Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Voting Machines Cracked In 90 Minutes At DEFCON (thehill.com)

Posted by EditorDavid on from the secret-ballot-machines dept.

An anonymous reader quotes The Hill: Hackers at at a competition in Las Vegas were able to successfully breach the software of U.S. voting machines in just 90 minutes on Friday, illuminating glaring security deficiencies in America's election infrastructure. Tech minds at the annual "DEF CON" in Las Vegas were given physical voting machines and remote access, with the instructions of gaining access to the software. According to a Register report, within minutes, hackers exposed glaring physical and software vulnerabilities across multiple U.S. voting machine companies' products. Some devices were found to have physical ports that could be used to attach devices containing malicious software. Others had insecure Wi-Fi connections, or were running outdated software with security vulnerabilities like Windows XP.
Though some of the machines were out of date, they were all from "major U.S. voting machine companies" like Diebold Nixorf, Sequoia Voting Systems, and WinVote -- and were purchased on eBay or at government auctions. One of the machines apparently still had voter registration data stored in plain text in an SQLite database from a 2008 election, according to event's official Twitter feed.

By Saturday night they were tweeting video of a WinVote machine playing Rick Astley's "Never Gonna Give You Up."

4 of 171 comments (clear)

  1. Not being used any more by FrankHaynes · · Score: 4, Informative

    In Virginia these machines have been decertified. I imagine other states have acted as well.

    --
    slashdot: A failed experiment.
    1. Re:Not being used any more by MillionthMonkey · · Score: 4, Informative

      The agency that's supposed to be in charge of securing voting machines is the Election Assistance Commission, which operates on a $10 million annual budget. A House committee voted along party lines for HR 634, the Election Assistance Commission Termination Act, which will completely shut it down by 2018.

      The argument is that "this is a matter best left to the states". According to Rep. Tom Graves from Georgia, "People supporting the EAC are quite frankly proponents for a greater federal role in our elections. States themselves, they're responsible for all the elections. We do not have a federally run election system." Rep. Gregg Harper from Mississippi argued the program has "outlived its usefulness", and that closing it down would save money and cut down the size and scope of government, saying "It is time for the EAC to be officially ended. We don't need fluff".

  2. Re:That proves more of a case for our President... by Anonymous Coward · · Score: 2, Informative

    Did you hear of the IT guy (paid millions) just arrested fleeing to Pakistan? Apparently he worked for Debbie Wasserman Schultz, the same DNC bitch that stole election from Bernie.. Why was some random guy making millions? Was he hacking the voter machines?

    DWS even threatened a DC Capitol police chief from investigating that: https://www.youtube.com/watch?v=lAAhMVoeCYg
    How that her henchman is finally arrested, guess who got his case? Assistant attorney that just happens to be DWS's brother! You can't make this shit up: http://www.hannity.com/content/2017-07-27-conflict-of-interest-dws-brother-works-in-us-attorneys-dc-office/

    Demonrats are corrupt to the bone. DNC needs to be investigated, indicted, tried, and locked up. Democrats need to be investigated under RICO.

  3. Oregon Vote By Mail - Hands Down The Best System by StevenMaurer · · Score: 4, Informative

    Voters receive their paper ballots about a month in advance. They can either fill it out and put it in the mail, or wait until the last minute and drop it off at any library or county clerk's office (think traffic court). All ballots must be in an envelope signed by the voter or it doesn't count. The county registrar has people trained to check signatures as they come in. If there is a mismatch, they contact the voter when there is time (sometimes older people, or those who have health issues, have shakier handwriting), and the voter can come down to straighten it out.

    The ballots are then put in bins, which are then tabulated (for cost efficiency) by high speed vote counting machines on election night. The machines are certified, tested with special ballot runs to make sure they're working correctly, and are not hooked up to the internet. And to the best of my understanding, don't even have any external interfaces.

    The paper ballots are never thrown away, in case there is a challenge. If the vote is very close, a recount is done automatically by hand. If not, the losing side can pay to have the recount done. All these processes are open to the public and are typically overseen by everyone from the most kook teabagger to the greenest of pretending-not-to-be-communist green.

    About eight years ago, on a special election night in Tillamook, there was a terrible winter storm. The main highway was quite literally flooded by 5 feet of water. Despite this, there was an over 80% turnout. Everyone had mailed in their ballots long before.

    Democrats love the system. Rural Republicans especially love the system. It's secure. Almost impossible to pull dirty tricks with. Basically impossible to hack. And best of all - cheap. Seriously. Because it reuses the US post system and libraries, there is no need to organize election stations, monitors, volunteers, reserve space for people to vote. It's nearly half the cost of all other systems.