Tag Archives: Devices

Simplifying IT with the latest updates from Windows Autopilot – Microsoft 365 Blog

With Windows Autopilot, our goal is to simplify deployment of new Windows 10 devices by eliminating the cost and complexity associated with creating, maintaining, and loading custom images. Windows Autopilot will revolutionize how new devices get deployed in your organization—now you can deliver new off-the-shelf Windows 10 devices directly to your users. With a few simple clicks, the device transforms itself into a fully business-ready state, dramatically reducing the time it takes for your users to get up and running with new devices.

Not only does Windows Autopilot significantly reduce the cost of deploying Windows 10 devices but also delivers an experience that’s magical for users and zero-touch for IT.

I’m excited to share that we are extending that zero-touch experience even further with several new capabilities available in preview with the Windows Insider Program today.

  • Self-Deploying mode—Currently, the Windows Autopilot experience requires the user to select basic settings like Region, Language, and Keyboard, and also enter their credentials, in the Windows 10 out-of-the-box experience. With a new Windows Autopilot capability called “Self-Deploying mode,” we’re extending the zero-touch experience from IT to the user deploying the device. Power on* is all it takes to deploy a new Windows 10 device into a fully business-ready state—managed, secured, and ready for usage—no need for any user interaction. You can configure the device to self-deploy into a locked down kiosk, a digital signage, or a shared productivity device—all it takes is power on.*
  • Windows Autopilot reset—This feature extends the zero-touch experience from deployment of new Windows 10 devices to reset scenarios where a device is being repurposed for a new user. We’re making it possible to completely reset and redeploy an Intune-managed Windows 10 device into a fully business-ready state without having to physically access the device. All you need to do is click a button in Intune!

Windows Insiders can test these features with the latest Windows 10 build and Microsoft Intune now.

I cannot wait to see the feedback from the Insider community! To see how this works, and several exciting updates to Windows Autopilot, check out this quick video:

 Source video.

You can head over to the Windows IT Pro blog right now for further details.

One final note: A big part of what we build is based on feedback from our customers. With this in mind, we also added several new Windows Autopilot capabilities into the Windows 10 April 2018 Update (version 1803) based on feedback, and these capabilities are also available today:

  • Enrollment Status page—We received tons of feedback from Windows Autopilot customers who want the ability to hold the device in the out-of-box setup experience until the configured policies and apps have been provisioned to the device. This enables IT admins to be assured the device is configured into a fully business-ready state prior to users getting to the desktop. This is made possible with a capability called “Enrollment Status” and is available today with Windows 10 April 2018 Update (version 1803) and Microsoft Intune.
  • Device vendor supply chain integration—We enabled Windows 10 OEMs and hardware vendors to integrate Windows Autopilot into their supply chain and fulfillment systems so that devices are registered in Windows Autopilot to your organization the moment your purchase is fulfilled. This makes the registration of Windows Autopilot devices completely hands-free and zero-touch for you as well as your device vendor/OEM. Contact your device reseller to find out if they are supporting Windows Autopilot.
  • Automatic Windows Autopilot profile assignment—We integrated Azure Active Directory (AD) dynamic groups with Windows Autopilot and Microsoft Intune to deliver a zero-touch experience for Windows Autopilot profile assignments on all Windows Autopilot devices.

I said this in my prior post and I’ll say it again—Windows Autopilot is an absolute game changer. I urge you to spend some time learning more about it.

To learn more about how to use Windows Autopilot and Co-Management together, check out this quick video.

*Requires network connection and TPM2.0.

Simplifying IT with the latest updates from Windows Autopilot – Microsoft 365 Blog

With Windows Autopilot, our goal is to simplify deployment of new Windows 10 devices by eliminating the cost and complexity associated with creating, maintaining, and loading custom images. Windows Autopilot will revolutionize how new devices get deployed in your organization—now you can deliver new off-the-shelf Windows 10 devices directly to your users. With a few simple clicks, the device transforms itself into a fully business-ready state, dramatically reducing the time it takes for your users to get up and running with new devices.

