Election Security 101

Presented at Diana Initiative 2020 Virtual, Aug. 22, 2020, 2:30 p.m. (30 minutes)

Election security in the United States is one of the most complex and difficult cybersecurity challenges facing our country today. Outdated and vulnerable equipment, chronic underfunding, untrained personnel, and a bewildering diversity of jurisdictions and laws are only the beginning of the problems the country faces going into the 2020 election cycle, and experts agree that little to nothing has been done to solve them. All of this in addition to the struggles the country faces with the onslaught of COVID-19. In 2017, the DEF CON Voting Machine Hacking Village was convened by myself and my fellow organizers, Matt Blaze, Harri Hursti, and Jake Braun. Together, we opened up the previously restricted voting machinery for public, good-faith hacking efforts to explore and educate the security challenges inherent in these machines. In my talk, I will be giving an overview of the overall state of the industry for election security in the U.S. going back to the 2000 Florida recount. Among the topics, I’ll be addressing are how the industry got to its current state, what we can do to improve it, and the individual findings of the three DEF CON Voting Machine Hacking Village reports released since 2017. Our findings have also been featured in a newly released HBO documentary, "Kill Chain".

Presenters:

• Maggie MacAlpine - Speaker
  Maggie MacAlpine is an election security specialist and one of the co-founders of the DEF CON Voting Machine Hacking Village. Over the course of ten years spent in the election security field, MacAlpine has been a contributing researcher on the “Security Analysis of the Estonian Internet Voting System” in partnership with the University of Michigan and a co-author of the DEF CON Voting Village Machine Hacking Village annual report for the past three years. MacAlpine has served as an advisor for the office of the Secretary of State of California for the Risk Limiting Audit Pilot Program 2011-2012, and is widely regarded as an expert on the use of high-speed scanners for conducting post-election audits. As a pro-bono consultant and most recently with her firm, Nordic Innovation Labs, she has advised on election security and auditing practices in numerous US states including Connecticut, New Hampshire, Florida, California, Colorado, and Kentucky. She has been a speaker on election security at conferences including DEF CON, ShmooCon Hacker Conference, PacSec Tokyo and in presentations to Capitol Hill.

Links:

• https://tdi2020.sched.com/event/dPlN/election-security-101

Similar Presentations:

• Black Hat USA 2018 / Lessons from Virginia - A Comparative Forensic Analysis of WinVote Voting Machines
• Black Hat USA 2020 Virtual / Building a Vulnerability Disclosure Program that Works for Election Vendors and Hackers
• The Circle Of HOPE (2018) / It Takes a Village to Hack a Voting System