On Friday 15 September 2006 11:15, Devdas Bhagat wrote: > On 15/09/06 10:58 +0530, jtd wrote: > <snip> > > > FOSS can ensure that the tech flaws are visible and therefore > > correctable. Like thevoting machine fiasco in the USA > > http://itpolicy.princeton.edu/voting/ts-paper.pdf > > Could you show me how any random person can verify the code running > on an electronic voting machine?
Absolutely. So u need signed binaries of stuff running on the machine and signed source and toolchain of the same. And a completely open architecture. And a system for veryfying all of that by those in doubt. The foss system will only ensure that the tech is not flawed as opposed to rest of the things that are required to make evoting reasonably fool proof. Err.. i think we are both referring to identical system flaws. > Code on disk need not be the same > as what was verified. Code which is in memory need not be the same > as on disk. > > 'Reflections on trusting trust' is a good paper to read. How do you > find that back door? In the case of voting machines you almost cant, even if the arch was totally open. Verification might actually render the vote invalid. -- Rgds JTD -- http://mm.glug-bom.org/mailman/listinfo/linuxers
