I see. Then I guess that settles that. You believe that tests will bear out any rogue codes. While some on this list believe that tests alone cannot. Like I said. No bridging those two.
On Tue, Oct 13, 2009 at 10:27 AM, Oscar Plameras <[email protected]>wrote: > No, I don't because because the test inputs and outputs will catch them. > > On Tue, Oct 13, 2009 at 1:22 PM, Danny Ching <[email protected]> wrote: > > So you do accept: > > - That it is possible for a corrupt programmer to manipulate the results. > > - That Outcome testing may not be enough to test for this > > - That we should just run with the system > > > > Is this correct? > > > > > > On Tue, Oct 13, 2009 at 10:14 AM, Oscar Plameras < > [email protected]> > > wrote: > >> > >> Because when I put in 1000 ballots and the resulting count is 1000 > ballots > >> and > >> correctly categorized as valid, invalid, and uncategorized, is all that > >> matters > >> in the election. > >> > >> On Tue, Oct 13, 2009 at 1:02 PM, Michael Janapin > >> <[email protected]> wrote: > >> > Sir, > >> > > >> > How can it be well and good if your check do not catch the absurdity > in > >> > any > >> > coding? It's bad. Because that code Mr. Locke just produced as an > >> > example is > >> > a mischievous one. It will only take just one freaking trigger hidden > >> > inside > >> > the source code. > >> > > >> > You said your 'check' will not look for such things. Again, that's the > >> > weakness of your proposal. On the other hand, Source Code review will > >> > allow > >> > us to look for such things to assure integrity. > >> > > >> > You also said that what matters are the outcome. Don't you realize > that > >> > the > >> > outcome is determined by the code? > >> > > >> > And finally, I think sir, that you are working on a "Default Accept" > >> > policy. > >> > This may not be so assuring when it comes to the code that will > >> > determine > >> > our country's next leaders. A saner policy should be "Default Deny." > >> > > >> > > >> > On Tue, Oct 13, 2009 at 9:09 AM, Oscar Plameras > >> > <[email protected]> > >> > wrote: > >> >> > >> >> The check I propose is by Outcome. > >> >> > >> >> If my check will not catch the absurdity in any coding, that's well > and > >> >> good. > >> >> > >> >> My check is not going to look for such things. What matters are the > >> >> outcome > >> >> or results. > >> >> > >> >> On Tue, Oct 13, 2009 at 1:40 AM, Robert Locke <[email protected]> wrote: > >> >> > Oscar, > >> >> > > >> >> > If I had a closed system that did the following: > >> >> > > >> >> > if (current_date < '2010-05-10) { > >> >> > do_a_normal_tally(); > >> >> > } else { > >> >> > > do_something_slightly_different_but_not_too_obvious(); > >> >> > } > >> >> > > >> >> > How would your proposed "Testing the System by Outcomes" catch > this? > >> >> > > >> >> > Maybe you set the system date to be 2010-05-10, and the ruse is > >> >> > revealed. > >> >> > > >> >> > So the programmer does this: > >> >> > > >> >> > if (current_date < '2010-05-10 && !obscure_hot_key_pressed) > { > >> >> > do_a_normal_tally(); > >> >> > } else { > >> >> > > do_something_slightly_different_but_not_too_obvious(); > >> >> > } > >> >> > > >> >> > How do you catch it then? Obviously this is an oversimplified > >> >> > example, but I'm curious to hear how you would expose it. Or are > we > >> >> > supposed to blindly "trust" that this won't happen? If that's your > >> >> > position, then I would say it's a bit naive. > >> >> > > >> >> > "There is one safeguard known generally to the wise, which is an > >> >> > advantage and security to all, but especially to democracies as > >> >> > against despots. What is it? Distrust." - Demosthenes > >> >> > > >> >> > Rob > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > > >> > > >> > -- > >> > Michael R. Janapin > >> > Systems Administrator > >> > PBTS Baguio City, Philippines > >> > http://mulingsilang.wordpress.com > >> > > >> > > >> > _________________________________________________ > >> > Philippine Linux Users' Group (PLUG) Mailing List > >> > http://lists.linux.org.ph/mailman/listinfo/plug > >> > Searchable Archives: http://archives.free.net.ph > >> > > >> _________________________________________________ > >> Philippine Linux Users' Group (PLUG) Mailing List > >> http://lists.linux.org.ph/mailman/listinfo/plug > >> Searchable Archives: http://archives.free.net.ph > > > > > > > > -- > > Regards, > > Danny Ching > > > > _________________________________________________ > > Philippine Linux Users' Group (PLUG) Mailing List > > http://lists.linux.org.ph/mailman/listinfo/plug > > Searchable Archives: http://archives.free.net.ph > > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > -- Regards, Danny Ching
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
