San Francisco in January could become the first U.S. city to adopt open source software to run its voting machines.
City officials last month authorized consulting group Slalom to prepare a report on the benefits and challenges involved in using an open source voting machine platform. The city voted to pay Slalom US$150,000 for its research.
Meanwhile, the city this year will pay Dominion Voting Systems $2.3 million to renew its contract for the company’s proprietary voting machine software. That system is nearing the end of its life cycle.
Officials hope a move to open source will make San Francisco’s voting software more transparent and secure, as well as less costly. The expectation is that an open source voting machine program would offer more security against hack attacks. If the city should develop its own system, it then could provide the code to other cities.
Unlike proprietary software, open source code is available to anyone to vet potential security breaches. Users would not incur purchasing or subscription and licensing fees.
“Simply moving from closed to open source can help us to get to a start in increasing the security of the voting system,” said Jason Kent, CTO at San Francisco-based security consulting company AsTech.
“However, it isn’t without some considerations that will have to be addressed,” he told LinuxInsider.
California has begun to adopt open source in other areas. For example, state agencies already have used open source software to redesign California’s child welfare management system.
Regarding voting machines, there have been indications that California legislators are not opposed in principle to using open source.
As long as what is proposed passes the state’s certification protocols, California Secretary of State Alex Padilla will support an open source voting system, he said.
“Open source technologies offer the organizations involved in managing elections and vote tallying complete transparency into whatever is happening in voting machines and systems,” observed Charles King, principal analyst at Pund-IT.
“Developing and deploying open source solutions also provides election agencies greater autonomy, and can allow them to act quickly and proactively if something untoward occurs,” he told LinuxInsider.
Opponents are mainly owners of proprietary voting systems and software who suggest that open source is inherently less secure and prone to hacking, King said, “but there is little if any evidence supporting those claims.”
Benefits Outweigh Risks
Open source software brings cost reductions, local control, increased security and transparency, all of which could boost voter trust in the election process, according to its advocates.
Nonproprietary voting software also could allow local governments to understand and adjust how votes are counted more quickly. Commercial vendors often consider those details trade secrets.
“The largest benefit in open source is that it can be vetted by anyone — but, oddly enough, this brings the word ‘anyone’ into light,” said AsTech’s Kent.
Whoever finds a problem in open source does not have to contribute to the solution or even report it, he pointed out. Instead, it would be possible to keep the vulnerability secret and exploit it at will.
Open source voting software must have some component of validation by an organization that is incentivized to find problems and provide solutions, Kent suggested. That could be done using tax breaks, direct incentives for bugs, or even recognition of participation in the project.
Going open source for transparency on voting systems could be a double-edged sword, warned Lamar Bailey, director of security research and development at Tripwire.
If San Francisco — or any locale — should pick an open source system, disclosing its choice before the election would allow attackers to review the code and craft attacks before the election, he said.
“If San Francisco decides to announce the name of the software after the election, that could cause issues too if someone finds a vulnerability in the code used at the time of the election,” Bailey told LinuxInsider.
Voting is an area in which there is distrust in results and the systems used to gather them. This is especially true for those on the losing side, he pointed out.
“We have seen everything from hanging chads to Russian hackers being blamed for results, as well as documented vulnerabilities in voting machines,” Bailey said.
Going open source would be a bold move. Instead, the government should employ multiple security companies to review and pen test existing systems to ensure that they are secure, Bailey recommended.
Open source would provide little benefit, given that the systems are air-gapped, said Philip Lieberman, president of Lieberman Software.
“Voter fraud is generally accomplished via means that are not affected by the machines themselves,” he told LinuxInsider.
Open source carries few real benefits — but it comes with quite a few risks, according to Byron Rashed, vice president of global marketing, advanced threat intelligence at InfoArmor.
Moving to open source for voting machines would not help prevent hacking or other forms of election tampering, he maintained.
“It would definitely weaken it, since some vulnerabilities can be present for years. In addition, threat actors or highly organized cybercriminal gangs have members that are highly skilled in finding and exploiting vulnerabilities,” Rashed told LinuxInsider.
Impact on the Bottom Line
U.S. elections are highly localized and mostly overseen by city, county and state officials. The folks on the ground often witness and are most aware of potential tampering when incidents occur, noted Pund-IT’s King. However, when using proprietary systems, responding to those threats quickly and effectively is difficult, if not impossible.
Open source would enable localities to own their elections more fully and be less beholden to outsiders, whether they happen to be hackers or vendors of proprietary voting systems, he noted.
On the other hand, proprietary voting solution vendors have argued that they are better positioned to understand the inherent dangers of vote tampering and to protect systems from hackers.
“There is something to this argument,” King acknowledged.
“In many places locally managed, open source options are too complex or expensive to consider,” he said, “but for areas with a wealth of IT talent, open source provides a viable, valuable alternative to proprietary voting systems.” [:]