The 2018 DEFCON Vote Hacking Village showed once again that our voting machines are way too easy to hack. Even though election system manufacturers refuse to allow independent researchers to vet their products directly, hackers at DEFCON have managed to get their hands on several systems in use today, and show that they are trivial to compromise. Jacob Hoffman-Andrews from the EFF explains what all of this means and the measures we need to take to address these shortcomings.

The PAVE Act that’s currently before Congress would provide mechanisms to mitigate the weaknesses of our voting systems by requiring a paper trail for all votes and risk-limiting audits to validate vote totals with minimal effort and cost. The companion Secure Elections Act is now a much weaker bill and would need to have these provisions restored.

Jacob Hoffman-Andrews is a lead developer on Let’s Encrypt, the free and automated Certificate Authority. He also works on EFF’s Encrypt the Web initiative and helps maintain the HTTPS Everywhere browser extension. Prior to working at EFF, Jacob was on Twitter’s anti-spam and security teams. One the security team, he implemented HTTPS-by-default with forward secrecy, key pinning, HSTS, and CSP. On anti-spam, he deployed new machine-learned models to detect and block spam in realtime. Before Twitter, he worked at Google, variously on the maps, transit, and shopping teams.

For Further Insight:
Follow on Twitter:

Subscribe to


Or subscribe with your favorite app by using the address below

Carey Parker began programming computers in middle school when personal computers were just starting to become popular. For years, these twin interests percolated until he attended Purdue University and he learned you could get paid to do this stuff – it was called Electrical Engineering! After obtaining a bachelor’s and a master’s degree in EE, Carey wrote software for multiple companies, large and small. In recent years, particularly after the Edward Snowden revelations in 2013, he became deeply concerned about computer security and privacy. In 2014, he combined his passion for computers, cybersecurity and fantasy novels with the long-time desire to write the book: Firewalls Don’t Stop Dragons.