Not only does Windows Autopilot significantly reduce the cost of deploying Windows 10 devices but also delivers an experience that’s magical for users and zero-touch for IT.

I’m excited to share that we are extending that zero-touch experience even further with several new capabilities available in preview with the Windows Insider Program today.

  • Self-Deploying mode—Currently, the Windows Autopilot experience requires the user to select basic settings like Region, Language, and Keyboard, and also enter their credentials, in the Windows 10 out-of-the-box experience. With a new Windows Autopilot capability called “Self-Deploying mode,” we’re extending the zero-touch experience from IT to the user deploying the device. Power on* is all it takes to deploy a new Windows 10 device into a fully business-ready state—managed, secured, and ready for usage—no need for any user interaction. You can configure the device to self-deploy into a locked down kiosk, a digital signage, or a shared productivity device—all it takes is power on.*
  • Windows Autopilot reset—This feature extends the zero-touch experience from deployment of new Windows 10 devices to reset scenarios where a device is being repurposed for a new user. We’re making it possible to completely reset and redeploy an Intune-managed Windows 10 device into a fully business-ready state without having to physically access the device. All you need to do is click a button in Intune!

Windows Insiders can test these features with the latest Windows 10 build and Microsoft Intune now.

I cannot wait to see the feedback from the Insider community! To see how this works, and several exciting updates to Windows Autopilot, check out this quick video:

 Source video.

You can head over to the Windows IT Pro blog right now for further details.

One final note: A big part of what we build is based on feedback from our customers. With this in mind, we also added several new Windows Autopilot capabilities into the Windows 10 April 2018 Update (version 1803) based on feedback, and these capabilities are also available today:

  • Enrollment Status page—We received tons of feedback from Windows Autopilot customers who want the ability to hold the device in the out-of-box setup experience until the configured policies and apps have been provisioned to the device. This enables IT admins to be assured the device is configured into a fully business-ready state prior to users getting to the desktop. This is made possible with a capability called “Enrollment Status” and is available today with Windows 10 April 2018 Update (version 1803) and Microsoft Intune.
  • Device vendor supply chain integration—We enabled Windows 10 OEMs and hardware vendors to integrate Windows Autopilot into their supply chain and fulfillment systems so that devices are registered in Windows Autopilot to your organization the moment your purchase is fulfilled. This makes the registration of Windows Autopilot devices completely hands-free and zero-touch for you as well as your device vendor/OEM. Contact your device reseller to find out if they are supporting Windows Autopilot.
  • Automatic Windows Autopilot profile assignment—We integrated Azure Active Directory (AD) dynamic groups with Windows Autopilot and Microsoft Intune to deliver a zero-touch experience for Windows Autopilot profile assignments on all Windows Autopilot devices.

I said this in my prior post and I’ll say it again—Windows Autopilot is an absolute game changer. I urge you to spend some time learning more about it.

To learn more about how to use Windows Autopilot and Co-Management together, check out this quick video.

*Requires network connection and TPM2.0.

For Sale – HP Gen7 N54L microserver

HP Gen7 N54L
AMD Turion™ II Neo (2.2GHz)
8GB RAM
120GB SSD
BIOS mod to enable 6 SATA devices (4 front bays, 2 in the top)
Packed in original box
Key for drive bay lock
All drive screws and install tool
eSATA cable

Moved to a Gen8 hence sale.

Wil only sell to members with established feedback.

Price and currency: 85
Delivery: Delivery cost is included within my country
Payment method: BT or PPG
Location: MANCHESTER, M28
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – HP Gen7 N54L microserver

HP Gen7 N54L
AMD Turion™ II Neo (2.2GHz)
8GB RAM
120GB SSD
BIOS mod to enable 6 SATA devices (4 front bays, 2 in the top)
Packed in original box
Key for drive bay lock
All drive screws and install tool
eSATA cable

Moved to a Gen8 hence sale.

