The data about the ACT (Australian Capital Territory) election, the open-source software, the open-source operating system it ran on, and the open-source compiler that compiled it all is available via the makers, Software Improvements Pty Ltd.
The independant review, lab results of testing, and report on how it all worked in practice are available through the ACT Electoral Commission.
Not so much a well-oiled Chevy as a Holden Monaro which in the US is called a Pontiac GTO. As the GM site says, What Makes an American Legend? But it doesn't say the answer - good Aussie Engineering. Oi! Oi! Oi!
VoteHere a company that makes software to implement a particular voting crytographic scheme is the second outfit to release their source (the first was OVC).
The Third, I think. Software Improvements did so in 2001. Source Code available through the ACT Electoral Commission. Open-source OS, Open-Source compiler, and runs on non-proprietary hardware too.
Well actually, we do, technically. Queen Anne's Bill of Rights of 1689 is still on the books, inherited from English Law. Some quotes:
That excessive bail ought not to be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted;
Oh, you thought the US invented this concept? The "Founding Fathers" had a very flexible definition of Copyright.
The Australian Constitution is available on the web (Naturally), and a casual read will show that it's been heavily inspired by the US one of over 100 years earlier. We like to think ours is better, but YMMV.
Everyone agrees that arguments about Languages are Religious, right?
Well, maybe not. Just have a look at these samplings of code. Now you can argue that some implementations are un-neccessarily complex, and others inefficient. Fair enough. But apart from such deliberately obfuscated grotesques such as the sed implementation, you can get a "within an order of magnitude" estimate of how simple/powerful/readable a language is by looking at the sources.
For example, contrast the PERL implementation with the C implementation. Now look at the Java vs the Ada implementations. The similarities, and differences, are instructional.
Parenthetically, with the forthcoming release of Java 1.5, which has Ada facilities such as strong typing of enumerations and generics, the architectural similarities between Ada and Java will become even more pronounced. IMHO Java has a far neater notation of Object-Oriented features than Ada-95's, but in all other respects suffers from C's over-terse syntax. But that's just my opinion. Look at the examples and form your own. What is not a matter of opinion is that readability helps improve code quality. And wonder why "everyone knows" Ada is over-complicated, too difficult to implement, and too costly - especially when open-source free compilers have been around for nearly a decade now.
Is there some kind of financial relationship between Wired's owners (Conde Nast publications) and the Australian voting company?
For the record, No.
BTW Software Improvements isn't a "voting company", we do stuff like Satellite Avionics etc. Like the software on FedSat, which recently rode out the biggest solar storm in recorded history. As you can see live on the web.
<sarcasm>Of course our greatest achievement is our Time Machine.</sarcasm> eVACS was first used in 2000, before the Diebold controversy erupted. So much for us trying to cash in on it.
Finally, if you think the system's out to bamboozle people - why not tell us exactly how? The Operating System, the Compiler, and the Code are all Open Source and available for all to criticise. An independant lab "fact-checked our asses", you can too. In fact, if you read some previous/. posts, you've been able to for some time.
Finally, a disclaimer. I work for Software Improvements, along with Matt Quinn. He's an unregenerate Leftie, I'm a Right-Wing Neocon Deathbeast. We keep each other honest.
You also need to endure physical auditability to make sure that the correct binary is installed, and to make sure the BIOS hasn;t been tampered with.
Impossible Dream? Nope, there's a system that's been in use since 2001. It's called eVACS.
A complete explanation on how it has been done in at least one place outside the USA is available on the web.
Interestingly, if you read the whole pdf report linked to, it shows a distinct trend for Greens and Democrats to use e-Voting rather than the paper alternative.
Oh yes, and this system has been mentioned quite a few times in/. comments for the last 2 years.
The question is, do you have more trust in an open-source program on an open-source OS compiled by an open-source compiler on a standard non-proprietary machine, followed by a tamper-proof anonymous record, or an inherently tamper-proof paper ballot which is then easily forged?
