>> their everyday number of said health hearing committee wa meetings of affordable health care and the affordable health care act. we have done a number of them and you can find them on c-span.org. the committee breaking here, they are done for the day. they finish up work today on the 2018 budget resolution. you can follow that debate" over on c-span2. the house coming in shortly in 15 minutes for a pro forma

session. we will bring you live coverage of the house comes in at noon. until then, part of today's washington journal. served in the obama and ministration from 2013 to 2017 and harvard kennedy school ,nd the diplomacy project joining us to talk about voter machines and security. groupe affiliated with a putting out a report on this topic. what is your group? what is your involvement in it? caller: it is a long-standing collection of about 25,000 of the country's and world's best hackers, so this is the center of the hacker community. every year, they hold a big convention. 25,000 people come. our connection with that is that this year, they featured a

special event, and it was an event that challenged the best of the hacker community to see if they can penetrate some of the voting machines that are still used around the country. host: electronic voting machines? guest: electronic voting machines that are connected to the internet or somehow linked to the internet in a way that introduces one or ability -- that introduces vulnerabilities. host: they are getting hackers to hack in. how successful where they? guest: on billing records, they hacked within 90 minutes of being in the same space as voting machines. now these are not hackers that are touching the machines. they are doing this from across the room on internet-like elections. what it demonstrated, the machines that we count on to make the basic connection between the american voter and the election results on are vulnerable if they are in any way connected to the internet. host: when you say hacked, what

were they able to do once they gain access to the machines? guest: all sorts of things. they committed late believe the outcome of the vote, manipulate the tally, delete the tally, and copper mines the vote in any number of ways. hostlimited only by the hackers creativity. host: were they given any special tools to accomplish this or basically on their own? guest: a basic toolkit in the hacker community. these are people who do this obviously for a profession. they do it in an effort to highlight these kinds of cyber vulnerabilities and the same kind of people we know reside outside of the hacker community, members who are not -- it is a prince who are not members of con, but who work for foreign governments. in particular, we have now evidence based on the 2016 next variants that the russian government has its own set of professional hackers. host: you wrote the foreword to

this report put out from def c on 25, the voting machine hacking bill. what were you most surprised that? guest: first of all, the speed at which the vulnerabilities were exploited. 90 minutes is nothing. second is how vulnerable the machines are. what we found is the machines were purchased by local voting authorities, state and local voting authorities, maybe 10 years ago. in many cases, the software and hardware had not been updated, but they are as honorable as an old laptop that we might have in your home that you no longer use because it is out of date. so both the ability to get in, but the vulnerability of the machines. host: we will talk more about the findings of the report, the larger issues of cyber security when it comes to voting machines. if you want to ask our guests -748-8000 for, 2020-748-80 republicans. 8001 for democrats.

for independence, 202-748-8002. if you want to tweet questions, you can do so. i was surprised the machines operated wirelessly. was that the main vulnerability of them generally? guest: that is a significant one, but not the only one. they also because of nature of the software and so forth, they are always access to the system even before the vote takes place and so there are a number of vulnerabilities. for the first time, we have evidence from the 2016 american history into that a foreign opponent, a foreign power, russia, actually attempted to penetrate and potentially compromise our voting system. so as a national security professional some of this is what really alerts me. this is now a national security issue. host: visitor to say events like this exacerbate the problem by pointing fingers, and especially

to other people, for an actors that are watching? guest: i argue the opposite. if you have a problem, the first of fixing the problem is identifying it and coming to grips with it. that is where we are now. frankly, we don't have a lot of time. are just overions a year away now. 2020 is just behind that.we have significant vulnerabilities in our process we have to address before that. host: is the fix a federal issue or state and local. guest: state and local authorities only voting processes. the voting process in which it was fiction can be quite different than another jurisdiction and there are some 6000 voting entities across the country. our system decentralized this authority for voting to local authorities, but the resources required to fix some of these onnerabilities may well call several resources, so i think there is a connection between local responsibilities and

federal resources. host: we have a couple of calls lined up for you. let's start with lee in new york. you are on with our guest. go ahead. you are on. caller: hi. i wanted to discuss the fact that a couple of weeks before california became a century state, tv news said that several large cities in california ranging from 100% to 144% had additional voters registered, almost 1.5 times the resident voter eligibility on record. at the same time, they mentioned college park, maryland, is finalizing a vote allowing noncitizens to vote and this may not have anything to do with hacking, but this is a preliminary thing that i am concerned about. guest: i think you are right to be concerned about the voter registration process.

