Re: Vote verification --- a futile exercise?
On Thu, Apr 04, 2002 at 06:49:09PM -0500, Jeff Licquia wrote: Not necessarily. [...] Interesting scheme. It makes some assumptions about living habits that might not be correct for Debian developers, though :-) (For example, I send most of my mail around noon and around midnight.) A more effective version might be to monitor mailing list activity directly to see which times to target. This would be especially useful if you can stir up a discussion in which people state their support for one of the candidates. One way to prevent this might be to use batched mails, for example a server that collects mail for a whole day and then forwards them (in random order) to the vote counter in one batch. This can be defeated by collusion between the vote counter and the operator of this server -- but we're already assuming anonymous mail, right? The requirements would be the same. In fact existing anonymous mail services already use such batching and reordering, though not on the scale of whole days. In the extreme, every voter could operate an anonymous mail gateway for this vote. If there is collusion between *all* the voters, then there is little point in voting :-) However, this would ignore the problem of voter apathy. I'm afraid that this whole scheme fails requirement 0: 0) Voting should be easy for the voters Making voting difficult will introduce a bias that favours extremists. Oh... I just realized that per-day batching would still not work. Suppose the vote taker's favourite candidate does something really unpopular halfway through the vote (such as revealing his Secret Master Plan to Take Over the World). In that case, dropping votes from the second half of the voting period could affect the outcome. [Again, not that Manoj would ever do such a vile thing.] Indeed. We're geeks, and the election is a new toy that we're taking apart to see how it works :-) Richard Braakman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote verification --- a futile exercise?
On Friday, April 5, 2002, at 04:51 AM, Richard Braakman wrote: Indeed. We're geeks, and the election is a new toy that we're taking apart to see how it works :-) rant Yep. And we'll eventually come up with something that works perfectly every time, never allows fraud, vote selling, etc.; allows you to change your mind; does not force you to vote for one of two major parties; and can be understood by anyone willing to take the time to learn it. Then someone --- let's call them SoftMicro --- will come out with a voting system that is plagued with security holes, routinely has votes and entire elections stolen, forces people to vote for the one major candidate or have his vote effectively not count; counts votes using some contortionist's dream, understood by no one (source is not available); and eventually spits out a random result each time (when it doesn't crash completely, requiring a new election). People will flock to it in droves. /rant -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Transcript of the Debate
Anthony DeRobertis: Hmmm? See time stamp 15:05. After that they are called 'bdale', 'Branden', and 'Raphael' Ahh. I see. I only looked at the first page and saw the aliases. Silly me... -- \\// peter - http://www.softwolves.pp.se/ Statement concerning unsolicited e-mail according to Swedish law: http://www.softwolves.pp.se/peter/reklampost.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Election status
On Wed, Apr 03, 2002 at 02:27:28PM -0600, Manoj Srivastava wrote: Sven == Sven [EMAIL PROTECTED] writes: Sven Was this md5sum not supposed to be sent in the aknowledgement ``Supposed'' to be? I don't think that it was decided to modify the vote system, no. The best I recall is some discussion last year about secret ballot protocols, but that is as far as it went. Well, i did not yet receive any kind of aknowledgement for my vote, but as i understood, it should contain some kind of id or something which i can use to check that the voting script did its job right. And the problem is not so much to check that there is not some evil intention on the vote-master's part or something such, just to check that the voting script did not misfire. Sven mail of the ballot, so it would only be comparing two md5sums, Sven quite easy to do. Two cutpastes should do the job, nothing Sven arcane involved here ? And, of course, you then lose the benefit of having the md5sums, since I could slip the same md5sum to more than one person. I guess it would still be a deterrent, since I would never know who all did not really check the md5sum. Yes, sure, but that is the real problem. Is it really that hard to run md5sum? Can we really survive as a project if the developers feel that way? Allow me to demonstrate. (Note: since my userid is srivasta, and if my secret token was 0123456789ABXDE, then i get: - % echo srivasta 0123456789ABXDE | md5sum f305c07513500e690a7f98f10c52a7fc -- I can even do this: % egrep $(echo srivasta 0123456789ABXDE | md5sum) tally.txt and see that my vote is valid. Ok, no problem, The difficulty is that we are speaking about id + vote + secret word, and that the way of concatenating them is not clear. There would be a difference between : % echo srivasta 0123456789ABXDE | md5sum f305c07513500e690a7f98f10c52a7fc and % echo srivasta0123456789ABXDE | md5sum 3fd531504123df0165a3be23f4d8a33d Now, what about the vote part, should i use the whole text of my signed ballot, the unsigned version, (which will yield a multiline text part to md5sum) or a simple shortcut thereof. Or maybe we should forget about this part ? How hard was that? I guess I'll change the ack to put i a command line. I am not going to ship the md5sum in the ack, so there. The main problem here is what exactly we are to md5sum, not the fact that we shall md5sum something. Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote verification --- a futile exercise?