Both require some degree of trust, somewhere. Personally, I think it's far easier to fake ballots and stuff them in pre-prepared substitute ballot boxes than to have a vast secret conspiracy to get a hold of the WORM disks, crack the encryption, and substitute duplicates. Others have a "touching faith" in paper, while having a healthy distrust of electronics. I myself think Open-source isn't enough, you need testing out the wazoo.
All I can say is that e-Voting using Open Source systems has been proven to work despite legal challenges.
The post is insightful because it shows that no matter how you do it, paper or electronically, the situation is inherently insecure as there's no audit trail from voter to vote. Even with paper. Especially with paper.
Or just see previous/. posts on how an open-source e-voting system, running on an open-source OS, compiled with an open-source compiler, has actually been used in government elections before. And where to get the source.
Of course, it wasn't in the USA, so hasn't had any publicity.
There's an open-source electronic voting system, that is compiled on an open-source compiler, and runs on an open-source operating system, on standard commercial hardware.
It's called eVACS and was used in the Australian Capital Territory elections in 2001. More details (AND SOURCE CODE) available at the ACT Electoral Commission website.
Or you could just look at any of the past/. posts. Maybe if I post the same data often enough, someone might just read it and take notice. But then, the election didn't happen in the USA, so maybe not. *SIGH*
DISCLAIMER : I work for the mob that made it. 6 months from contract signature to the election, total cost to make less than $150,000 USD. I wasn't on the development team though, too busy making spaceflight avionics. But They Did Good.
...that I first programmed an Elvish character set into my trusty Exidy Sorcerer. From Wikipedia:
Graphics on the Sorcerer sound impressive, with a resolution of 512 x 240, when most machines of the era supported a maximum of 320 x 200. ... The Sorcerer instead chose another method entirely, which was to not really to have graphics at all. Instead they allowed the user to re-define the character set (the shapes of the letters on screen) and used these in lieu of pixel-addressable graphics.
The big problem was the vowels - which are implemented as accents/modifiers to the basic consonant glyphs. But it was trivial to write a small program that took latin characters in, and produced elvish output on the screen. Even doublets like zh resulted in a single glyph IIRC. More difficult was Tsolyani, which is written right-to-left and has a different character set for leading and trailing letters. Still, an 8-pin graphics printer gave good results with both.
A more surprising limitation, given the machine's genesis, is the lack of sound output. Enterprising developers then standardized on attaching a speaker to two pins of the parallel port
First done at room 642, International House, Sydney University in 1978, as far as I'm aware. But I'm sure others did the same thing at about the same time. Ah, the days when I could double my memory from 16K to 32K for only a few hundred bucks...and debug programs by having a radio nearby and listening to the RFI from various parts of the motherboard. The same year, the University of Wollongong narrowly beat us in porting UNIX. Others in the US were working on that too. And now I'm an old fart, working with Ada-95 on Satellite Avionics, and X/T UML on agile development... both of which are pretty neat, and cutting edge. (I'll revise that remark about Ada being "cutting edge" when Java catches up and gets Generics and the other stuff invented back in 1983.) It proves that you can still be a Geek at 45.
Which if true has all sorts of interesting implications. The argument appears to be that if time was quantised - as all other things, like space, energy etc appear to be - then the Universe could be described by a single n-dimensional vector containing all information. (ie a longgggg list of numbers describing where everything is, but not where it's going as rate-of-change derivatives aren't possible if time is quantised.). It would be "stuck" in this position, if you like. Alternately, if derivatives were allowable, everything would be predictable, with no uncertainty. Heisenberg Uncertainty means continuous unquantised time.
He may be right, he may be wrong, but this is interesting enough either way to be worth study.
To be completely accurate, in Australia we have mandatory attendance at a place of voting. All that you have to do to avoid the fine is appear at the polling booth, get your name crossed off, and leave. There is nothing forcing you to cast a vote as such.
