Re: Misunderstanding of PD and copyrights

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Fri May 14 2004 - 12:24:20 CDT

> At 7:24 PM -0700 5/13/04, Joseph Lorenzo Hall wrote:
>> I could imagine that a bug might be found by a county-hired software
>> engineer and that it would be a good idea for that engineer to be able
>> to publish and distribute a patch and or a patched software package.

On May 14, 2004, at 1:00 PM, Arthur Keller wrote:
> It's that kind of patching by Diebold that got them into trouble. Any
> patch requires recertification, and probably is best done in batches.

Certainly, patching without recertification is a very bad thing. We
don't want that to happen in any case.

Here's a scenario to contemplate:

1. OVC reference software is discovered to have a major security flaw.
2. In the meanwhile, Arthur, Alan & Doug have covertly been replaced by
robot replicas, created by Evil Overlord Party operatives.
3. States send list of security flaw list to OVC HQ.
4. Robot replicas are commanded not to address flaw list.
5. ???

What I'd like to happen for step 5 is:

5. Good Guy Voting Consortium is formed, legally uses existing OVC
reference code as a basis for creating systems that address all known
security flaws.
6. Recertification is easier than it would be for a de novo
implementation, since only the diffs would need to be examined with
maximal care.

I believe that the OVC license should enable my desired outcome in step
5+.

Yours, David...

P.S. You can probably come up with a less fanciful step 2 that still
leads to wanting my step 5.
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Mon May 31 23:17:42 2004

This archive was generated by hypermail 2.1.8 : Mon May 31 2004 - 23:18:16 CDT