Skip to main content

Microsoft’s ElectionGuard a Trojan Horse for a military-industrial takeover of US elections

“The fact that we are handing over the keys of American democracy to the military-industrial complex — it’s like giving the keys to the henhouse to a fox and saying, ‘here come in and take whatever you want.’ It’s obviously dangerous.” — Investigative journalist Yasha Levine

by Whitney Webb 

Part 5 - ElectionGuard isn’t immune to manipulation

Microsoft’s press release announcing ElectionGuard highlights its claim that its system would make elections more verifiable, secure, and auditable; be open source-based; and improve the voting experience. While all of these things sound nice enough, there is reason to believe — based on the description given by Microsoft — that some of these claims are dubious and misleading. Unfortunately, for now, analysis of ElectionGuard is restricted to Microsoft’s description of the software as it is not yet available for public examination. The ElectionGuard software kit is expected to be released later this year on the GitHub platform.

The first aspect of the “verifiable” claim relates to a voter tracking system, where each voter is given a unique tracking ID which allows them “to follow an encrypted version of the vote through the entire election process via a web portal provided by election authorities.” Voters can choose the option of confirming “that their trackers and encrypted votes accurately reflect their selections.

Yet Microsoft notes that “once a vote is cast, neither the tracker nor any data provided through the web portal can be used to reveal the contents of the vote,” meaning that while a person can track whether their vote was counted, they cannot verify whether the content of the vote (i.e., who they voted for) is counted correctly or not. Microsoft goes on to note that only “after the election is complete” will the tracker page allow the content of the vote to be seen.

The second “verifiability” component of ElectionGuardis an open specification – or a road map – which allows anyone to write an election verifier.” Microsoft then notes that this open specification would mean that “voters, candidates, news media and any observers can run verifiers of their own or downloaded from sources of their choosing to confirm tabulations are as reported.

Microsoft describes these two features as constituting “end-to-end verifiability” (E2E-V), which Free & Fair describes as “cryptographic technology that enables voters to vote in a normal fashion in a polling place and have evidence that the election is trustworthy.

Another focus of ElectionGuard is security, for which the system employs “homomorphic encryption, which enables mathematical procedures – like counting – to be done with fully encrypted data” and this allows individually encrypted votes to be “combined to form an encrypted tabulation of all votes which can then be decrypted to produce an election tally that protects voter privacy.”  Notably, homomorphic encryption is the only ElectionGuard security measure named in the press release.

Election forensics analyst Jonathan Simon, author of CODE RED: Computerized Elections and the War on American Democracy, was not fully persuaded by the E2E-V claim. “Pardon my skepticism,” Simon told MintPress, “but I’ve read Microsoft’s ‘good news’ ElectionGuard flyer and it reminds me very much of the flyers and PR material long served up by the vendors and programmers of the current voting equipment — the very computers that IT experts discovered could be hacked by outsiders and programmed to add, delete, and shift votes by insiders.

Simon continued:

"Right now, for example, they’re hawking expensive and completely unnecessary ballot-marking devices (BMDs) that turn your votes into a barcode, a code that no voter can read or verify. Very slick but yet another level of non-transparency, another step away from public, observable vote-counting, and another vector for fraud."

"I’ve spent the last 17 years examining vote-count patterns and drawing attention to a parade of egregious red flags indicative of computerized vote-count manipulation. It has been a system designed for concealment and about as non-transparent as a process can be. It would be great if more advanced technology would bring transparency at last, as Microsoft seems to promise."

"But what I see so far is even more complexity — encryption that, whether open source or not, requires the most rarefied experts to penetrate or understand. And just a short step to full-on internet voting — even more convenient and about as secure as, say, Facebook."

"Pending a demonstration showing with perfect layperson-accessible clarity how a third-party entity can verify aggregate vote-counts without having to take on faith some step in the pipeline (individual verification that ‘your’ vote was ‘counted’ is a useless bell-and-whistle), it still feels like the same old ‘trust us’ game. I’m willing to be persuaded but the historical context here is very cautionary.

