Again, at the risk of being redundant. We caught that because we know what the results should be. Do we have a way of knowing what the ACTUAL votes on election day should be? So that we can be sure that the trigger is not date based or based on other factors? It is easy to program the machine to be honest during the testing phase, then let it switch modes during the actual elections.
On Tue, Oct 13, 2009 at 11:01 AM, Oscar Plameras <[email protected]>wrote: > Your Dagdag-Bawas will be caught by the test I proposed because when > I examine the categories, I expect to have say, 100votes for Mr Cong A, > 500votes for Mr. Cong B, etc. > > So, cheating by dagdag bawas will not pass. > > On Tue, Oct 13, 2009 at 1:56 PM, Danny Ching <[email protected]> wrote: > > It was caught because we already know what the results should be. > > Besides, cheating has become a "Dagdag-Bawas" operation today. Deduct > votes > > from one candidate and add it to another. Not unless we can manually > count > > the actual votes cast and tally them, we'd be none the wiser if triggers > > were activated. > > > > What if we do not? Like the actual election. We'd have to count the > ballots > > by hand and then check the computer's results. > > > > On Tue, Oct 13, 2009 at 10:44 AM, Oscar Plameras < > [email protected]> > > wrote: > >> > >> On Tue, Oct 13, 2009 at 1:25 PM, Michael Janapin > >> <[email protected]> wrote: > >> > Sir, > >> > I'm really trying my best to understand your reasoning. > >> > Of course, the 1000 ballots will be correctly counted and categorized. > >> > That's what the programmers will make sure it will do. > >> > > >> > >> OK. > >> > >> I put in 1000 ballots in my test. I expect to see 1000 ballots. > >> > >> If some kind of trigger adds 1000 ballots, the actual result will be > >> 2000ballots. > >> > >> Since, I got 2000ballots instead of my expectation 1000ballots, I will > >> reject > >> the System. > >> > >> > >> > However, that is NOT ALL THAT MATTERS in the election. There's even a > >> > loophole in your categorization. Valid, Invalid, Uncategorized would > >> > just > >> > refer to the ballot count. You have no provision to catch a ballot > that > >> > will > >> > begin to alter the process that counts the actual votes and tabulates > it > >> > accordingly. > >> > > >> > The hidden triggers that alter the process can only be caught through > >> > source > >> > code review. > >> > > >> > Again, the outcome you are happy with is not enough to satisfy the > >> > degree of > >> > trustworthiness of the system some are clamoring for. > >> > > >> > On Tue, Oct 13, 2009 at 10:14 AM, Oscar Plameras > >> > <[email protected]> > >> > wrote: > >> >> > >> >> Because when I put in 1000 ballots and the resulting count is 1000 > >> >> ballots > >> >> and > >> >> correctly categorized as valid, invalid, and uncategorized, is all > that > >> >> matters > >> >> in the election. > >> >> > >> >> On Tue, Oct 13, 2009 at 1:02 PM, Michael Janapin > >> >> <[email protected]> wrote: > >> >> > Sir, > >> >> > > >> >> > How can it be well and good if your check do not catch the > absurdity > >> >> > in > >> >> > any > >> >> > coding? It's bad. Because that code Mr. Locke just produced as an > >> >> > example is > >> >> > a mischievous one. It will only take just one freaking trigger > hidden > >> >> > inside > >> >> > the source code. > >> >> > > >> >> > You said your 'check' will not look for such things. Again, that's > >> >> > the > >> >> > weakness of your proposal. On the other hand, Source Code review > will > >> >> > allow > >> >> > us to look for such things to assure integrity. > >> >> > > >> >> > You also said that what matters are the outcome. Don't you realize > >> >> > that > >> >> > the > >> >> > outcome is determined by the code? > >> >> > > >> >> > And finally, I think sir, that you are working on a "Default > Accept" > >> >> > policy. > >> >> > This