On Fri, 2002-04-05 at 04:51, Richard Braakman wrote: Oh... I just realized that per-day batching would still not work. Suppose the vote taker's favourite candidate does something really unpopular halfway through the vote (such as revealing his Secret Master Plan to Take Over the World). In that case, dropping votes from the second half of the voting period could affect the outcome. You'd have to be able to predict that the candidate would have such a plan, and would reveal it in the middle of the election. This might not be a problem if the CTF is also the Second-In-Command, Evil Plot, Inc. The general problem still remains, however: if the CTF can drop random unknown votes, and if the CTF can correlate any outside event with probabilities in voter activity times, then the CTF can exert influence on the election results. Even something like a popular tech conference (Euro voters are all at CeBIT this week) or a holiday (all the Irish developers are too busy partying to vote on St. Patrick's Day) could be used. Using this protocol, the best solution to all these problems is voter vigilance. If enough voters threw a fit that their votes weren't being published, then (as you pointed out), the whole election process could be stopped pending an investigation. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Election status
Sven == Sven [EMAIL PROTECTED] writes: Sven Well, i did not yet receive any kind of aknowledgement for my Sven vote, but as i understood, it should contain some kind of id or Sven something which i can use to check that the voting script did Sven its job right. I suspect you have gotten the ack now. Sven And the problem is not so much to check that there is not some Sven evil intention on the vote-master's part or something such, Sven just to check that the voting script did not misfire. And now you know what your vote was parsed to be. Sven The difficulty is that we are speaking about id + vote + secret Sven word, and that the way of concatenating them is not clear. And you also now know that the ack said specifically what command line to use: % echo sven 0123456789ABCDE | md5sum This instruction shall also be repeated on the final tally sheet. Sven The main problem here is what exactly we are to md5sum, not the Sven fact that we shall md5sum something. The main problem is that you are not giving anyone but yourself any credit for intelligence. manoj -- I will make no bargains with terrorist hardware. Peter da Silva Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
