Hi Doc, I'm volunteering with a non-partisan poll watchers group, namely PPCRV.
To answer number 4 below, it would be nice to secure softcopies of the ER and their sign values. If the assumption holds that minimal cheating will happen with the PCOS machines, then we would like to get electronic copies of the election results from the precinct level/PCOS machines. -- Brian Tan Seng Yahoo! Messenger ID: btanseng Registered Linux User # 361862 http://counter.li.org > <> > > MY REACTIONS: > > > "After the customization of poll automation software" -- means the software > already exists, so why wait to finish customizing it (setting parameters) > before getting the thing reviewed? The source code already exists, and will > not be affected by customization, so why not review the code now? > > If they are going to add new code, then that's a different story > altogether. I'd like the following added to the code: > > 1) During initialization (hour zero on election day), i'd like both PCOS > and CCS computers to print out filenames of all executables in /bin, /sbin, > /usr/bin, /usr/sbin, /usr/local/bin, /usr/local/sbin, together with their > SHA-256 checksums. Also all configuration files in /etc and their SHA-256 > checksums. These are needed to compare with the originals that have been > approved by source code review. In particular, /etc/securetty must specify > that the root user must never be allowed to log in from remote. To make > checking simple for the BEI on election day, this printout must be in > lexicographic order of filenames, and must be digitally clear-signed by > Smartmatic so that the BEI need only compare the signature part (two lines > of text) > > 2) The option to SSL-sign or GPG-sign should be put in the code, so that > the teachers have a choice of getting their public keys signed by a CA or > signed by a peer. > The signing part should be during the end of the voting period, not at the > beginning when there is nothing to sign yet (this is the way the current > version of the program looks to me). > > 3) Support for Java smartcards (with CPU) in the PCOS and CCS hardware > (smartcard slot) and new program for signing, so that using Java smartcards > for signing, the teachers' secret keys never leave the card, and is never > copied over to the computer. > > 4) Others? > > //PManalastas > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph >
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
