Hackers challenging kids as young as 5 to penetrate voting machines

Hackers at the hacking conference DEFCON 18 are holding a contest this year for kids, awarding prizes to the first and youngest child to penetrate U.S. voting machines.  The conference made headlines last year when every single machine related to voting technology was hacked – some in a matter of hours.

Their point is to show how laughable U.S. election security has become.  They're doing a damn fine job of that.

ABC News:

Jake Braun, a former White House liaison for the U.S. Department of Homeland Security, told ABC News that the conference decided to invite young hackers because it would be a "waste of time" to demonstrate that cybersecurity experts can hack election results reporting sites.

"These websites are so easy to hack we couldn't give them to adult hackers – they'd be laughed off the stage," Braun told ABC News.  "They thought hacking a voter website was interesting 20 years ago.  We had to give it to kids to actually make it challenging."

Joseph Lorenzo Hall, chief technologist at Washington-based nonprofit the Center for Democracy and Technology, said it wasn't at all surprising that the machines were so quickly breached at last year's conference – several were broken into within two hours, and all within two-and-a-half days – given that cybersecurity experts have known about most of the weak points for years.

Many of the most common voting machine models are more than 15 years old and run on outdated operating systems such as Windows 2000, meaning that, in some cases "the biggest barrier to hacking them was finding the right pieces of old software," Hall said.

The question isn't whether they can hack the machines.  We'll take that as a given.  The question is whether any hacker would be able to get into the machines and not leave any traces of his access.  Given the expertise of today's forensic computer specialists, this would prove to be a challenge for all but the best hackers.

Hacking election technology in order to change the result of an election would be catastrophic for American democracy.  If we can't trust the results of the elections, how can the winners receive the consent of the governed?  When the fundamental tenets of American democracy are under assault, you would think the government would redouble its efforts to provide adequate election security.

Instead, House Republicans refused to renew election security funding.  The issue has become a political football, with Democrats accusing Republicans of sabotaging American elections while Republicans accused Democrats of grandstanding, given that states already have adequate funding for security. 

Republicans are probably right, but given the threat level, how much funding is too much?

Hackers at the hacking conference DEFCON 18 are holding a contest this year for kids, awarding prizes to the first and youngest child to penetrate U.S. voting machines.  The conference made headlines last year when every single machine related to voting technology was hacked – some in a matter of hours.

Their point is to show how laughable U.S. election security has become.  They're doing a damn fine job of that.

ABC News:

Jake Braun, a former White House liaison for the U.S. Department of Homeland Security, told ABC News that the conference decided to invite young hackers because it would be a "waste of time" to demonstrate that cybersecurity experts can hack election results reporting sites.

"These websites are so easy to hack we couldn't give them to adult hackers – they'd be laughed off the stage," Braun told ABC News.  "They thought hacking a voter website was interesting 20 years ago.  We had to give it to kids to actually make it challenging."

Joseph Lorenzo Hall, chief technologist at Washington-based nonprofit the Center for Democracy and Technology, said it wasn't at all surprising that the machines were so quickly breached at last year's conference – several were broken into within two hours, and all within two-and-a-half days – given that cybersecurity experts have known about most of the weak points for years.

Many of the most common voting machine models are more than 15 years old and run on outdated operating systems such as Windows 2000, meaning that, in some cases "the biggest barrier to hacking them was finding the right pieces of old software," Hall said.

The question isn't whether they can hack the machines.  We'll take that as a given.  The question is whether any hacker would be able to get into the machines and not leave any traces of his access.  Given the expertise of today's forensic computer specialists, this would prove to be a challenge for all but the best hackers.

Hacking election technology in order to change the result of an election would be catastrophic for American democracy.  If we can't trust the results of the elections, how can the winners receive the consent of the governed?  When the fundamental tenets of American democracy are under assault, you would think the government would redouble its efforts to provide adequate election security.

Instead, House Republicans refused to renew election security funding.  The issue has become a political football, with Democrats accusing Republicans of sabotaging American elections while Republicans accused Democrats of grandstanding, given that states already have adequate funding for security. 

Republicans are probably right, but given the threat level, how much funding is too much?