Dominion ICX Simple Hacks Daunting Recoveries
Springall, Davis, Marks
Voting Village @ DEF CON 33 · Day 1 · Voting Village
This talk, "Dominion ICX Simple Hacks Daunting Recoveries," presents a critical analysis of the security vulnerabilities inherent in the **Dominion ICX ballot marking devices (BMDs)**, a voting system widely deployed across the United States. Presented by a trio of experts – Professor Drew Springall, software engineer Philip Davis, and voting rights advocate Marilyn Marks – the session unveils a new class of attacks that are remarkably simple to execute yet have devastating implications for election integrity. The core finding is that these machines, even in their standard configuration, can be manipulated to either alter what a voter sees on the screen ("hacking the voter") or to change the actual recorded vote ("hacking the vote count"), all with minimal effort and without specialized insider access.
AI review
Springall and Davis deliver genuinely novel, reproducible attack primitives against the Dominion ICX — not theoretical, not nation-state-level, but embarrassingly accessible manipulations that directly undercut the machine's core security promise. The QR code index-decoupling finding alone is conference-worthy; the fact that live symmetric keys were scraped from public county websites is the kind of operational detail that makes vendors reach for their lawyers.