It took less than a day for attendees at the DefCon hacking conference to find and exploit vulnerabilities in five different voting machine types. “The first ones were discovered within an hour and 30 minutes. And none of these vulnerabilities has ever been found before, they’ll all new,” said Harri Hursti, co- coordinator of the event. One group even managed to rick-roll a touch screen voting machine, getting it to run Rick Astley’s song “Never Gonna Give You Up,” from 1987. … The groups weren’t able change votes, noted Hursti, a partner at Nordic Innovation Labs and an expert on election security issues. “That’s not what we’re trying to do here today. We want to look at the fundamental compromises that might be possible,” he said.
Next year, organizers hope to set up a full end-to-end simulation of a voting network so they can find and report weaknesses. For this year, efforts focused on individual machines.
… The dozens of computer scientists and hackers who cycled through the room over the course of the conference aren’t a threat to election systems — the bad guys are, said Barbara Simons, president of Verified Voting, a non-partisan, non-profit organization that advocates for elections accuracy.
“Anything that’s happening in here, you can be sure that those intent on undermining the integrity of our election systems have already done, with all the time and the resources in the world. There are plenty of people with hostile motives and very considerable attack skills out there,” she said.