Microsoft Launches Bug Bounty Program to Protect Electronic Voting Machines
More and more democracies are relying on electronic voting machines over paper ballots, and some of these machines remain unacceptably vulnerable to attack.
In order to protect voting machines, Microsoft recently released an open source software development kit called ElectionGuard.
ElectionGuard SDK uses homomorphic encryption to ensure that votes recorded by electronic systems of any type remain encrypted, secure, and secret. It also allows verifiable and accurate tallying of ballots by any 3rd party organization without compromising secrecy or security.
The code can run on any voting system hardware and can be integrated into existing (or new) voting system software.
Now Microsoft is taking the security of these machines to the next level by launching a bug bounty program for ElectionGuard.
“Researchers from across the globe, whether full time cyber security professionals, part-time hobbyists, or students, are invited to discover high-impact vulnerabilities in targeted areas of the ElectionGuard SDK and share them with Microsoft under Coordinated Vulnerability Disclosure (CVD). Eligible submissions with a clear, concise proof of concept (POC) are eligible for awards up to US$15,000,” said Jarek Stanley, Senior Program Manager, Microsoft Security Response Center.
Source: https://msrc-blog.microsoft.com/2019/10/18/introducing-the-electionguard-bounty-program/