Why aren't US voting machines open source?
I see stories about how election is rigged or that there are security vulnerabilities and lots of people don’t believe the outcome. Why don’t they just open source everything so that anyone can look at the code and be sure the votes are tallied correctly?
That's a very easily solved problem. You generate a code-signing certificate (already used all over the place, and why Windows occasionally tells you that software "isn't trusted").
You then verify that certificate in the presence of observers from all parties. At the same time that you verify the anti-tamper tags on the ballot boxes.
The parties only have to trust the person they assigned as an observer.
And if the tampered machine only outputs the correct signature,‘regardless of that it’s actually doing?
What if there is a rogue hardware device making changes? What if the legit OS gets swapped out like Hyperspace OS used to do?
There are a lot of problems in this space and a LOT of bad actors who would go to the greatest lengths to manipulate this.
I’m the kind of guy who likes digital everything, but we should be voting on paper with a scantron to allow for quick tabulation with a very difficult to tamper with verification. Physical evidence.
There is all manner of digital trickery that can be done between when your finger contacts a button and a vote total is updated, and there are too many fucking Roger Stones in the world. No thanks.
Because there is too much money to be made in the business. Vendors are selected through a political process which is decided by what politicians benefit from the selection.
Don't kid yourself - the people screaming about rigged elections don't actually care about solving the problem. They know they lost and they are happy for the excuse to continue grandstanding.
I'm with you, The Tom Scott Video @puppy linked is amazing, goes over good reasons against electronic voting machines. Paper Ballots are great because the counts are done in the presence of all parties and by multiple people. It takes a while, but it's a good example of technology not always being a viable option for everything.
As said in the video, not everyone would understand code. The only reason why people vote is because they trust in the system. If they don't trust in the system they don't vote. They could open to code up and show people, but it wouldn't dispell fears of those who aren't knowledgeable about computers.
Why Electronic Voting ls Still A Bad ldea, a video by Tom Scott:
https://youtu.be/LkH2r-sNjQs
this video has 3 years.
3 years is a lot to somethings to be mature. He tells about Trust & Anonymity. You can't trust anonymity 'coz you can trace the vote and bla bla bla. Well, you can trace the regular method too. Trust, you can't trust the way the vote leaves the booth to the central. You know the Hash initiative? Even a small number change will be shown to everyone.
The issue isn’t trust. It’s the same as anything else electronic such as having a backdoor to encryption.
Anything physical requires a certain amount of effort to break in such a way that is widespread and without making it obvious.
But purely digital/online means that any bad faith actor with enough resources (such as nation states) can scale up the means and methods to manipulate it or break it.
I’m all for electronic voting for tallying with physical paper trails that can be used to verify the integrity of the digital results.
I don’t know that that’s the reason, but I have an intuition from having been an election judge here in Illinois.
A voting machine is a closed-circuit system that just counts votes and prints the tally. It is not connected to any network, and getting its software upgraded requires a key that only the voting machine company has, and a seal that is unique and that can only be replaced by that voting machine company.
To make it clear with an example: a judge ruled in Illinois that ballots that would be in either English or Spanish were now void, they all had to be in both language at the same time. Because that didn’t use to be the case, the election judge has to choose for each person between “English”, or “Spanish”, or both in the UI, and if they don’t choose both, the ballot is void. It’d be a trivial UI fix, and critical enough that you’d think it would be a priority. And yet the past elections still had the old UI, because updating the software on there is that hard.
So my intuition: if a CVE was found in one of the open-source solutions on there right before the election, the voting company would have to patch it, except it couldn’t realistically be done in time, so the election would be canceled until there is enough time without a CVE. Which of course doesn’t typically happen for very long. But if it’s all closed-source and the voting machine company is on the line for it, therefore that problem doesn’t exist.
https://youtu.be/w3_0x6oaDmI
https://youtu.be/LkH2r-sNjQs
tkchumly
deejay4am
Dick Justice
1chemistdown
Hari Seldon
Aer
dhdds
HubertManne
NewEnglandRedshirt
John Richard