Wil only sell to members with established feedback.

Price and currency: 85
Delivery: Delivery cost is included within my country
Payment method: BT or PPG
Location: MANCHESTER, M28
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – HP Gen7 N54L microserver

HP Gen7 N54L
AMD Turion™ II Neo (2.2GHz)
8GB RAM
120GB SSD
BIOS mod to enable 6 SATA devices (4 front bays, 2 in the top)
Packed in original box
Key for drive bay lock
All drive screws and install tool
eSATA cable

Moved to a Gen8 hence sale.

Wil only sell to members with established feedback.

Price and currency: 85
Delivery: Delivery cost is included within my country
Payment method: BT or PPG
Location: MANCHESTER, M28
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Macafee total protection / 1 year / 5 devices

Macafee total protection / 1 year / 5 devices, brand new sealed.

£10 code via pm or £11 via post.

Price and currency: £11
Delivery: Delivery cost is included within my country
Payment method: BT / PPG
Location: Glasgow
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds…

Macafee total protection / 1 year / 5 devices

A series of new IoT botnets plague connected devices

Internet of things botnets continue to plague connected devices with two new botnets appearing this week.

The first of the IoT botnets causing trouble was discovered by security researchers at Bitdefender and is called Hide ‘N Seek, or HNS. HNS was first noticed on January 10, “faded away” for a few days and then reemerged on January 20 in a slightly different form, according to Bitdefender senior e-threat analyst Bogdan Botezatu. Since then, HNS — which started with only 12 compromised devices — had amassed over 32,000 bots worldwide as of January 26. Most of the affected devices are Korean-manufactured IP cameras.

“The HNS botnet communicates in a complex and decentralized manner and uses multiple anti-tampering techniques to prevent a third party from hijacking/poisoning it,” Botezatu explained in his analysis of HNS, also noting that the bot can perform device exploits similar to those done by the Reaper botnet. “The bot embeds a plurality of commands such as data exfiltration, code execution and interference with a device’s operation.”

Botezatu also explained that HNS works sort of like a worm in that it uses a randomly generated list of IP addresses to get potential targets. The list of targets can be updated in real time as the botnet grows or bots are lost or gained. Luckily, like other IoT botnets, the HNS “cannot achieve persistence” and a device reboot will remove it from the botnet.

“While IoT botnets have been around for years, mainly used for DDoS attacks, the discoveries made during the investigation of the Hide and Seek bot reveal greater levels of complexity and novel capabilities such as information theft — potentially suitable for espionage or extortion,” Botezatu said.

Unlike other recent IoT botnets, HNS is different from the infamous Mirai malware, and is instead similar to the Hajime botnet. Like Hajime, HNS has a “decentralized peer-to-peer architecture.”

The Masuta botnets

Two other new botnets on the scene do show similarities to Mirai, however.

The Masuta and PureMasuta variant were discovered by researchers at the company NewSky Security and appear to be the work of the Satori botnet creators. The Satori botnet targeted Huawei routers earlier this month, and the Masuta botnets now also target home routers.

According to the research from NewSky Security, Masuta shares a similar attack method with Mirai and uses weak, known or default credentials to access the targeted devices. PureMasuta is a bit more sophisticated and exploits a network administration bug uncovered in 2015 in D-Link’s Home Network Administration Protocol, which relies on the Simple Object Access Protocol to manage device configuration.

“Protocol exploits are more desirable for threat actors as they usually have a wider scope,” Ankit Anubhav, principal researcher at NewSky Security, wrote in the analysis of the botnets. “A protocol can be implemented by various vendors/models and a bug in the protocol itself can get carried on to a wider range of devices.”

PureMasuta has been infecting devices since September 2017.

