You're completely wrong. There will be a set of ANONYMOUS receipts that should match the electronic records. If anyone demand a recount, it will be trivial to find out whether they match (just count the receipts).
Recording who voted for who would never be accepted because it would lead to massive buying and selling of votes and intimidation of voters. A system that doesn't have anonymous voting is not, in any sense, democratic because it more or less guarantee that the votes will not reflect the intent of the electorate.
This is bullshit. There is a number of ways to anonymously indicate that the vote is flawed. For instance, voters could be asked to indicate on the receipt whether or not the receipt is correct, and put it in a ballot box. A quick scan of receipts would then reveal whether or not the number of errors would be big enough to be an issue.
There is NO reason why you should need to show your receipt, as they can't adjust the numbers based on complaints anyway as it has to be assumed that a lot of people won't check their ballots, so the number of complaints won't be an accurate measure of error rate.
They will NEVER, EVER allow voters to leave with printed receipts from the voting machine. Take one guess why.
Sale of votes and intimidation of voters.
If people are allowed to leave with receipts, we WILL see attempts to buy/sell votes because voters now suddenly have a way to prove that they have voted a particular way. Currently buying votes is unattractive, because nothing is stopping me from taking your money and voting however I please.
Similarly we WILL see attempts to intimidate voters from people who will make it very clear that if you can't show them a receipt indicating the "right" vote you will be in trouble.
I doubt any election official will be stupid enough to even think about letting voters leave the polling station with definitive proof that they voted a particular way, preventing the above two is one of their most important jobs.
Personally I usually use Red Carpet for updating my Redhat box. I've also occasionally used APT, including as an experiment to update a Redhat 6.2 box to 7.3 (don't try this at home without a backup folks, I got it to work, but I don't know if I was just lucky;). Both Apt and Yum for RPM are included in Fedora now.
RPM has the advantage that it has widespread support many distributions, and even across OS's (I've used RPM on Solaris, for instance), so I'd guess that experience with packaging RPM's is much more widespread than DEB's.
Now, Debian people keep going on about how the Debian packaging system is so superior to RPM's, but I've still not seem a single coherent explanation of WHY they think that is the case.
The packaging alone would put me off UserLinux. They'd have to support RPM to be LSB compliant, so why yet another packaging format? Unless they are planning on making a system that can support both packaging formats interchangably, and manage to do it well enough that the users won't immediately screw it up.
Why BSD? Why not Linux? There's nothing inherently more secure about BSD. Many Linux distributions might ship with silly default configs, but that's it. As for their security concerns with Windows, the security concern boils down to having unaudited closed source software from a single US company that could very well be putting backdoors everywhere.
Considering these will be government machines deployed in government office, I think you can be 100% that the government would have access without needing any backdoors... How many large companies or government offices have you worked for where the IT department doesn't have the root passwords and full access?
No sane XML schema implementation would rely on the schemaLocation attribute as a definitive location for the schema. In fact, I'd go so far as saying that any schema implementation that DOES honour the schemaLocation attribute without matching the value of the attribute against a set of legal patterns and/or rewriting the value is severely broken. This simply isn't a problem - you look at the namespace attribute and look up the schema based on that.
No I wouldn't have, because all kids tends to have hangups about things they won't do in front of their parents. Some more than others. I was always very secretive towards my parents, regardless of whether there was a need for it. For instance I used to write lots of poetry (700-800 separate poems at last count), and I don't think my parents know about that to this day (I'm 28), just because when I was younger it was something very private and after that stopped mattering I just haven't had any reason to talk about it with them.
With my drawings, there were very fuzzy lines in what I'd work on in front of them and show them, and what I wouldn't show them. It could be an image that had some particular emotional attachment for me, or simply a drawing I wasn't happy with and didn't want anyone to see because I didn't think it was good enough.
Taking away childrens privacy also deprive them of a lot of things they would not EVER consider doing in front of their parents because it for them for some reason very private.
For me, a lot of those things involved using the computer.
The time my parents tried pulling crap like that on me, I did my best to make life miserable for them, on purpose, for as long as it took for them to realise that I wasn't property, nor a prisoner and that THEY didn't get to set arbitrary rules for MY life. A typical response if I had been unlucky enough to have a parent like you would be that if you confiscated my computer or cellphone or whatever, I'd render your computer useless or confiscate your cellphone.
There's few things that pisses me off more than parents that do their best to run their home like their kids were serial killers on death row instead of idependently thinking individuals they share a home with.
Do you seriously think that having the family computer in an open area will stop a teenager from watching porn? My tip: When you have kids they will quickly do one of the following: a) shuttle floppy/zip-disk's/cd's/dvd's with content downloaded while you were out to their rooms on a regular basis, b) learn how to set up a proxy on the family computer that you don't know about, c) learn how to disable your restrictions on their computers, d) go to friends houses and shuttle assorted storage mediums from their, e) go have unprotected sex and knock up the neightbour girl in pure desperation.
