No, I don't because because the test inputs and outputs will catch them.
On Tue, Oct 13, 2009 at 1:22 PM, Danny Ching <[email protected]> wrote: > So you do accept: > - That it is possible for a corrupt programmer to manipulate the results. > - That Outcome testing may not be enough to test for this > - That we should just run with the system > > Is this correct? > > > On Tue, Oct 13, 2009 at 10:14 AM, Oscar Plameras <[email protected]> > wrote: >> >> Because when I put in 1000 ballots and the resulting count is 1000 ballots >> and >> correctly categorized as valid, invalid, and uncategorized, is all that >> matters >> in the election. >> >> On Tue, Oct 13, 2009 at 1:02 PM, Michael Janapin >> <[email protected]> wrote: >> > Sir, >> > >> > How can it be well and good if your check do not catch the absurdity in >> > any >> > coding? It's bad. Because that code Mr. Locke just produced as an >> > example is >> > a mischievous one. It will only take just one freaking trigger hidden >> > inside >> > the source code. >> > >> > You said your 'check' will not look for such things. Again, that's the >> > weakness of your proposal. On the other hand, Source Code review will >> > allow >> > us to look for such things to assure integrity. >> > >> > You also said that what matters are the outcome. Don't you realize that >> > the >> > outcome is determined by the code? >> > >> > And finally, I think sir, that you are working on a "Default Accept" >> > policy. >> > This may not be so assuring when it comes to the code that will >> > determine >> > our country's next leaders. A saner policy should be "Default Deny." >> > >> > >> > On Tue, Oct 13, 2009 at 9:09 AM, Oscar Plameras >> > <[email protected]> >> > wrote: >> >> >> >> The check I propose is by Outcome. >> >> >> >> If my check will not catch the absurdity in any coding, that's well and >> >> good. >> >> >> >> My check is not going to look for such things. What matters are the >> >> outcome >> >> or results. >> >> >> >> On Tue, Oct 13, 2009 at 1:40 AM, Robert Locke <[email protected]> wrote: >> >> > Oscar, >> >> > >> >> > If I had a closed system that did the following: >> >> > >> >> > if (current_date < '2010-05-10) { >> >> > do_a_normal_tally(); >> >> > } else { >> >> > do_something_slightly_different_but_not_too_obvious(); >> >> > } >> >> > >> >> > How would your proposed "Testing the System by Outcomes" catch this? >> >> > >> >> > Maybe you set the system date to be 2010-05-10, and the ruse is >> >> > revealed. >> >> > >> >> > So the programmer does this: >> >> > >> >> > if (current_date < '2010-05-10 && !obscure_hot_key_pressed) { >> >> > do_a_normal_tally(); >> >> > } else { >> >> > do_something_slightly_different_but_not_too_obvious(); >> >> > } >> >> > >> >> > How do you catch it then? Obviously this is an oversimplified >> >> > example, but I'm curious to hear how you would expose it. Or are we >> >> > supposed to blindly "trust" that this won't happen? If that's your >> >> > position, then I would say it's a bit naive. >> >> > >> >> > "There is one safeguard known generally to the wise, which is an >> >> > advantage and security to all, but especially to democracies as >> >> > against despots. What is it? Distrust." - Demosthenes >> >> > >> >> > Rob >> >> > >> >> > >> >> > >> >> > >> >> > >> > >> > -- >> > Michael R. Janapin >> > Systems Administrator >> > PBTS Baguio City, Philippines >> > http://mulingsilang.wordpress.com >> > >> > >> > _________________________________________________ >> > Philippine Linux Users' Group (PLUG) Mailing List >> > http://lists.linux.org.ph/mailman/listinfo/plug >> > Searchable Archives: http://archives.free.net.ph >> > >> _________________________________________________ >> Philippine Linux Users' Group (PLUG) Mailing List >> http://lists.linux.org.ph/mailman/listinfo/plug >> Searchable Archives: http://archives.free.net.ph > > > > -- > Regards, > Danny Ching > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
