OVC DVD

From: Lara Shaffer <lara_at_openvotingconsortium_dot_org>
Date: Mon May 02 2005 - 21:27:52 CDT

Edmund (and everyone),
    Sorry about the movie links. The link I have for Invisible Ballots
seems to work for me. Try it again. There's not much I can do about the
other sites. That's the way the people who own those sites have them right
now.
    EVERYONE: There IS a very good 5 minute DVD of the ABC report on the
April 1st demo. I have three original copies of it (made by Bob Kibrick)
and one copied version. I can send you one, Ed, and make more copies for
other people that need them. (Ed, when do you need it by?). Let me know.

Lara Shaffer :)

Director of Development

Open Voting Consortium

831-419-0758

lara@openvoting.org

www.OpenVoting.org

The Open Voting Consortium (OVC) is a non-profit organization dedicated to
the development, maintenance, and delivery of open voting systems for use in
public elections.

----- Original Message -----
From: <ovc-discuss-request@listman.sonic.net>
To: <ovc-discuss@listman.sonic.net>
Sent: Monday, May 02, 2005 10:56 PM
Subject: OVC-discuss Digest, Vol 7, Issue 23

> Send OVC-discuss mailing list submissions to
> ovc-discuss@listman.sonic.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.sonic.net/mailman/listinfo/ovc-discuss
> or, via email, send a message with subject or body 'help' to
> ovc-discuss-request@listman.sonic.net
>
> You can reach the person managing the list at
> ovc-discuss-owner@listman.sonic.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of OVC-discuss digest..."
>
>
> Today's Topics:
>
> 1. Re: Data security: "external" versus "internal" (Fred McLain)
> 2. Re: extract text from PDF, was Re: [OVC-discuss] Shamos
> Rebuttal, Draft 1 (Fred McLain)
> 3. Re: Data security: "external" versus "internal" (Jim March)
> 4. Re: OVCML Tek: A Good Solution to XML Tek Insecurity
> (Cameron L. Spitzer)
> 5. suggestion to fix things... (Lara Shaffer)
> 6. Re: OVCML Tek: A Good Solution to XML Tek Insecurity (Ron Crane)
> 7. Re: OVCML Tek: A Good Solution to XML Tek Insecurity
> (Roy M. Silvernail)
> 8. Current state of voter ID issues per Charlotte Observer
> (Edmund R. Kennedy)
> 9. Re: suggestion to fix things... (Arthur Keller)
> 10. The web site and the movie links (Ed Kennedy)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 02 May 2005 16:09:51 -0700
> From: Fred McLain <mclain@zipcon.net>
> Subject: Re: [OVC-discuss] Data security: "external" versus "internal"
> To: Open Voting Consortium discussion list
> <ovc-discuss@listman.sonic.net>
> Message-ID: <1115075392.21490.28.camel@fmclain-suse92.Softek.Loc>
> Content-Type: text/plain
>
> I think what has been missing from this discussion is why we're using a
> file based format at all. For those that haven't been around as long as
> some of us, the idea is to *not* use a database on the voting machines.
> There simply isn't enough data there to warrent the additional
> complexity. This several types of file formats were considered,
> including flat file, CSV and XML.
>
> On Mon, 2005-05-02 at 15:46 -0700, Jim March wrote:
> > As I understand this, Jamboi wants to brew up a data file type that is
> > both "open data" (publicly readable) and internally secure with little
> > or no external checking...sorta what Diebold claimed they had with
> > MS-Access data (an admittedly stupid example of course...).
> >
> > The alternative is a fundamentally UNsecure data format that's easy to
> > read, externally controlled and hashed...what Jamboi calls a "bandaid"
> > on top of the unsecure data.
> >
> > I think in this case the "bandaid" is warranted.
> >
> > 1) If you add hardcore security to the complexity of the distributable
> > data file, you make it harder to read and readable in fewer
> > applications. Plain text (be it XML or hell, Comma Separated Values for
> > that matter) can be digested in numerous apps across multiple
> > platforms. If I understand Jamboi's argument correctly, unless somebody
> > wrote their own data reader app the data would be readable on Linux
> > boxes using our readers...unless we wrote our own cross-platform
readers...?
> >
> > 2) What if our version 1.0 is screwed up? If our data files are dead
> > standard, we could switch out the "bandaid" used to do the
> > hashes/checksums/etc. as needed or as technology advances. It's
modular.
> >
> > 3) It's also a HELL of a lot less work! Tools to deal with standard
> > data formats already exist, some under GPL that we can rapidly
> > incorporate. Ditto various hash apps. "Jam" 'em together, a few late
> > nights of pizza and testing, stick a fork in it. Hell, we can (and
> > should!) test multiple hash processing/handshaking systems at the same
> > time, pick one final but note which others don't suck too bad so if our
