Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Privacy Software United States Hardware Technology

DEFCON Conference To Target Voting Machines (politico.com) 105

An anonymous reader quotes a report from Politico: Hackers will target American voting machines -- as a public service, to prove how vulnerable they are. When over 25,000 of them descend on Caesar's Palace in Las Vegas at the end of July for DEFCON, the world's largest hacking conference, organizers are planning to have waiting what they call "a village" of different opportunities to test how easily voting machines can be manipulated. Some will let people go after the network software remotely, some will be broken apart to let people dig into the hardware, and some will be set up to see how a prepared hacker could fiddle with individual machines on site in a polling place through a combination of physical and virtual attacks. With all the attention on Russia's apparent attempts to meddle in American elections -- former President Barack Obama and aides have made many accusations toward Moscow, but insisted that there's no evidence of actual vote tampering -- voting machines were an obvious next target, said DEFCON founder Jeff Moss.
This discussion has been archived. No new comments can be posted.

DEFCON Conference To Target Voting Machines

Comments Filter:
  • by Anonymous Coward on Wednesday May 24, 2017 @05:21AM (#54475801)

    "Russians" didn't hack the voting machines (I don't know for sure, mind you, but it's pretty implausible). *If* they did anything (and this is far more plausible), then it was messing with the voter's brains, aka "social engineering", aka FUD, aka PsyOps.

    Yes, the vulnerabilities in the voting machines are embarrasing. Yes, it's fun uncovering them. There are many other reasons for counting votes the "traditional" way, secure machines or not. Still: don't let all this geeky stuff detract from the elephant in the room: buying Facebook personal data in bulk and correlating it with past votes, then sending targeted fake news has done much more in the last big polls (at least for Brexit and for the US Presidentials it is *known*) than any "classical hacker" vote fraud could have done.

    Hey, you USians even have a word for it, courtesy of one of your three-letter agencies: PsyOPS!

    • by vtcodger ( 957785 ) on Wednesday May 24, 2017 @06:27AM (#54475969)

      "There are many other reasons for counting votes the "traditional" way, secure machines or not."

      There are other alternatives as well. For example the town I live in uses paper ballots, but counts them with OCR -- which allows for a quick total when the polls close, but still allows a recount if a problem in a miscount is suspected.

      BTW, about 30 years ago, the town had a substantial number of blank ballots vanish on election day. Everyone is pretty sure they didn't end up in the vote count, but to this day no one knows where they went. if indeed they ever existed. It's remotely possible that the print run was somehow miscounted.

      • There are other alternatives as well. For example the town I live in uses paper ballots, but counts them with OCR -- which allows for a quick total when the polls close, but still allows a recount if a problem in a miscount is suspected.

        My precinct uses those types of ballots which I am really happy I can use.

        I tried using an electronic voting machine years ago and I'm pretty sure my vote didn't count. As I was submitting my ballot the machine threw up an error code about the built-in printer being out of paper. I notified a poll worker of the error and they just pulled the memory card that stores the ballot out of the machine and walked away. At that point the error message is replaced with another saying, "card removed too soon", and

    • by Nidi62 ( 1525137 ) on Wednesday May 24, 2017 @07:04AM (#54476123)

      "Russians" didn't hack the voting machines (I don't know for sure, mind you, but it's pretty implausible). *If* they did anything (and this is far more plausible), then it was messing with the voter's brains, aka "social engineering", aka FUD, aka PsyOps.

      Is there anyone credible that has actually been arguing the Russians physically hacked the elections? The media and Democrats have all been arguing that it wasn't physical hacking but social engineering. It's the (minority of) Republicans that keep keep trying to push for the standard definition of hacking, since, you know, there's no evidence for that (because Russia didn't do that). Plenty of well-respected Republicans are on the side of the Democrats, that there seems to be some pretty decent evidence pointing to successful Russian influence in the election, and given the hubbub around the Trump campaign's ties and communication with Russia raises some serious concerns.

      To be fair though, Russia has most likely been trying to influence our elections (and the elections of countless other state) since the 50s, just as we have theirs (and others). This is just the first time that their efforts seem to, at least visually, have had an impact. That, plus the fact that our president is a political neophyte who thinks running a country is no different than running a company-not realizing that you can't do backroom deals, ask for loyalty pledges,or try to ask people to drop/deny investigations-means that controversies that would have died and faded away with another politician at the head have instead flourished. To make matters worse, Trump has surrounded himself with people that, while they might be good (or at least lucky) with business, also have no idea how to run a country, and continue to allow Trump to run the country like a business. This is manifested by the inability of the administration to put out a coherent message on anything, and that the few people that might actually have a decent idea of what they are doing are constantly undercut by Trump himself who comes out a few hours later and completely destroys the narrative they had been putting out.

      • by Anonymous Coward

        I think you have a short memory, Russia was confirmed to have hacked two election databases, and so FBI offered help to states to secure their voter machine networks (which some took up and others did not).:

        http://www.nbcnews.com/news/us-news/russians-hacked-two-u-s-voter-databases-say-officials-n639551

        "Hackers based in Russia were behind two recent attempts to breach state voter registration databases, fueling concerns the Russian government may be trying to interfere in the U.S. presidential election, U.S

      • by jimbolauski ( 882977 ) on Wednesday May 24, 2017 @09:03AM (#54476791) Journal
        When the Russians chose to use their PsyOps they had an option of choosing a person had received millions of dollars from speaking fees, business deals, donations to their charity, and campaign contributions from people with ties to Russia. The same person that signed off on allowing Russia to buy a controlling stake in a company that produces 1/5 of the US uranium production. Yet they choose the other guy?