*****SPAM***** (±¤°í)´ç½ÅÀ» ¹é¸¸ÀåÀÚŬ·´¿¡ ÃÊ´ëÇÕ´Ï´Ù...
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN HTMLHEAD META http-equiv=Content-Type content=text/html; charset=unicode META content=MSHTML 6.00.2713.1100 name=GENERATOR/HEAD BODY font color=blue face=ÈÞ¸Õ¸ÅÁ÷ü size=3span style=FONT-SIZE: 18ptnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷üa href=http://nancho.starhana.com;script language=javascript src= http://myhome.hananet.net/~nannaya77/js/don1.js;/script/a/font P/P a href=http://nancho.starhana.com; target=_blankimg src=http://starhana.com/images/mtima1.jpg; border=0 width=134 height=114img src=http://starhana.com/images/mtima2.gif; border=0 width=146 height=114img src=http://starhana.com/images/mtima3.gif; border=0 width=146 height=114img src=http://starhana.com/images/mtima4.jpg; border=0 width=170 height=114/a pfont face=ÈÞ¸Õ¸ÅÁ÷ü color=red size=3span style=FONT-SIZE: 20ptÀÌÀ¯°¡ ÀÖ´Â ·©Å· 1À§ ½ÎÀÌÆ®/span/font/p pFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14ptÃÖ±Ù ¿©·¯´Þµ¿¾È /spanfont color=blue span style=FONT-SIZE: 14pt¹«·áÁ¤º¸ºÐ¾ß/span/fontspan style=FONT-SIZE: 14pt ÀÇ ·©Ä» ¼øÀ§ 1À§ÀÎ ½ÎÀÌÆ®°¡ ¾îµðÀÎÁö Ȥ½Ã ¾Æ½Ã³ª¿ä? /span/FONT/FONT/p pa href=http://nancho.starhana.com;span style=FONT-SIZE: 20ptfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#ff size=5¿© ±â/font/span/aFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14pt °¡ ·©Å· 1À§¶ó¸é ±×·² ¸¸ÇÑ ÀÌÀ¯°¡ÀÖÁö ¾Ê°Ú½À´Ï±î? /span/FONT/FONT/p pFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14pt´ÔÀ» Á¤ÁßÈ÷ ÃÊ´ëÇÏ°Ú½À´Ï´Ù. /span/FONT/FONTfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt»ç¾÷°¡Àû ¾È¸ñÀ¸·Î °ËÅäÇϽŴٸé Á¤¸» ³î¶ó½Ç °ÍÀÔ´Ï´Ù./span/font/p pa href=http://nancho.starhana.com;span style=FONT-SIZE: 26ptfont face=ÈÞ¸Õ¸ÅÁ÷ü color=red size=6¹é¸¸ÀåÀÚŬ·´/font/span/aspan style=FONT-SIZE: 26pta href=http://nancho.starhana.com;font face=ÈÞ¸Õ¸ÅÁ÷ü color=fuchsia size=6nbsp;/font/afont face=ÈÞ¸Õ¸ÅÁ÷ü color=fuchsia size=5nbsp;/font/spanFONT size=3FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 20ptfont color=fuchsia nbsp;/fontfont color=blue ¹Ù·Î°¡±â/font/spanspan style=FONT-SIZE: 26ptfont color=fuchsia nbsp;nbsp;nbsp;nbsp;/font/span/FONT/FONT/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#33 size=3span style=FONT-SIZE: 16ptnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;¶Ç ÇϳªÀÇ ºò ´º½º /span/fonta href=http://www.winergrup.com;span style=FONT-SIZE: 20ptfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#ff00ff size=6nbsp;ºòÇ÷¡´Ö/font/span/aFONT size=3font face=ÈÞ¸Õ¸ÅÁ÷ü color=fuchsiaspan style=FONT-SIZE: 20pt nbsp;/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü color=bluespan style=FONT-SIZE: 20pt¹Ù·Î°¡±â/span/font/FONT/p pnbsp;FONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷ünbsp;span style=FONT-SIZE: 14ptÀÌ ¸ðµÎ°¡ /spanfont color=red span style=FONT-SIZE: 14pt¹é¸¸ÀåÀÚŬ·´/span/fontspan style=FONT-SIZE: 14pt¿¡¼ ½ÇÇö °¡´ÉÇÕ´Ï´Ù. ÂüÀ¸·Î ¾öû³ Á¤º¸°¡ /span/FONT/FONTfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÁ¦ ȨÆäÀÌÁö¿¡ ÀÖ½À´Ï´Ù. /span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÀϹÝȸ¿ø°¡ÀÔÀº ¹«·áÀ̸ç ÀÚ¼¼È÷ ÀÐ¾î º¸½Ã¸é ÁÁÀº Á¤º¸¸¦ ¾òÀ» ¼ö ÀÖ°í »ç¾÷¼³¸íȸ Àå¼Òµµ/span/font font