In other news

  • Kaspersky Lab filed a preliminary injunction as part of its appeal against the U.S. Department of Homeland Security’s ban on the use of the company’s products in government agencies. The ban was originally issued in September 2017 in response to concerns that the Moscow-based security company helped the Russian government gather data on the U.S. through its antivirus software and other products. The ban, Binding Operational Directive (BOD) 17-01, was reinforced in December 2017 in the National Defense Authorization Act, despite offers from Kaspersky to have the U.S. government investigate its products and operations. In response to the National Defense Authorization Act, Kaspersky Lab filed a lawsuit against the U.S. government saying that the ban was unconstitutional. As part of the lawsuit, the injunction would, for now, stop the government ban on BOD 17-01.
  • The PCI Security Standards Council (PCI SSC) published new security requirements for mobile point-of-sale systems. The requirements focus on software-based PIN entry on commercial off-the-shelf (COTS) mobile devices. Requirements already exist for hardware-based devices that accept PINs, so these standards expand on them. The so-called PCI Software-Based PIN Entry on COTS (SPoC) Standard introduces a “requirement for a back-end monitoring system for additional external security controls such as attestation (to ensure the security mechanisms are intact and operational), detection (to notify when anomalies are present) and response (controls to alert and take action) to address anomalies,” according to PCI SSC CTO Troy Leach. The standard consists of two documents: the Security Requirements for solution providers, including designers of applications that accept PINS; and the Test Requirements, which “create validation mechanisms for payment security laboratories to evaluate the security” of the PIN processing apps. The SPoC security requirements focus on five core principles, according to Leach:
    • isolation of the PIN from other account data;
    • ensuring the software security and integrity of the PIN entry application on the COTS device;
    • active monitoring of the service, to mitigate against potential threats to the payment environment within the phone or tablet;
    • Required Secure Card Reader for PIN (SCRP) to encrypt and maintain confidentiality of account data; and
    • transactions restricted to EMV contact and contactless.
  • Alphabet, best known for being Google’s parent company, launched a new cybersecurity company — Chronicle. Chronicle is an offshoot of the group X and will be a stand-alone company under Alphabet. Former Symantec COO Stephen Gillett will be the company’s CEO. Chronicle offers two services to enterprises: a security intelligence and analytics platform and VirusTotal, an online malware and virus scanner Google acquired in 2012. “We want to 10x the speed and impact of security teams’ work by making it much easier, faster and more cost-effective for them to capture and analyze security signals that have previously been too difficult and expensive to find,” Gillett said in a blog post announcing the company launch. “We are building our intelligence and analytics platform to solve this problem.” The announcement did not provide many specifics, but the launch could pose a significant threat to cybersecurity vendors that do not have access to the same resources as a company with the same parent as Google.

For Sale – Macafee total protection / 1 year / 5 devices

Macafee total protection / 1 year / 5 devices, brand new sealed.

£10 code via pm or £11 via post.

Price and currency: £11
Delivery: Delivery cost is included within my country
Payment method: BT / PPG
Location: Glasgow
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Digital classrooms aren’t a distraction. Here’s why. |

Many people assume that devices and technology distract students and negatively affect how teachers run their lessons. That’s not the case when implementation is done purposefully, with learning tools that support existing structures in the classroom.

In other words, tech doesn’t replace the teacher, but enhances their capabilities in teaching and administration. One of the more effective solutions seen recently is from a Microsoft Gold Partner, Insync. The company uses Microsoft’s technology to make learning more efficient and students more engaged, in a number of different ways:

Devices and mobility

Insync uses Microsoft’s wide range of Windows devices to support different subjects and learning styles, giving educators more effective ways of delivering lessons. Devices functions such as touch-screen interactivity, digital ink, keyboard compatibility, voice integration and video allow students to sketch notes, type essays, conduct video lessons and do much more.

To help get lessons up and running, Microsoft also makes the management of all devices a straightforward process–via their Enterprise Mobility Suite, which provides secure single sign-on access to school services, applications, and safe social media.  Windows 10 also helps students and staff organise their schoolwork, with easy ways to snap apps in place, optimise their screen space, group items and create virtual desktops.

