How about checking for code that says if there is a candidate named "Eddie Gil" add 5,000,000 votes to Gloria? Will they check for each individual name available in the world?
Do not get me wrong. I do not believe that outcome checking is not good. It is. What I am saying is that it is not enough. On Tue, Oct 13, 2009 at 9:09 AM, Oscar Plameras <[email protected]>wrote: > The check I propose is by Outcome. > > If my check will not catch the absurdity in any coding, that's well and > good. > > My check is not going to look for such things. What matters are the > outcome > or results. > > On Tue, Oct 13, 2009 at 1:40 AM, Robert Locke <[email protected]> wrote: > > Oscar, > > > > If I had a closed system that did the following: > > > > if (current_date < '2010-05-10) { > > do_a_normal_tally(); > > } else { > > do_something_slightly_different_but_not_too_obvious(); > > } > > > > How would your proposed "Testing the System by Outcomes" catch this? > > > > Maybe you set the system date to be 2010-05-10, and the ruse is > > revealed. > > > > So the programmer does this: > > > > if (current_date < '2010-05-10 && !obscure_hot_key_pressed) { > > do_a_normal_tally(); > > } else { > > do_something_slightly_different_but_not_too_obvious(); > > } > > > > How do you catch it then? Obviously this is an oversimplified > > example, but I'm curious to hear how you would expose it. Or are we > > supposed to blindly "trust" that this won't happen? If that's your > > position, then I would say it's a bit naive. > > > > "There is one safeguard known generally to the wise, which is an > > advantage and security to all, but especially to democracies as > > against despots. What is it? Distrust." - Demosthenes > > > > Rob > > > > > > > > > > On 10 12, 09, at 9:35 PM, Oscar Plameras wrote: > > > >> We do it the way it has been done. > >> > >> Testing the System by Outcomes. > >> > >> Come up with a set of inputs, and a set of outputs. > >> > >> If all the outputs (maybe hundreds or thousands) agree with all the > >> inputs, then that's acceptable. > >> > >> > >> On Tue, Oct 13, 2009 at 12:31 AM, <[email protected]> wrote: > >>> How do you suggest we ensure that the code that is running does not > >>> have the badguyvote++ sub-routine? Checking binaries using pre- > >>> defined test cases will probably miss something. > >>> > >>> "Sent via BlackBerry from Smart" > >>> > >>> -----Original Message----- > >>> From: Oscar Plameras <[email protected]> > >>> Date: Tue, 13 Oct 2009 00:09:48 > >>> To: <[email protected]>; Philippine Linux Users' Group (PLUG) > >>> Technical Discussion List<[email protected]> > >>> Subject: Re: [plug] COMELEC SUED (Was: The Death of Election 2010 > >>> SourceCode > >>> Review) > >>> > >>> It's efficiency. Code source review will not get you to where you > >>> want. > >>> > >>> It will not reach the objective of knowing whether the System is > >>> right > >>> in doing what it's suppose to deliver. > >>> > >>> On Tue, Oct 13, 2009 at 12:08 AM, <[email protected]> wrote: > >>>> This is getting out of hand and really entertaining. > >>>> > >>>> But seriously, what is wrong with a source code audit and a binary > >>>> integrity validation mechanism? Just to check if there is not code > >>>> that says: "if candidate='good guy' then badguyvote++"? > >>>> > >>>> "Sent via BlackBerry from Smart" > >>>> > >>>> -----Original Message----- > >>>> From: Oscar Plameras <[email protected]> > >>>> Date: Mon, 12 Oct 2009 23:58:59 > >>>> To: Philippine Linux Users' Group (PLUG) Technical Discussion List< > [email protected] > >>>> > > >>>> Subject: Re: [plug] COMELEC SUED (Was: The Death of Election 2010 > >>>> Source > >>>> Code Review) > >>>> > >>>> [email protected] is not even in google search. > >>>> > >>>> Just another one of those pretenders. > >>>> > >>>> On Mon, Oct 12, 2009 at 11:56 PM, Oscar Plameras > >>>> <[email protected]> wrote: > >>>>> Maybe, just maybe your just one of those pretenders. > >>>>> > >>>>> On Mon, Oct 12, 2009 at 11:53 PM, Oscar Plameras > >>>>> <[email