Re: [OVC-demo-team] Tally system

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Fri Feb 13 2004 - 12:34:01 CST

>> AD> BTW, for the production system, the question of whether or not the
>> AD> admin PC is networked or not is a very important decision that
>> AD> will NOT be answered by a developer.

>> No developers involved in security assessment?

> That's not what I said. I said that the decision will not be made by
> "a
> developer." Such a decision will be made after considering many
> factors.
> Besides the security issues, the economic analysis will be very
> important.

I'll chime in with Alan here. Not really to add something, but just to
concur with where he's coming from. The security issues involved in
the potential networking of the admin PC are quite different from the
considerations of what is most convenient for programmers (or even for
-users-, who may not appreciate that saving work can introduce
vulnerabilities). Obviously, folks like Amit Sahai or David Jefferson
are "developers" in some sense--but their main titles read "security
expert". And even inasmuch as lesser lights like Matteo or I will
assist in the security analysis, it will be after we switch hats to our
"security bowler" (or is it a top hat?).
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Thu Apr 1 02:40:18 2004

This archive was generated by hypermail 2.1.8 : Thu Apr 01 2004 - 02:40:36 CST