In the spirit of open source software, TrueVote is building the core product in a transparent way that everyone can use, and “dot org” is more aligned with that ethos. The “dot com” TrueVote as a business may be used in the future if we choose to commercialize some of it, such as offering custom election services including voter roll data migrations and integrations.
Unfortunately, absolutely. We currently live in a world where people will expend energy, time, and money to harm fellow humans. All software systems must be designed to log and defend against security breaches. TrueVote will build defenses and partners to help defend against DDoS attacks, Sybil attacks, and others. The immutable design of TrueVote ensures that voter and ballot data, once timelocked on the Bitcoin blockchain, is truly immutable. TrueVote will use Cloudflare and other top-tier partners to defend against DDoS attacks. TrueVote will enlist independent 3rd party security auditors to help ensure all attack vectors are minimized.
Similar to if someone used your phone to access your banking app, they would need access to your PIN, your biometrics, and there would be a record of the ballot submission. There will be a mechanism to submit a request to have a ballot invalidated and reset.
TrueVote makes it much harder to commit voter fraud. If a person successfully creates multiple identities and votes more than once it’s possible that their votes will be considered valid. Registration authorities will need to continue their efforts in preventing this. TrueVote will employ machine learning techniques to help identify suspicious accounts and flag for manual review as needed. Additionally, TrueVote non-user identifiable data can be analyzed to help spot voter fraud.