Simon’s concerns reflect some controversial aspects of the ElectionGuard approach. While encryption would ostensibly protect votes from tampering and thus elections results, it is important to point out that homomorphic encryption is a malleable form of encryption.

According to

"A malleable crypto-system is one in which anyone can intercept a cipher text, transform it into another cipher text, and then decrypt that into a plain text that makes sense. Malleability is generally considered undesirable in a crypto-system. Imagine you’re trying to send the message ‘I love you’ to your friend using encryption. You encrypt it and send it off. But, it is intercepted by a hacker on the way. All they see is some cipher text, but they can change that cipher text to something that will decrypt to ‘I hate you’ when your friend tries to decrypt it. That is why malleability is not usually wanted.

If that’s the case, then what stops a “hacker” or another third party — say a U.S. government agency like the NSA or a political operative with access to the electoral cyber-pipeline — from changing a person’s vote from Democrat to Republican or vice versa, or altering the encrypted tabulation of all votes?

While homomorphic encryption seems a reasonable choice in one sense, for allowing votes to be tallied without decrypting, there is an added layer of concern given Microsoft’s past, particularly Microsoft’s history of actually working with U.S. government agencies to bypass encryption. 

Indeed, documents leaked by Edward Snowden revealed that Microsoft actually helped the National Security Agency bypass its own encryption so the agency could decrypt messages sent via certain Microsoft platforms including Web chat, Hotmail email service, and Skype. In addition, in 2009, a senior NSA official testified before Congress that Microsoft and the NSA worked together to create its Windows 7 operating system, leading some to worry that Microsoft had built a “backdoor” into the operating system to aid government surveillance activities. Now that Microsoft’s ties to the U.S. military and intelligence community are deeper than ever, it begs the question whether Microsoft’s covert cooperation with government agencies to the detriment of consumers is also a factor guiding its role in creating and promoting ElectionGuard.

Furthermore, with Microsoft’s president having vowed to hand over all its technologies to the U.S. military, one wonders if this type of encryption and methodology was not chosen on purpose, especially given the fact that the NSA is quite accomplished at breaking much more secure types of encryption even without help from Microsoft.

Another of Microsoft’s talking points used to promote ElectionGuard is the fact that it will be open source, meaning the program’s code will be publicly available, a move apparently aimed at assuaging concerns that ElectionGuard’s code could contain hidden manipulations or vulnerabilities.

However, investigative journalist Yasha Levine likened Microsoft’s promotion of ElectionGuard’s still unreleased open source code to a “PR move.” Levine told MintPress:

"Open source inevitably has bugs and vulnerabilities that are there accidentally because all code has vulnerabilities. This is true for open source and closed source systems. Open source just means that people can look at it, but then that code has to be run through a compiler that actually runs an executable program. So there you already have a degree of abstraction and separation from the open source code. But even if the executable code and the source code are the same, there are bugs which can be exploited."

"So, what open source does is give a veneer of openness that leads one to think that thousands of people have probably vetted the code and flagged any bugs in it. But, actually very few people have the time and the ability to look at this code. So this idea that open source code is more transparent isn’t really true because few people are looking at it.

Levine went on to note that there are many examples of open source systems — including widely used open source systems — having major vulnerabilities that go undetected for years. One of the best examples, in Levine’s opinion, is the “Heartbleed” bug, which was a security vulnerability in the open source OpenSSL software, a system that allows for the basic encryption of web traffic by encrypting “http” connections. The Heartbleed allowed hackers access to the memory of data servers for an estimated half a million websites and went undetected for years, despite the fact that OpenSSL is an open source system.

Levine also underscored the fact that both American and foreign intelligence agencies “more than any other person or group” are involved in seeking out such vulnerabilities and exploits, which they keep hidden from the public in order to give themselves an advantage in cyberwarfare. Some of the CIA’s lists of such exploits or vulnerabilities were revealed in the WikiLeaks Vault 7 release.