Not merely that, but it was a requirement of the eVACS open-source electronic voting system (mentioned in the original article) that people be permitted to easily cast an "informal" or blank vote, if they so chose. But only deliberately, not by accident. The ACT Electoral Commission had a requirement that people be allowed not to vote if they chose. BTW All polling is held on a weekend. The common US practice of holding elections on a weekday seems - strange. Almost as if it's designed to discourage those who aren't able to afford time off work. The result is that Australians are some of the most politically-informed people in the world (as many visitors have pointed out). If you have to go to the polls or pay $10, why not actually vote? And if you're going to vote, why not make at least a token effort to find out something about politics? I'm not saying we're wiser, just better informed. I'm also not saying that our pollies are any better than yours. For example, Bush wouldn't have won here : the distributed preferences from Nader et al would have pushed Gore over the line. Oh yes, we also have preferential voting. Otherwise what's the point of voting for a Minority party?
You should have quoted the full article from wikipedia
Flash Crowd was the title of a 1973 short story by the science fiction author Larry Niven, one of a series about the consequences of instantaneous, practically free teleportation booths that could take one anywhere on Earth in milliseconds.
One consequence, not predicted by the builders of the system, was that with the almost instantaneous reporting of newsworthy events, tens of thousands of people worldwide would flock to the scene of anything interesting-- along with criminals, hoping to exploit the instant disorder and confusion so created.
On the World Wide Web, a similar phenomenon can occur, when some web site catches the attention of a large number of people, and gets an unexpected and overloading surge of traffic: a notorious example is the Slashdot effect.
Other reading:
"Flash Crowd" is on pages 99-164 of the paperback edition of The Flight of the Horse, copyright 1973 by Larry Niven. The story (or parts of it) were originally published as "Flash Crowd" in Three Trips in Time and Space, copyright 1973 by Robert Silverberg, ed.
"The Last Days of the Permanent Floating Riot Club" are on pages 41-52 of the paperback edition of A Hole in Space, copyright 1974 by Larry Niven.
Other stories in this series are in these two books, and in All the Myriad Ways.
And for what gain ? To be able to have final result at 8 PM, instead of 4AM the next day ?
How about to allow the visually-impaired for the first time in their lives to cast a secret vote?
There are other reasons, not quite as compelling:
How about to allow the use of multiple languages on the ballot form?
How about to allow a more complex voting scheme than "first past the post", say, optional preferential with Robson Rotation, or modified Dhont, or any of the others that are plausibly more "fair"?
As this post showed, there's an open source system running on an open-source OS, compiled by and open-source compiler, available on the web. That's already been used in government elections.
Yes, this a repeated post. But as long as the same very valid questions get asked, the same very valid answer will be given.
As this post showed, there's an open source system running on an open-source OS, compiled by and open-source compiler, available on the web. That's already been used in government elections.
I figure that if I keep on saying this, the message will get through.
As this post showed, there's an open source system running on an open-source OS, compiled by and open-source compiler, avaliable on the web. That's already been used in government elections.
Given that encryption and similar technologies are classified as armaments, and that there have already been Internet-based attacks in wartime on civilian and military infrastructure ( see Bosnia etc ), then yes, arms have already been taken up by some.
In 18th century America, any yokel could pick up his trusty rifled musket and go fight agin the Gummint (see the Whiskey Rebellion etc).
In 21st century America, any haX0r can pick up her trusty laptop and go fight agin the Gummint.
I'm not saying it's a good thing, just that it's happening.
I felt that when you were creating an artistic effort that would eventually be copied, possibly millions of times, one weighed the one-time cost of the effort of doing it right against the integral cost of fixing something not done right, integrated over all the things made that had to be fixed or replaced.
If this attitude was more common, billions of dollars wouldn't be wasted every year in Blue Screens of Death. To state the bleedin' obvious. I was lucky enough to work on a space project just last year, and what anubi says is still valid. One thing though - the people currently doing safety-critical work for avionics, railway traffic control etc. still work to this set of ethics. So far, anyway. There's pressure to change even there.
