By Charles Miller
It is said that if it is Tuesday, there must be an election somewhere in the US. And in the world of information technology, there is yet more election news. Many people in the tech world are hoping that February 18, 2020, will be looked back on as the day the United States finally got serious about improving the security of its elections.
Months ago, Microsoft announced the ElectionGuard initiative, a project to create a free and open-source software for voting machines. The key phrase here is “open-source,” meaning that there are no secrets. Up until now, many elections have relied on voting machines and software sold by shadowy companies that claimed their secret hardware and software to be absolutely secure, but, in reality, is so insecure that hacking it is child’s play. ElectionGuard seeks to change that by opening up everything to public scrutiny. Anyone who cares to audit or examine the source code for ElectionGuard may do so. You yourself can do this by pointing your browser to “github.com/microsoft/electionguard,” where you can download a copy. If you spot a bug in the program or want to suggest an improvement, there is a forum where you can do so. There is even a bug-bounty program that pays up to US$15,000 to anyone who finds a bug, and this incentivizes experienced programmers to do their thing. So not only is Microsoft giving ElectionGuard away for free but also is paying to find any bugs in it.
In reality, ElectionGuard is relatively simple, as computer programs go. It continues proven election practices while adding new 21st century features. Voting machines can print a paper ballot for voters to verify and maintain a paper trail. The most exciting new innovation is the tracking code each voter receives, and that works very much like tracking a package sent by FedEx (another proven technology). With their tracking code, a voter can go to an election website to verify that their vote has been counted and that their ballot has not been altered in any way.
The ElectionGuard tracking code does not permit anyone to see who was voted for, but it does verify the ballot has not changed. The software’s encryption scheme allows election officials to count votes without knowing how an individual citizen voted, and at the same time allows the voter to verify their vote was counted by officials. Likewise, watchdog groups or news media can verify how many votes were cast and counted, all without knowing who individual voters voted for.
From the beginning, Microsoft focused on transparency, use of proven technologies, accessibility, and a user-friendly interface. Several manufacturers of voting machines have announced plans to use the software. On February 18, the 3,000 citizens of Fulton, Wisconsin, put ElectionGuard to its first test in a real election. So far, the results have been positive, and we can hope this is the beginning of a new era of secure elections, not only in the US but worldwide.
Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981, and now practically a full-time resident. He may be contacted at 044 415 101 8528 or email FAQ8@SMAguru.com.