Source, links:

[1] [2] [3] [4] [6] [7]


Popular posts from this blog

State surveillance and court cases: The lonely fight for press freedom of Greece’s independent media

by Alessio Giussani   Part 1  A new ecosystem of small, independent organisations is bringing a breath of transparent, in-depth reporting into the Greek media landscape but their work is being hindered by costly court cases and the threat of state surveillance. This comes as media freedom is continuing to decline in Greece. The country ranked 108th out of 180 countries in Reporters Without Borders’ 2022 Press Freedom Index — the worst-performing European country, triggering a furious response by the authorities. Prime Minister Kyriakos Mitsotakis dismissed the ranking as " crap ", adding: “ We have a vibrant press, you can read everything you want in Greece ." Nikolas Leontopoulos, an editor at Reporters United, sees it differently: " We do have freedom of opinion, but there are some very sensitive issues that don’t even make it to the news ”. Until recently, at least. Source, links:

European antiwar protests gain strength as NATO’s Ukraine proxy war escalates

Europeans are storming the streets in unprecedented numbers to protest NATO’s proxy war in Ukraine and their own declining living standards. The Grayzone has covered demonstrations and interviewed protest leaders in several countries since the war erupted.   by Stavroula Pabst and Max Blumenthal   Part 1   This February 21, several thousand Greeks filled Athens’ streets to denounce NATO and the United States in the wake of Antony Blinken’s Greece visit, where the US Secretary of State applauded the Mediterranean country for being amongst the first European countries to support Ukraine, thus leading to way for “ the support of democracy. ” It was just one action among many protest actions across the continent as the NATO proxy conflict in Ukraine approached  its first anniversary. European citizens are growing agitated as their leaders appear set on extending the war at least another year: they’ve approved several rounds of sanctions on Russia, provided billions of euros in assistance t

State surveillance and court cases: The lonely fight for press freedom of Greece’s independent media

by Alessio Giussani   Part 2 - Greek 'mafia' and 'Watergate' Athens-based investigative outlet Reporters United disclosed in January that a high-ranking police officer had been promoted while being investigated in a corruption case called “Greek Mafia” – something journalists in the field had known for a long time, Leontopoulos claimed. It was not the only time a major story remained unreported for months. At the beginning of 2022, Reporters United revealed that a controversial change in the law on the privacy of communications had been made nine months earlier. The amendment, introduced last minute into a pandemic containment bill, prevented citizens from being informed if they had been placed under state surveillance for national security reasons. At the time, the wiretapping scandal that later became known as “Greek Watergate” was yet to emerge. “ Many jurists and well-networked journalists had known about the amendment for months, and we found out some had even info

Revealed: the hacking and disinformation team meddling in elections

     ‘Team Jorge’ unit exposed by undercover investigation     Group sells hacking services and access to vast army of fake social media profiles     Evidence unit behind disinformation campaigns across world     Mastermind Tal Hanan claims covert involvement in 33 presidential elections   by Stephanie Kirchgaessner, Manisha Ganguly, David Pegg, Carole Cadwalladr and Jason Burke Part 3 - ‘I will show you how safe Telegram is’ No less alarming were Hanan’s demonstrations of his team’s hacking capabilities, in which he showed the reporters how he could penetrate Telegram and Gmail accounts. In one case, he brought up on screen the Gmail account of a man described as the “ assistant of an important guy ” in the general election in Kenya, which was days away. “ Today if someone has a Gmail, it means they have much more than just email, ” Hanan said as he clicked through the target’s emails, draft folders, contacts and drives. He then showed how he claimed to be able to access accounts on T

West is out of touch with rest of world politically, EU-funded study admits

Geopolitical Economy Report   A study by the elite EU-funded European Council on Foreign Relations found that the West is increasingly out of touch politically with the rest of the world. Most people in China, India, and Türkiye see Russia as an important ally, and they want multipolarity, not continued “ American global supremacy ”. 