Re:Do younger minds absorb quicker?
on
Ageism in IT?
·
· Score: 1
Unfortunately, that isn't always true. Some people have 1 year of experience 15 times.
Nice one, Stu! I'll modify it to
"Some people have 15 years of experience; Others 1 year of experience 15 times."
and credit it to you, if that's OK.
Or perhaps it's hard to compete with a generation that started programming when they were 5 years old.
8 years old.
That was when I first wrote a code fragment.
In FORTRAN II. To run on a Ferranti Pegasus computer at Harwell Nuclear Research Labs in 1966. The project I'm currently working on involves xtUML for agile development ( The Next Big Thing(tm)? Dunno, but it works...). Next month I'm teaching some people on how to write no-fail software for aircraft avionics. Last month it was doing risk analysis on software in some radically new and advanced laser eye surgery equipment, still in the labs. I can look in the sky at night and see with a telescope anyway) the advanced R&D Satellite I headed the apaceflight avionics software team for. And yesterday I completed a fairly gruelling 3-hour exam as part of my Master's course. Only 1 more course to go - site operations for Webmasters, web access to databases and such. You never stop learning in this business, and there's always something new coming up. I'm 45, and my first (and so far only) son turns 2 next month.
Re: Testability : Agree in general with infeasibility of testing all inputs, too many cases etc. Design can sometimes make safety-critical paths so simple that they can be tested in this way though. Not always, and it needs a lot of creativity and talent in the cases where it is possible.
Re : Re-use : This advantage - an increase in the testing spectrum - is the major advantage of re-use. If I had my druthers, indeed your idea of a re-useable and open-source (for peer review) set of software for space applications would be realised, first on about a zillion uncrewed missions (dead astronauts are not an option), then when the suite has been proven to be reasonably safe, used on crewed missions. By "reasonably safe" I mean "no more risk than we take in our daily lives", about 1 chance in a million of fatality is usually deemed acceptable. (I've done such Hazard analysis on medical equipment, this figure isn't pulled out of my - er- hat.)
Re: Medical Example : One thing our society doesn't do well though is cost-benefit analysis. If a (forex) heart pacemaker saves 10,000 people per year but can be shown to kill one, the manufacturer will soon be sued out of existence. Far better to only save 5,000 if the resultant device can't be proven to kill someone.:-( Because that way you get to save 5,000 this year, 5,000 the next, 5,000 the next...rather than saving 10,000 in year 1, then losing your entire savings and possibly doing jail time, and worse, saving no-one else. The ethical problems get worse if the alternative is saving 10,000 (and killing 1) or only saving 100 (but covering your ass).:-( once more. That's why we need both law reform (I'm in Australia, the situation in the US is worse), and also a number of Expert Witnesses who can say what's reasonable and what's not. Yes, it sometimes is a matter of life-and-death.
Spaceflight avionics software development is not for the faint-hearted either.
"The question for software developers is not, 'Are you paranoid?', the question is, 'Are you paranoid enough?' " Brain says. "Every software module, every function, procedure or method has to assume that information coming in may have been spoilt by a malfunction and be prepared for the worst. The system must be ductile - bending, not breaking - when things go wrong. In space no one can press Control/Alt/Delete."
A team of Australian programmers developed FedSat's onboard software, building on work done in Britain. It is written in Ada-95, a programming language designed for embedded systems and safety-critical software. All it has to work with is 16MB of RAM, 2MB of flash memory for storing the program, a 128K boot PROM (programmable read only memory) and 320MB of DRAM in place of a hard disk that would never survive the launch process. All essential data is stored in three physically different locations.
Language is important. The numbers say it, the metrics say it, the successful projects say it, even some/. posts say it. But the "programmer gods" don't believe it, or more often, won't bother doing the research. The rest of us will just have to settle for actually doing this work, satellites, laser eye surgery systems, aircraft, subs etc instead of making yet another kludgy VB system to sell the latest in sportswear or whatever.