> > top choice turns out to stink in some complex fashion we didn't catch,
> > oh well, "plan B" time.
> >
> > What Jamboi calls "bandaids" I call "modular" and "rapid development"
:).
> >
> > And genuinely "open data".
> >
> > Jim
> > _______________________________________________
> > OVC discuss mailing lists
> > Send requests to subscribe or unsubscribe to
arthur@openvotingconsortium.org
> >
> --
> Fred McLain <mclain@zipcon.net>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 02 May 2005 16:10:21 -0700
> From: Fred McLain <mclain@zipcon.net>
> Subject: Re: extract text from PDF, was Re: [OVC-discuss] Shamos
> Rebuttal, Draft 1
> To: Open Voting Consortium discussion list
> <ovc-discuss@listman.sonic.net>
> Message-ID: <1115075421.21490.30.camel@fmclain-suse92.Softek.Loc>
> Content-Type: text/plain
>
> Open Office can also edit .pdf files.
>
> On Mon, 2005-05-02 at 16:00 -0700, Ed Kennedy wrote:
> > Hello All:
> >
> > How about we go with if you want to distribute something to the list in
pdf
> > also attach a copy in some common editable form. A little side note to
> > Cameron, Open Office is able to read and write doc and rtf formats.
> >
> --
> Fred McLain <mclain@zipcon.net>
>
>
>
> ------------------------------
>
> Message: 3
> Date: Mon, 02 May 2005 16:14:25 -0700
> From: Jim March <jmarch@prodigy.net>
> Subject: Re: [OVC-discuss] Data security: "external" versus "internal"
> To: Open Voting Consortium discussion list
> <ovc-discuss@listman.sonic.net>
> Message-ID: <4276B451.2080004@prodigy.net>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Fred McLain wrote:
>
> >I think what has been missing from this discussion is why we're using a
> >file based format at all. For those that haven't been around as long as
> >some of us, the idea is to *not* use a database on the voting machines.
> >There simply isn't enough data there to warrent the additional
> >complexity. This several types of file formats were considered,
> >including flat file, CSV and XML.
> >
>
> Sure, that's understandable. The data would be tabulated
> elsewhere...multiple "elsewheres", one at the county election HQ with
> the OVC tabulator, but anybody with a standard PC able to read
> CSV/XML/whatever could do their own tabulation.
>
> Jim
>
>
> ------------------------------
>
> Message: 4
> Date: Mon, 02 May 2005 16:14:58 -0700
> From: "Cameron L. Spitzer" <cls@truffula.sj.ca.us>
> Subject: Re: [OVC-discuss] OVCML Tek: A Good Solution to XML Tek
> Insecurity
> To: ovc-discuss@listman.sonic.net
> Message-ID: <E1DSk7u-0001qp-00@truffula>
>
>
> It's been a long time since I had a copy of _Applied Cryptography_
> on my desk, but it seems to me Lesson One is the only thing in a
> cryptosystem that it makes sense to hide or make non-interoperable
> or different is the password. Maybe it's counterintuitive, but
> using a lesser known format doesn't protect you from the most
> serious threats *at all.* If anything, it exposes you more
> because you're not leveraging the testing that went into
> the tools used for the standard formats. That's pretty
> much the problem with proprietary encryption. Unusual machine
> is just a half step towards secret machine, and those steps
> aren't in the direction of improved security or trustworthiness.
>
> I'm not worried about high school skript kiddies hijacking
> the election. I'm worried about spooks doing it. Agents of
> outlaw governments and corporations, who are the experts in
> their field, well paid, with tons of the latest gear. I need such
> strong mathematical protection against them that low barriers
> like funny formats are irrelevant by comparison, they're
> just inconvenient. Let's put our effort into defending
> against the real threats, and if we succeed we'll be defeating the
> skript kiddies as well, without any extra effort.
>
> Another way to say the same thing: if my link is already
> tunneled through SSH2, I don't need an additional simple
> substitution cipher. If they can break SSH2 (as far as I know,
> they still can't) then they laugh at the extra cipher.
> It *doesn't help*.
> But the extra cipher slows *me* down. Make sense?
>
> Cameron
>
>
>
> ------------------------------
>
> Message: 5
> Date: Mon, 2 May 2005 16:31:07 -0500
> From: "Lara Shaffer" <lara@openvotingconsortium.org>
> Subject: [OVC-discuss] suggestion to fix things...
> To: <ovc-discuss@listman.sonic.net>
> Message-ID: <011001c54f5e$40d3f540$6500a8c0@unitec>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Why don't people suggest some things Jamboi and other new OVC Tech people
> can read to get caught up?
>
> It is less his fault than ours that he keeps reinventing wheels and
debating
> issues that have already been discussed at length. We need to have more
