The Tech That Fought Back: How I Turned My Rejected ShmooCon Talk into a Democracy Saving Research Project for the 2024 U.S. Election
Andrew Schoka
ShmooCon XX (Final) · Day 2 · Belay It
In this compelling ShmooCon talk, Andrew Schoka presents a stark look into the precarious cybersecurity posture of political campaign and party websites across the United States, particularly at the state and local levels. What began as a rejected talk proposal evolved into a critical research project aimed at safeguarding the integrity of the 2024 U.S. election. Schoka highlights how prevalent, yet often overlooked, vulnerabilities in these digital infrastructures pose significant risks, not to the vote count itself, but to the operational continuity and public trust in democratic processes.
AI review
This session presents a crucial, large-scale analysis of the abysmal cybersecurity posture of U.S. state and local political campaign websites. The speaker developed a custom tool, Hookshot, to identify widespread PII exposure, weak authentication, and a general lack of basic protections across tens of thousands of sites. Critically, the talk moves beyond merely identifying the problem to detailing actionable solutions, emphasizing the importance of trust, community involvement, and working with organizations dedicated to securing these vulnerable targets. This is real-world, high-impact…