Oddbean new post about | logout
 Genuinely curious question: How do you validate that the machine runs the open-source software? 
 Election commission officials should be able to reboot the machine and run diagnostic tools between elections. One of those tools could be an OS code checker that reads the checksum and compares it to official packages. 
 So if the election officials had access to the source code but it wasn't generally open source, would that be the same thing? 
 Openness makes it not just readable to them, but to everyone. 

If they can show the public that the checksum matches, and the code shows equality, then everyone's happy. 

If they keep it to themselves then they'll probably just cause too much suspicion. Why do it that way when they could fully open it up and remove that suspicion? 
 How does a voter know the checksum is not spoofed? 
 Checksums either match or they don't. To keep their election commissions from being partisan, and therefore lying about the match, they should compose their commission with equal amounts of both parties, watching each other.