On Tue, Oct 13, 2009 at 1:25 PM, Michael Janapin <[email protected]> wrote: > Sir, > I'm really trying my best to understand your reasoning. > Of course, the 1000 ballots will be correctly counted and categorized. > That's what the programmers will make sure it will do. >
OK. I put in 1000 ballots in my test. I expect to see 1000 ballots. If some kind of trigger adds 1000 ballots, the actual result will be 2000ballots. Since, I got 2000ballots instead of my expectation 1000ballots, I will reject the System. > However, that is NOT ALL THAT MATTERS in the election. There's even a > loophole in your categorization. Valid, Invalid, Uncategorized would just > refer to the ballot count. You have no provision to catch a ballot that will > begin to alter the process that counts the actual votes and tabulates it > accordingly. > > The hidden triggers that alter the process can only be caught through source > code review. > > Again, the outcome you are happy with is not enough to satisfy the degree of > trustworthiness of the system some are clamoring for. > > On Tue, Oct 13, 2009 at 10:14 AM, Oscar Plameras <[email protected]> > wrote: >> >> Because when I put in 1000 ballots and the resulting count is 1000 ballots >> and >> correctly categorized as valid, invalid, and uncategorized, is all that >> matters >> in the election. >> >> On Tue, Oct 13, 2009 at 1:02 PM, Michael Janapin >> <[email protected]> wrote: >> > Sir, >> > >> > How can it be well and good if your check do not catch the absurdity in >> > any >> > coding? It's bad. Because that code Mr. Locke just produced as an >> > example is >> > a mischievous one. It will only take just one freaking trigger hidden >> > inside >> > the source code. >> > >> > You said your 'check' will not look for such things. Again, that's the >> > weakness of your proposal. On the other hand, Source Code review will >> > allow >> > us to look for such things to assure integrity. >> > >> > You also said that what matters are the outcome. Don't you realize that >> > the >> > outcome is determined by the code? >> > >> > And finally, I think sir, that you are working on a "Default Accept" >> > policy. >> > This may not be so assuring when it comes to the code that will >> > determine >> > our country's next leaders. A saner policy should be "Default Deny." >> > >> > >> > On Tue, Oct 13, 2009 at 9:09 AM, Oscar Plameras >> > <[email protected]> >> > wrote: >> >> >> >> The check I propose is by Outcome. >> >> >> >> If my check will not catch the absurdity in any coding, that's well and >> >> good. >> >> >> >> My check is not going to look for such things. What matters are the >> >> outcome >> >> or results. >> >> >> >> On Tue, Oct 13, 2009 at 1:40 AM, Robert Locke <[email protected]> wrote: >> >> > Oscar, >> >> > >> >> > If I had a closed system that did the following: >> >> > >> >> > if (current_date < '2010-05-10) { >> >> > do_a_normal_tally(); >> >> > } else { >> >> > do_something_slightly_different_but_not_too_obvious(); >> >> > } >> >> > >> >> > How would your proposed "Testing the System by Outcomes" catch this? >> >> > >> >> > Maybe you set the system date to be 2010-05-10, and the ruse is >> >> > revealed. >> >> > >> >> > So the programmer does this: >> >> > >> >> > if (current_date < '2010-05-10 && !obscure_hot_key_pressed) { >> >> > do_a_normal_tally(); >> >> > } else { >> >> > do_something_slightly_different_but_not_too_obvious(); >> >> > } >> >> > >> >> > How do you catch it then? Obviously this is an oversimplified >> >> > example, but I'm curious to hear how you would expose it. Or are we >> >> > supposed to blindly "trust" that this won't happen? If that's your >> >> > position, then I would say it's a bit naive. >> >> > >> >> > "There is one safeguard known generally to the wise, which is an >> >> > advantage and security to all, but especially to democracies as >> >> > against despots. What is it? Distrust." - Demosthenes >> >> > >> >> > Rob >> >> > >> >> > >> >> > >> >> > >> >> > >> > >> > -- >> > Michael R. Janapin >> > Systems Administrator >> > PBTS Baguio City, Philippines >> > http://mulingsilang.wordpress.com >> > >> > >> > _________________________________________________ >> > Philippine Linux Users' Group (PLUG) Mailing List >> > http://lists.linux.org.ph/mailman/listinfo/plug >> > Searchable Archives: http://archives.free.net.ph >> > >> _________________________________________________ >> Philippine Linux Users' Group (PLUG) Mailing List >> http://lists.linux.org.ph/mailman/listinfo/plug >> Searchable Archives: http://archives.free.net.ph > > > > -- > Michael R. Janapin > Systems Administrator > PBTS Baguio City, Philippines > http://mulingsilang.wordpress.com > > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
