On Friday 15 September 2006 11:15, Devdas Bhagat wrote:
On 15/09/06 10:58 +0530, jtd wrote:
<snip>
FOSS can ensure that the tech flaws are visible and therefore correctable. Like thevoting machine fiasco in the USA http://itpolicy.princeton.edu/voting/ts-paper.pdf
Could you show me how any random person can verify the code running on an electronic voting machine?
Absolutely. So u need signed binaries of stuff running on the machine and signed source and toolchain of the same. And a completely open architecture. And a system for veryfying all of that by those in doubt. The foss system will only ensure that the tech is not flawed as opposed to rest of the things that are required to make evoting reasonably fool proof.
Err.. i think we are both referring to identical system flaws.
Code on disk need not be the same as what was verified. Code which is in memory need not be the same as on disk.
'Reflections on trusting trust' is a good paper to read. How do you find that back door?
In the case of voting machines you almost cant, even if the arch was totally open. Verification might actually render the vote invalid.