Post #290,331
8/5/07 1:03:09 PM
|
This should be happy news
But instead it's sad that it comes as such a surprise.
===
Kip Hawley is still an idiot.
===
Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats]. [link|http://DocHope.com|http://DocHope.com]
|
Post #290,332
8/5/07 1:23:13 PM
|
How many of these systems...
Were written from secure stand point?
None, as far as I have seen. If the software *IS* written properly and reviewed properly and QA'd properly, it shouldn't matter *WHAT* hardware it is on.
IOW [link|http://en.wikipedia.org/wiki/Kerckhoffs'_principle|Kerckhoffs' Principle] (yes I know, its wikipedia) applies here. Even though its not really and truly about cryptography, the lessons still apply.
Since corporations producing these voting machines are all about profit and nothing else... They ignore Kerckhoffs' Principle, citing costs, not enough TIME, deadlines... whatever. If they are not held to the fire, they won't do it, ever!
So, what to do. Force the corporations to prove it or develop this way. How? I don't quite know, but its the only thing that can make this problem go away.
Maybe treating this problem like NASA does with software problems related to mission critical stuff, will "cure" the endemic issues.
When I just typed mission critical, I don't mean "Corporate Mission Critical", I mean "OH NO! The crew just died" or "Umm, the vehicle just blew up" or "Hey! All the oxygen is being vented into space" mission critical stuff. These issues need to be treated similarly.
-- [link|mailto:greg@gregfolkert.net|greg], [link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey PGP key: 1024D/B524687C 2003-08-05 Fingerprint: E1D3 E3D7 5850 957E FED0 2B3A ED66 6971 B524 687C Alternate Fingerprint: 09F9 1102 9D74 E35B D841 56C5 6356 88C0 Alternate Fingerprint: 455F E104 22CA 29C4 933F 9505 2B79 2AB2
|
Post #290,333
8/5/07 1:38:59 PM
|
Nope, easy solution
Since corporations producing these voting machines are all about profit and nothing else. So make it about the profit. The contract you sign when you win the bid to build a voting system has a 110% guarantee. Anyone finds an exploitable flaw in your system, you owe a full refund to the government plus a commission to the person who found the exploit equal to 10% of all money paid under the contract. No expiration date, no statute of limitations. So, are you really confident in your system. Really?
===
Kip Hawley is still an idiot.
===
Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats]. [link|http://DocHope.com|http://DocHope.com]
|
Post #290,358
8/5/07 11:51:17 PM
|
That'd never fly.
But it's a good start.
Banks know about secure hardware. Vendors who sell to banks know about secure hardware because the banks make sure they know about secure hardware. When a vendor won't meet a bank's physical security test, the bank is just as likely to elsewhere.
I'm beginning to think that Diebold's problem isn't really that they make insecure voting machines, but that because we know they make ATMs (which are secure), we're expecting them to also make secure voting machines.
Perhaps there is a way to combine the ATM-like security in an ATM-like way with voting. What if each vote costs you a dollar at voting time? Put your dollar bill/coin in and direct which box it falls in. With all funds going to the candidate, win, lose or draw? Then Joe Public would be really interested in the security being right. If you made the boxes transparant, you could see which candidate is winning with a glance. The voter would want to see their dollar getting into the right box, too. And 'cause it's real money, the counting would be secured and all parties would be interested in getting right...
Hmm. Sounds an awful lot like paper ballots. That wasn't intentional, I swear! :-)
Wade.
Is it enough to love Is it enough to breathe Somebody rip my heart out And leave me here to bleed
| | Is it enough to die Somebody save my life I'd rather be Anything but Ordinary Please
|
-- "Anything but Ordinary" by Avril Lavigne. | · my · · [link|http://staticsan.livejournal.com/|blog] · · [link|http://yceran.org/|website] · |
|
Post #291,162
8/19/07 7:58:20 PM
|
Ask Bally...
They (and a number of others) have been making non-subvertable slot machines of various designs for decades! And they have this thing called the Nevada Gaming Board (now, since gam(bl)ing is basically universal, there are state Gaming Boards all over the place...but it all started there; they are the model). This august body is responsible for overseeing the manufacturers of gam(bl)ing devices, and I know from firsthand experience that they do not fuck around with anybody. You follow the rules, or you're out. Period. And one of the rules is that all your code is available for inspection at any time, and another is that you can only have in your machine code that has been fully certified as fair and balanced.
So any Diebold or anybody else who says it is too costly, or lofgistically impossible, or any of the other oh-so-lame excuses I've heard so far is just plain full of shit.
jb4 "It's hard for me, you know, living in this beautiful White House, to give you a firsthand assessment." — George W. Bush, when asked if he believed Iraq was in a state of civil war (Newsweek, 26 Feb 07)
|
Post #291,181
8/20/07 1:14:26 AM
|
No no no... it's about prioritization
see, slots are for making money, so it's a high priority for the state, but electronic voting machines are for democracy, so it's not.
|
Post #291,182
8/20/07 2:37:38 AM
8/20/07 2:41:10 AM
|
See, I already thought of that!
They need to do something to tie that together at the ballot box. Like using dollar bills (or coins) to vote. If money is involved that closely with the end voter, they will have an interest in making it secure and accurate.
Wade.
Is it enough to love Is it enough to breathe Somebody rip my heart out And leave me here to bleed
| | Is it enough to die Somebody save my life I'd rather be Anything but Ordinary Please
|
-- "Anything but Ordinary" by Avril Lavigne. | · my · · [link|http://staticsan.livejournal.com/|blog] · · [link|http://yceran.org/|website] · |
Edited by static
Aug. 20, 2007, 02:41:10 AM EDT
|
Post #291,209
8/20/07 5:34:43 PM
|
Uh no: Lobbyists do NOT want! "the public's vote"
'counted' - wherever possible.
And Lobbyists ARE "the US electorate", the "Deciders of purchase price" for each Rep - HTF d'ya think we got so Fucked, so irreversibly?
HTH ;^{
|