Hey there, I'm the founder of VotingWorks, happy to answer questions.
We should have made it clear in that post that our voting system is not just open-source, it's also always paper ballots, mostly filled out by hand, sometimes by ballot-marking devices for voters who need or choose it.
Many good points in the thread about open-source not being enough. Indeed! But open-source is, in my opinion, necessary for public trust. Not sufficient, but necessary.
Reproducible builds – we hope to get there in the not-too-distant future!
Attestation – yes we have that! there's a quick and hardware-TPM-rooted way to check that a VotingWorks paper-ballot tabulator has not been modified since it left the VotingWorks floor. Takes 30 seconds, with a QR code on screen that contains all the attestation data and digital signature, unlocked only on successful secure boot.
Also, the build of the system from source is not done by us, it's done by a third-party testing lab, accredited by the Election Assistance Commission. States that want to can request the installation medium straight from the lab and install it themselves.
And if you want more, I spoke recently at USENIX security about what it takes to build a voting machine everyone can trust. It's a lot more about resiliency engineering than security.
We should have made it clear in that post that our voting system is not just open-source, it's also always paper ballots, mostly filled out by hand, sometimes by ballot-marking devices for voters who need or choose it.
Many good points in the thread about open-source not being enough. Indeed! But open-source is, in my opinion, necessary for public trust. Not sufficient, but necessary.
Reproducible builds – we hope to get there in the not-too-distant future!
Attestation – yes we have that! there's a quick and hardware-TPM-rooted way to check that a VotingWorks paper-ballot tabulator has not been modified since it left the VotingWorks floor. Takes 30 seconds, with a QR code on screen that contains all the attestation data and digital signature, unlocked only on successful secure boot.
Also, the build of the system from source is not done by us, it's done by a third-party testing lab, accredited by the Election Assistance Commission. States that want to can request the installation medium straight from the lab and install it themselves.
And if you want more, I spoke recently at USENIX security about what it takes to build a voting machine everyone can trust. It's a lot more about resiliency engineering than security.
https://www.usenix.org/conference/usenixsecurity25/presentat...