My understanding is that “Open Source” software is publicly available. That anyone interested can access the code.
This is no doubt a naive and fuzzy view of the concept, because Commissioner Jim Howell has responded as follows:
Please know, Henry Adkins equipment is based on an open source platform (linux) but all their software is proprietary. If the vendor represented their software as open source, then they were highly misleading. Their software for counting votes is exactly as proprietary as ES&S. If open source software were truly being used, then it could be argued that someone in Sedgwick County could potentially make changes to the software that could change the way the machines operate. I see this as a vulnerability as much as you and Ms. Clarkson see it as a preference. When the ability to change the software is totally out of our control, then we cannot be accused of making changes that might affect the outcome of the election and would also be difficult to defend or verify. Having this out of our control is a good thing in my opinion. Auditing the processes end-to-end (every election, randomly selected 1% of precincts) will give us confidence and assurance that everything is as it should be. Open source SW creates more questions and opens doors for distrust on the election systems. For the record, Sedgwick County does support HB2543 and we look forward to doing the audits as prescribed by law when this bill passes the legislative process.
If the vendor was misleading me and I fell for it, it wouldn’t be the first time. If I misunderstood the technical details and made a few false assumptions, it wouldn’t be the first time for that either. I’ve meant to go their website and check it out, but I’ve been rather busy at work this week and haven’t managed it yet. I’m just going to give my opinion without looking up definitions first and specifications first. It can be a very detail oriented task and it’s a bit late in the day for me to attempt it.
I disagree with Commissioner Howell that open source software implies that anyone can change it. Open source only allows people to see the code, check for backdoors, hardcoded passwords and other security breaches. It does not allow the software to be changed unless the evildoer also has physical or wireless access to the computing equipment. Access to the equipment is supposed to be rigorously controlled and without any wireless connections.
It’s arguable that open source grants more people the knowledge necessary to undermine the voting system if they can also get access. I find the additional transparency provided by open source software a worthwhile trade off for that increase in risk, but I can understand if others disagree on that point.
If the Henry Adkins software is actually proprietary, not open source, that fact would curb my enthusiasm for them quite a bit. I still consider their system superior to the ES&S for the other reasons I listed, but the difference is considerably less.
I want to give kudos to commissioner Howell for supporting routine audits of the electronic voting results. I think that’s great!