Election Systems & Software – Page 2

Microsoft pushes open-source software kit to election agencies, voting-tech vendors

Posted on May 6, 2019 by Sean Lyngaas

Election officials around the U.S. could soon have access to an open-source software development kit from Microsoft that is intended to make voting more secure and transparent. The software kit, called ElectionGuard, will allow third parties to validate election results and voters to ensure their ballots were correctly counted, according to Microsoft. Each voter would get a unique code to track the encrypted version of his or her vote to confirm that it was not altered. “It will not be possible to ‘hack’ the vote without detection,” Tom Burt, a Microsoft corporate vice president, asserted in a blog post Monday. He touted the kit’s use of homomorphic encryption, which will allow votes to be counted without decrypting the data, as a feature that will protect votes individually and collectively. The software, which will be available starting this summer to election agencies and vendors, is meant to supplement, rather than replace, paper ballots. Its code […]

The post Microsoft pushes open-source software kit to election agencies, voting-tech vendors appeared first on CyberScoop.

Continue reading Microsoft pushes open-source software kit to election agencies, voting-tech vendors→

Voting-machine vendors have some serious questions to answer, senators say

Posted on March 27, 2019 by Joe Warminsky

While the security of the 2020 election remains a prominent topic in Washington, a group of Democratic senators is raising alarms about longer-term issues that will resonate after voters are done choosing a president about 20 months from now. The three companies that make most of the voting technology used in the U.S. must be more transparent about their plans to improve their products to meet current expectations about security and performance, says a letter Wednesday by Sen. Amy Klobuchar of Minnesota and three other top Democrats. In particular, the senators say every machine should reliably produce paper records, and the companies should do far more to upgrade their products. “The integrity of our elections is directly tied to the machines we vote on — the products that you make,” says the letter from Klobuchar, Mark Warner of Virginia, Jack Reed of Rhode Island and Gary Peters of Michigan. “Despite shouldering such a massive responsibility, there has been […]

The post Voting-machine vendors have some serious questions to answer, senators say appeared first on CyberScoop.

Continue reading Voting-machine vendors have some serious questions to answer, senators say→

Rep. Speier: Congress needs a hack demo to understand election vulnerabilities

Posted on October 2, 2018 by Sean Lyngaas

Lawmakers still need a hands-on demonstration of voting equipment vulnerabilities to fully grasp the urgency of election security, according to Rep. Jackie Speier, D-Calif. “I think that if we can fashion some kind of an interactive experience for members to watch… then we’ve got their attention,” Speier, a member of the intelligence committee, said in an interview. “We need that moment and we need that equipment, and we need that hack. And so once we can do that and do it in a way that the average luddite can understand, then we’ll be golden.” DEF CON, the hacking conference where researchers pick apart voting machines, provides that kind of visual demonstration. But Speier appeared to be the only lawmaker in attendance last week as the organizers of the DEF CON Voting Village presented their findings on Capitol Hill. (Some congressional staff did attend.) Election security vaulted into the spotlight on […]

The post Rep. Speier: Congress needs a hack demo to understand election vulnerabilities appeared first on Cyberscoop.

Continue reading Rep. Speier: Congress needs a hack demo to understand election vulnerabilities→

DEF CON founder says there’s a ‘civil war’ at voting vendors over security

Posted on September 28, 2018 by Sean Lyngaas

There is a “civil war’ going on at big U.S. voting-equipment vendors between employees who want to proactively address security vulnerabilities and those who stubbornly oppose doing that, according to DEF CON founder Jeff Moss. “Half the company wants to deny that there’s any problem and to do things on their own timescale and basically soldier on,” Moss said Thursday, while the other half typically includes “younger engineers who think this is a great opportunity to make a change” in how the company approaches cybersecurity. He spoke on Capitol Hill at the rollout of the DEF CON Voting Village report, which highlighted a decade-old vulnerability in a ballot-counting machine used in more than half the states. Moss, a cybersecurity expert and outside adviser to the Department of Homeland Security, told CyberScoop that the opposing impulses at voting-equipment vendors could force some engineers to leave the companies. Engineers who have reached […]

The post DEF CON founder says there’s a ‘civil war’ at voting vendors over security appeared first on Cyberscoop.

Continue reading DEF CON founder says there’s a ‘civil war’ at voting vendors over security→

DEF CON report finds decade-old flaw in widely used ballot-counting machine

Posted on September 27, 2018 by Sean Lyngaas

A voting tabulator used to count ballots in more than half the states has a decade-old flaw that leaves it vulnerable to hacking, according to a report published Thursday by security researchers. The M650 machine, made by top voting-equipment vendor Election Systems and Software, could be compromised using a flawed software-updating procedure to infect it with malicious code, according to the report from the Voting Village at DEF CON, a renowned annual hacking conference. “It is very doubtful that the operators of M650s all over the U.S. are aware” of the need to combat the updating procedure by reformatting a ZIP disk, the report states. The M650 vulnerability was revealed in a 2007 report by the Ohio secretary of state’s office, pointing to a long lag time in patching some voting gear. “[D]isclosing vulnerabilities does not seem to be enough to get them fixed, even years later,” the DEF CON […]

The post DEF CON report finds decade-old flaw in widely used ballot-counting machine appeared first on Cyberscoop.

Continue reading DEF CON report finds decade-old flaw in widely used ballot-counting machine→

Senators ask voting machine manufacturers if Russia reviews source code

Posted on March 7, 2018 by Patrick Howell O'Neill

Two Democratic senators sent a letter to U.S. voting machine manufacturers asking the companies if they allow Russian entities to review the source code of their products. Senators Amy Klobuchar, D-Minn., and Jeanne Shaheen, D-N.H., sent the letters to three largest election equipment vendors in the United States: Election Systems & Software, Dominion Voting Systems and Hart Intercivic. The senators said Russian source code review could help that country hack American election technology. Numerous American companies including Cisco, IBM and SAP allow the Russian government to review their source code to comply with the country’s regulations and gain entry into the country’s markets. “Foreign access to critical source code information and sensitive data continues to be an often overlooked vulnerability. Further, if such vulnerabilities are not quickly examined and mitigated, future elections will also remain vulnerable to attack,” the senators wrote. “The 2018 election season is upon us. Primaries have already begun, […]

The post Senators ask voting machine manufacturers if Russia reviews source code appeared first on Cyberscoop.

Continue reading Senators ask voting machine manufacturers if Russia reviews source code→

Voting machine manufacturers pushed for cybersecurity information by Sen. Wyden

Posted on October 3, 2017 by Patrick Howell O'Neill

Sen. Ron Wyden continued his cybersecurity push on Tuesday, demanding information about security practices and independent audits from six of the largest voting machine vendors in the U.S. and two federal test laboratories. “As our election systems have come under unprecedented scrutiny, public faith in our electoral process at every level is more important than ever before,” the Oregon Democrat wrote to the companies and the labs, a day after urging the U.S. Supreme Court to improve its email encryption. “Ensuring that Americans can trust that election systems and infrastructure are secure is necessary to protecting confidence in our electoral process and democratic government,” he wrote. Wyden contacted Dominion Voting, Election Systems & Software, Five Cedars Group, Hart InterCivic, MicroVote and Unisyn Voting Solutions. The Department of Homeland Security assessed that Russian hackers targeted state election systems but several states dispute that claim. The hacking did not involve vote tallying, […]

The post Voting machine manufacturers pushed for cybersecurity information by Sen. Wyden appeared first on Cyberscoop.

Continue reading Voting machine manufacturers pushed for cybersecurity information by Sen. Wyden→