Slashdot Mirror
Not As Such.
The data about the ACT (Australian Capital Territory) election, the open-source software, the open-source operating system it ran on, and the open-source compiler that compiled it all is available via the makers, Software Improvements Pty Ltd.
The independant review, lab results of testing, and report on how it all worked in practice are available through the ACT Electoral Commission.
Not so much a well-oiled Chevy as a Holden Monaro which in the US is called a Pontiac GTO. As the GM site says, What Makes an American Legend? But it doesn't say the answer - good Aussie Engineering. Oi! Oi! Oi!
VoteHere a company that makes software to implement a particular voting crytographic scheme is the second outfit to release their source (the first was OVC).
The Third, I think.
Software Improvements did so in 2001. Source Code available through the ACT Electoral Commission. Open-source OS, Open-Source compiler, and runs on non-proprietary hardware too.
Well actually, we do, technically. Queen Anne's Bill of Rights of 1689 is still on the books, inherited from English Law. Some quotes:
Oh, you thought the US invented this concept? The "Founding Fathers" had a very flexible definition of Copyright.The Australian Constitution is available on the web (Naturally), and a casual read will show that it's been heavily inspired by the US one of over 100 years earlier. We like to think ours is better, but YMMV.
Everyone agrees that arguments about Languages are Religious, right?
Well, maybe not. Just have a look at these samplings of code. Now you can argue that some implementations are un-neccessarily complex, and others inefficient. Fair enough. But apart from such deliberately obfuscated grotesques such as the sed implementation, you can get a "within an order of magnitude" estimate of how simple/powerful/readable a language is by looking at the sources.
For example, contrast the PERL implementation with the C implementation.
Now look at the Java vs the Ada implementations.
The similarities, and differences, are instructional.
Parenthetically, with the forthcoming release of Java 1.5, which has Ada facilities such as strong typing of enumerations and generics, the architectural similarities between Ada and Java will become even more pronounced. IMHO Java has a far neater notation of Object-Oriented features than Ada-95's, but in all other respects suffers from C's over-terse syntax. But that's just my opinion. Look at the examples and form your own.
What is not a matter of opinion is that readability helps improve code quality. And wonder why "everyone knows" Ada is over-complicated, too difficult to implement, and too costly - especially when open-source free compilers have been around for nearly a decade now.
For the record, No.
BTW Software Improvements isn't a "voting company", we do stuff like Satellite Avionics etc. Like the software on FedSat, which recently rode out the biggest solar storm in recorded history. As you can see live on the web.
<sarcasm>Of course our greatest achievement is our Time Machine.</sarcasm> eVACS was first used in 2000, before the Diebold controversy erupted. So much for us trying to cash in on it.
Finally, if you think the system's out to bamboozle people - why not tell us exactly how? The Operating System, the Compiler, and the Code are all Open Source and available for all to criticise. An independant lab "fact-checked our asses", you can too. In fact, if you read some previous /. posts, you've been able to for some time.
Finally, a disclaimer. I work for Software Improvements, along with Matt Quinn. He's an unregenerate Leftie, I'm a Right-Wing Neocon Deathbeast. We keep each other honest.
- Open Source Code
- Open Source OS
- Open Source Compiler
- Standard PC Hardware
- Independantly Verified by both Electoral Authorities and Independant Labs
- In 12 languages
- Audio help for vision-impaired voters
- And actually used in 2001 government elections
It cost less than $200,000 to develop too. But not "made in the USA".- Open Source Operating System
- Open Source Compiler
- Open Source Code
You also need to endure physical auditability to make sure that the correct binary is installed, and to make sure the BIOS hasn;t been tampered with.Impossible Dream? Nope, there's a system that's been in use since 2001. It's called eVACS.
A complete explanation on how it has been done in at least one place outside the USA is available on the web.
