Defcon is the annual hacker conference in Vegas and the buzz this year centered around the Voting Machine Hacking Village. A dozen electronic voting machines, like you might see at your local polling place, were set up along the walls of a conference room. In the center were tables where hackers took some machines apart. … In fact, until 2015, hacking voting machines — even to do research — was against the law unless you got a special waiver, said Matt Blaze, a computer science professor at the University of Pennsylvania. “So far, only a few dozen people who are computer scientists thinking about this have been able to get access to these machines,” Blaze said. Blaze helped set up the voting village at Defcon. A decade ago he obtained a waiver to study electronic voting machines in California and Ohio. “And my team of graduate students and I were able to very quickly discover a number of really serious and exploitable problems with those systems,” he said.
But Blaze said researchers missed more important targets: the companies that supply the electronic voting machines and county election offices.
Unlike voting machines, which aren’t generally connected to the Internet, the companies that supply them and county offices that tabulate the votes are online.
The risk, said Blaze, is that hackers could get their hands on the list of registered voters that’s checked on Election Day, the description of the ballots that are presented to voters and the systems that count the final tallies.