My view on open source code and voting is that while open source is useful in many cases it is not necessarily so in voting code.
Why? One of the argument of O-source code is inspection. It is a good argument, if it were done (may AI tools can do good work here - but what is the criteria they would use to tell good from bad?)
In our effort we concluded that while inspection is good, testing is better - and that anyone ought to be able to test (and that vendors ought to supply test gear), *and* that test results be published to all.
There is a side effect - we want to encourage vendors to build good voting systems (software+hardware+procedures). So we ought to leave some incentives, like not requiring publication of the code (or parts of the code) and limit open copying/use - leaving some room for innovation and profit.
We also tend to forget toolchains - which are often a significant overlooked vulnerability.
Karl Auerbach
npub1rh…ps08d
2026-03-19 23:23:48 UTC
in reply to nevent1q…rhq3
Author Public Key
npub1rhqu8mlfa6tr2up0whlkr79xmkvrkwyzs6jj6u728ykxsqrnpneqxps08dSeen on
wss://relay.momostr.pinkPublished at
2026-03-19 23:23:48 UTCEvent JSON
{
"id": "06f4d6d72e9be2b76d18a9aa63e6117b0f8dfb4e7b5637ec648d0243e6aff8f4",
"pubkey": "1dc1c3efe9ee9635702f75ff61f8a6dd983b388286a52d73ca392c6800730cf2",
"created_at": 1773962628,
"kind": 1,
"tags": [
[
"proxy",
"https://sfba.social/@karlauerbach/116258414827771662",
"web"
],
[
"p",
"943e8c8ead6feeecd1e3ff12b1bab628e4c60ab92ff8b928a8ad3b827fc7e38d"
],
[
"p",
"db31d2af2ace7e7a635688d63a8385a8f0e11a4623cfa112aa7b02999097824a"
],
[
"e",
"baf67f801694cb75eff1b15133a3069d5dd0ec081642ac413b2d2fa04d65472d",
"",
"root",
"4f56d90b34ef2a54efc1859692969119ffb2296d611de23949863bd045cc058e"
],
[
"p",
"380f1324b54b52c312d6f146272631cfd4426249aaac6e91998f191c0aaf6b12"
],
[
"p",
"f1932f2b764033246e8233ba7a3fc790b4e0f42cae707581668697646d05768b"
],
[
"p",
"4f56d90b34ef2a54efc1859692969119ffb2296d611de23949863bd045cc058e"
],
[
"p",
"37e850f07032de23d66a95931b95460f1d4a104d24e59b90e3c3ac01e76a9f89"
],
[
"e",
"45db5033cdd16d2099251cfc2e369b78aada57bf8708e1747359b3faf60b45e8",
"",
"reply",
"943e8c8ead6feeecd1e3ff12b1bab628e4c60ab92ff8b928a8ad3b827fc7e38d"
],
[
"proxy",
"https://sfba.social/users/karlauerbach/statuses/116258414827771662",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://sfba.social/users/karlauerbach/statuses/116258414827771662",
"pink.momostr"
],
[
"-"
]
],
"content": "My view on open source code and voting is that while open source is useful in many cases it is not necessarily so in voting code.\n\nWhy? One of the argument of O-source code is inspection. It is a good argument, if it were done (may AI tools can do good work here - but what is the criteria they would use to tell good from bad?)\n\nIn our effort we concluded that while inspection is good, testing is better - and that anyone ought to be able to test (and that vendors ought to supply test gear), *and* that test results be published to all.\n\nThere is a side effect - we want to encourage vendors to build good voting systems (software+hardware+procedures). So we ought to leave some incentives, like not requiring publication of the code (or parts of the code) and limit open copying/use - leaving some room for innovation and profit.\n\nWe also tend to forget toolchains - which are often a significant overlooked vulnerability.",
"sig": "420dee298e7e3c7ccbd2cd8228532ffb9b6e3a769bfbd951cb4ae4ad291f21031969a68f0bba2dac9996efec7a8eb39830327a60dc2e648880ed15330d3531fd"
}