So, after all, the ultimate reason for opening the code is to satisfy one's ego of looking at someone else coding.
On Mon, Oct 12, 2009 at 9:14 PM, Danny Ching <[email protected]> wrote: > Opening the source code gives us a better channce to catch that. May > not be 100%. But better than nothing. > > Regards, > Danny Ching > > > On Oct 12, 2009, at 6:11 PM, Oscar Plameras <[email protected]> > wrote: > >> Then, you have a corrupt programmer. >> >> There's nothing you can do when there's a programmer in your team who >> is corrupt. >> >> This is a project management issue and not a systems issue that is >> properly dealt with before and during the development. >> >> On Mon, Oct 12, 2009 at 9:06 PM, Danny Ching <[email protected]> >> wrote: >>> Allow me to clarify. Assume that I pay the programmer to order the >>> computer to double votes to Danny if there is a candidate named Juan >>> De la Cruz, will simulation catch that? What if the trigger is a name >>> that says fhrbdudnejd. Will that scenario be tested? There is no way >>> to see that with simulation. Not unless you know what you are looking >>> for. Source code review will expose that. >>> >>> Regards, >>> Danny Ching >>> >>> >>> On Oct 12, 2009, at 5:58 PM, Oscar Plameras <[email protected]> >>> wrote: >>> >>>> I don't know what you mean. >>>> >>>> So, if you really are a good programmer you must be able to explain >>>> what you >>>> really mean. >>>> >>>> On Mon, Oct 12, 2009 at 8:52 PM, Danny Ching <[email protected]> >>>> wrote: >>>>> Additionally, you can guess a person's credibility by experience >>>>> (simulation testing) but you are never 100% sure because we do not >>>>> have the ability to check what makes a person do something or read >>>>> his >>>>> mind (his source code). Fortunately, computers are easier to >>>>> verify. >>>>> >>>>> Regards, >>>>> Danny Ching >>>>> >>>>> >>>>> On Oct 12, 2009, at 5:47 PM, Michael Mondragon >>>>> <[email protected] >>>>> > wrote: >>>>> >>>>>> foolder is correct. that's why sometimes there's a need for >>>>>> reverse >>>>>> engineering (static analysis) which could led to vulnerability >>>>>> discovery. this could lead us to some code which could be made >>>>>> in- >>>>>> place for any injection (backdoor, etc.) during normal execution. >>>>>> >>>>>> cheers, >>>>>> mike >>>>>> >>>>>> >>>>>> >>>>>> ----- Original Message ---- >>>>>> From: fooler mail <[email protected]> >>>>>> To: Philippine Linux Users' Group (PLUG) Technical Discussion List >>>>>> <[email protected] >>>>>>> >>>>>> Sent: Mon, October 12, 2009 4:47:19 PM >>>>>> Subject: Re: [plug] COMELEC SUED (Was: The Death of Election 2010 >>>>>> Source Code Review) >>>>>> >>>>>> On Mon, Oct 12, 2009 at 3:52 PM, Oscar Plameras >>>>>> <[email protected]> wrote: >>>>>>> >>>>>>> Remember, Election Automation Software is one of the easiest to >>>>>>> develop. >>>>>>> It is "Count and Tally", nothing complicated and convoluted. >>>>>> >>>>>> true.. BUT... the purpose of source code review is to examine if >>>>>> there >>>>>> is something beyond the count and tally thing which cannot be seen >>>>>> by >>>>>> your simulation test.. as what danny said - TRIGGERS.. >>>>>> >>>>>> special keyboard hotkey, special packets, special ER and others to >>>>>> trigger the manipulation of votes to do the dagdag-bawas scheme... >>>>>> >>>>>> fooler. >>>>>> _________________________________________________ >>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>> Searchable Archives: http://archives.free.net.ph >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> _________________________________________________ >>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>> Searchable Archives: http://archives.free.net.ph >>>>> _________________________________________________ >>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>> Searchable Archives: http://archives.free.net.ph >>>>> >>>> _________________________________________________ >>>> Philippine Linux Users' Group (PLUG) Mailing List >>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>> Searchable Archives: http://archives.free.net.ph >>> _________________________________________________ >>> Philippine Linux Users' Group (PLUG) Mailing List >>> http://lists.linux.org.ph/mailman/listinfo/plug >>> Searchable Archives: http://archives.free.net.ph >>> >> _________________________________________________ >> Philippine Linux Users' Group (PLUG) Mailing List >> http://lists.linux.org.ph/mailman/listinfo/plug >> Searchable Archives: http://archives.free.net.ph > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
