13Oct2009 (UTC +8) On Mon, Oct 12, 2009 at 21:35, Oscar Plameras <[email protected]> wrote: > We do it the way it has been done.
And how good is this assurance technique of yours? Please, it's not a put-down question, but I'm really interested in your methods, and see if how acceptable it is vis-a-vis with the confidence level that people are clamoring for. > Testing the System by Outcomes. > Come up with a set of inputs, and a set of outputs. > If all the outputs (maybe hundreds or thousands) agree with all the > inputs, then that's acceptable. I'm afraid that this method alone is not rigorous enough to gain the trust of the Filipinos concerned. It needs to be more than that. Filipinos are smart enough to know that such limited testing can be easily bypassed by smart insiders. Filipinos are concerned enough to demand better things than that. Filipinos are tired of having their willingness to trust the incumbent government, be abused yet again. > On Tue, Oct 13, 2009 at 12:31 AM, <[email protected]> wrote: >> How do you suggest we ensure that the code that is running does >> not have the badguyvote++ sub-routine? Checking binaries using >> pre-defined test cases will probably miss something. Drexx Laggui -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA http://www.laggui.com ( Singapore / Manila / California ) Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer PGP fingerprint = 6E62 A089 E3EA 1B93 BFB4 8363 FFEC 3976 FF31 8A4E _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
