Everything is Broken—And That’s OK, Because It’s Getting Better
Written by Maurice Turner
Last year, the theme of DEF CON was “The View from Dystopia’s Edge” – headlines like “An 11-Year-Old Changed The Results Of Florida’s Presidential Vote At A Hacker Convention” certainly delivered on that message. This year’s theme, “Technology’s Promise,” was meant to invoke feelings of hope about the benefits of incorporating technology to help solve seemingly intractable problems, such as securing elections. My experience at the DEF CON and BSidesLV security conferences reinforced the idea that there is a great opportunity for progress in the election space when communities can come together.
One of the key concerns we face is a limited number of election equipment vendors. For all of the talk about how the decentralized election system in America is a security feature, there is a false sense of diversity. In reality, the top three election system vendors have a combined market share of more than 90%. This high level of concentration is exacerbated by the fact that long-term federal funding has been limited to large infusions once every 15 years.
Despite the significant barriers to enter the market, the attention that election security has generated due to DEF CON’s Voting Machine Hacking Village is enough to attract some new members to the community. I shared a panel on “Free and Fair Elections in an Internet Era” at BSidesLV with one of them, Tusk Philanthropies. The organization aims to increase voter turnout; one way to do this is to allow voters to use their own mobile device. Tusk is supporting the mobile elections platform Voatz’s work to do just that through a series of pilots in West Virginia, Colorado, and Utah. It is important for alternative voting methods to be explored and, more importantly, have the results of those pilot programs be made available to the public for scrutiny and learning.
Elections technology innovation is also coming from the federal government. The U.S. Defense Advanced Research Projects Agency (DARPA) demonstrated a prototype of high-assurance secure hardware from its System Security Integration Through Hardware and Firmware (SSITH) program. DARPA was not at DEF CON as a traditional vendor with a finished product to promote. Rather, the goal was to get election security researchers to examine the prototype secure voting system, and to better understand what the SSITH program can accomplish in terms of demonstrating secure hardware systems. The prototype system even included built-in vulnerabilities for the researchers to try to find and exploit. Exploring radically different models of voting and protecting those systems using modern technologies is something that the current election systems market discourages because so many resources are focused on maintaining, not disrupting, the status quo.
Some election officials in attendance were able to experience the DEF CON Villages firsthand through a “chaperone” program organized by DHS. Hacker Summer Camp (the colloquial name for the successive Black Hat, BSidesLV, and DEF CON security conferences) can be an intimidating environment for policymakers. Pairing new attendees with DEF CON regulars for an afternoon of visiting other villages showed a pathway toward a mature village with active vendor participation. My group spent valuable time in the BioHacking Village, where representatives from 10 medical device-makers brought their wares for researchers to explore. The researchers weren’t simply picking over the digital carcasses of secondhand equipment. They were engaging with modern devices in an immersive hospital environment while learning responsible research and vulnerability disclosure techniques. The experience highlighted just how much can be accomplished when researchers, vendors, and practitioners work together, especially in critical infrastructure sectors.
There are still challenges. While the election community has matured since the Voting Machine Hacking Village made its DEF CON debut in 2017, when organizers were threatened and criticized by vendors for just having equipment available to be openly hacked, the Voting Village would greatly benefit from direct participation from vendors. This year revealed more vulnerabilities in even more equipment, such as passwords stored in plain text on pollbooks and a scanner that could be opened after the polls closed. Dominion committed to bringing their current line-up of election products but could not come to an agreement with Voting Village organizers on the rules of engagement. It was a small but important step in building trust toward a more productive vendor-researcher relationship that other sector-specific villages, like the Car Hacking Village and Industrial Control Systems Village, have achieved after an equally tumultuous start.
The hacker ethos is that, if we look closely enough at any system, we can find something that is broken. Elections are no different. But we are improving. It was heartening to see the positive steps that come from the exploration of modern technologies and building relationships with the research community to find and secure vulnerabilities.