from Hacker News

Ask HN: Are there good reasons to not open-source voting machine software

by ferros on 11/28/20, 1:06 AM with 7 comments

Hi all, I wish to keep this apolitical and focus strictly on the technology from our perspective as developers/technologists.

If voting software and machines were government owned and they wished to open source the software for the sake of transparency - would there be any good reason not to do this?

There would no doubt be some benefits to making the code publicly accessible, a lot of which we see from the open source world already.

Are there any risks that would outweigh some of the benefits of open-sourcing or making code visible?

I’m trying to counterbalance the argument for open source code.

  • by Foober223 on 11/28/20, 1:05 PM

    It's needs to be open to verify reproducible builds. Otherwise a hacked compiler can inject secret election rigging code.

    The only reason to keep the source private is for obscurity. Making it harder to hack. It's not a good reason though. For things with high value and motivation to hack, hiding the source doesn't do much. The final compiled code can be treated as "source", read and understood, then hacked.

  • by crx07 on 11/28/20, 1:48 AM

    I won't comment on specifics, but just as someone who has seen this subject periodically surface over the past 20 years in various places, consensus is almost always that, no, there is no tenably justifiable reason for voting software's code to be closed source. (In contrast, there are numerous counterexamples of why it's a very, very terrible idea in general.)

  • by approxim8ion on 11/29/20, 8:53 AM

    Is there a benefit if you

    a) can't verify that the software made available to you is what is running on the machine you use and every single one being used?

    b) can't compile it yourself before use?

  • by ThePowerOfFuet on 11/28/20, 6:44 PM

    >Are there good reasons to not open-source voting machine software[?]

    No.

  • by schwartzworld on 11/28/20, 2:59 AM

    In a perfect world, not only would the software be open source, but the anonymous votes should be digitized and made available so anybody can audit them who wants to.

  • by probinso on 12/1/20, 3:13 AM

    no