Good grief! Have you been living under a rock? RA-9369 Sec 12 mandates these provisions, to wit:
“Once an AES technology is selected for implementation, the Commission shall promptly make the source code of that technology available and open to any interested political party or groups which may conduct their own review thereof." What COMELEC is doing is ILLEGAL. Plain and simple. Welcome to the reality that even constitutional bodies can do wrong. Go carry your trolling and one-liners elsewhere boy. On Mon, Oct 12, 2009 at 7:25 PM, Oscar Plameras <[email protected]> wrote: > What do you mean by law? > > The problem is we are too pedantic. > > If only we are a little bit practical, pragmatic, and sensible. > > Then, change will come. > > On Mon, Oct 12, 2009 at 10:21 PM, Oscar Plameras > <[email protected]> wrote: >> You're right. >> >> You get what you deserve, as they say. >> >> >> On Mon, Oct 12, 2009 at 10:19 PM, Paolo Falcone <[email protected]> wrote: >>> So we're just gonna trade quips and one liners eh? Any two monkeys can >>> play that game. >>> >>> Then again, you still haven't proven that a blackbox test WILL work >>> and SATISFY the requirement (BY LAW!) for the source code review. Or >>> are you claiming invincible ignorance here? This ain't the forum for >>> that! >>> >>> On Mon, Oct 12, 2009 at 7:16 PM, Oscar Plameras <[email protected]> >>> wrote: >>>> That's why we are in a mess. >>>> >>>> There's a saying when you are in a hole, you stop digging. >>>> >>>> On Mon, Oct 12, 2009 at 10:14 PM, Oscar Plameras >>>> <[email protected]> wrote: >>>>> It's really up to you. >>>>> >>>>> >>>>> On Mon, Oct 12, 2009 at 10:11 PM, Paolo Falcone <[email protected]> >>>>> wrote: >>>>>> Duh? >>>>>> >>>>>> You are conveniently forgetting that the PCOS is not just "Count and >>>>>> Tabulate". It also has features to ensure that the system is NOT >>>>>> tampered, whether during count or transmission, and that requires >>>>>> crypto. >>>>>> >>>>>> Horses for courses my ass. >>>>>> >>>>>> If it were just simple to simply trust governments and people, there >>>>>> wouldn't be a need for a military, or for crypto at all. But you're in >>>>>> the real world, and not all can be trusted. >>>>>> >>>>>> Paolo >>>>>> >>>>>> On Mon, Oct 12, 2009 at 7:07 PM, Oscar Plameras >>>>>> <[email protected]> wrote: >>>>>>> Horses for courses. Military security is not comparable to a system >>>>>>> that is >>>>>>> "Count and Tabulate. >>>>>>> >>>>>>> On Mon, Oct 12, 2009 at 10:03 PM, Paolo Falcone <[email protected]> >>>>>>> wrote: >>>>>>>> The system is indeed not designed to detect corruption, and neither >>>>>>>> does a source code review indicate that with all degrees of certainty >>>>>>>> the presence of a backdoor indicates corruption. >>>>>>>> >>>>>>>> Then again, only a source code review satisfies the requirement that >>>>>>>> there will be no backdoors in the inspected application, be it put by >>>>>>>> a corrupt programmer or a programmer in a hurry to get out of the >>>>>>>> office. A blackbox testing with the specifications can only get you so >>>>>>>> far - that the system is compliant as per specification. Whether it >>>>>>>> exceeds or subverts the specification outside the test conditions is >>>>>>>> something that you can only get with a code review. >>>>>>>> >>>>>>>> Has anyone even wondered why the military is so anal about source code >>>>>>>> and algorithm review when designing military ciphers? Once the >>>>>>>> underlying mantra (Kerckhoff's principle) is thoroughly understood >>>>>>>> then one will understand why a blackbox testing SIMPLY DOES NOT DO THE >>>>>>>> JOB. >>>>>>>> >>>>>>>> It amazes me that there are still some segments in society that won't >>>>>>>> extend the same level of scrutiny to the system that determines who >>>>>>>> will run their government. And would rather outsource the scrutinizing >>>>>>>> eyes to some non-stakeholder corporation. >>>>>>>> >>>>>>>> When it comes to reviewing software, you can automate all the tests, >>>>>>>> but at the end of the day, NEVER TRUST A MACHINE