One of the nation’s largest cybersecurity conferences is inviting attendees to get hands-on experience hacking a slew of voting machines, demonstrating to researchers how easy the process can be. “It took me only a few minutes to see how to hack it,” said security consultant Thomas Richards, glancing at a Premier Election Solutions machine currently in use in Georgia. The DEF CON cybersecurity conference is held annually in Las Vegas. This year, for the first time, the conference is hosting a “Voting Machine Village” where attendees can try to hack a number of systems and help catch vulnerabilities. The conference acquired 30 machines for hackers to toy with. Every voting machine in the village was hacked.
Though voting machines are technologically simple, they are difficult for researchers to obtain for independent research. The machine that Richards learned how to hack used beneath-the-surface software, known as firmware, designed in 2007. But a number of well-known vulnerabilities in that firmware have developed over the past decade. “I didn’t come in knowing what to expect, but I was surprised by what I found,” he said.
… “There’s so much misinformation about voting machines on the internet,” said Harri Hursti, cofounder of Nordic Innovation Labs, who helped organize the event.
“The Village was announced last minute. But in the forums, people were active, looking to understand the problem. The changes have to start somewhere. This year it’s in this room, next year it will be a bigger room.”