Additionally, students with special needs benefit most from Insync’s approach to the digital classroom. Learning is more accessible for physically challenged students thanks to speech recognition in Windows 10, while Skype provides real-time transcripts for the hearing impaired.

Learning solutions

Interactions between students for group projects don’t stop after school. They can continue online through Microsoft’s Office 365, which includes a range of cloud-based productivity tools that let students and staff members update essays, documents and spreadsheets at home, school or on the go.

And to help students excel in their projects or revision, schools can also register multiple third-party cloud applications on their Azure Active Directory, which provides single sign-on access to a portfolio of relevant resources online.

School administration

One of the biggest costs for schools comes from administration. Schools are always looking for ways to simplify registration, declutter paperwork, and improve course management. Staff simply don’t have the time or headspace to deal with these things and focus on their students’ wellbeing.

With Microsoft Azure, schools can opt into pay-as-you-go access to infrastructure and platform services. That saves them money by letting them scale up resources during busy times, such as enrolment and assessment periods, and scaling down during periods of low demand.

Furthermore, personal devices can also connect to mobile device management services, giving administration teams smarter reporting and more proactive security.

Security and Infrastructure

And of course, Microsoft’s integrated security options also provide schools with an impressive level of digital security and utility, negating the need to purchase more expensive solutions. Through Microsoft’s Enterprise Mobility Suite (EMS), students and staff can access IT services with self-service password reset, application and device installations, and group management.

EMS also manages access to devices (including those consistently outside firewalls) and multifactor authentication capabilities. An integrated environment extends device management to small or remote schools and campuses.

Microsoft CityNext education solutions can even help schools operate more sustainably by using Internet of Things sensors to control lighting, heating and cooling and smartcards for secure access.

Education analytics and research

Before this, schools had next to no way to track areas of improvement for individual students, forcing teachers to rely on direct feedback or their own instincts on how effective their lessons were proving. With data analytics, however, teachers can track and evaluate different criteria across each of their students’ scores and results, helping them better identify and address any learning difficulties that may crop up.

On a school-wide level, Microsoft Power BI gives schools a 360-degree view of performance and operations, while easy-to-use reporting tools simplify access to visual data and improve report-sharing capabilities with stakeholders.

Solutions like Insync’s help schools to conduct lessons, manage administration and provide accountability like never before. To learn how your school can benefit from Microsoft-based education solutions, check out the resources listed below:

Download the whitepaper: 6 features of a Modern Australian School >

Download the value summary: Education in the Cloud >

Or get in touch with the education experts at Insync on 1300 652 207 or email info@insynctechnology.com.au.

Our mission at Microsoft is to equip and empower educators to shape and assure the success of every student. Any teacher can join our community and effort with free Office 365 Education, find affordable Windows devices and connect with others on the Educator Community for free training and classroom resources. Follow us on Facebook and Twitter for our latest updates.

DUHK attack puts random number generators at risk

Researchers have discovered a vulnerability that affects some legacy security devices, including Fortinet’s FortiGate devices.

The vulnerability has been dubbed DUHK, which stands for Don’t Use Hard-coded Keys, and affects devices that use the ANSI X9.31 Random Number Generator (RNG) and a hardcoded seed key. Researchers Nadia Heninger and Shaanan Cohney from the University of Pennsylvania, along with cryptographer Matthew Green at Johns Hopkins University, studied the Federal Information Processing Standards (FIPS) certified products that use the ANSI X9.31 RNG algorithm and found 12 that are vulnerable to DUHK.

“DUHK allows attackers to recover secret encryption keys from vulnerable implementations and decrypt and read communications passing over VPN connections or encrypted web sessions,” the researchers explained in a blog post. “The encrypted data could include sensitive business data, login credentials, credit card data and other confidential content.”

Heninger, Cohney and Green were only able to gain access to the firmware of one product — a Fortinet firewall — so their detailed research paper mostly focuses on the affected Fortinet devices, specifically the FortiGate VPN gateways.