face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÂü¼® ÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù./span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÇÁ·£Â÷ÀÌÁî¿¡ °¡ÀÔÇϽøé Á¤½Ä »ç¾÷ÀÚ ÀÚ°ÝÀ¸·Î ÀÚ½ÅÀÇ È¨ÆäÀÌÁö°¡ /span/fontfont size=3span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üFONT size=4»ý¼ºµÇ¸ç ÀçÅñٹ«·Î¼ ¹«ÀÚº» ¹«Á¡Æ÷/FONT/FONT FONT face=ÈÞ¸Õ¸ÅÁ÷üFONT size=4ÀÇ ÀÎÅͳݿöÅ· »ç¾÷ÀÌ °¡´ÉÇÕ´Ï´Ù/FONT./FONT/span/font/p pfont size=3span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üÇÁ·£Â÷ÀÌÁî °¡ÀԽô ¾à°£ÀÇ È¨ÆäÀÌÁö ¿î¿µ À¯Áöºñ¸¸ °¨¼öÇÏ½Ã¸é µË´Ï´Ù./FONT/span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÁÖÀÇ ÇϽÇÁ¡ ȸ¿ø°¡ÀԽà id¸¦ °£´ÜÇÏ¸ç ¿Ü¿ì±â ½¬¿î °ÍÀ¸·Î Çϼ¼¿ä. ÀÌÀ¯´Â ÇÁ·£Â÷ÀÌÁî °¡ÀԽà id°¡ ÀÚ½ÅÀÇ µµ¸ÞÀÎÀ¸·Î ¿Ã¶ó°©´Ï´Ù./span/font/p pfont size=4span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üÁ¦ Ȩ¿¡ ¿À½Ã¸é FONT color=#ff¿î¿µÀÚ ÇÁ·ÎÇÊ/FONTFONT color=#00À» ÀÐ¾î º¸½Ã°í ±× ´ÙÀ½ ´Ù¸¥ Á¤º¸µéÀ» /FONT/FONT/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt²Ä²ÄÈ÷ ¿¶÷Çϼ¼¿ä./span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=fuchsiaspan style=FONT-SIZE: 14pt(Âü°í)/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt¹é¸¸ÀåÀÚŬ·´°ú »ó°ü¾øÀÌ /span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=bluespan style=FONT-SIZE: 14ptºòÇ÷¡´Ö/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=#01span style=FONT-SIZE: 14pt»ç¾÷¸¸/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÀ» Èñ¸ÁÇϽô ºÐÀº ¹«·áȸ¿ø °¡ÀÔÈÄ /span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=redspan style=FONT-SIZE: 14ptiwÂü°¡Çϱâ/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt Ç׸ñÀ» Ŭ¸¯ÇϽþî Âü¿©½ÅûÀ»/span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÇϽðųª Àüȸ¦ ÁÖ½Ã¸é ¾È³»¸¦ ÇÏ°Ú½À´Ï´Ù.
*****SPAM***** (±¤°í)´ç½ÅÀ» ¹é¸¸ÀåÀÚŬ·´¿¡ ÃÊ´ëÇÕ´Ï´Ù...
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN HTMLHEAD META http-equiv=Content-Type content=text/html; charset=unicode META content=MSHTML 6.00.2713.1100 name=GENERATOR/HEAD BODY font color=blue face=ÈÞ¸Õ¸ÅÁ÷ü size=3span style=FONT-SIZE: 18ptnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷üa href=http://nancho.starhana.com;script language=javascript src= http://myhome.hananet.net/~nannaya77/js/don1.js;/script/a/font P/P a href=http://nancho.starhana.com; target=_blankimg src=http://starhana.com/images/mtima1.jpg; border=0 width=134 height=114img src=http://starhana.com/images/mtima2.gif; border=0 width=146 height=114img src=http://starhana.com/images/mtima3.gif; border=0 width=146 height=114img src=http://starhana.com/images/mtima4.jpg; border=0 width=170 height=114/a pfont face=ÈÞ¸Õ¸ÅÁ÷ü color=red size=3span style=FONT-SIZE: 20ptÀÌÀ¯°¡ ÀÖ´Â ·©Å· 1À§ ½ÎÀÌÆ®/span/font/p pFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14ptÃÖ±Ù ¿©·¯´Þµ¿¾È /spanfont color=blue span style=FONT-SIZE: 14pt¹«·áÁ¤º¸ºÐ¾ß/span/fontspan style=FONT-SIZE: 14pt ÀÇ ·©Ä» ¼øÀ§ 1À§ÀÎ ½ÎÀÌÆ®°¡ ¾îµðÀÎÁö Ȥ½Ã ¾Æ½Ã³ª¿ä? /span/FONT/FONT/p pa