may not be so assuring when it comes to the code that will > >> >> > determine > >> >> > our country's next leaders. A saner policy should be "Default > Deny." > >> >> > > >> >> > > >> >> > On Tue, Oct 13, 2009 at 9:09 AM, Oscar Plameras > >> >> > <[email protected]> > >> >> > wrote: > >> >> >> > >> >> >> The check I propose is by Outcome. > >> >> >> > >> >> >> If my check will not catch the absurdity in any coding, that's > well > >> >> >> and > >> >> >> good. > >> >> >> > >> >> >> My check is not going to look for such things. What matters are > the > >> >> >> outcome > >> >> >> or results. > >> >> >> > >> >> >> On Tue, Oct 13, 2009 at 1:40 AM, Robert Locke <[email protected]> > wrote: > >> >> >> > Oscar, > >> >> >> > > >> >> >> > If I had a closed system that did the following: > >> >> >> > > >> >> >> > if (current_date < '2010-05-10) { > >> >> >> > do_a_normal_tally(); > >> >> >> > } else { > >> >> >> > > >> >> >> > do_something_slightly_different_but_not_too_obvious(); > >> >> >> > } > >> >> >> > > >> >> >> > How would your proposed "Testing the System by Outcomes" catch > >> >> >> > this? > >> >> >> > > >> >> >> > Maybe you set the system date to be 2010-05-10, and the ruse is > >> >> >> > revealed. > >> >> >> > > >> >> >> > So the programmer does this: > >> >> >> > > >> >> >> > if (current_date < '2010-05-10 && > !obscure_hot_key_pressed) > >> >> >> > { > >> >> >> > do_a_normal_tally(); > >> >> >> > } else { > >> >> >> > > >> >> >> > do_something_slightly_different_but_not_too_obvious(); > >> >> >> > } > >> >> >> > > >> >> >> > How do you catch it then? Obviously this is an oversimplified > >> >> >> > example, but I'm curious to hear how you would expose it. Or > are > >> >> >> > we > >> >> >> > supposed to blindly "trust" that this won't happen? If that's > >> >> >> > your > >> >> >> > position, then I would say it's a bit naive. > >> >> >> > > >> >> >> > "There is one safeguard known generally to the wise, which is an > >> >> >> > advantage and security to all, but especially to democracies as > >> >> >> > against despots. What is it? Distrust." - Demosthenes > >> >> >> > > >> >> >> > Rob > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > > >> >> > > >> >> > -- > >> >> > Michael R. Janapin > >> >> > Systems Administrator > >> >> > PBTS Baguio City, Philippines > >> >> > http://mulingsilang.wordpress.com > >> >> > > >> >> > > >> >> > _________________________________________________ > >> >> > Philippine Linux Users' Group (PLUG) Mailing List > >> >> > http://lists.linux.org.ph/mailman/listinfo/plug > >> >> > Searchable Archives: http://archives.free.net.ph > >> >> > > >> >> _________________________________________________ > >> >> Philippine Linux Users' Group (PLUG) Mailing List > >> >> http://lists.linux.org.ph/mailman/listinfo/plug > >> >> Searchable Archives: http://archives.free.net.ph > >> > > >> > > >> > > >> > -- > >> > Michael R. Janapin > >> > Systems Administrator > >> > PBTS Baguio City, Philippines > >> > http://mulingsilang.wordpress.com > >> > > >> > > >> > _________________________________________________ > >> > Philippine Linux Users' Group (PLUG) Mailing List > >> > http://lists.linux.org.ph/mailman/listinfo/plug > >> > Searchable Archives: http://archives.free.net.ph > >> > > >> _________________________________________________ > >> Philippine Linux Users' Group (PLUG) Mailing List > >> http://lists.linux.org.ph/mailman/listinfo/plug > >> Searchable Archives: http://archives.free.net.ph > > > > > > > > -- > > Regards, > > Danny Ching > > > > _________________________________________________ > > Philippine Linux Users' Group (PLUG) Mailing List > > http://lists.linux.org.ph/mailman/listinfo/plug > > Searchable Archives: http://archives.free.net.ph > > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > -- Regards, Danny Ching
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
