Hi all, I wish to keep this apolitical and focus strictly on the technology from our perspective as developers/technologists.<p>If voting software and machines were government owned and they wished to open source the software for the sake of transparency - would there be any good reason not to do this?<p>There would no doubt be some benefits to making the code publicly accessible, a lot of which we see from the open source world already.<p>Are there any risks that would outweigh some of the benefits of open-sourcing or making code visible?<p>I’m trying to counterbalance the argument for open source code.
It's needs to be open to verify reproducible builds. Otherwise a hacked compiler can inject secret election rigging code.<p>The only reason to keep the source private is for obscurity. Making it harder to hack. It's not a good reason though. For things with high value and motivation to hack, hiding the source doesn't do much. The final compiled code can be treated as "source", read and understood, then hacked.
I won't comment on specifics, but just as someone who has seen this subject periodically surface over the past 20 years in various places, consensus is almost always that, no, there is no tenably justifiable reason for voting software's code to be closed source. (In contrast, there are numerous counterexamples of why it's a very, very terrible idea in general.)
Is there a benefit if you<p>a) can't verify that the software made available to you is what is running on the machine you use and every single one being used?<p>b) can't compile it yourself before use?
In a perfect world, not only would the software be open source, but the anonymous votes should be digitized and made available so anybody can audit them who wants to.