href=http://nancho.starhana.com;span style=FONT-SIZE: 20ptfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#ff size=5¿© ±â/font/span/aFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14pt °¡ ·©Å· 1À§¶ó¸é ±×·² ¸¸ÇÑ ÀÌÀ¯°¡ÀÖÁö ¾Ê°Ú½À´Ï±î? /span/FONT/FONT/p pFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14pt´ÔÀ» Á¤ÁßÈ÷ ÃÊ´ëÇÏ°Ú½À´Ï´Ù. /span/FONT/FONTfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt»ç¾÷°¡Àû ¾È¸ñÀ¸·Î °ËÅäÇϽŴٸé Á¤¸» ³î¶ó½Ç °ÍÀÔ´Ï´Ù./span/font/p pa href=http://nancho.starhana.com;span style=FONT-SIZE: 26ptfont face=ÈÞ¸Õ¸ÅÁ÷ü color=red size=6¹é¸¸ÀåÀÚŬ·´/font/span/aspan style=FONT-SIZE: 26pta href=http://nancho.starhana.com;font face=ÈÞ¸Õ¸ÅÁ÷ü color=fuchsia size=6nbsp;/font/afont face=ÈÞ¸Õ¸ÅÁ÷ü color=fuchsia size=5nbsp;/font/spanFONT size=3FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 20ptfont color=fuchsia nbsp;/fontfont color=blue ¹Ù·Î°¡±â/font/spanspan style=FONT-SIZE: 26ptfont color=fuchsia nbsp;nbsp;nbsp;nbsp;/font/span/FONT/FONT/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#33 size=3span style=FONT-SIZE: 16ptnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;¶Ç ÇϳªÀÇ ºò ´º½º /span/fonta href=http://www.winergrup.com;span style=FONT-SIZE: 20ptfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#ff00ff size=6nbsp;ºòÇ÷¡´Ö/font/span/aFONT size=3font face=ÈÞ¸Õ¸ÅÁ÷ü color=fuchsiaspan style=FONT-SIZE: 20pt nbsp;/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü color=bluespan style=FONT-SIZE: 20pt¹Ù·Î°¡±â/span/font/FONT/p pnbsp;FONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷ünbsp;span style=FONT-SIZE: 14ptÀÌ ¸ðµÎ°¡ /spanfont color=red span style=FONT-SIZE: 14pt¹é¸¸ÀåÀÚŬ·´/span/fontspan style=FONT-SIZE: 14pt¿¡¼ ½ÇÇö °¡´ÉÇÕ´Ï´Ù. ÂüÀ¸·Î ¾öû³ Á¤º¸°¡ /span/FONT/FONTfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÁ¦ ȨÆäÀÌÁö¿¡ ÀÖ½À´Ï´Ù. /span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÀϹÝȸ¿ø°¡ÀÔÀº ¹«·áÀ̸ç ÀÚ¼¼È÷ ÀÐ¾î º¸½Ã¸é ÁÁÀº Á¤º¸¸¦ ¾òÀ» ¼ö ÀÖ°í »ç¾÷¼³¸íȸ Àå¼Òµµ/span/font font face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÂü¼® ÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù./span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÇÁ·£Â÷ÀÌÁî¿¡ °¡ÀÔÇϽøé Á¤½Ä »ç¾÷ÀÚ ÀÚ°ÝÀ¸·Î ÀÚ½ÅÀÇ È¨ÆäÀÌÁö°¡ /span/fontfont size=3span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üFONT size=4»ý¼ºµÇ¸ç ÀçÅñٹ«·Î¼ ¹«ÀÚº» ¹«Á¡Æ÷/FONT/FONT FONT face=ÈÞ¸Õ¸ÅÁ÷üFONT size=4ÀÇ ÀÎÅͳݿöÅ· »ç¾÷ÀÌ °¡´ÉÇÕ´Ï´Ù/FONT./FONT/span/font/p pfont size=3span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üÇÁ·£Â÷ÀÌÁî °¡ÀԽô ¾à°£ÀÇ È¨ÆäÀÌÁö ¿î¿µ À¯Áöºñ¸¸ °¨¼öÇÏ½Ã¸é µË´Ï´Ù./FONT/span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÁÖÀÇ ÇϽÇÁ¡ ȸ¿ø°¡ÀԽà id¸¦ °£´ÜÇÏ¸ç ¿Ü¿ì±â ½¬¿î °ÍÀ¸·Î Çϼ¼¿ä. ÀÌÀ¯´Â ÇÁ·£Â÷ÀÌÁî °¡ÀԽà id°¡ ÀÚ½ÅÀÇ µµ¸ÞÀÎÀ¸·Î ¿Ã¶ó°©´Ï´Ù./span/font/p pfont size=4span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üÁ¦ Ȩ¿¡ ¿À½Ã¸é FONT color=#ff¿î¿µÀÚ ÇÁ·ÎÇÊ/FONTFONT