It Takes a Village to Hack a Voting System

Presented at The Circle Of HOPE (2018), July 20, 2018, 5 p.m. (60 minutes)

Modern electronic voting systems are notoriously vulnerable to attack, and the 2016 election was perhaps the first time we saw evidence of state actors attempting to compromise local election system infrastructure. But how insecure are the actual voting systems we use? And how can the average hacker get access to these systems to find out firsthand? Last year, the speakers organized the first ever Voting System Hacking Village at Defcon, in which the community was invited to example, take apart, and hack several real voting systems used in U.S. elections. Many exploitable vulnerabilities were discovered or reproduced over the course of the weekend. This talk will describe how the voting village was organized, the technical and legal challenges in doing so, and how you too can (legally!) obtain and hack real election equipment. The background and requirements for secure elections will also be discussed, as well as how technology can both hurt and help these requirements.

Presenters:

• Margaret MacAlpine
  **Margaret MacAlpine** is an election auditing specialist and system testing technologist. She has worked on a variety of projects that include electronic testing of voting registration systems and election security for a variety of countries, states, and counties. She is a highly specialized technologist in testing and performing risk limiting and transitive audits on election results.
• Harri Hursti
  **Harri Hursti** began his career as the prodigy behind the first commercial public email and online forum system in Scandinavia. He founded his first company at the age of 13 and went on to co-found EUnet-Finland in his mid twenties. Today, Harri continues to innovate and find solutions to the world’s most vexing problems. He is among the world’s leading authorities in the areas of election voting security and critical infrastructure and network system security.
• Matt Blaze
  **Matt Blaze** is a professor in the computer and information science department at the University of Pennsylvania, where he hacks on security, cryptography, voting, surveillance, and public policy. He’s spoken at almost every HOPE conference.

Links:

• https://xii.hope.net/schedule.html#-it-takes-a-village-to-hack-a-voting-system-
• https://infocon.org/cons/2600/The Circle of HOPE (2018)/The Circle of HOPE (2018) It Takes a Village to Hack a Voting System.mp4
• https://infocon.org/cons/2600/The Circle of HOPE (2018)/The Circle of HOPE (2018) It Takes a Village to Hack a Voting System.eng.srt (subtitles)
• https://www.youtube.com/watch?v=a2ZiR4FrH-c

Similar Presentations:

• Black Hat USA 2018 / Lessons from Virginia - A Comparative Forensic Analysis of WinVote Voting Machines
• Black Hat USA 2020 Virtual / Building a Vulnerability Disclosure Program that Works for Election Vendors and Hackers
• 31C3 (2014) / Security Analysis of Estonia's Internet Voting System