-----BEGIN PGP SIGNED MESSAGE-----
At 11:02 PM 1/27/01 -0500, William Allen Simpson wrote:
...
>"Arnold G. Reinhold" wrote:
>> There are a lot of reasons why open source is desirable,
>> but it does simply the job for an attacker.
>I disagree. Security by obscurity is never desirable.
Right. This is doubly important in this application, where
the big threat is insider fraud. The people we're really
worried about doing some kind of large-scale fraud are
the ones being trusted to man voting stations, transport
ballots, count votes, and certify elections. Outsiders
who've read through the source code looking for buffer
overflow bugs aren't likely to have the access needed to
mount an attack.
--John Kelsey
k.e.l.s.e.y.(dot).j.(at).i.x.(dot).n.e.t.c.o.m.(dot).c.o.m
PGP: 5D91 6F57 2646 83F9 6D7F 9C87 886D 88AF
``Slavery's most important legacy may be a painful insight
into human nature and into the terrible consequences of
unbridled power.'' --Thomas Sowell, _Race and Culture_
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 Int. for non-commercial use
<http://www.pgpinternational.com>
Comment: foo
iQCVAwUBOn2ZCyZv+/Ry/LrBAQEcRAP/cj27xAaLwl2eFU42EA27RNhKQiwGtKvL
8cC7owNGufK6dYNj8zvYwKwiiYWYwavZLM1K1+vNq5e6pYjAsXGYgN21xyWUFi8A
LhChruj8zCg0ybgZ5AICbdGHHL+S2u4Sga5Ai+uEtTHbXHUfCylbDq4YYtgeshld
2Cbe2Vgbh98=
=JVz4
-----END PGP SIGNATURE-----