TO DO A HUMAN'S JOB. >>>>>>>> >>>>>>>> On Mon, Oct 12, 2009 at 6:35 PM, Oscar Plameras >>>>>>>> <[email protected]> wrote: >>>>>>>>> You should know that the system is not meant to detect corruption. >>>>>>>>> >>>>>>>>> On Mon, Oct 12, 2009 at 9:24 PM, Danny Ching <[email protected]> >>>>>>>>> wrote: >>>>>>>>>> Perhaps I should qualify that. Lest the prorammers in the list >>>>>>>>>> believe >>>>>>>>>> you. Hehehe >>>>>>>>>> >>>>>>>>>> I think we should at least be realistic enough to note that some >>>>>>>>>> corrupt officials are completely willing to corrupting anyone >>>>>>>>>> including programmers. >>>>>>>>>> >>>>>>>>>> Do I trust pogrammers? Not all. Do you? Btw. Let's keep the >>>>>>>>>> discussion >>>>>>>>>> to technical stuff and let us not question each other's technical >>>>>>>>>> capabilities. Peace. >>>>>>>>>> >>>>>>>>>> Regards, >>>>>>>>>> Danny Ching >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Oct 12, 2009, at 6:16 PM, Oscar Plameras <[email protected]> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>>> If you don't trust programmers, you are in the wrong profession. >>>>>>>>>>> >>>>>>>>>>> On Mon, Oct 12, 2009 at 9:12 PM, Danny Ching <[email protected]> >>>>>>>>>>> wrote: >>>>>>>>>>>> I don't trust programmers who hide their code. Although not all >>>>>>>>>>>> reviewers are honest, all it takes to expose anomalies in open >>>>>>>>>>>> source >>>>>>>>>>>> is one honest reviewer. >>>>>>>>>>>> >>>>>>>>>>>> However in a close source system all it takes to corrupt the system >>>>>>>>>>>> is >>>>>>>>>>>> one corrupt programmer. >>>>>>>>>>>> >>>>>>>>>>>> Regards, >>>>>>>>>>>> Danny Ching >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Oct 12, 2009, at 6:05 PM, Oscar Plameras >>>>>>>>>>>> <[email protected]> >>>>>>>>>>>> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> You don't trust programmers? >>>>>>>>>>>>> >>>>>>>>>>>>> This precisely what's wrong with source code review. >>>>>>>>>>>>> >>>>>>>>>>>>> On Mon, Oct 12, 2009 at 8:59 PM, Danny Ching <[email protected]> >>>>>>>>>>>>> wrote: >>>>>>>>>>>>>> Very true. Unfortunately, I do not trust the programmers if I >>>>>>>>>>>>>> cannot >>>>>>>>>>>>>> check their work. The purpose of source code validation is not to >>>>>>>>>>>>>> check the computer or it's software's trustworthiness. A computer >>>>>>>>>>>>>> will >>>>>>>>>>>>>> do what it's told. It is human corruption I'm worried about. Of >>>>>>>>>>>>>> course >>>>>>>>>>>>>> outside of computers that is a different problem altogether. I >>>>>>>>>>>>>> just >>>>>>>>>>>>>> don't want people blaming computerization for failure of >>>>>>>>>>>>>> elections. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>> Danny Ching >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Oct 12, 2009, at 5:53 PM, Oscar Plameras >>>>>>>>>>>>>> <[email protected] >>>>>>>>>>>>>> > >>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> What you mean is the trustworthiness of the people running the >>>>>>>>>>>>>>> system. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I'll say one thing from my experience, you can't use the system >>>>>>>>>>>>>>> to >>>>>>>>>>>>>>> arrest >>>>>>>>>>>>>>> human corruption. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Mon, Oct 12, 2009 at 8:35 PM, Danny Ching >>>>>>>>>>>>>>> <[email protected]> >>>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>>> I think I see where you are coming from. It is not the system >>>>>>>>>>>>>>>> we >>>>>>>>>>>>>>>> are >>>>>>>>>>>>>>>> worried about sir. It is the trustworthiness of the system. A >>>>>>>>>>>>>>>> simple >>>>>>>>>>>>>>>> exposure of the code will show that it is not doing anything >>>>>>>>>>>>>>>> out of >>>>>>>>>>>>>>>> the ordinary. Besides. If the code is indeed simple as you >>>>>>>>>>>>>>>> said, >>>>>>>>>>>>>>>> then >>>>>>>>>>>>>>>> checking the cource code should be easy. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>>>> Danny Ching >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Oct 12, 2009, at 5:26 PM, Oscar Plameras >>>>>>>>>>>>>>>> <[email protected] >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> A tester does not need to know about programming to test and >>>>>>>>>>>>>>>>> accept >>>>>>>>>>>>>>>>> a System. