I was part of the public testing program for the Swiss Post’s voting software (in Switzerland, the Post Office administers the elections). It was open-source in part, and people were able to find (and fix) TONS of issues prior to the elections, including critical attack chains that allowed changing or fabricating votes. The use of proprietary, closed-source systems is purely for the financial benefit of the companies who make voting machines, never for security. Obscurity is not security.
I was part of the public testing program for the Swiss Post’s voting software (in Switzerland, the Post Office administers the elections). It was open-source in part, and people were able to find (and fix) TONS of issues prior to the elections, including critical attack chains that allowed changing or fabricating votes. The use of proprietary, closed-source systems is purely for the financial benefit of the companies who make voting machines, never for security. Obscurity is not security.
Not just the financial benefit. Security flaws can become open secrets that only one party abuses.