[rbanffy]

> In addition to that, the source code is closed and not generally auditable by third parties.

That's not correct. While you can't get it from GitHub, there is a process to audit it and any Brazilian citizen (or resident, I'm not sure) over 21 can request and be part of it. The process extends for many months starting the year prior to the election. Input from the multiple audits and tests are valuable in guiding the evolution of the software and hardware.

In Portuguese: https://www.tse.jus.br/internet/temporarios/urna-seguranca/o...

[_trackno5]

You literally proved my point. It’s not generally auditable.

Even if you ignore the fact that the audit window is restricted and that the software is developed behind closed doors, just the first step in the process is absurd if you want this to be practical for anyone to audit:

> A Justiça Eleitoral prepara uma sala segura para deixar os sistemas a serem utilizados na eleição vindoura à disposição das entidades fiscalizadoras interessadas. As entidades podem utilizar ferramentas automatizadas e solicitar os esclarecimentos que julgarem necessários. Caso encontrem alguma inconformidade, deverão apresentá-la ao TSE, que deverá corrigi-la e apresentar o ajuste realizado. É importante destacar que todas as alterações realizadas nos sistemas são rastreáveis e ficam disponíveis para verificação das entidades fiscalizadoras.

[rbanffy]

Anyone can apply. You'll need to go there in person. I just don't see that as a huge hurdle, but, if you have a medical reason to be unable to be there in person, you can petition the election court. They are extremely reasonable with accommodations that don't create problems for their own tight schedules (remember the logistics are anything but trivial).

[Scoring6931]

Security through obscurity.

As a matter of public interest, the source code should be open for all.