DEFCON Conference To Target Voting Machines

An anonymous reader quotes a report from Politico: Hackers will target American voting machines -- as a public service, to prove how vulnerable they are. When over 25,000 of them descend on Caesar's Palace in Las Vegas at the end of July for DEFCON, the world's largest hacking conference, organizers are planning to have waiting what they call "a village" of different opportunities to test how easily voting machines can be manipulated. Some will let people go after the network software remotely, some will be broken apart to let people dig into the hardware, and some will be set up to see how a prepared hacker could fiddle with individual machines on site in a polling place through a combination of physical and virtual attacks. With all the attention on Russia's apparent attempts to meddle in American elections -- former President Barack Obama and aides have made many accusations toward Moscow, but insisted that there's no evidence of actual vote tampering -- voting machines were an obvious next target, said DEFCON founder Jeff Moss.

It's the voters, stupid!

"Russians" didn't hack the voting machines (I don't know for sure, mind you, but it's pretty implausible). *If* they did anything (and this is far more plausible), then it was messing with the voter's brains, aka "social engineering", aka FUD, aka PsyOps.

Yes, the vulnerabilities in the voting machines are embarrasing. Yes, it's fun uncovering them. There are many other reasons for counting votes the "traditional" way, secure machines or not. Still: don't let all this geeky stuff detract from the elephant in the room: buying Facebook personal data in bulk and correlating it with past votes, then sending targeted fake news has done much more in the last big polls (at least for Brexit and for the US Presidentials it is *known*) than any "classical hacker" vote fraud could have done.

Hey, you USians even have a word for it, courtesy of one of your three-letter agencies: PsyOPS!

Re:It's the voters, stupid!

[vtcodger]

"There are many other reasons for counting votes the "traditional" way, secure machines or not."

There are other alternatives as well. For example the town I live in uses paper ballots, but counts them with OCR -- which allows for a quick total when the polls close, but still allows a recount if a problem in a miscount is suspected.

BTW, about 30 years ago, the town had a substantial number of blank ballots vanish on election day. Everyone is pretty sure they didn't end up in the vote count, but to this day no one knows where they went. if indeed they ever existed. It's remotely possible that the print run was somehow miscounted.

Re:It's the voters, stupid!

[jimbolauski]

When the Russians chose to use their PsyOps they had an option of choosing a person had received millions of dollars from speaking fees, business deals, donations to their charity, and campaign contributions from people with ties to Russia. The same person that signed off on allowing Russia to buy a controlling stake in a company that produces 1/5 of the US uranium production. Yet they choose the other guy?

I find it far more believable that any Russian PhyOps were aimed at undermining confidence in the election process, rather then them influencing the outcome of the next US president.

Why

[roninmagus]

I understand the sentiment, though I disagree with it. "Trump == BAD || Trump == OTHERPARTY" so let's do all we can to delegitimize the election."

But widespread hacking seems to me to be a near impossibility, due to the way the US election system is set up. For those outside the country: We don't have a central counting system. It's district-by-district, state-by-state. With different machines, people, safeguards, watchers, etc. Not impermeable, but pretty darn good.

If the Russians did "hack" the election, it was via propaganda to change the hearts and minds of voters. Which is exactly what our politicians do every day. So even if they were involved, even at the request of a given candidate, I don't quite see the problem. It's just the modus operandi, working as designed to fool the American public into voting for a particular candidate.

DEFCON

[Fire_Wraith]

Incidentally, this is one of the really cool things about DEFCON, and one of the reasons why I like to go. It really is a -hacking- conference, in the original sense of the word. There's all sorts of things you can get hands-on with, take apart, scan, mess with, etc. No releases, no NDAs, no "but don't really do anything that could break it." In the last two years I saw everything from cars to home appliances to ICS/SCADA systems and more. This is exactly the kind of thing that DEFCON is known for, and I look forward to messing with them myself (as well as watching what others do and find).

What's even more interesting is that from what I've seen, it's increasingly the companies and the government themselves bringing this stuff, because they're realizing the value of unleashing the curiousity and skill of the hacker mindset on some of these things, never-mind the PR value (Two years ago Tesla brought a Model S to the main ballroom, and let people hack away at it, while advertising their bug bounty program, for instance).

Go back to PAPER ballots!

[p51d007]

I NEVER cared for ANY electronic voting machines. It is way too easy to change electronics. All these hack attempts do is give whomever is the opposition in DC, a 30 second sound bite on TV, as to why they lost an election. To remove that, go back to paper ballots. To add to that, after you vote, you should dip your finger in that non removable ink also.