Interestingly, if you read the whole pdf report linked to, it shows a distinct trend for Greens and Democrats to use e-Voting rather than the paper alternative.
Oh yes, and this system has been mentioned quite a few times in /. comments for the last 2 years.
+1 Insightful.
The question is, do you have more trust in an open-source program on an open-source OS compiled by an open-source compiler on a standard non-proprietary machine, followed by a tamper-proof anonymous record, or an inherently tamper-proof paper ballot which is then easily forged?
Both require some degree of trust, somewhere. Personally, I think it's far easier to fake ballots and stuff them in pre-prepared substitute ballot boxes than to have a vast secret conspiracy to get a hold of the WORM disks, crack the encryption, and substitute duplicates. Others have a "touching faith" in paper, while having a healthy distrust of electronics. I myself think Open-source isn't enough, you need testing out the wazoo.
All I can say is that e-Voting using Open Source systems has been proven to work despite legal challenges.
The post is insightful because it shows that no matter how you do it, paper or electronically, the situation is inherently insecure as there's no audit trail from voter to vote. Even with paper. Especially with paper.
Someone wrote :
Or just see previousOf course, it wasn't in the USA, so hasn't had any publicity.
There's an open-source electronic voting system, that is compiled on an open-source compiler, and runs on an open-source operating system, on standard commercial hardware.
It's called eVACS and was used in the Australian Capital Territory elections in 2001. More details (AND SOURCE CODE) available at the ACT Electoral Commission website.
Or you could just look at any of the past /. posts. Maybe if I post the same data often enough, someone might just read it and take notice. But then, the election didn't happen in the USA, so maybe not. *SIGH*
DISCLAIMER : I work for the mob that made it. 6 months from contract signature to the election, total cost to make less than $150,000 USD. I wasn't on the development team though, too busy making spaceflight avionics. But They Did Good.
More difficult was Tsolyani, which is written right-to-left and has a different character set for leading and trailing letters. Still, an 8-pin graphics printer gave good results with both.First done at room 642, International House, Sydney University in 1978, as far as I'm aware. But I'm sure others did the same thing at about the same time. Ah, the days when I could double my memory from 16K to 32K for only a few hundred bucks...and debug programs by having a radio nearby and listening to the RFI from various parts of the motherboard. The same year, the University of Wollongong narrowly beat us in porting UNIX. Others in the US were working on that too.
And now I'm an old fart, working with Ada-95 on Satellite Avionics, and X/T UML on agile development... both of which are pretty neat, and cutting edge. (I'll revise that remark about Ada being "cutting edge" when Java catches up and gets Generics and the other stuff invented back in 1983.) It proves that you can still be a Geek at 45.
Time is not Quantised.
There, that's a nice, neat summary.
Which if true has all sorts of interesting implications. The argument appears to be that if time was quantised - as all other things, like space, energy etc appear to be - then the Universe could be described by a single n-dimensional vector containing all information. (ie a longgggg list of numbers describing where everything is, but not where it's going as rate-of-change derivatives aren't possible if time is quantised.). It would be "stuck" in this position, if you like. Alternately, if derivatives were allowable, everything would be predictable, with no uncertainty. Heisenberg Uncertainty means continuous unquantised time.
He may be right, he may be wrong, but this is interesting enough either way to be worth study.
BTW All polling is held on a weekend. The common US practice of holding elections on a weekday seems - strange. Almost as if it's designed to discourage those who aren't able to afford time off work.
The result is that Australians are some of the most politically-informed people in the world (as many visitors have pointed out). If you have to go to the polls or pay $10, why not actually vote? And if you're going to vote, why not make at least a token effort to find out something about politics? I'm not saying we're wiser, just better informed. I'm also not saying that our pollies are any better than yours. For example, Bush wouldn't have won here : the distributed preferences from Nader et al would have pushed Gore over the line.
Oh yes, we also have preferential voting. Otherwise what's the point of voting for a Minority party?
