This highlights a big problem. Why the fuck do we have shadowy companies providing voting machines? A proper voting machine should be 100% open source, log everything in a plaint text format, produce the same output given the same input, be completely air gapped from the internet, use simple physical security (metal panels with physical lock and keys) to prevent access to any data ports, and require multiple parties present before any administrative functions are performed.
It should be secure and transparent by default. Not some black box that no one understands or can inspect. Until we have something that performs this, we are better off sticking with hard paper ballots, hand counting with observers, inking fingers.
Third world SHITHOLES have more secure elections than we do in the USA. This is an absolute disgrace.
I don't necessarily think it should be open source. I don't know a ton about software and programming.
Wouldn't making the code publicly accessible make the software easier to be attacked, if the machines are connected to the internet, because more people have seen the code?
Machines should not be connected to the internet. Also, hiding source code or keeping it proprietary does not make it more secure. That is called "security through obscurity" and look how that worked out for Microsoft Windows (riddled with malware)
Our most secure systems all have PUBLIC standards - RSA, SSL, etc.
If the security of a system requires secrecy of the implementation, then it is not secure - it is just a secret. Whoever knows the secret is now very prone to bribes, blackmail, etc.
P.S. not sure who is down voting you but it wasn't me. You are asking reasonable questions. And really, there are different perspectives on this. Some people do think the proper way of handling this type of thing is to have companies provide "super secret programs" which only they know how work. In my view, you just moved the problem to another level - who gets the contract and how.
The only way they will get the source code is if they do a surprise appearance at Dominion headquarters and start seizing computers. Anything else and the "real" source code would have already been deleted by the time they get there. Or, they will have a "clean" version of the source code and that will be what they attempt to hand over.
An audit of the source code and reverse engineering the compiled binaries will work without a confession.
They're saying the source code is proprietary (it probably is), and that gives them the right to hide it from legal investigation (it does not).
This highlights a big problem. Why the fuck do we have shadowy companies providing voting machines? A proper voting machine should be 100% open source, log everything in a plaint text format, produce the same output given the same input, be completely air gapped from the internet, use simple physical security (metal panels with physical lock and keys) to prevent access to any data ports, and require multiple parties present before any administrative functions are performed.
It should be secure and transparent by default. Not some black box that no one understands or can inspect. Until we have something that performs this, we are better off sticking with hard paper ballots, hand counting with observers, inking fingers.
Third world SHITHOLES have more secure elections than we do in the USA. This is an absolute disgrace.
I don't necessarily think it should be open source. I don't know a ton about software and programming.
Wouldn't making the code publicly accessible make the software easier to be attacked, if the machines are connected to the internet, because more people have seen the code?
Machines should not be connected to the internet. Also, hiding source code or keeping it proprietary does not make it more secure. That is called "security through obscurity" and look how that worked out for Microsoft Windows (riddled with malware)
Our most secure systems all have PUBLIC standards - RSA, SSL, etc. If the security of a system requires secrecy of the implementation, then it is not secure - it is just a secret. Whoever knows the secret is now very prone to bribes, blackmail, etc.
By open source he means anyone can go over it. A million pairs of eyes looking for "WTF is that?".
P.S. not sure who is down voting you but it wasn't me. You are asking reasonable questions. And really, there are different perspectives on this. Some people do think the proper way of handling this type of thing is to have companies provide "super secret programs" which only they know how work. In my view, you just moved the problem to another level - who gets the contract and how.
source code and disassembly should be public i don't get these people in the government (not) making laws wtf
The only way they will get the source code is if they do a surprise appearance at Dominion headquarters and start seizing computers. Anything else and the "real" source code would have already been deleted by the time they get there. Or, they will have a "clean" version of the source code and that will be what they attempt to hand over.
well then the NSA better save the fuckin’ day or we’ll need a whole lot of rope
never count on intelligence agencies to save us from anything