Organizers at the DEF CON hacking conference in July are planning a mass cracking of US electronic election machines.
The event, which for over 20 years has attracted the best and the brightest in the hacking community, will see a group hackathon against the voting machines that are used in every US election these days. The purpose is to check whether the machinery that underpins the electoral system is up to scratch.
"Pretty much, just like everything else, it's time for hackers to come in and tell you what's possible and what's not," DEF CON founder Jeff Moss told Politico. "We're only going to play with them for a couple of days, but bad guys can play with them for weeks or years."
America was one of the earliest adopters of electronic voting systems, in part due to the fiasco of the 2000 presidential election that saw lawsuits over partially punched paper ballots. But there have been doubts raised about the security of electronic systems almost immediately since their introduction.
While there has never been definitive proof of election machine hacking, it has long been a concern and there have been allegations aplenty. Even now, security experts are finding worryingly easy ways to subvert legitimate vote counts.
"Up until now, the voting machine companies keep telling us everything is totally secure, when everyone in cybersecurity knows there's nothing that's totally secure, it's all just a matter of risk mitigation," said Jake Braun, cybersecurity lecturer at the University of Chicago. "It'll be good to get some independent folks who don't have an ax to grind one way or the other."
Other countries are also troubled by the prospect of voting machine manipulation. India is to hold a hackathon for its election machines to find out if they can be subverted, and the EU has voiced concern about voting security. US regulations on voting machines are lax to say the least, and the DEF CON crews should find lots of interesting holes.
The Register has yet to receive a response from manufacturers as to whether they will be patching beforehand. ®