color=#00À» ÀÐ¾î º¸½Ã°í ±× ´ÙÀ½ ´Ù¸¥ Á¤º¸µéÀ» /FONT/FONT/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt²Ä²ÄÈ÷ ¿¶÷Çϼ¼¿ä./span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=fuchsiaspan style=FONT-SIZE: 14pt(Âü°í)/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt¹é¸¸ÀåÀÚŬ·´°ú »ó°ü¾øÀÌ /span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=bluespan style=FONT-SIZE: 14ptºòÇ÷¡´Ö/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=#01span style=FONT-SIZE: 14pt»ç¾÷¸¸/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÀ» Èñ¸ÁÇϽô ºÐÀº ¹«·áȸ¿ø °¡ÀÔÈÄ /span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=redspan style=FONT-SIZE: 14ptiwÂü°¡Çϱâ/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt Ç׸ñÀ» Ŭ¸¯ÇϽþî Âü¿©½ÅûÀ»/span/font/p pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÇϽðųª Àüȸ¦ ÁÖ½Ã¸é ¾È³»¸¦ ÇÏ°Ú½À´Ï´Ù.
Re: Vote verification --- a futile exercise?
On Thu, Apr 04, 2002 at 06:49:09PM -0500, Jeff Licquia wrote: Not necessarily. [...] Interesting scheme. It makes some assumptions about living habits that might not be correct for Debian developers, though :-) (For example, I send most of my mail around noon and around midnight.) A more effective version might be to monitor mailing list activity directly to see which times to target. This would be especially useful if you can stir up a discussion in which people state their support for one of the candidates. One way to prevent this might be to use batched mails, for example a server that collects mail for a whole day and then forwards them (in random order) to the vote counter in one batch. This can be defeated by collusion between the vote counter and the operator of this server -- but we're already assuming anonymous mail, right? The requirements would be the same. In fact existing anonymous mail services already use such batching and reordering, though not on the scale of whole days. In the extreme, every voter could operate an anonymous mail gateway for this vote. If there is collusion between *all* the voters, then there is little point in voting :-) However, this would ignore the problem of voter apathy. I'm afraid that this whole scheme fails requirement 0: 0) Voting should be easy for the voters Making voting difficult will introduce a bias that favours extremists. Oh... I just realized that per-day batching would still not work. Suppose the vote taker's favourite candidate does something really unpopular halfway through the vote (such as revealing his Secret Master Plan to Take Over the World). In that case, dropping votes from the second half of the voting period could affect the outcome. [Again, not that Manoj would ever do such a vile thing.] Indeed. We're geeks, and the election is a new toy that we're taking apart to see how it works :-) Richard Braakman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote verification --- a futile exercise?
