May 29, 2017

Sequoia Announces Voting System with Published Code

Sequoia Voting Systems, one of the major e-voting companies, announced Tuesday that it will publish all of the source code for its forthcoming Frontier product. This is great news–an important step toward the kind of transparency that is necessary to make today’s voting systems trustworthy.

To be clear, this will not be a fully open source system, because it won’t give users the right to modify and redistribute the software. But it will be open in a very important sense, because everyone will be free to inspect, analyze, and discuss the code.

Significantly, the promise to publish code covers all of the systems involved in running the election and reporting results, “including precinct and central count digital optical scan tabulators, a robust election management and ballot preparation system, and tally, tabulation, and reporting applications”. I’m sure the research community will be eager to study this code.

The trend toward publishing election system source code has been building over the last few years. Security experts have long argued that public scrutiny tends to increase security, and is one of the best ways to justify public trust in a system. Independent studies of major voting vendors’ source code have found code quality to be disappointing at best, and vendors’ all-out resistance to any disclosure has eroded confidence further. Add to this an increasing number of independent open-source voting systems, and secret voting technologies start to look less and less viable, as the public starts insisting that longstanding principles of election transparency be extended to election technology. In short, the time had come for this step.

Still, Sequoia deserves a lot of credit for being the first major vendor to open its technology. How long until the other major vendors follow suit?


  1. The optimist in me thinks this is excellent.

    The pessimist in me makes the following predictions:

    1. Some people will raise (security, reliability, accuracy) concerns with portions of the code. There will be debate about whether those concerns are valid. While the debate proceeds, the system will be used for at least a couple elections.

    2. Some time after the code publication (like maybe a year or more), Sequoia will file lawsuits against competitors (possibly even an open source group).

  2. Anonymous says:

    So someone studies the published code closely, then finds an exploitable loophole and waits until one day before a major election. The exploit is then widely publicised and the vendor is stuck with this problem:

    Rush out a lot of code at the last minute (just as bad as closed source).


    Do nothing and sail into a major election with a widely known exploit (maybe worse than closed source).

    Arguably, someone more cooperative may find the same bug and publish earlier. Over time, the problem should (in theory) go away as it gets harder to find any remaining bugs. Could be some grumpy voters in the short term.

  3. Bryan Feir says:

    This reminds me of a point here from a couple of months ago:
    Consolidation in E-Voting Market: ES&S Buys Premier

    Given that somewhere over 60% of the voting machine market is owned by one company now, I have to wonder if this is Sequoia’s attempt to preemptively head off irrelevancy by playing straight into one of the biggest complaints against most of the other voting system vendors?

  4. Anonymous says:

    Seems like we’re getting an awful lot of “me, too” type comments that add very little to the discussion.

    Comments here generally seem scantier and poorer than, say, a year ago, before the site redesign. Remember when the publication of the infamous 09 F9 code resulted in a thread here with around 500 comments? Those days are gone.

    • Bryan Feir says:

      Pretty much all of those ‘me, too’ comments are blatant link-spam, actually, with just enough text to make you think they’re actually commenting on something at a brief glance.

    • Many of these me-too comments are comment spam. The comment spammers are using new tactics that are more effective at getting past our defenses. In years past we got hundreds of spam comments on every post, but we were able to block almost all of them. Now we’re not quite as effective at blocking them. We’re planning to improve our spam defense.

  5. Sequoia is not the first to publicly release voting system source code. Dominion Voting did this in New York State. That is how Bo Lipari obtained unfettered access and published his review of their code. You can go to the NY State Election Board offices and review the code today.