Revealed: the hacking and disinformation team meddling in elections

     ‘Team Jorge’ unit exposed by undercover investigation     Group sells hacking services and access to vast army of fake social media profiles     Evidence unit behind disinformation campaigns across world     Mastermind Tal Hanan claims covert involvement in 33 presidential elections   by Stephanie Kirchgaessner, Manisha Ganguly, David Pegg, Carole Cadwalladr and Jason Burke Part 2 - The undercover footage Given their expertise in subterfuge, it is perhaps surprising that Hanan and his colleagues allowed themselves to be exposed by undercover reporters. Journalists using conventional methods have struggled to shed light on the disinformation industry, which is at pains to avoid detection. The secretly filmed meetings, which took place between July and December 2022, therefore provide a rare window into the mechanics of disinformation for hire. Three journalists – from Radio France, Haaretz and TheMarker – approached Team Jorge pretending to be consultants working on behalf of a p

Day 1415: Julian Assange still in prison and under slow-motion execution by the Anglo-American imperialist criminals

failed evolution   On 11 April 2019, the Ecuadorian government of traitor Lenin Moreno, invited the Metropolitan Police into the Ecuadorian embassy in London, and they arrested Julian Assange . Since then, Assange is kept in Belmarsh high security prison in London, without actual charges.   The real reason world's number one political prisoner is still kept in this high security prison, is because he exposed horrendous war crimes carried out by the US imperialists and their allies.   The ruthless Western imperialist regime wants to punish the No1 real journalist in the world and make him an example for any Whistleblower or real journalist who will attempt to expose its big crimes in the future.   And the Anglo-American axis has now become officially a fascist coalition , framed by the rest of its Western pets. UK's Home Secretary Priti Patel, one of the most ruthless ever, decided to extradite Julian Assange to US. No surprise of course. The only question we had in mind is

US hegemony and its perils

Report by the Ministry of Foreign Affairs of the People’s Republic of China   Part 1 - Introduction Since becoming the world's most powerful country after the two world wars and the Cold War, the United States has acted more boldly to interfere in the internal affairs of other countries, pursue, maintain and abuse hegemony, advance subversion and infiltration, and willfully wage wars, bringing harm to the international community. The United States has developed a hegemonic playbook to stage "color revolutions," instigate regional disputes, and even directly launch wars under the guise of promoting democracy, freedom and human rights.    Clinging to the Cold War mentality, the United States has ramped up bloc politics and stoked conflict and confrontation. It has overstretched the concept of national security, abused export controls and forced unilateral sanctions upon others. It has taken a selective approach to international law and rules, utilizing or discarding them as

Nordstream blame game begins

The Grayzone   Max Blumenthal and Aaron Mate discuss the controlled leaks aiming to deflect blame for the Nordstream attacks onto "pro-Ukrainian" elements, the failed attempt by Republican populists and Democratic progressives to withdraw US troops from Syria, and the dramatic congressional Twitter files hearing.  

How America took out the Nord Stream pipeline

The New York Times called it a “mystery,” but the United States executed a covert sea operation that was kept secret—until now   by Seymour Hersh   Part 3 - THE OPERATION   Norway was the perfect place to base the mission. In the past few years of East-West crisis, the U.S. military has vastly expanded its presence inside Norway, whose western border runs 1,400 miles along the north Atlantic Ocean and merges above the Arctic Circle with Russia. The Pentagon has created high paying jobs and contracts, amid some local controversy, by investing hundreds of millions of dollars to upgrade and expand American Navy and Air Force facilities in Norway. The new works included, most importantly, an advanced synthetic aperture radar far up north that was capable of penetrating deep into Russia and came online just as the American intelligence community lost access to a series of long-range listening sites inside China. A newly refurbished American submarine base, which had been under construction