Østvold, Bjarte M.; Karlsen, Edvard Kristoffer
In the Norwegian local elections of 2011, constituents in ten municipalities had the option to vote electronically over the Internet. The source code of the e-voting system was made publicly available by the Norwegian government, with the expressed intention to build confidence in the system and to facilitate public review of the code.
We conducted a low-effort review of this source code, finding significant problems with coding style, security, and correctness. Building on the lessons we learnt, and on general principles of good software engineering, we give recommendations to governments and others with source code where public trust is important. We end by giving specific advice to the Norwegian government on e-voting.