On Friday, April 5, 2002, at 04:51 AM, Richard Braakman wrote: Indeed. We're geeks, and the election is a new toy that we're taking apart to see how it works :-) rant Yep. And we'll eventually come up with something that works perfectly every time, never allows fraud, vote selling, etc.; allows you to change your mind; does not force you to vote for one of two major parties; and can be understood by anyone willing to take the time to learn it. Then someone --- let's call them SoftMicro --- will come out with a voting system that is plagued with security holes, routinely has votes and entire elections stolen, forces people to vote for the one major candidate or have his vote effectively not count; counts votes using some contortionist's dream, understood by no one (source is not available); and eventually spits out a random result each time (when it doesn't crash completely, requiring a new election). People will flock to it in droves. /rant -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Transcript of the Debate
Anthony DeRobertis: Hmmm? See time stamp 15:05. After that they are called 'bdale', 'Branden', and 'Raphael' Ahh. I see. I only looked at the first page and saw the aliases. Silly me... -- \\// peter - http://www.softwolves.pp.se/ Statement concerning unsolicited e-mail according to Swedish law: http://www.softwolves.pp.se/peter/reklampost.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Election status
On Wed, Apr 03, 2002 at 02:27:28PM -0600, Manoj Srivastava wrote: Sven == Sven [EMAIL PROTECTED] writes: Sven Was this md5sum not supposed to be sent in the aknowledgement ``Supposed'' to be? I don't think that it was decided to modify the vote system, no. The best I recall is some discussion last year about secret ballot protocols, but that is as far as it went. Well, i did not yet receive any kind of aknowledgement for my vote, but as i understood, it should contain some kind of id or something which i can use to check that the voting script did its job right. And the problem is not so much to check that there is not some evil intention on the vote-master's part or something such, just to check that the voting script did not misfire. Sven mail of the ballot, so it would only be comparing two md5sums, Sven quite easy to do. Two cutpastes should do the job, nothing Sven arcane involved here ? And, of course, you then lose the benefit of having the md5sums, since I could slip the same md5sum to more than one person. I guess it would still be a deterrent, since I would never know who all did not really check the md5sum. Yes, sure, but that is the real problem. Is it really that hard to run md5sum? Can we really survive as a project if the developers feel that way? Allow me to demonstrate. (Note: since my userid is srivasta, and if my secret token was 0123456789ABXDE, then i get: - % echo srivasta 0123456789ABXDE | md5sum f305c07513500e690a7f98f10c52a7fc -- I can even do this: % egrep $(echo srivasta 0123456789ABXDE | md5sum) tally.txt and see that my vote is valid. Ok, no problem, The difficulty is that we are speaking about id + vote + secret word, and that the way of concatenating them is not clear. There would be a difference between : % echo srivasta 0123456789ABXDE | md5sum f305c07513500e690a7f98f10c52a7fc and % echo srivasta0123456789ABXDE | md5sum 3fd531504123df0165a3be23f4d8a33d Now, what about the vote part, should i use the whole text of my signed ballot, the unsigned version, (which will yield a multiline text part to md5sum) or a simple shortcut thereof. Or maybe we should forget about this part ? How hard was that? I guess I'll change the ack to put i a command line. I am not going to ship the md5sum in the ack, so there. The main problem here is what exactly we are to md5sum, not the fact that we shall md5sum something. Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote verification --- a futile exercise?
On Fri, 2002-04-05 at 04:51, Richard Braakman wrote: Oh... I just realized that per-day batching would still not work. Suppose the vote taker's favourite candidate does something really unpopular halfway through the vote (such as revealing his Secret Master Plan to Take Over the World). In that case, dropping votes from the second half of the voting period could affect the outcome. You'd have to be able to predict that the candidate would have such a plan, and would reveal it in the middle of the election. This might not be a problem if the CTF is also the Second-In-Command, Evil Plot, Inc. The general problem still remains, however: if the CTF can drop random unknown votes, and if the CTF can correlate any outside event with probabilities in voter activity times, then the CTF can exert influence on the election results. Even something like a popular tech conference (Euro voters are all at CeBIT this week) or a holiday (all the Irish developers are too busy partying to vote on St. Patrick's Day) could be used. Using this protocol, the best solution to all these problems is voter vigilance. If enough voters threw a fit that their votes weren't being published, then (as you pointed out), the whole election process could be stopped pending an investigation. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Election status
Sven == Sven [EMAIL PROTECTED] writes: Sven Well, i did not yet receive any kind of aknowledgement for my Sven vote, but as i understood, it should contain some kind of id or Sven something which i can use to check that the voting script did Sven its job right. I suspect you have gotten the ack now. Sven And the problem is not so much to check that there is not some Sven evil intention on the vote-master's part or something such, Sven just to check that the voting script did not misfire. And now you know what your vote was parsed to be. Sven The difficulty is that we are speaking about id + vote + secret Sven word, and that the way of concatenating them is not clear. And you also now know that the ack said specifically what command line to use: % echo sven 0123456789ABCDE | md5sum This instruction shall also be repeated on the final tally sheet. Sven The main problem here is what exactly we are to md5sum, not the Sven fact that we shall md5sum something. The main problem is that you are not giving anyone but yourself any credit for intelligence. manoj -- I will make no bargains with terrorist hardware. Peter da Silva Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]