You are viewing a single comment's thread.

view the rest of the comments →

[–] Interruptedagain 0 points 22 points (+22|-0) ago 

In your real world example you are dealing with customers that have been there before and, to a degree, know what they are looking at and for.

With voting machines the customers are government bureaucrats that were affirmative action hires. They wouldn't have a clue what they were looking at. You could sell them a pile of dog shit and tell them it was roses.

[–] screamingrubberband [S] 0 points 14 points (+14|-0) ago  (edited ago)

I used to believe that, but it is stunning to see the LACK of understanding in the industry lately.

And, ultimately, with voting machines, I am the customer. I should have some assurance that the software works. And, no, I don't believe the software company can provide that.

Software should be revision-controlled, on air-gapped machines, and dry-ran on-site with people who got selected for jury duty, or some similar method of randomly selecting participants for a 4-hour runoff.

Open sourced and posted dry-run results at every precinct.

Otherwise, fuck off with your "proprietary software" arguments. There's nothing "proprietary" about adding 1 to a tally.

Edit... sorry, just venting. Not at you.

[–] Interruptedagain 0 points 2 points (+2|-0) ago 

No problem. I get wound up to.

[–] buckhorn 0 points 1 point (+1|-0) ago  (edited ago)

Yes. The source code should be owned by 'We the people' and it should run on commodity/open hardware. Any installs/updates should be subject to observation by multiple opposing parties who may video all keystrokes and hash codes and receive a copy of the deployed code for further inspection/dissemination before the admin jacks are sealed under lock and key. There's no excuse that would make closed/prorietary source code necessary at this point.

Many eyes make all bugs shallow--even if only 1% of the eyes who have access know what they're even looking at.

After every e.g., 1000 votes, a 100-sided die should be rolled. If it comes up as 1, the totals for those 1000 paper ballots must be audited/confirmed by manual count irrespective of whether there's any particular reason to be suspicious.

Scanned images of all ballots should also be made publicly available shortly after voting ends.

[–] screamingrubberband [S] 0 points 3 points (+3|-0) ago 

An additional clarification... I don't give a shit about the bureaucrats or diversity hires... I want the public at large to have open access. I want to make sure the routine that adds "one" doesn't have any conditional statements. If Sha'niqu'a is going to use the software to display a number, I want to look over the routine that handles the output and make certain it is rig-proof. If everybody can see it, then confidence in the system goes up.

Code errors are caught by people who didn't write the code... because presumably the person writing the code thought it was right, and is therefore less likely to see a mistake. So let's all see all the code, so there's no "glitches" like this. I know you can't find all the bugs, but you can sure as hell see any underhanded "stuff" if you look hard enough.

[–] cantaloupe6 0 points 1 point (+1|-0) ago 

The Chinese hardware and firmware can adjust the contents of memory.

[–] Interruptedagain ago 

I'm agreeing with you on this. I'm just saying that in the system that we now have it is those retard affirmative action hires that see and approve of the code. That has got to change! We all need access to it.

[–] 26291004? 0 points 3 points (+3|-0) ago 

yeah, but that's true in the medical space. Most EHR and EMR systems are crappy from the inside, and the customers don't know any better.

HOWEVER, you don't see massive failures with mission critical medical applications anymore, post THERAC. You have errors, but not with the essential fuction of the software. Voting software does ONE THING, it should do it properly.