Concerned about potential hacking two months away from the state’s closely watched gubernatorial election, Virginia’s state Board of Elections voted Friday to replace any touchscreen voting machines before November’s elections.
The three-member board voted unanimously to decertify Direct Recording Electronic voting machines, acting partly out of concern that their security had been compromised at DefCon, an annual hack-a-thon held in July in Las Vegas. The machines do not produce a paper trail, which the department described as an important security feature….
Ahead of the vote, state elections officials laid out concerns about the machines in a report, which noted vulnerability exposed and exacerbated by hackers at DefCon.
“DefCon, an annual conference of hackers, promoted the ‘Voting Machine Hacking Village’ at which multiple voting machines, mostly DREs, were made available,” it said. “Multiple types of DREs, some of which are currently in use in Virginia, were hacked according to public reports from DefCon. Additional troubling reports from DefCon were publicized, including one that expressly stated the password for a DRE that was in use in the Commonwealth, and one that indicated that some DREs in use have a single password shared by all machines from an individual vendor.”