• Local Produce
  • Buy Local
  • Local Seafood
  • Local Food
  • Local Music
  • Local Art
  • Local Churches

CAPE CHARLES MIRROR

Reflections on Cape Charles and the Eastern Shore

  • Local Services
  • Local Rentals
  • Local Employment
  • News
  • Opinion
  • Classifieds
  • PODCAST
  • Pets
  • Contact Us

11 Year-old Hacks Voting Machine in just a few minutes

August 19, 2018 by Wayne Creed Leave a Comment

An 11-year-old successfully hacked a replica website for the Florida Secretary of State and changed election results in less than 10 minutes during a hacking convention in Las Vegas, according to event organizers.

The Vote Hacking Village, one of the most packed-out locations at this year’s DEF CON hacking conference in Las Vegas, saw many of the most commonly used US voting machines hijacked using a variety of wireless and wired attacks – and replica election websites so poorly constructed they were thought too boring for adults to probe and left to youngsters to infiltrate.

The first day saw 39 kids, ranging in age from six to 17, try to crack into facsimiles of government election results websites, developed by former White House technology advisor Brian Markus. The sites had deliberate security holes for the youngsters to exploit – SQL injection flaws, and similar classic coding cockups.

All but four of the children managed to leverage the planted vulnerabilities within the allotted three-hour contest. Thus, it really is child’s play to commandeer a website that doesn’t follow basic secure programming practices nor keep up to date with patches – something that ought to focus the minds of people maintaining election information websites.

Nearly 40 hackers from 6 to 17 years old attempted to hack replicate websites in 6 swing states during the DEFCON hacking event on Friday and Saturday.

More than 30 hackers were able to complete an exploit. The quickest exploit was done in under 10 minutes by 11-year-old Emmett Brewer.

The hackers were able to successfully tamper with vote tallies, party names, candidate names, and total vote counts were changed to numbers including “12 billion.” One hacker also changed a candidate’s name to “Bob Da Builder.”

The children were able to change vote tallies so that they numbered 12 billion, and rewrite party names as well as the names of candidates. Kids being kids, these latter changes included “Bob Da Builder” or “Richard Nixon’s Head” – we spotted the Futurama fan there.

On the adult side, Premier/Diebold’s* TSX voting machines were found to be using SSL certificates that were five years old, and one person managed to, with physical access, upload a Linux operating system to the device and use it to play music, although that hack took a little more time than you’d get while voting.

Diebold’s Express Poll 5000 machines were even easier to crack, thanks to having an easily accessible memory card, which you could swap out while voting, containing supervisor passwords in plain text. An attacker could physically access and tamper with these cards, which also hold the unencoded personal records for all voters including the last four digits of their social security numbers, addresses, and driver’s license numbers.

Hackers thus found that by inserting specially programmed memory cards when no election official is looking, they could change voting tallies and voter registration information. And take a guess what the root password was? Yes, “Password” – again stored in plain text.

More bizarrely, voting machine manufacturer WinVote’s VoteActive device was found to contain pop music. The machine, which was running Windows XP, could be hacked wirelessly in seconds and had a music player and CD ripper program built in. It is believed this music stuff was left lying around in unused and unallocated space on the disk.

Number one question at @VotingVillageDC this week: given how insecure voting systems are, what should we do? The overwhelming consensus among experts: 1 – Paper ballots (precinct-counted optical scan) 2 – Mandatory risk-limiting audits 3 – More resources to protect back-end systems

Filed Under: Bottom, News

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

Join the Conversation!

Send letters, opinion, goings on or photos to capecharlesmirror@gmail.com

Mirrors

Recent Comments

  • Paul Plante on Congresswoman Elaine Luria Statement on the Vote to Certify President-Elect Joe Biden’s Electoral College Victory
  • Mjm on 481,550 Virginians Have Received Covid-19 Vax
  • Scotiagirl on Was the Whole Storming the Bastille Thing was Staged
  • Paul Plante on Was the Whole Storming the Bastille Thing was Staged
  • Paul Plante on Was the Whole Storming the Bastille Thing was Staged
  • Paul Plante on Was the Whole Storming the Bastille Thing was Staged
  • Scotiagirl on Was the Whole Storming the Bastille Thing was Staged
  • Paul Plante on Opinion: Making it Up as they Go
  • MJM on History Notes this week of Jan 3rd
  • Matthew Justinak on Check the Code: Dominion Voting system tied to Hugo Chavez voter fraud was used in 2020 swing states
  • Paul Plante on Congresswoman Elaine Luria Statement on the Vote to Certify President-Elect Joe Biden’s Electoral College Victory
  • Paul Plante on Northam Wants to Accelerate Vaccine Rollout
  • Paul Plante on Northam Wants to Accelerate Vaccine Rollout
  • Paul Plante on 481,550 Virginians Have Received Covid-19 Vax
  • Scotiagirl on Was the Whole Storming the Bastille Thing was Staged
  • Louise Trader Johnson on Congresswoman Elaine Luria Statement on the Vote to Certify President-Elect Joe Biden’s Electoral College Victory
  • MJM on 481,550 Virginians Have Received Covid-19 Vax
  • Paul Plante on Congresswoman Elaine Luria Statement on the Vote to Certify President-Elect Joe Biden’s Electoral College Victory
  • Paul Plante on Opinion: Making it Up as they Go
  • Publius Americanus on Deplorables: You Know Who You Are

Trending Now

  • List Of Clinton Associates Who Allegedly Died Mysteriously Or Committed Suicide Before Testimony
  • Joe Biden: America is Doomed by Increased Minority Presence
  • Was the Whole Storming the Bastille Thing was Staged
  • Solarwinds Orion Hack: How compromised are Dominion Voting Systems?
  • Congresswoman Elaine Luria Statement on the Vote to Certify President-Elect Joe Biden's Electoral College Victory
  • Lot's of Beautiful Pups still need homes
  • 481,550 Virginians Have Received Covid-19 Vax
  • Check the Code: Dominion Voting system tied to Hugo Chavez voter fraud was used in 2020 swing states
  • Town of Cape Charles Seeks Senior Planner
  • Deplorables: You Know Who You Are

Subscribe to CC Mirror via Email

Enter your email address to subscribe

Copyright © 2021 · News Pro Theme on Genesis Framework · WordPress · Log in