As this post showed, there's an open source system running on an open-source OS, compiled by and open-source compiler, available on the web. That's already been used in government elections. Yes, this a repeated post. But as long as the same very valid questions get asked, the same very valid answer will be given.
As this post showed, there's an open source system running on an open-source OS, compiled by and open-source compiler, available on the web. That's already been used in government elections. I figure that if I keep on saying this, the message will get through.
As this post showed, there's an open source system running on an open-source OS, compiled by and open-source compiler, avaliable on the web. That's already been used in government elections.
Given that encryption and similar technologies are classified as armaments, and that there have already been Internet-based attacks in wartime on civilian and military infrastructure ( see Bosnia etc ), then yes, arms have already been taken up by some.
In 18th century America, any yokel could pick up his trusty rifled musket and go fight agin the Gummint (see the Whiskey Rebellion etc).
In 21st century America, any haX0r can pick up her trusty laptop and go fight agin the Gummint.
I'm not saying it's a good thing, just that it's happening.
I was lucky enough to work on a space project just last year, and what anubi says is still valid. One thing though - the people currently doing safety-critical work for avionics, railway traffic control etc. still work to this set of ethics. So far, anyway. There's pressure to change even there.
That was when I first wrote a code fragment.
In FORTRAN II. To run on a Ferranti Pegasus computer at Harwell Nuclear Research Labs in 1966.
The project I'm currently working on involves xtUML for agile development ( The Next Big Thing(tm)? Dunno, but it works...). Next month I'm teaching some people on how to write no-fail software for aircraft avionics. Last month it was doing risk analysis on software in some radically new and advanced laser eye surgery equipment, still in the labs. I can look in the sky at night and see with a telescope anyway) the advanced R&D Satellite I headed the apaceflight avionics software team for. And yesterday I completed a fairly gruelling 3-hour exam as part of my Master's course. Only 1 more course to go - site operations for Webmasters, web access to databases and such.
You never stop learning in this business, and there's always something new coming up.
I'm 45, and my first (and so far only) son turns 2 next month.
Re: Testability : Agree in general with infeasibility of testing all inputs, too many cases etc. Design can sometimes make safety-critical paths so simple that they can be tested in this way though. Not always, and it needs a lot of creativity and talent in the cases where it is possible.
:-( Because that way you get to save 5,000 this year, 5,000 the next, 5,000 the next...rather than saving 10,000 in year 1, then losing your entire savings and possibly doing jail time, and worse, saving no-one else. The ethical problems get worse if the alternative is saving 10,000 (and killing 1) or only saving 100 (but covering your ass). :-( once more. That's why we need both law reform (I'm in Australia, the situation in the US is worse), and also a number of Expert Witnesses who can say what's reasonable and what's not. Yes, it sometimes is a matter of life-and-death.
Re : Re-use : This advantage - an increase in the testing spectrum - is the major advantage of re-use. If I had my druthers, indeed your idea of a re-useable and open-source (for peer review) set of software for space applications would be realised, first on about a zillion uncrewed missions (dead astronauts are not an option), then when the suite has been proven to be reasonably safe, used on crewed missions. By "reasonably safe" I mean "no more risk than we take in our daily lives", about 1 chance in a million of fatality is usually deemed acceptable. (I've done such Hazard analysis on medical equipment, this figure isn't pulled out of my - er- hat.)
Re: Medical Example : One thing our society doesn't do well though is cost-benefit analysis. If a (forex) heart pacemaker saves 10,000 people per year but can be shown to kill one, the manufacturer will soon be sued out of existence. Far better to only save 5,000 if the resultant device can't be proven to kill someone.
A quote from a recent Newspaper article:Language is important. The numbers say it, the metrics say it, the successful projects say it, even some
The rest of us will just have to settle for actually doing this work, satellites, laser eye surgery systems, aircraft, subs etc instead of making yet another kludgy VB system to sell the latest in sportswear or whatever.