Re: vendors vowing to cooperate with disclosure?

From: Karl Auerbach <karl_at_cavebear_dot_com>
Date: Sun Apr 22 2007 - 01:36:52 CDT

Nancy Tobi wrote:

> Sorry for being such a johnny come lately -but can you please tell me
> what you believe is the intent of CA law for COTS?

It is a bit of recognition of the reality that modern software systems
are really layers upon layers upon layers.

People forget, for example, that inside many CPU's is a firmware engine,
i.e. software, that mechanizes the machine instructions. And a lot of
input/output is processed by controllers that contain embedded software.

The COTS mechanism is to create a presumption of non-hostility on the
part of software that was created without the knowledge that it would be
used for voting, that it is used for a myriad of non-voting purposes by
a broad variety of people.

It's far from perfect, but it does make sense. And it creates a
substantial barrier and requires an amazing amount of foresight on the
part of an attacker to embedded a voting-specific flaw into a COTS
system. (That said, it would not be that strange to see a
non-voting-specific flaw/backdoor in such software.)

Given the huge amount of software, particularly embedded software in
what we think are chips and controllers, we could end up spending years
spinning our wheels, probably without benefit, dredging into the COTS
software used at those levels.

As compared to deeply embedded code, the scale tips a bit more in favor
of inspection for operating systems. But even then we have to recognize
that if we take a position that we absolutely require, in all
circumstances and all cases, inspection of broadly used operating
systems (e.g. Windows CE) that we might end up burning our limited
energies and make more distant the date when we have decent voting
machinery and processes.

As Napoleon (or someone) said - we should be careful about the battles
we pick.


OVC-discuss mailing list
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Mon Apr 30 23:17:08 2007

This archive was generated by hypermail 2.1.8 : Mon Apr 30 2007 - 23:17:16 CDT