protected]> wrote: > >>>>>> I don't understand. Why would you ask the question? > >>>>>> > >>>>>> On Mon, Oct 12, 2009 at 11:50 PM, Daniel Escasa > >>>>>> <[email protected]> wrote: > >>>>>>> OK, who are you, and what did you do with the Oscar Plameras who > >>>>>>> posted this: > http://lists.slug.org.au/archives/slug/2003/08/msg00344.html > >>>>>>> and this: > http://archives.free.net.ph/message/20090918.004218.c213bcf2.en.html > >>>>>>> ? Oh, and ironically, > >>>>>>> http://www.elections.act.gov.au/elections/electronicvoting.html: > >>>>>>> > >>>>>>> <except> > >>>>>>> Source code for 2008 software (zipped file in .zip format - 759 > >>>>>>> kb)The > >>>>>>> eVACS® source code downloadable here is an extract of the > >>>>>>> voting, data > >>>>>>> entry, and counting modules as used by Elections ACT and is > >>>>>>> provided > >>>>>>> for study purposes only. Not included are: (a) artefacts produced > >>>>>>> during the eVACS® development process, such as detailed design > >>>>>>> specifications; (b) the base Linux operating system and > >>>>>>> configuration > >>>>>>> files; (c) the scripts that are used to initialise the vote > >>>>>>> databases > >>>>>>> and invoke the eVACS® modules. The design information for the > >>>>>>> eVACS® > >>>>>>> system is the property of Software Improvements Pty Ltd. Their > >>>>>>> website > >>>>>>> is at www.softimp.com.au/. Bona fide researchers interested in > >>>>>>> acquiring more of the source code may apply to Software > >>>>>>> Improvements > >>>>>>> using the form at: www.softimp.com.au/evacs/contactus.html > >>>>>>> </excerpt> > >>>>>>> > >>>>>>> Ironic because you're in Australia. And you're even too lazy to > >>>>>>> trim > >>>>>>> the quotes. And if you have to ask what that's all about, I'll > >>>>>>> ask > >>>>>>> again: who are you and what did you do to the Oscan Plameras who > >>>>>>> posted those two messages in the URLs above? > >>>>>>> -- > >>>>>>> Daniel O. Escasa > >>>>>>> independent IT consultant and writer > >>>>>>> contributor, Free Software Magazine ( > http://www.freesoftwaremagazine.com > >>>>>>> ) > >>>>>>> personal blog at http://descasa.i.ph > >>>>>>> Twitter page at http://www.twitter.com/silverlokk > >>>>>>> If we choose being kind over being right, we will be right > >>>>>>> every time. > >>>>>>> _________________________________________________ > >>>>>>> Philippine Linux Users' Group (PLUG) Mailing List > >>>>>>> http://lists.linux.org.ph/mailman/listinfo/plug > >>>>>>> Searchable Archives: http://archives.free.net.ph > >>>>>>> > >>>>>> > >>>>> > >>>> _________________________________________________ > >>>> Philippine Linux Users' Group (PLUG) Mailing List > >>>> http://lists.linux.org.ph/mailman/listinfo/plug > >>>> Searchable Archives: http://archives.free.net.ph > >>>> _________________________________________________ > >>>> Philippine Linux Users' Group (PLUG) Mailing List > >>>> http://lists.linux.org.ph/mailman/listinfo/plug > >>>> Searchable Archives: http://archives.free.net.ph > >>> _________________________________________________ > >>> Philippine Linux Users' Group (PLUG) Mailing List > >>> http://lists.linux.org.ph/mailman/listinfo/plug > >>> Searchable Archives: http://archives.free.net.ph > >>> _________________________________________________ > >>> Philippine Linux Users' Group (PLUG) Mailing List > >>> http://lists.linux.org.ph/mailman/listinfo/plug > >>> Searchable Archives: http://archives.free.net.ph > >> _________________________________________________ > >> Philippine Linux Users' Group (PLUG) Mailing List > >> http://lists.linux.org.ph/mailman/listinfo/plug > >> Searchable Archives: http://archives.free.net.ph > > > > _________________________________________________ > > Philippine Linux Users' Group (PLUG) Mailing List > > http://lists.linux.org.ph/mailman/listinfo/plug > > Searchable Archives: http://archives.free.net.ph > > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > -- Regards, Danny Ching
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
