Re: Data security: "external" versus "internal"

From: Fred McLain <mclain_at_zipcon_dot_net>
Date: Mon May 02 2005 - 18:09:51 CDT

I think what has been missing from this discussion is why we're using a
file based format at all. For those that haven't been around as long as
some of us, the idea is to *not* use a database on the voting machines.
There simply isn't enough data there to warrent the additional
complexity. This several types of file formats were considered,
including flat file, CSV and XML.

On Mon, 2005-05-02 at 15:46 -0700, Jim March wrote:
> As I understand this, Jamboi wants to brew up a data file type that is
> both "open data" (publicly readable) and internally secure with little
> or no external checking...sorta what Diebold claimed they had with
> MS-Access data (an admittedly stupid example of course...).
>
> The alternative is a fundamentally UNsecure data format that's easy to
> read, externally controlled and hashed...what Jamboi calls a "bandaid"
> on top of the unsecure data.
>
> I think in this case the "bandaid" is warranted.
>
> 1) If you add hardcore security to the complexity of the distributable
> data file, you make it harder to read and readable in fewer
> applications. Plain text (be it XML or hell, Comma Separated Values for
> that matter) can be digested in numerous apps across multiple
> platforms. If I understand Jamboi's argument correctly, unless somebody
> wrote their own data reader app the data would be readable on Linux
> boxes using our readers...unless we wrote our own cross-platform readers...?
>
> 2) What if our version 1.0 is screwed up? If our data files are dead
> standard, we could switch out the "bandaid" used to do the
> hashes/checksums/etc. as needed or as technology advances. It's modular.
>
> 3) It's also a HELL of a lot less work! Tools to deal with standard
> data formats already exist, some under GPL that we can rapidly
> incorporate. Ditto various hash apps. "Jam" 'em together, a few late
> nights of pizza and testing, stick a fork in it. Hell, we can (and
> should!) test multiple hash processing/handshaking systems at the same
> time, pick one final but note which others don't suck too bad so if our
> top choice turns out to stink in some complex fashion we didn't catch,
> oh well, "plan B" time.
>
> What Jamboi calls "bandaids" I call "modular" and "rapid development" :).
>
> And genuinely "open data".
>
> Jim
> _______________________________________________
> OVC discuss mailing lists
> Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
>

-- 
Fred McLain <mclain@zipcon.net>
_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Tue May 31 23:17:13 2005

This archive was generated by hypermail 2.1.8 : Tue May 31 2005 - 23:17:52 CDT