whether it is the sort of problems you suggest or the ones i am concerned with, the one-time concerned with aren outside player, so for example, a state like russia manipulating the databases, which in all 50 states are maintained and registered on the internet, but manipulation of that voter registration database can mean that a voter never gets to the ballot box. i think that is one of the significant vulnerabilities that has been uncovered and has to be addressed, otherwise if you can compromise the voter registration database, as you show up at the voting location and as an individual voter, you show your identification card, the card may not match the voter registration database, which has been optimized, so the voter is turned away before he or she .ets to the ballot box stateshere are five listed in the report with entirely paperless voting

systems and no backup available. delaware, georgia, louisiana, new jersey, and south carolina. are you surprised with the number of states involved with those types of machines? guest: those five are very vulnerable, but there are other states that are very vulnerable because they rely in part on the internet.i am surprised . i think all americans ought to be alluded or even alarmed by the experience last year the cut as i said earlier, time is short to take some remedial actions before the next round. host: democrats line from california, ciro, hello. caller: my question, it sounds like you'll report deals almost exclusively with vulnerability, but my question goes to did you repor , deal with, is there any trace evidence you can tell that machines actually were hacked changed?tes have been

or is that something that would need to be incorporated into future voting machines in the software as another security element of the software? guest: we did not find evidence that votes had actually been changed or that the voting tally have been compromised in some way. what our report highlights and what our investigation makes very clear is that the machines are vulnerable so if the individual hacker can do this in 90 minutes, we imagine a nationstate like russia if it wished to do so could also compromised the system. we think there is a vulnerability there. we also think they are quite well-known best practices that apply to the security of the voting systems would reduce the vulnerability. in the next year or so, we have time to take remedial steps. host: from martinez, california,

ellen, go ahead. caller: good morning. i have a paralegal and work for a bankruptcy attorney. in bankruptcy, you have an attorney, you have the court, and the trustee of the court .i read thethe data disclosure when i was cementing the data online. the trustee account in the cloud was owned by china, london, and washington, d.c. i read through all of the privacy disclosures and what you have to sign off on, on any account when you go on the internet, that you agree to the terms. i read all the terms. that is where i found out that information. the most disturbing information to me was the fact that this cloud operation said that they owned all of the material

.ubmitted that is a real red flag for me for anyway who operates on the cloud and does not read all of the information and what they are giving to the cloud. thanks, ellen. guest: you bring up an important point. we come to rely on the internet and cloud-based data services. for greater efficiency in our daily lives, think about your home wi-fi network in our economy. so both efficiency and modern advances have been really huge. america has been a leader in this regard. at the same time, our reliance on the internet also introduces one of her abilities. our project is to highlight the vulnerability side of this, not to deny the efficiencies, but to highlight that there are actual steps we should take to reduce vulnerability.

with a system as important as our voting system, the connection between the individual voter and the election result, we think this is a national security issue, which has to be addressed with urgency. host: one of the machines that were hacked into was from virginia. virginia is having a gubernatorial election this year. they make the decision to switch to all paper ballots. is that a step in the right direction? guest: this is really counterintuitive that in the 21st century, in the age of the internet that probably the most secure and simple first step we can take is to revert to paper ballots. thepaper ballots give us ability to create an air gap off the internet, and they give us proof positive with the ability so movinghe results back to paper as germany has done and the netherlands has done and the united kingdom is doing is actually a step towards voting security. host: from michigan, joe is next

for our guest. hi. caller: hello. host: good morning. caller: morning. now?on the air right host: go ahead. caller: i have had some issues with hackers last week. my daughter was involved with a scam in the middle of it. she realized something was wrong and went into the bank, and that got straightened out. i had another issue a year ago with a hacker. situation,daughter's the bank had said that investigator said that the hackers are smarter than him. they are smarter than all of us put together. the ones that -- >> all of today's washington journal is available on c-span.o.