Re: disclosure; no OS? [Re: OVC-discuss Digest, Vol 36, Issue 10]

From: Fred McLain <mclain_at_zipcon_dot_net>
Date: Fri Nov 02 2007 - 13:03:59 CDT

Responses are inline below.

On Nov 1, 2007, at 12:52 PM, Hamilton Richards wrote:

> At 7:00 PM -0700 2007/10/30, ovc-discuss-request@listman.sonic.net
> wrote:
>> [...]
>> Message: 3
>> Date: Tue, 30 Oct 2007 18:57:55 -0700
>> From: Fred McLain <mclain@zipcon.net>
>> Subject: Re: [OVC-discuss] Representative Holt's OWN WORDS [Re:
>> OVC-discuss Digest, Vol 36, Issue 9]
>> To: Open Voting Consortium discussion list
>> <ovc-discuss@listman.sonic.net>
>> Message-ID: <8BCA668B-417D-4C7D-94D0-4EAA103D7C7B@zipcon.net>
>> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
>>
>> Aha, now I see why there is such strong opposition to HR-811 as
>> currently worded. By forcing those that would inspect the code to
>> somehow prove that they are qualified to do so and forcing an "oath
>> of
>> secrecy" upon them the vast majority of those that would inspect the
>> code, the OSS community, to exclude themselves from the inspection
>> process. That is completely unacceptable.
>
> I don't like it either, but I can see why the owners of proprietary
> software regard its unrestricted disclosure as unacceptable. And
> since the main issue is election security, and disclosure yields very
> little in the way of security improvements, I don't see why it's a
> battle worth fighting.

I disagree. It isn't that we are requiring Diebold or any other
company to enter into this business. A good example of this can be
taken from the mainframe era. Accounting software running on
mainframes was nearly always required to be delivered with source to
each customer. To play the game, you must play by the rules. It's up
to the public and our government to set those rules so that we can
verify the software.

>
>> I write complex software for a living and have lead open voting
>> software development projects. I my experience there is no need for
>> closed source, secrecy or anything of the sort.
>
> Agreed. And as open-source election systems become available, and as
> election officials begin to see open source's advantages, they will
> become open-market winners.
>
>> I would also assert based on my 25+ years of active software
>> development and my 4 years in voting software development that there
>> is *no need for an operating system* in voting equipment. In fact,
>> it
>> would be best to write this without an OS since the inspection
>> becomes
>> far simpler and more reliable.
>
> On the other hand, the API is kind of brutal. :)

True, but it is done every day. Every time you fly on an airplane you
rely on software that was built without an OS. Safety critical
software on aircraft must conform to DO-178B level A. At that level
of certification it is nearly impossible to use an OS since the FAA
requires *every line of code* to be tested with test artifacts proving
it was. Thus no closed source (at least from the manufactures and
FAA's perspective).

As I said before, we can simply require DO-178B level A certification
as well as Common Criteria SA-2/3 security analysis on these systems.
The open source aspect is an additional benefit and provides for more
public confidence.
>

> If the election software were decently modularized, you'd end up with
> modules that are OS in everything but name. True, it would be an
> open-source OS, but so is Linux, so why not take advantage of all
> that development that's already done, has many years of field testing
> behind it, and costs nothing?

I'm also in favor of this approach. The risk is that you are
introducing a vast amount of code that never will be used. Some would
say source inspection is impossible because of the millions of lines
of OS code. When you write the code from scratch all you really
reproduce from the OS are a few drivers and some basic libraries.

        -Fred-

Instant Messaging (IM) Addresses:
Jabber: mclain@jabber.org
Yahoo: appworx_fred, schemalogic_fred
MSN: appworx_fred@hotmail.com, schemalogic_fred@hotmail.com
AIM: mclain98021
ICQ: 6947005
GTalk (Jabber): mclain98021@gmail.com
Skype: fmclain

_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss
By sending email to the OVC-discuss list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at http://gnosis.python-hosting.com/voting-project/
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Fri Nov 30 23:17:05 2007

This archive was generated by hypermail 2.1.8 : Fri Nov 30 2007 - 23:17:31 CST