This talk summarizes several years of work analyzing the security of the voting software used in Brazilian elections by more than 140 million voters. It is mainly based on results obtained in restricted hacking challenges organized by the Superior Electoral Court (SEC), the national electoral authority. In such occasions, multiple serious vulnerabilities (hard-coded cryptographic keys and insufficient integrity checks, among others) were detected in the voting software, which when combined compromised the main security properties of the equipment, namely ballot secrecy and software integrity. We trace the history of the vulnerabilities, providing some perspective about how the system evolved and what the future may hold. As far as we know, this was the most in-depth compromise of an official large-scale voting system ever performed under such severely restricted conditions.