DEFCON attendees hack US voting machines in minutes, exploit multiple vulnerabilities

subfinitum / Flickr voting machine...
subfinitum / Flickr

From The Hill comes one of those “we were always afraid it could be this bad” kind of stories …

Hackers at a competition in Las Vegas were able to successfully breach the software of U.S. voting machines in just 90 minutes on Friday, illuminating glaring security deficiencies in America’s election infrastructure.

Tech minds at the annual “DEF CON” in Las Vegas were given physical voting machines and remote access, with the instructions of gaining access to the software.

DEFCON is an annual hacker/cybersecurity convention. The Hill’s report cites The Register, a rag I will not link to. But the report is confirmed by eWeek, which is reputable:

Security researcher Carsten Schurmann was able to get remote access to a WinVote machine in the village, that was actually used in a local election in 2014. Schurmann explained to the steady stream of media that came to ask questions that the system had an open port that allowed Windows Remote Desktop sessions.

And then there’s this:

90 min after doors open: Complete remote control on the operating system level of the Winvote voting terminal (including election data).

— DEFCON VotingVillage (@VotingVillageDC) July 28, 2017


This needs to be fixed, folks. The only secure, recountable mechanical voting system is the one we use in Minnesota: optical scan ballots. The ballots themselves are scanned and counted by the machine, which stores the paper ballots in a locked receptacle. The ballots can be recounted — and in Minnesota, recounts are not all that unusual. The system works and is foolproof. 

Any other system is vulnerable and must be consigned to the dustbin of history.

Leave a Comment

Be the First to Comment!

Notify of