοσιάρη
Ο Οργανισμός Αμερικανικών Κρατών, που εξέδωσε την έκθεση για την εκλογική αναμέτρηση στη Βολιβία, η οποία «δικαιολόγησε» το πραξικόπημα εναντίον του Έβο Μοράλες, είναι στη θεωρία ένας ουδέτερος οργανισμός κρατών. Στην πραγματικότητα όμως έχει μακρά ιστορία υποστήριξης των επεμβάσεων των ΗΠΑ στη Λατινική Αμερική, και σήμερα χρηματοδοτείται κατά πλειοψηφία από τα ταμεία του αμερικανικού κράτους. 
Παρά την ίδρυσή του το 1948 με σκοπό την «προώθηση της ειρήνης και τη διευθέτηση διαφωνιών μεταξύ των κρατών-μελών», ήταν μάλλον από την αρχή όργανο της αντικομμουνιστικής εξωτερικής πολιτικής των ΗΠΑ.

Ο ΟΑΚ υπήρξε σιωπηλός ή και στήριξε όλες ανεξαιρέτως τις αμερικανικές επεμβάσεις στη Λατινική Αμερική, είτε αυτές λάμβαναν τη μορφή εισβολής, όπως στην Κούβα το 1961, είτε τη μορφή στήριξης σε πραξικοπήματα και δικτατορικά καθεστώτα, όπως στη Χιλή το 1973 (και στην Αργεντινή, τη Βολιβία, τη Γουατεμάλα, τη Νικαράγουα, την Αϊτή, τον Παναμά, τη Βραζιλία, την Παραγουάη και τον Ισημ…

Nos oponemos al golpe

Declaración de Noam Chomsky y Vijay Prashad
En Bolivia se está gestando un golpe de Estado contra el gobierno electo liderado por Evo Morales. Sectores de la policía han dicho abiertamente que están dispuestos a permitir que grupos de milicias fascistas ataquen el palacio presidencial en La Paz. La situación es muy grave.

Evo Morales ha invitado a los cuatro principales partidos a sentarse y conversar sobre el camino a seguir para la democracia boliviana. Ha pedido el establecimiento de un diálogo para evitar el regreso de los días de las dictaduras militares y los gobiernos oligárquicos. Morales ha hecho un llamado a las Naciones Unidas, a la Organización de los Estados Americanos (OEA), al Vaticano y a otros más para que contribuyan a encontrar el camino para alejarse del golpe.

El golpe es promovido por la oligarquía boliviana que está enojada por la cuarta elección que sus partidos pierden frente el Movimiento al Socialismo. La oligarquía cuenta con el total apoyo del gobierno de los…

It's now or never: the first step for a Sanders/Corbyn synchronization in power must be done on 12 December in UK

This is a once-in-a-lifetime opportunity for the global working class
by system failure
Two years ago, we wondered whether a US government under Bernie Sanders, together with a UK government under Jeremy Corbyn, could mark a decisive victory against neoliberalism. Whether it could mark the beginning of the end of the Reagan/Thatcher awful legacy.

It seems that the time has come for the first step towards this prospect.

The oncoming UK general election on Thursday 12 December 2019, will be the most critical for decades, especially for the global working class. The outcome will determine to a significant degree, whether the capitalist West will change course away from the destructive neoliberalism, towards a form of Democratic Socialism. A new model that will resurrect the social state, while at the same time, will seriously deal with the great environmental challenges, defying big interests and rejecting the for-profit-wars model.



As we already pointed out, the whole Brexit issue is pri…

WikiLeaks evidence that the imperialist machine was monitoring anti-imperialist Jeremy Corbyn at least since the US invasion of Iraq

The WIKILEAKS Public Library of US Diplomacy (PlusD)holds the world's largest searchable collection of United States confidential, or formerly confidential, diplomatic communications. As of April 8, 2013 it holds 2 million records comprising approximately 1 billion words. The collection covers US involvements in, and diplomatic or intelligence reporting on, every country on earth. It is the single most significant body of geopolitical material ever published. The PlusD collection, built and curated by WikiLeaks, is updated from a variety of sources, including leaks, documents released under the Freedom of Information Act (FOIA) and documents released by the US State Department systematic declassification review. 
globinfo freexchange
A cable from December, 2002, proves that the US officials were closely monitoring anti-war activities. The particular cable was describing a protest "against a possible U.S.-led operation against Iraq" in Istanbul, Turkey, and there is a spec…

Mainstream media pro-Johnson propaganda gets into full swing

by Craig Murray
We are now under election broadcasting rules.

Ian Austin left the Labour Party nine months ago. He was then appointed by the Tories as Prime Ministerial Trade Envoy to Israel. As of yesterday, he is neither a MP nor a candidate for election. He is a minor politician who achieved only the most junior ministerial rank, PUSS, and for only seven months. He is best known for heckling Jeremy Corbyn while Jeremy Corbyn was delivering the official Labour response to the Chilcot Report on the illegal invasion of Iraq, shouting “Sit down and shut up” and “You stupid disgrace” at Corbyn for criticising the war.
We are now under election broadcasting rules. How and why was Ian Austin invited onto the BBC Radio 4 Today programme today? He left the Labour Party six months ago, and has been a huge critic of Corbyn. It is hardly a surprise that the Tory’s Trade Envoy to Israel advises people to vote Tory. So who initiated Ian Austin’s appearance on the BBC Today programme, and why? It…

Here's why Bernie could end up being better than even FDR

globinfo freexchange

In his speeches, Bernie Sanders frequently refers to the 32nd president of the United States, Franklin D. Roosevelt (FDR), and his New Deal program that helped millions of Americans after the 1929 Wall Street crash. Sanders and other progressives are proposing a similar program adjusted to the modern environmental challenges. The Green New Deal has now become a popular vision, especially among young Americans. Around it, the progressives are aiming to build a whole new model beyond destructive neoliberalism and even obsolete capitalism.

Many would argue that this is quite an extremely optimistic view. That Sanders is just an old-school moderate Social-Democrat who will only manage to revive some typical social policies of the past, and that's it. He will never manage to seriously challenge the current power structure, which, indeed, has grown enormously, controlling nearly every aspect of the political and economic life.

Yet Sanders already managed to achieve …

Fears for an assassination attempt against Evo Morales

BREAKING
Independent journalist, Ben Norton, tweeted that he has been informed about a possible assassination attempt against the Bolivian president Evo Morales. According to Norton:
          Sources are telling me they are afraid that Bolivia's elected President Evo Morales might be killed tonight in the right-wing coup.

Sources are telling me they are afraid that Bolivia's elected President Evo Morales might be killed tonight in the right-wing coup.

This is a full-fronted imperialist attack on democracy. It is a blatant attempt to recolonize Latin America and overthrow all efforts at progress. — Ben Norton (@BenjaminNorton) November 10, 2019
Updates

EU giving cover to the military coup that just took place in Bolivia. Neither the EU nor the US support democracy. The people of Bolivia already expressed their “democratic will” by re-electing Evo Morales. A right wing US-backed coup stole that from them, this is disgusting https://t.co/qamCSvYmz9— Rania Khalek (@RaniaKhalek)…