Re: Avante Releases White Papers on AVVPAT...

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Sun Jun 13 2004 - 11:52:32 CDT

On Jun 13, 2004, at 12:37 PM, Joseph Lorenzo Hall wrote:
> So, to play the devli's advocate: In the recent Miami-Dade County
> report that Doug Jones authored, he said, "There are unsolved
> technical problems involved in actually determining, to any degree of
> certainty, what software is actually running on an arbitrary
> computer." (page 8).

I think he shouldn't have put it quite this way.

The difficulties in determining running software are not TECHNICAL, but
PROCEDURAL. Miami-Dade did not follow best practices in terms of
chain-of-custody, running checksums, verifying signatures, and so on.
Object code can easily have 'md5sum' run against it, as can source
code.

> Is this a place that Trusted Computing (a/k/a NGSCB, a/k/a Palladium)
> could help specifically in the context of elections systems?

No, no, no, no, NO!!

The ENTIRE purpose of Palladium is to prevent Free Software from
running on machines--or at the least introduce new layers of
incompatibility between Microsoft's monopoly OS and third party (Free
or proprietary) software. Even in jest, or as devil's advocate, we
should not suggest Palladium would solve any security or anonymity
issues.

I read such an idea about like I'd read the suggestion of putting armed
"vote marshals" (employed by the HSA) at polling places, to hold guns
to poll workers heads to assure compliance with procedures. Palladium
is a police-state suggestion about "security."
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Wed Jun 30 23:17:14 2004

This archive was generated by hypermail 2.1.8 : Wed Jun 30 2004 - 23:17:30 CDT