If my parents had been as restrictive as you, I would have never done anything creative on the computer. I didn't like having them watch what I was doing, even if it was things like programming or drawing pictures. I guess I was rather self conscious - I was doing MY stuff and it wasn't their business.
Right... And once you've confronted them once, they'll figure out how you caught them and find a way to evade it. Nothing makes children learn faster than a desire to outsmart oppressive parents...
I know that when I was your kids age I would do anything to get things my way. If that meant I'd have to get my own dialup account and bypass whatever firewall or ip filtering you'd think about setting up I would. And don't think your kids won't know how - they might not know now, but the more draconian you get the better they will get at evading it.
Ask yourself: Why is it your business to know what they are doing? What are you concerned about?
If you're concerned about your children coming across something you don't like, then NEWSFLASH: If they can't look at it at home, they'll look at it at a friends house, or find a way to hide it from you. If it's against the rules, it's automatically cool.
Teat children like they're stupid, they will do their best to prove to themselves that they know how to get away with whatever you've forbidden them, and they will manage.
If it's your kids physical safety you're worried about, then be upfront about that with your kids. Explain to them that sometimes adults try to trick kids to meet up, and because of that there are certain, very limited, rules to keep them safe. Even discuss the rules with them to make sure they AGREE with you. If they don't agree, they'll try to bend it. And more importantly: Establish a may for them to arrange legitimate meetings with people they talk to - allow them to meet if you're present at first to confirm the person they meet are who they say they are, etc.. In other words: Take away the reasons for them to lie and break your rules.
The biggest problem with these systems being closed is that as long as large number of machines are being purchased from the same vendor, and the number of vendors are small, there's now a trivial way of fixing the elections.
A little trivia: We know the security at Diebold is ridiculous as is. But let's say they do code reviews. Lets say check ins are monitored.
Heck, maybe they even open source the system.
Then it would be safe, wouldn't it?
WRONG
Without an audit trail in physical form, verified by the voter, these systems will NEVER be safe.
Consider this little todo list if you decide that voting fraud would be an interesting career choice:
On their build machines, replace the compiler binary with a compiler modified to inject malicious code when it detects a pattern present in the voting system source. (this is a computer science classic, and can be strengthened by making the compiler detect the compiler source as well, and modify the generated binary so that any compiler rebuild won't remove your code and won't differ from the one you planted)
Place a cron job that regularly patch built binaries with one with malicious code inserted
Install an extra component in the device that will modify the data fed back from the voting terminals to their database servers
Make any code changes you do trigger only on specific dates, or on other conditions that makes it unlikely to be a certification test
"Fix" their production line so that the software image placed on the voting machines differ from the one built, for instance mess with the BIOS / boot flash or other place you can place code that is unlikely to be verified.
Insert a little hardware device that let you inject wrong data from the touch screen interface remotely.
Find a good justification for partitioning voting data in a specific way in memory, and make sure the hardware design is adjusted so that the memory chips are spread nicely out over the design. Now, in the shipped units, short circuit a suitable set of pins on the right memory chips, or perhaps ensure they will be short circuited if something specific is done. Insta-vote-wipe...
The list of fun stuff to try would be endless.
Creating a paper audit trail is cheap, compared to verifying the hardware design (of the actually delivered boxes, not of what was supposed to be manufactured), verifying the binary images of all the software actually on the delivered boxes, INCLUDING BIOS, drivers, microcode on any "interesting" chips in the system (it would not be surprising if the touch screen had a programmable CPU on it, for instance - after all the good old Amiga keyboard had an embedded CPU with on chip RAM and ROM and a 6502 compatible instruction set - all you'd need to modify the data stream), and how it all works together (see the memory arrangment suggestion).
Seemingly innocent changes to various parts of the system might have distasterous effects once they are combined.
Without an audit trail you will NEVER, EVER have a reliable, safe, tamper proof system - electronic solutions are simply too complex to prevent someone from finding comparatively easy exploits.
That's just silly. Most employers WILL like to hear about your hobbies, your family and your personal and recreational activities because they give a picture of how well you work in teams, what kind of person you are, your level of creativity, organizational skills, etc.
Sure, there are lots of details you don't need to and shouldn't bring up, but leaving out all personal details from your CV and not discussing it where it would be natural during job interviews will just make you seem cold, anti-social and unfriendly.
Pure skills are rarely the most important aspect of a prospective employee - someone that don't fit into the team may end up being a liability regardless of skill level.
In past jobs I've turned away plenty of candidates that had great skills because it was obvious that they would be a bad fit with the rest of the team, and several times hired people that were weaker technically.
Sure, if your interests are just plain weird, don't start talking about them (unless they're weird in a way that you think the interviewers will find cool and interesting), but if you're active in sports (especially teams) or participate in uncontroversial organizations (in other words, if you're a member of the local chess club, a drama group, book group or similar, cool, but if you're a member of a political party or a political pressure group, be VERY careful, even if you think the interviewer sympathise with your views), or play an instrument, or work with animals in your spare time, etc. etc. you a) may be lucky and find something the interviewer is interested in, and b) might show skills or personality traits that the interviewer will think fits well in the team.