“Traffic from any VPN using FortiOS 4.3.0 to FortiOS 4.3.18 can be decrypted by a passive network adversary who can observe the encrypted handshake traffic,” they explained. “Other key recovery attacks on different protocols may also be possible.”

The full list of affected vendors is in the research paper and includes Fortinet, Becrypt, Cisco, DeltaCrypt Technologies, MRV Communications, NeoScale Systems, Neopost Technologies, Renesas Technology America, TechGuard Security, Tendyron Corp., ViaSat and Vocera Communications.

The ANSI X9.31 RNG algorithm lost its FIPS certification in January 2016, so the researchers noted that many vendors have since published software updates to remove it.

Devices have to meet four requirements in order to be vulnerable to DUHK, according to Heninger, Cohney and Green:

  • A device must use the X9.31 RNG.
  • A seed key is hardcoded into the implementation.
  • The output from the RNG is used to generate crypto keys.
  • “At least some of the random numbers before or after those used to make the keys are transmitted unencrypted. This is typically the case for SSL/TLS and IPsec.”

The researchers recommended anyone who develops cryptographic software should stop using the X9.31 RNG and not use a hardcoded key.

The research team also warned that this vulnerability is the key to an easy and practical attack, though there’s no evidence it’s being actively exploited by attackers.

“Our attack against [the] FortiGate device can be carried out on a modern computer in about four minutes,” they noted.

In other news:

  • FBI Director Christopher Wray spoke earlier this week about the FBI’s continuous battle with mobile device encryption. Speaking at the International Association of Chiefs of Police conference in Philadelphia, Wray said the FBI was unable to access more than 6,900 mobile devices so far this year. “To put it mildly, this is a huge, huge problem,” Wray said. “It impacts investigations across the board — narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime [and] child exploitation.” The FBI has warred with vendors and the security community in recent years over encryption in mobile devices, arguing that law enforcement needs backdoors through encryption to access devices during investigations. Vendors such as Apple and security experts argue that a backdoor cannot exist for law enforcement without it being accessible by malicious actors, as well, and thus putting user privacy at risk. Wray’s comment follows the U.S. Department of Justice’s call for “responsible encryption.”
  • A group of senators and congressmen have introduced a bipartisan bill that would create a new legal framework that would allow law enforcement to access U.S. electronic communications stored on servers located in other countries. The group includes Rep. Doug Collins (R-Ga.), Rep. Hakeem Jeffries (D-N.Y.), Sen. Orrin Hatch (R-Utah), Sen. Chris Coons (D-Del.), and Sen. Dean Heller (R-Nev.). They are calling on Congress to pass the bill, called the International Communications Privacy Act, and are supported by organizations such as Americans for Tax Reform and the R Street Institute, which penned a letter to the Congress pushing for the bill. With this new bill, the group of senators and representatives aims to update the Electronic Communications Privacy Act of 1986, which they argued is outdated. The International Communications Privacy Act would require law enforcement to obtain a warrant for all electronic data on U.S. citizens and allow law enforcement to access data on foreign nationals.
  • Serious security flaws have been discovered in the way the Presidential Advisory Commission on Election Integrity, which is investigating voter fraud, handles the personal data of millions of voters. Illinois-based advocacy group Indivisible Chicago requested public records from Illinois and Florida on the Interstate Voter Registration Crosscheck Program. Crosscheck aims to identify people who are registered and voting in more than one state. Indivisible Chicago received emails and other documents from election officials, which showed several security issues with Crosscheck, including the freely available usernames and passwords. “The primary problem here is not that we have these passwords, but that every official and IT department involved in this process sends usernames, login passwords, and decryption passwords in clear text in email — sometimes with up to eighty recipients,” Indivisible Chicago wrote. “Anyone could have these passwords and could have had them at a time they could have been used while the ISBE would have been none the wiser.”