OVC
> information on our site properly linked so people who haven't been working
> for years on this can get involved.
>
> I would suggest that Jamboi and others speak more civil-like and
> professional-like to each other (one could suggest some ground rules like
no
> name-calling, no unneccessary caps, no put downs, etc) but I've been told
> that this is how tech people talk to each other....(maybe the non-tech
girl
> is right in that ground rules can be useful to everyone?)
>
> The meeting in SV went very well (except for the phone problem- sorry
David
> and Fred! We'll figure out a better system for next time.) I feel like
the
> OVC project is moving forward at full speed. Without Jamboi that meeting
> would not have happened. We need new people to re-energize those who have
> been working on this for a while.
>
> Let's not forget we are all working for a common goal: transparent,
accurate
> elections. Let's see what we can do to help each other (OVC vets- give the
> new guys some stuff to read; OVC newbies- thanks for your energy and
> enthusiasm, it is helping to move things along).
>
> As generation X says, "respect yo"
> As professional adults say, "Please keep the discussion process in the
realm
> of civility"
>
> Lara
>
>
>
>
> ------------------------------
>
> Message: 6
> Date: Mon, 2 May 2005 16:37:27 -0700
> From: Ron Crane <voting@lastland.net>
> Subject: Re: [OVC-discuss] OVCML Tek: A Good Solution to XML Tek
> Insecurity
> To: Open Voting Consortium discussion list
> <ovc-discuss@listman.sonic.net>
> Message-ID: <249935B2-BB63-11D9-886E-000A95B95AD8@lastland.net>
> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
>
> On May 2, 2005, at 4:14 PM, Cameron L. Spitzer wrote:
>
> > It's been a long time since I had a copy of _Applied Cryptography_
> > on my desk, but it seems to me Lesson One is the only thing in a
> > cryptosystem that it makes sense to hide or make non-interoperable
> > or different is the password.
>
> Yes. AC is *great* background for our project (and generally), and
> should be recommended in the FAQ. For those interested, you can see
> reviews and buy it here:
> http://www.amazon.com/gp/product/0471117099/102-4626758
> -3961751?%5Fencoding=UTF8 .
>
> -R
>
>
>
> ------------------------------
>
> Message: 7
> Date: Mon, 02 May 2005 21:38:11 -0400
> From: "Roy M. Silvernail" <roy-ovc@rant-central.com>
> Subject: Re: [OVC-discuss] OVCML Tek: A Good Solution to XML Tek
> Insecurity
> To: Open Voting Consortium discussion list
> <ovc-discuss@listman.sonic.net>
> Message-ID: <4276D603.8000705@rant-central.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Ron Crane wrote:
>
> > On May 2, 2005, at 4:14 PM, Cameron L. Spitzer wrote:
> >
> >> It's been a long time since I had a copy of _Applied Cryptography_
> >> on my desk, but it seems to me Lesson One is the only thing in a
> >> cryptosystem that it makes sense to hide or make non-interoperable
> >> or different is the password.
> >
> >
> > Yes. AC is *great* background for our project (and generally), and
> > should be recommended in the FAQ. For those interested, you can see
> > reviews and buy it here:
> > http://www.amazon.com/gp/product/0471117099/102-4626758
> > -3961751?%5Fencoding=UTF8 .
>
> Permit me to also recommend _Practical Cryptography_ by Bruce Schneier
> and Niels Ferguson (http://tinyurl.com/exv6t). PC follows on both AC
> and Schneier's _Secrets and Lies_ (http://tinyurl.com/du2ap). In the
> preface to _Secrets_, Bruce writes "The error of _Applied Cryptography_
> is that I didn't talk at all about the context. I talked about
> cryptography as if it were The Answer(tm). I was pretty naive."
>
> _Practical Cryptography_ discusses the design of a cryptosystem from an
> engineering perspective, including the infrastructure required to make
> it work. And as several posters have noted, the context of our
> application is crucial. _Applied Cryptography_ is a toolbox (and a very
> good and complete one). _Practical Cryptography_ is a detailed
> application note. (and _Secrets and Lies_ is a good perspective on the
> context issue itself)
>
> Cameron, you are quite correct. Assuming a well-designed cryptosystem,
> the only component that needs to be kept secret is the key.
>
> --
> Roy M. Silvernail is roy@rant-central.com, and you're not
> "It's just this little chromium switch, here." - TFT
> SpamAssassin->procmail->/dev/null->bliss
> http://www.rant-central.com
>
>
>
>
> ------------------------------
>
> Message: 8
> Date: Mon, 2 May 2005 18:40:47 -0700 (PDT)
> From: "Edmund R. Kennedy" <ekennedyx@yahoo.com>
> Subject: [OVC-discuss] Current state of voter ID issues per Charlotte
> Observer
> To: Open Voting Consortium discussion list
> <ovc-discuss@listman.sonic.net>
