Re: Voting systems with no OS (was: Re: disclosure; no OS? [Re: OVC-discuss Digest, Vol 36, Issue 10])

From: Edward Cherlin <echerlin_at_gmail_dot_com>
Date: Sat Nov 03 2007 - 03:54:31 CDT

On 11/2/07, Danny Swarzman <> wrote:
> Fred,
> When you have an embedded system, the software has to be loaded somehow.
> Whatever means you use to load it is the thing that needs to be open.

Burned, maybe. Loaded, not required.

> When you run on COTS, anybody can reproduce everything you do to develop the
> software.
> How can the public verify the code on an embedded system?

Write it in a FORTH system like Open Firmware (OFW). Plenty of people
can verify every bit in a FORTH system of 8K or so. We don't need the
fancy versions like PolyFORTH.

Or compile it in a published version of a publicly available compiler
with specified libraries, and publish the checksums of the resulting
binaries. If a large enough and sufficiently diverse segment of the
public gets the same checksums, Bob's your uncle.

The general public doesn't have to trust a handful of "experts". But
they have to trust somebody, or a bunch of somebodies. Maybe after
every grade school student has a computer all the time we will get a
generation that isn't afraid of technology and can make sense of
simple code. I'm not holding my breath.

Myself, I'm willing to trust a Python implementation running on
command-line Linux. But I have kernel hackers and Python implementers
among my acquaintances, including Guido van Rossum, inventor of
Python. Also implementers of C, LISP, APL, FORTH, Smalltalk, and a
number of other languages.

> -Danny
> On Nov 2, 2007, at 7:26 PM, Fred McLain wrote:
> - Ability to load programs. If you depend on an external system to load the
> programs, then that external system would require the same level of
> scrutiny.
> Nope, that is nonsense. You do not want to have an ability to "load
> programs" in a critical system, especially from an "external system". Nor
> do you want to have any connection to an external system. Voting systems
> need to be isolated from the network. I've said before, "you can't open a
> door that doesn't exist".

We do have to be able to read data from a CD-ROM. But the entire
program can be in a single non-modifiable ROM chip with published

Edward Cherlin
Earth Treasury: End Poverty at a Profit
Sustainable MBA student
Presidio School of Management
OVC-discuss mailing list
By sending email to the OVC-discuss  list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Fri Nov 30 23:17:06 2007

This archive was generated by hypermail 2.1.8 : Fri Nov 30 2007 - 23:17:31 CST