Re: [Fwd: Re: Secure logging - explained]

From: Fred McLain <mclain_at_zipcon_dot_net>
Date: Thu Nov 11 2004 - 22:55:52 CST

Thanks for saying this much more clearly Robert. Well said.

Another thought I had this evening was the clearly larger capacity of
CD-Rs. A singular failure of a CD-R would certainly wipe out the entire
audit log. This isn't a fault of a paper audit log. Since the log just
records events during the tally process, not individual votes, it's
unlikely we would use even a small fraction of a CD. I'll also bring
into question the idea that we'd have to use a lot of register tape to
record a tally log. At about 8 entries per inch, a typical 220' roll
could record over 21,000 'events' that occurred during the vote count.
That sounds like a reasonable number to me.

On airplanes we often use wire based recorders for the black box
systems. A magnetic recording on wire spools. Although this is
changing to hardened digital systems, the wire recorders lasted well
into the fly-by-wire control systems and digital "dashboards" for
airliners. It even outlasted replacing copper with optical cables in
the 747-400. The reason? They are very, very durable. The same can be
said for paper trails vs digital ones. At the very least, let's have a
paper backup for audit trails, even if we record them on CD.

        -Fred-

On Thu, 2004-11-11 at 08:07, Robert Rapplean wrote:
> Now that Fred mentions the archival quality and reliability of CD media,
>
> I have to agree. Your typical CD has a shelf life of five to ten years,
> and this drops to about six months to two years if you put any kind of
> adhesive label on them.
>
> Also, in the experience of myself and my friends, the typical CD has
> roughly a 20-50% failure to burn rate. I'm very much in the habit of
> throwing away every other CD because they don't burn correctly. This is
> partially because of borderline shoddy CD production, and partially
> because of the inherent inaccuracy of the typical mass-market $50 CD
> burner. The price you quote for DVD burners is for the low-end,
> low-quality DVD burner. I haven't purchased an extensive collection of
> DVD burners, but if they're anything like CD burners then the low end
> will not be a reliable solution. I had to spend four to five times the
> base CD burner price in order to purchase a CD burner which didn't waste
> every other CD I tried to burn, or need to be replaced after about a
> year of occasional use.
>
> In order to get production quality (and reliably auditable) CD burning,
> you would have to spend something like $150 per burner, and purchase
> archive quality CD's at roughly $1.60/pop, and even then you'd run into
> the issue of a temperature sensitive process. Any CD burner that is
> sitting near a door that opens a lot on a cold day WILL fail its burn.
>
> All things said and done, I think that we should more seriously consider
> good old fashioned ink-on-continuous-tape, maybe with a running vertical
> barcode if we can manage it. A machine readable paper tape would
> significantly reduce wear and tear from human handling.
>
> -R
>
> Fred McLain wrote:
>
> >Hi Jim,
> >
> >I'd strongly call into question your belief that CDR would be more
> >reliable then a register tape. I believe that some (most?) bank
> >machines also uses these sorts of tapes for their audit logs. Thermal
> >printers should not be used because they are susceptible to erasure
> >though heat but ink based printer output can last for decades and even
> >longer with the right type of paper.
> >
> >CDs have recently been shown to have a far shorter shelf life then
> >originally imagined due to oxidation of the underling aluminum foil.
> >They start pitting after time and can be quickly made entirely
> >unreadable. A small scratch on the top side of a CD (where the foil is)
> >will kill the entire CD whereas a mark on a strip of paper only obscures
> >what is under the mark. Recordable multi session CDs are usually only
> >"reliable" on the drive that recorded them, another issue. Also think
> >about the number of recordable CDs that turn out to be "spoiled" -
> >hardly the medium for a real time log.
> >
> > -Fred-
> >
>
>
>
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Tue Nov 30 23:17:28 2004

This archive was generated by hypermail 2.1.8 : Tue Nov 30 2004 - 23:17:44 CST