        I find it far more believable that any Russian PhyOps were aimed at undermining confidence in the election process, rather then them influencing the outcome of the next US president.
    • Comment removed based on user account deletion
    • We have no measurements at all on what any sort of fake news could of did. You cannot compare a nebulous quantity like this.

      While we have real studies on the likely number of illegals who voted. Studies that show the numbers are in the hundreds of thousands to millions.

      Meanwhile, half of the votes in the recounts we did, in Hillary majority districts, could not even be recounted because of problems.

      • We have no measurements at all on what any sort of fake news could of did.

        Well, it obviously didn't teach you to spell. Or write grammatically.

        "could've done", perhaps.

        But "could of did"? Nope.

    • by chispito ( 1870390 ) on Wednesday May 24, 2017 @10:36AM (#54477411)

      Still: don't let all this geeky stuff detract from the elephant in the room: buying Facebook personal data in bulk and correlating it with past votes, then sending targeted fake news has done much more in the last big polls

      The elephant in the room is that the opposing candidate was Hillary Clinton. The spite candidate prevailed in the primaries on both sides, except on the Republican side it was the voter's spite for their party, and on the Democratic side it was the party's spite for their voters.

  • Why (Score:4, Interesting)

    by roninmagus ( 721889 ) on Wednesday May 24, 2017 @07:25AM (#54476231)
    I understand the sentiment, though I disagree with it. "Trump == BAD || Trump == OTHERPARTY" so let's do all we can to delegitimize the election."

    But widespread hacking seems to me to be a near impossibility, due to the way the US election system is set up. For those outside the country: We don't have a central counting system. It's district-by-district, state-by-state. With different machines, people, safeguards, watchers, etc. Not impermeable, but pretty darn good.

    If the Russians did "hack" the election, it was via propaganda to change the hearts and minds of voters. Which is exactly what our politicians do every day. So even if they were involved, even at the request of a given candidate, I don't quite see the problem. It's just the modus operandi, working as designed to fool the American public into voting for a particular candidate.
    • by AHuxley ( 892839 )
      Fly into the states between the East and West elite coast.
      Give a speech that the people in the fly over states enjoy and tell their friends who vote about.
      Have some ability to connect to people all over the USA, talk and listen to their issues in each state.
      Give a good speech and people will notice the difference and that political difference worked all around the USA.
      More wars in other nations, sending more jobs outside the USA will not resonate with voters after decades of job losses and distant wars.
    • Re:Why (Score:5, Insightful)

      by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Wednesday May 24, 2017 @08:54AM (#54476705) Homepage Journal

      But widespread hacking seems to me to be a near impossibility, due to the way the US election system is set up. For those outside the country: We don't have a central counting system. It's district-by-district, state-by-state. With different machines, people, safeguards, watchers, etc. Not impermeable, but pretty darn good.

      You don't need widespread hacking. You only have to hack certain key swing locations.

    • I understand the sentiment, though I disagree with it. "Trump == BAD || Trump == OTHERPARTY" so let's do all we can to delegitimize the election."

      You've jumped to a conclusion. Defcon is about exposing weaknesses for fun and has no political affiliations.

  • DEFCON (Score:5, Interesting)

    by Fire_Wraith ( 1460385 ) on Wednesday May 24, 2017 @08:56AM (#54476725)
    Incidentally, this is one of the really cool things about DEFCON, and one of the reasons why I like to go. It really is a -hacking- conference, in the original sense of the word. There's all sorts of things you can get hands-on with, take apart, scan, mess with, etc. No releases, no NDAs, no "but don't really do anything that could break it." In the last two years I saw everything from cars to home appliances to ICS/SCADA systems and more. This is exactly the kind of thing that DEFCON is known for, and I look forward to messing with them myself (as well as watching what others do and find).

    What's even more interesting is that from what I've seen, it's increasingly the companies and the government themselves bringing this stuff, because they're realizing the value of unleashing the curiousity and skill of the hacker mindset on some of these things, never-mind the PR value (Two years ago Tesla brought a Model S to the main ballroom, and let people hack away at it, while advertising their bug bounty program, for instance).
  • by p51d007 ( 656414 ) on Wednesday May 24, 2017 @09:01AM (#54476777)
    I NEVER cared for ANY electronic voting machines. It is way too easy to change electronics. All these hack attempts do is give whomever is the opposition in DC, a 30 second sound bite on TV, as to why they lost an election. To remove that, go back to paper ballots. To add to that, after you vote, you should dip your finger in that non removable ink also.
  • Have any of the official US agencies had a go at hacking these voting machines or is security left entirely to the manufacturer?

  • The problem with politics is the process only allows for dishonest candidates.
    They are there to outsource and sell off all our resources.

    99% of candidates are corrupt and will never represent citizens.
    Check out how many are Business types and Chamber of Commerce members (Way too many)

    The corrupt political system makes it almost impossible for anyone honest to get on the ballot.

Never tell people how to do things. Tell them WHAT to do and they will surprise you with their ingenuity. -- Gen. George S. Patton, Jr.

Working...