Hackers at convention to ferret out election system bugs

Send a link to a friend  Share

[August 10, 2018]  By Christopher Bing

LAS VEGAS (Reuters) - Def Con, one of the world's largest hacker conventions, will serve as a laboratory for breaking into voting machines this week, extending its efforts to identify potential security flaws in technology that may be used in the November U.S. elections.

The three-day "Voting Village," which opens in Las Vegas on Friday, also aims to expose vulnerabilities in devices such as digital poll books and memory-card readers.

Def Con held its first voting village last year after U.S. intelligence agencies concluded the Russian government used hacking in its attempt to support Donald Trump's 2016 candidacy for president. Moscow has denied the allegations.

Organizers have returned ahead of the November elections, in which Democrats hope to take control of the U.S. House of Representatives. Trump's national security team last week warned that Russia had launched "pervasive" efforts to interfere in the elections.

"These vulnerabilities that will be identified over the course of the next three days would, in an actual election, cause mass chaos," said Jake Braun, one of the village's organizers. "They need to be identified and addressed, regardless of the environment in which they are found."

Participants will have a chance to hack into more than five types of voting machines from manufacturers including Elections Systems & Software and Dominion Voting.

Last year a Danish researcher figured out how to take control of a touch-screen voting system used through 2014 in a remote hack that organizers said could work from up to 1,000 feet away.

A group representing U.S. secretaries of state lauded the goal of bolstering election security, but warned that the findings might be skewed.

[to top of second column]

 Participants are silhouetted as they pass through the IOT (Internet of Things) Village during the Def Con hacker convention in Las Vegas, Nevada, U.S., July 29, 2017. REUTERS/Steve Marcus/File Photo

"It utilizes a pseudo environment which in no way replicates state election systems, networks or physical security," the National Association of Secretaries of State said in a statement.

"Providing conference attendees with unlimited physical access to voting machines, most of which are no longer in use, does not replicate accurate physical and cyber protections established by state and local governments before and on Election Day," the group said.

Verified Voting, an advocacy group that helped organize the hacking village, said that some of the voting machine models being tested are still used to tally votes across the United States.

One system, the Dominion Premier/Diebold AccuVote TSx system, is used in 20 states and 23,784 precincts, according to Verified Voting.

(Reporting by Christopher Bing in Las Vegas; Editing by Jim Finkle and Richard Chang)

[© 2018 Thomson Reuters. All rights reserved.]

Copyright 2018 Reuters. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.  Thompson Reuters is solely responsible for this content.

Back to top