billy_teats t1_ituh1hz wrote on October 26, 2022 at 12:16 PM

Reply to comment by PaulSnow in I am the co-author behind ACM’s TechBrief on Election Security: Risk-limiting Audits. Ask me anything about election security! by TheOfficialACM

>>Hiding an exploit in a bug fix is a movie plot

Well this is taught up wrong

PaulSnow t1_itvxdnw wrote on October 26, 2022 at 6:21 PM

The kind of exploit you describe (making a call out over the network hidden in a bug fix) is in fact very unlikely. This is pretty easy to find in code that is reviewed and tested as with most Open Source projects.

Especially applications like voting applications that have no networking functions.