The national conversation on election security came into sharp focus Friday at a renowned hacker conference as U.S. officials and security researchers sought common ground in raising awareness of potential vulnerabilities in election equipment. The goal was to have a more transparent conversation about those vulnerabilities without spreading undue public fear about them. The Voting Village at DEF CON in Las Vegas, a room where white-hat hackers could tinker with voting machines and mock voter registration databases, was a high-profile test of that collaboration. “I’m here to learn,” Alex Padilla, California’s secretary of state, said before touring the village in the bowels of Caesars Palace hotel and casino. … At the village, Joseph Lorenzo Hall, chief technologist at the Center for Democracy and Technology, stood next to a large ballot-scanner made by Election Systems & Software, one of the country’s biggest voting-equipment vendors. A couple of young researchers were picking the machine apart looking for vulnerabilities and what voting data the old machine might reveal.
“There’s a balance we have to really walk,” Hall said, between proactively looking for vulnerabilities and giving owners of voting equipment time to address them.
“We want to find flaws in these machines; we’d like to get them fixed,” Hall added. “But it’s not like general purpose computing where you can get them fixed immediately. It’s not like an election official can go get a patch for one of these machines and just change it on their own.”