I wrote about voting machine and election website vulnerabilities about two and a half weeks ago, and that diary generated a tremendous amount of feedback.
Some of the commenters thought I was onto something, while others thought I was on something. And they were right! (To paraphrase Afroman, I was gonna write a trenchant, non-conspiratorial diary dispassionately assessing our election systems’ susceptibility to hostile foreign actors bent on vitiating the integrity of our democratic institutions — which remain the lifeblood of our venerable republic … but then I got high. So you’ll have to settle for the crap I am going to write.)
Anyway, there’s new information to chew on, and here it is: It’s so easy to hack into state election websites, a child can literally do it.
An 11-year-old boy on Friday was able to hack into a replica of the Florida state election website and change voting results found there in under 10 minutes during the world’s largest yearly hacking convention, DEFCON 26, organizers of the event said.
Thousands of adult hackers attend the convention annually, while this year a group of children attempted to hack 13 imitation websites linked to voting in presidential battleground states.
The boy, who was identified by DEFCON officials as Emmett Brewer, accessed a replica of the Florida secretary of state’s website. He was one of about 50 children between the ages of 8 and 16 who were taking part in the so-called “DEFCON Voting Machine Hacking Village,” a portion of which allowed kids the chance to manipulate vote tallies, party names, candidate names and vote count totals.
Nico Sell, the co-founder of the the non-profit r00tz Asylum, which teaches children how to become hackers and helped organize the event, said an 11-year-old girl also managed to make changes to the same Florida replica website in about 15 minutes, tripling the number of votes found there.
Now, these are election websites, not the voting machines themselves, so we shouldn’t panic too much. And these were only replicas of the state websites, not the sites themselves. Indeed, a statement from the National Association of Secretaries of State helpfully pointed that out:
“It would be extremely difficult to replicate these systems since many states utilize unique networks and custom-built databases with new and updated security protocols,” it read. “While it is undeniable websites are vulnerable to hackers, election night reporting websites are only used to publish preliminary, unofficial results for the public and the media. The sites are not connected to vote counting equipment and could never change actual election results.”’
That said, the prospect of Russians (or anyone else) rooting around in these sites unhindered is simply chilling. Just last week, Sen Bill Nelson (D-Fla.) announced that Russian hackers had already penetrated some of his state’s election systems.
Meanwhile, some veteran hackers are concerned that election officials simply aren’t taking the threat seriously enough:
But Sell said the exercise the children took part in demonstrates the level of security vulnerabilities found in the U.S. election system.
“To me that statement says that the secretaries of states are not taking this seriously. Although it’s not the real voting results it’s the results that get released to the public. And that could cause complete chaos,” she said. “The site may be a replica but the vulnerabilities that these kids were exploiting were not replicas, they’re the real thing.”
“I think the general public does not understand how large a threat this is, and how serious a situation that we’re in right now with our democracy,” she said.
Can we fix this, please? We’ve already elected enough orange dipshits for one millennium. Please, no more.
Yo! Dear F*cking Lunatic: 101 Obscenely Rude Letters to Donald Trump by Aldous J. Pennyfarthing is now available at Amazon! Buy there (or at one of the other fine online retailers carrying it), or be square.