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> On Mon, Oct 12, 2009 at 7:47 PM, fooler mail >>>>>>>>>>>>>>>>> <[email protected] >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>>>>> On Mon, Oct 12, 2009 at 3:52 PM, Oscar Plameras >>>>>>>>>>>>>>>>>> <[email protected] >>>>>>>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Remember, Election Automation Software is one of the easiest >>>>>>>>>>>>>>>>>>> to >>>>>>>>>>>>>>>>>>> develop. >>>>>>>>>>>>>>>>>>> It is "Count and Tally", nothing complicated and convoluted. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> true.. BUT... the purpose of source code review is to examine >>>>>>>>>>>>>>>>>> if >>>>>>>>>>>>>>>>>> there >>>>>>>>>>>>>>>>>> is something beyond the count and tally thing which cannot be >>>>>>>>>>>>>>>>>> seen by >>>>>>>>>>>>>>>>>> your simulation test.. as what danny said - TRIGGERS.. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> special keyboard hotkey, special packets, special ER and >>>>>>>>>>>>>>>>>> others >>>>>>>>>>>>>>>>>> to >>>>>>>>>>>>>>>>>> trigger the manipulation of votes to do the dagdag-bawas >>>>>>>>>>>>>>>>>> scheme... >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> fooler. >>>>>>>>>>>>>>>>>> _________________________________________________ >>>>>>>>>>>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>>>>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>>>>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> _________________________________________________ >>>>>>>>>>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>>>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>>>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>>>>>>>>> _________________________________________________ >>>>>>>>>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> _________________________________________________ >>>>>>>>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>>>>>>> _________________________________________________ >>>>>>>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>>>>>>> >>>>>>>>>>>>> _________________________________________________ >>>>>>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>>>>> _________________________________________________ >>>>>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>>>>> >>>>>>>>>>> _________________________________________________ >>>>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>>> _________________________________________________ >>>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>>> >>>>>>>>> _________________________________________________ >>>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Paolo >>>>>>>> _________________________________________________ >>>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>> _________________________________________________ >>>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>>> Searchable Archives: http://archives.free.net.ph >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Paolo >>>>>> Sent from Makati, Man, Philippines >>>>>> _________________________________________________ >>>>>> Philippine Linux Users' Group (PLUG) Mailing List >>>>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>>>> Searchable Archives: http://archives.free.net.ph >>>>> >>>> _________________________________________________ >>>> Philippine Linux Users' Group (PLUG) Mailing List >>>> http://lists.linux.org.ph/mailman/listinfo/plug >>>> Searchable Archives: http://archives.free.net.ph >>>> >>> >>> >>> >>> -- >>> Paolo >>> Sent from Makati, Man, Philippines >>> _________________________________________________ >>> Philippine Linux Users' Group (PLUG) Mailing List >>> http://lists.linux.org.ph/mailman/listinfo/plug >>> Searchable Archives: http://archives.free.net.ph >> > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > -- Paolo Sent from Makati, Man, Philippines _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
