As an IT professional who works on software that accepts credit card data I can attest to the fact that we undergo rigorous annual audits to prove we are PCI (
Payment Card Industry) compliant.
We're dealing with simple pieces of data:
First Name
Last Name
Address Ln 1
Address Ln 2
City
State
ZIP
CC#
Expiration Date (MMYY, MMDDYY, etc)
CVV#
But the handling of those simple pieces of data can have serious real world issues.
Those real world issues can result in your company being sued and forced to pay financial damages to impacted parties.
We have to demonstrate we can successfully process numerous scenarios.
I find it very difficult to believe that there are no rigorous standards to which producers of voting software and hardware are held.
If there are these kinds of elementary failures in voting systems then my professional opinion would be that it's by design.
When I right code I have to unit test each line and each method. I use valid data, invalid data, out of range data, etc and show that the code successfully handles the various possibilities.
We function test feature sets to make sure new software works as intended. We regression test to ensure we didn't accidentally break existing features.
All of these tests are documented, executed and analyzed.
Several minds work together to identify test items that might have been missed by someone else.
No. Voting machine companies are not just coding something in a garage in 2 hours and packaging it up for federal and state elections.
And if it really is this simple to hack into machines, then I have to assume it's been done in countless elections before.
And I can't trust any results which have EVER been reported.