11-Year-Old Changes Election Results On Florida's Website: Defcon 2018

UnknowingFool writes: At this year's DEFCON, a group of 50 children aged 8 to 16 participated in a hack of 13 imitation election websites. One 11-year-old boy changed the voting results in 10 minutes. A 11 year-old-girl was also able to change the voting results in 30 minutes. Overall, more than 30 of the 50 children were able to hack the websites in some form. The so-called "DEFCON Voting Machine Hacking Village" allowed kids the chance to manipulate vote tallies, party names, candidate names and vote count totals. The 11-year-old girl was able to triple the number of votes found on the website in under 15 minutes.

The National Association of Secretaries of State said in a statement that it is "ready to work with civic-minded members of the DEFCON community wanting to become part of a proactive team effort to secure our elections." But the organization expressed skepticism over the hackers' abilities to access the actual state websites. "It would be extremely difficult to replicate these systems since many states utilize unique networks and custom-built databases with new and updated security protocols," it read. "While it is undeniable websites are vulnerable to hackers, election night reporting websites are only used to publish preliminary, unofficial results for the public and the media. The sites are not connected to vote counting equipment and could never change actual election results."

Hack an election with paper trail

OR.... hack an election with the paper audit trail type voting machines, then challenge the result. The recount of the paper trail vs the machine will show the fraudulent nature of the machine count.

If you look at the current state of voting machine, you'll been dismayed. Pennsylvania still has paperless voting machines, it still cannot verify the election result and its not the only state to get unexpected voting results.

https://www.buzzfeednews.com/article/kevincollier/the-voting-machines-in-pennsylvanias-18th-dont-leave-a

The only fix for that is to show how the paper trail reveals the fraud, then block the use of these Fisher Price voting machines in court so trustable paper voting can be used.

Re:Misleading Title

[AmiMoJo]

Which is normally how security demos work, because hacking the real site would be illegal.

The point here is that those sites are vulnerable to literal script kiddie attacks. While the government tries to hand wave it away as just an attack on a site showing preliminary results and correctly points out that such a site would not be used to make the official determination of who won, that's missing the point.

These days such a hack would spawn a brand new QAnon-style conspiracy theory, pushed on social media by the same people did the hack. It would further erode trust in the electoral system, which leads to lower turnout next time. It makes the whole process look like some dictatorship doing a bad job of rigging the votes.