https://forum.defcon.org/forum/defcon/dc25-official-unofficial-parties-social-gatherings-events-contests/dc25-villages/voting-machine-hacking-village/226138-new-for-def-con-25-voting-machine-hacking-village
On 07/27/2017 08:33 AM, Razer wrote: > https://www.usatoday.com/story/tech/2017/07/26/voting-machines-hackers-election-hack/507071001/ > > LAS VEGAS – Think of it as a stress test for democracy. Hackers plan to > spend this weekend trying to break into more than 30 voting machines > used in recent elections to see just how far they can get. > > U.S. election officials have consistently said that despite Russian > attempts to affect the outcome of the 2016 presidential election, no > votes were tampered with. > > Prove it, say organizers of DefCon, an annual hacker convention held in > Las Vegas each July. > > The idea is to “start hacking on (the machines) to raise awareness and > find out for ourselves what the deal is. I'm tired of reading > misinformation about voting system security,” Jeff Moss, DefCon founder, > wrote on the conference blog. > > One of the event organizers is Matt Blaze, a professor at the University > of Pennsylvania who's been working on making election software more > secure since the mid-2000s. The the best of his knowledge, this will be > the first time a technical crowd will have the ability to look at the > machines “on a large scale.” > > That’s in part because until 2015, it was illegal under the terms of the > Digital Millennium Copyright Act to try to hack into voting machines. > > “The Library of Congress granted an exemption that explicitly allowed > this type of research, to enable good faith research of security flaws,” > said Stephanie Singer a project lead with Free & Fair, a Portland, > Ore.-based election technology company. > > The event comes as attempted election meddling has become a major > geo-political issue both in the United States and worldwide. > > This week the Senate grilled the president’s son-in-law and adviser, > Jared Kushner, on possible collusion in Russian attempts to influence > the U.S. presidential election via hacking. (He denied collusion.) > > Prior to the 2016 presidential election, hackers probed election works > in at least 39 states, according to a report by Bloomberg last month. > > Cyberattacks over the past year in Ukraine, Bulgaria, Estonia, Germany, > France and Austria have attributes that linked them to suspected Russian > hackers, according to former National Intelligence director James > Clapper. They appeared to be aimed at influencing election results, > sowing discord and undermining faith in public institutions that > included government agencies, the media and elected officials. > > In all of this, there has been no indication that actual votes were > changed, the FBI has said. Election officials have cited the > decentralized nature of the U.S. election system, which is state, county > and sometimes even municipality-based. > > However, experts in election voting software say no states routinely > perform post-election vote audits to ensure that the reported vote count > tallies with ballots, Singer said. > > Moreover, there were no forensic examinations of any of the voting > machines used in the 2016 presidential election, in part because many > election-machine vendor contracts prohibit it, Singer said. > > That’s a red flag for hackers at DefCon. > > To see just how safe the voting machines that underpin democracy are, > they're bringing more than 30 voting machines purchased on eBay and at > government surplus sales to Las Vegas where they're setting up a “Voting > Machine Hacking Village” at the conference at Caesar's Palace. > > There they'll spend the weekend probing the network connecting the > machines, physically attempting to alter the machines and hacking into > their hardware. > > The effort is being overseen by two well-known researchers in the field > of election security, Blaze and Harri Hursti, a Finnish computer > programer who in 2005 showed it was possible to hack into a Diebold > voting machine and change vote tallies, a technique now known as “the > Hursti Hack.” > > "You never know what that kind of a spark will ignite. My hope is that > we’ll see a broadening of the community of people interesting in > improving the security of our election system,” Blaze said. > > The program is just one of a week's worth of computer security > conference events happening in Las Vegas. The first is Black Hat, > followed by DefCon. > > Other workshop topics include how to hack a wind farm, defenses against > drones (the French military is training eagles to pluck them out of the > sky), the latest in car hacking and an in-depth look at just how hard it > is to knock out the power grid (hint: not as hard as it should be.) > > --30-- >
