No technology (aerospace engineering, building engineering, voting machines) is 100% resilient as long as there is an entity with tools, money, and knowledge to bring it down. I guess the comparison holds here because voting machines can be approached by said entity in a remote fashion, unlike an aircraft or an elevator.
That is true, but the XKCD cartoon is pointing out that there is a fundamental difference here.
In aerospace or elevators, the experts say that what we have is really quite safe, although a determined adversary could potentially cause harm.
In voting machines, the experts say that what we have is fundamentally UNSAFE, and that a half-hearted effort from a bright college student could bring it to its knees.
That difference should DEEPLY concern the people who run elections.
A half-hearted effort from a bright college student can also bring an airplane or elevator to its knees. The security standard for voting machine software is higher; airplane engineers get to inflict TSA checks on their users.
In software we often ask ourselves about dedicated attackers with no other goal than to cause harm, and often try to make our products defended against that. This is because the cost to achieving this is largely limited to doing more engineering work. In physical products, people do not try to protect their work from hypothetical hammer-armed attackers with no other goal than to cause harm. Protection there is more expensive so its not worth it.
Agreed, but even if we got voting machines to the level of resiliency of aircraft engineering, the effort of a determined adversary would still carry enormous consequences.
