DARPA has a new voting booth, and it wants you to hack it
DARPA, the group behind the modern internet and stealth technology, is taking a big swing at hack-resistant voting booths.
It has been working on new ways of securing computers and other electronic devices for years now in a program it calls System Security Integration Through Hardware and Firmware. The basic idea is simple: Instead of securing electronics solely or primarily through software, they can improve hardware and firmware—the programming at the most foundational level of how a computer operates so that hackers can't get in.
Now, there's a demonstration voting booth with some of these improvements incorporated into it, and DARPA is taking it on the road to a hackers' conference.
To be clear, though, this isn't a finished product, and DARPA hasn't indicated that the demonstration booth will prove to be secure. In fact, there are 15 processors in development with university and industry teams working on this DARPA program, and only two will be made available for hackers to attempt and intrude upon.
The demonstration booth will be set up at DEF CON 2019, one of the largest and longest-running underground hacking conferences. It will have a set of processors, and the participating research teams will be able to modify those processors according to their proposed hardware and firmware security upgrades.
Hackers will then be able to attack the booth via USB or ethernet access.
Any weaknesses that the hackers identify will be addressed by the research teams as they continue to develop hardware designs and firmware upgrades to make voting booths more secure. Once the teams have finished products with robust security, DARPA will ... probably close down the program.
Yeah, DARPA doesn't typically create final designs of products or manufacture anything. It even does relatively little of its own research most of the time. The standard DARPA model is to identify a problem or opportunity, set up a program that recruits lots of researchers from academia and industry, give those researchers money according to performance metrics, and then let the industry partners buy up research and patents and create new products.
So the best case for DARPA isn't that their demonstration voting booth fends off all attackers. It's that the booth takes some real hits and the research teams find out what vulnerabilities still exist. Then the research teams can create awesome hardware architectures and programming that will be more secure. But DARPA does have one surprise twist from their standard model.
Instead of leaving most of the tech developed for the voting booths in private and academic hands, it's pushing for the design approaches and techniques to be made into open-source technologies, meaning anyone can use them.
But still, don't expect to see these amazing voting booths when you vote in 2020. DARPA wants to spend 2019 touring the booth at universities and allowing more experts to attack it, then bring it back to DEF CON in 2020 with new tech built on a STAR-Vote architecture, an open-source build with its own democratic safeguards like paper ballots. Most state and local governments don't update their voting hardware all that often, let alone in the months leading up to a major election.
So the earliest you could see new, DARPA-funded tech at your local polling place is the 2022 mid-terms, and more likely the 2024 or later elections.