Talking about how these machines are open source is misleading. They (like many, many other voting machines already in use) are designed to let you run an election without actually trusting the software on the machines. From the risk limiting auditing link above:
> How Does a RLA Work?
> A risk-limiting audit examines a random sample of paper ballots, comparing them to the machine count to ensure that the winner actually won.
> The number of votes needed to manually count depends on the margin of victory. The closer the margin, the more votes we manually count. The RLA confirms that, if a full hand-tally were performed, it would give the same outcome.
Put another way, the malicious voting machine plays a game: It makes the first move by lying about the tally and incorrectly claiming that candidate X wins.
If the machine claims X won by a large margin, then a small randomized recount exposes its lie. If the machine claims X won by a small margin, then a full recount is performed.
Crucially, with high probability (it can be set arbitrarily high), the faulty voting machines get caught the first time they attempt this, and then are thrown away.
There are some voting machines in use in the US that do not keep paper trails. There's widespread evidence of systematic fraud with those machines in swing districts, going back to a least 2004. (Old paperless mechanical machines had the same problem.)
Voter Action proved in court that Kerry won New Mexico, rather than Bush. The problems in NM were a subset of the problems in Ohio, Florida, and elsewhere. Make of that what you will. Walks like a duck...
Given that countless companies, websites, social media networks, governmental organizations, hospitals, school systems, and individuals including consumer credit companies are hacked every year, do you really need more evidence that an electronic voting machine could be compromised?
The claim is “widespread evidence of fraud”. I’d like to see any of the widespread evidence and not hand wavey back tracking to “could be compromised”.
It doesn’t have to be widespread in order to have a widespread impact. Some national elections are extremely close and essentially decided in one county of a single swing state. Most local elections are by definition “local” and close local elections can be decided by the votes from a single voting precinct.
Requiring the evidence to be widespread in order to acknowledge the risk is real and impactful is shortsighted and “hand wavy”.
particularly with the claim of “widespread” and “systemic abuse” casually tossed in.
do we doubt machines have been hacked? of course not, you’re on hackernews, we all attended defcon voting machine village, but yes, “widespread” and “systemic abuse” needs to be backed up with something more than, “it happened to joe and jim two streets over so obviously it happened to jill next door.”
> How Does a RLA Work?
> A risk-limiting audit examines a random sample of paper ballots, comparing them to the machine count to ensure that the winner actually won.
> The number of votes needed to manually count depends on the margin of victory. The closer the margin, the more votes we manually count. The RLA confirms that, if a full hand-tally were performed, it would give the same outcome.
Put another way, the malicious voting machine plays a game: It makes the first move by lying about the tally and incorrectly claiming that candidate X wins.
If the machine claims X won by a large margin, then a small randomized recount exposes its lie. If the machine claims X won by a small margin, then a full recount is performed.
Crucially, with high probability (it can be set arbitrarily high), the faulty voting machines get caught the first time they attempt this, and then are thrown away.
There are some voting machines in use in the US that do not keep paper trails. There's widespread evidence of systematic fraud with those machines in swing districts, going back to a least 2004. (Old paperless mechanical machines had the same problem.)