> Message-ID: <20050503014047.68587.qmail@web80306.mail.yahoo.com>
> Content-Type: text/plain; charset=us-ascii
>
> http://www.charlotte.com/mld/observer/news/editorial/11536003.htm
>
> No cost registration is required to read this article.
>
> Sorry.
>
> Ed Kennedy
>
> --
> 10777 Bendigo Cove
> San Diego, CA 92126-2510
>
> 858-578-8842
>
> Work for the common good.
> My profile: <http://geocities.com/ekennedyx/>
> I blog now and then at: <http://ekennedyx.blogspot.com/>
>
>
> ------------------------------
>
> Message: 9
> Date: Mon, 2 May 2005 19:59:30 -0700
> From: Arthur Keller <voting@kellers.org>
> Subject: Re: [OVC-discuss] suggestion to fix things...
> To: Open Voting Consortium discussion list
> <ovc-discuss@listman.sonic.net>
> Cc: Lara Shaffer <lara@openvotingconsortium.org>,
> ovc-discuss@listman.sonic.net
> Message-ID: <p06210253be9c991cf322@[172.16.1.24]>
> Content-Type: text/plain; charset="us-ascii" ; format="flowed"
>
> At 4:31 PM -0500 5/2/05, Lara Shaffer wrote:
> >Why don't people suggest some things Jamboi and other new OVC Tech people
> >can read to get caught up?
> >
> >It is less his fault than ours that he keeps reinventing wheels and
debating
> >issues that have already been discussed at length. We need to have more
OVC
> >information on our site properly linked so people who haven't been
working
> >for years on this can get involved.
> >
> >I would suggest that Jamboi and others speak more civil-like and
> >professional-like to each other (one could suggest some ground rules like
no
> >name-calling, no unneccessary caps, no put downs, etc) but I've been told
> >that this is how tech people talk to each other....(maybe the non-tech
girl
> >is right in that ground rules can be useful to everyone?)
> >
> >The meeting in SV went very well (except for the phone problem- sorry
David
> >and Fred! We'll figure out a better system for next time.) I feel like
the
> >OVC project is moving forward at full speed. Without Jamboi that meeting
> >would not have happened. We need new people to re-energize those who
have
> >been working on this for a while.
> >
> >Let's not forget we are all working for a common goal: transparent,
accurate
> >elections. Let's see what we can do to help each other (OVC vets- give
the
> >new guys some stuff to read; OVC newbies- thanks for your energy and
> >enthusiasm, it is helping to move things along).
> >
> >As generation X says, "respect yo"
> >As professional adults say, "Please keep the discussion process in the
realm
> >of civility"
> >
> >Lara
> >
> >
> >_______________________________________________
> >OVC discuss mailing lists
> >Send requests to subscribe or unsubscribe to
arthur@openvotingconsortium.org
>
> Check out http://www-db.stanford.edu/pub/keller under voting
> See FAQ on the OVC website
>
> At some point, read the Wiki (but it's not up now)
>
> Try out the demo (available from the OVC website)
>
> Those are a good start
>
> Best regards,
> Arthur
>
>
> --
> --------------------------------------------------------------------------
-----
> Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA 94303-4507
> tel +1(650)424-0202, fax +1(650)424-0424
>
>
> ------------------------------
>
> Message: 10
> Date: Mon, 2 May 2005 20:56:00 -0700
> From: "Ed Kennedy" <ekennedyx@yahoo.com>
> Subject: [OVC-discuss] The web site and the movie links
> To: "Open Voting Consortium discussion list"
> <ovc-discuss@listman.sonic.net>
> Message-ID: <000801c54f94$060a0040$6401a8c0@homet3uj9pkik9>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hello:
>
> "Electile Dysfunction." leads to a web page that has a QuickTime window
pop up but nothing happens.
> "Votergate." Only the streaming version works and it's quality is kind of
poor. I did finally get the Quicktime to download but it's tiny.
> "Invisible Ballots" doesn't run
>
> I thought I heard something about OVC having it's own video. Could I have
more information on that right away? I'd like to have something for the
MeetUp.
>
>
> --
>
> Thanks, Edmund R. Kennedy
>
> Always work for the common good.
>
> 10777 Bendigo Cove
> San Diego, CA 92126-2510
> USA
>
> I blog now and then at: <http://ekennedyx.blogspot.com/>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
http://listman.sonic.net/pipermail/ovc-discuss/attachments/20050502/076961f9
/attachment.html
>
> ------------------------------
>
> _______________________________________________
> OVC discussion list
> Send requests to subscribe or unsubscribe to
arthur@openvotingconsortium.org
>
> End of OVC-discuss Digest, Vol 7, Issue 23
> ******************************************
>

_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Tue May 31 23:17:14 2005

This archive was generated by hypermail 2.1.8 : Tue May 31 2005 - 23:17:52 CDT