Open Source voting machines


  • Wed 09 August 2017
  • misc

This is about as political as I hope to get in this blog. Please bear with me.

There was recently an op-ed in the New York Times advocating open source voting machines as a safeguard against security vulnerabilities that can be exploited for the purposes of election fraud.

Careful observers may note that the co-author is a fellow by the name of Brian Fox - the same Brian Fox who was the original author of bash. The notorious Shellshock bug was introduced while Fox was the primary author and maintainer of bash, and persisted in the wild for 25 years before it was discovered and patched (but not before being leveraged by bad guys). So much for open source being inherently more secure just because someone could audit it if they chose to.

Things haven't worked out well for OpenSSL either, but that's partially attributable to the byzantine complexity of the X.509 ecosystem. Be glad we didn't get more of that style of design from the OSI folks.

Back to the open source software security thing - while there's no shortage of people who are willing to do some kind of security audit on software for free, the auditing and quality assurance side of the world needs as much resources as the development side or more. And quality/repeatable auditing, as opposed to investigational free-form poking around, has a significant cost associated with it.

One could make the case that computer-based tallying systems are a solution in search of a problem and a poster child for the "just because we can doesn't mean we should" maxim. I've worked as a poll volunteer and hand-counted write-in votes. For as often as we have elections, there's nothing wrong with hand counting paper ballots.

I can hear it now, the cries of needing cryptographic certainty in the interests of avoiding fraud (oddly enough not from the same constituency that advocates voter ID laws because they're concerned about voter fraud). Tampering with elections in an entirely manual process leaves significant traces and doing it without someone noticing is actually hard. Notwithstanding Chicago's reputation for dead people voting, multiple different studies have concluded that election fraud isn't a thing in the US, at least not at a scale that affects elections.

None of this changes the fact that the guy who wrote free and open source software that included a huge security bug that went undetected for a quarter century is a rather odd messenger to be promoting free software as a cure to our imagined election fraud problems. Sometimes low tech is the best tech.