CyberSecurityRecap: Open Source Election Software (addendum)

See my prior post regarding openness and America, and why Open Source Software (OSS) is a good fit for American elections.

This addendum was going to start out with requirements for OSS election software, and a description of current OSS systems. That is, until I started researching the possibilities. I discovered a brand new free offering by Microsoft called ElectionGuard. As I’m convinced that it will dominate, I’ve decided to focus on it.

So, what is ElectionGuard? It’s software that election officials can implement and use on their own hardware, update the software on their existing hardware, or buy bundled with election systems from any major election system vendor.

ElectionGuard has numerous features. It can make tracking the progress of an election easy for the general public, ie, just check the web site. It can make verification of a voter’s vote simple by typing into the website an identifier on the voter’s receipt. All the security and privacy concerns have been addressed. It’s been audited, with many more audits to come as Microsoft is encouraging audits even as classroom projects.

ElectionGuard’s features can be summarized as… verifiable, Secure, auditable, and open source, and simply makes voting better.

ElectionGuard is free and open source, MIT licensed. That means that anyone can use and distribute the software, even commercially, with essentially attribution being the only requirement.

In May 2019, Microsoft announced ElectionGuard. In July 2019, they demo’ed it. In September 2019, they released it. The timing could be better. It’s not going to be there for the 2020 US presidential elections, other than maybe a few test locations. Starting with the election cycles in 2021, expect to start seeing ElectionGuard at a polling place near you.

ElectionGuard’s GitHub is located here.

Troy Frericks.
blog 30-Oct-2019

CyberSecurityRecap: Open Source Election Software

The United States of America (US) is a nation that prides itself on openness. We have a constitution  and a Bill of Rights that limits the power of the Government, thereby keeping Government open. The US funds NASA which sponsors the International Space Station, Hubble Telescope, and other open science projects. We have open meeting laws for government entities. Police records are open to public viewing. Court records are open to the public. The US Constitution mentions the word ‘open’ several times. The Bill of Rights mentions “public” trials. Part of the First Amendment restricts Congress from making laws that would restrict the freedom of the press, thereby allowing the press to report on the internal workings of the Government.

The US is the most open Government on the planet. When it comes to electing our government officials, doesn’t it make sense that we’d use Open Source Software? This is software that is open to the people to read.

One of the premier election solutions in the early 2000’s was Diebold.  They were closed source, which meant that election officials could not see/compile the source code. The closed source model had proven to be troublesome, with many security issues. In 2004, ABC’s 60 Minutes ran a piece highlighting the security issues coded by Diebold.

Diebold changed their name, just maybe, because the name Diebold was forever tainted.

With open source software, security problems can be reduced because you have the potential of interested parties from the public reviewing the software for (and then fixing) bugs. This is not possible with closed software like Diebold’s.

I’ll expand more in my next post.

Troy Frericks.
blog 31-Aug-2019