That doesn't mean you should start blabbering about it unless it comes naturally, but if you're asked about organizational skills, and you haven't managed any team at work, but have organized camping trips for homeless children, or spent your spare time on some other challenging tasks that require the same skill set they have asked for, many interviewers will like that you think outside the box, that you've done something socially worthwhile that also demonstrate the skills they asked about, and that you are open about what you do.
If you do bring up your personal life though, make sure that you point out how it relates to the position unless it is blindingly obvious - the person interviewing you might not know what is involved in your specific hobbies or social activities.
One thing many people seem to miss is that books rarely translate directly into movies that "work" for anyone but people who have read the books several times and know the plot and characters intimately. In a book, the author have much more freedom to add detail to a character and a scene which people would simply miss if they were presented "in realtime" in a movie, where what the readers attention is explicitly drawn attention to by the author when reading the book may end up as a detail shown for seconds in a direct translation of the book into a movie.
If you make a movie for people who know a book in detail, you exclude almost everyone else.
For my part, I've read LoTR 4-5 times, and I still don't remember the details of the story well enough that I think a faithful representation of the book would have been particularly satisfying, and I think many people who complain about changes would also have found the movies even less satisfying with a direct translation.
Letting a character die without words, might be one of them. In the books, the reader is "forced" to focus on the character because they would otherwise have to skip over paragraphs, while in a movie there will almost always be distractions and character traits that are not specifically visually or audibly focused on might go unnoticed by large parts of the audience.
RTFA. Their scientific goals clearly indicate some interest in commercial exploitation in the form of mining... They are taking an approach that is quite different from the US one.
No, it infers that with open source anyone who wants to CAN look at it. The number of errors in and in itself is irellevant in the case of a voting application: If there are serious errors, a new election can be held. But with a closed source voting application it is very hard for people who are suspicious about a result independently review the process.
When the results are blatantly wrong, like in this case, we can be sure that an error will be detected and corrected. However what security do we have that the "corrected" number is truly correct? And what if the result had just been skewed a few percent instead of blown out of all proportion?
Your argument is like saying that public access to government documents is inferring that public access == no mistakes. As with oversight of voting, access to public documents are important not because we're guaranteed that it will result in fewer mistakes being made, but because more people, including those not in power, are given opportunities to try to verify that people stick to the rules should they choose to.
No, you don't KNOW that. You know that they have access to somewhere to put a phone outlet and forward their calls via, and that is all. Yes, it means it's a little bit harder, but if you rely on the phone number to indicate trust you're just begging someone to screw you over.
Sigh. The UN was founded to make countries work together, so of course it doesn't accomplish anything when countries doesn't work together. It is a forum to facilitate cooperation and to carry out the result of agreements in specific areas. Nothing more, nothing less. It's not a world government - it has extremely few powers except where explicitly granted by multilateral agreements in the form of treaties between member states, which by it's very nature means cooperation has to be involved.
Criticising the UN for failing to do something it hasn't been granted the power to do is pretty silly.
Hmm. That would be a novel concept - wealth redistribution FROM the rich countries instead of TO them... Why haven't anyone thought of that... No, seriously, why? (if you don't understand what I'm talking about: net debt payments and trade protectionism more than cancel out all development aid worldwide, leading to a net flow of capital FROM the poor countries to the rich, just as it was before the developed countries started pretending they had a social conscience)
So would you agree that since Bill Gates live in the US, and Bill Gates is the richest man in the world, there are no poor people in the US? That's essentially what your logic boils down to. Ordinary people in Saudi Arabia don't see much more of Saudi Arabias oil wealth than you see of Gates' fortune.
Slashdot Mirror
Recording who voted for who would never be accepted because it would lead to massive buying and selling of votes and intimidation of voters. A system that doesn't have anonymous voting is not, in any sense, democratic because it more or less guarantee that the votes will not reflect the intent of the electorate.
There is NO reason why you should need to show your receipt, as they can't adjust the numbers based on complaints anyway as it has to be assumed that a lot of people won't check their ballots, so the number of complaints won't be an accurate measure of error rate.
Sale of votes and intimidation of voters.
If people are allowed to leave with receipts, we WILL see attempts to buy/sell votes because voters now suddenly have a way to prove that they have voted a particular way. Currently buying votes is unattractive, because nothing is stopping me from taking your money and voting however I please.
Similarly we WILL see attempts to intimidate voters from people who will make it very clear that if you can't show them a receipt indicating the "right" vote you will be in trouble.
I doubt any election official will be stupid enough to even think about letting voters leave the polling station with definitive proof that they voted a particular way, preventing the above two is one of their most important jobs.
It's no secret there's been longstanding issues - SCO weren't particularly happy when project Monterey was cancelled.
RPM has the advantage that it has widespread support many distributions, and even across OS's (I've used RPM on Solaris, for instance), so I'd guess that experience with packaging RPM's is much more widespread than DEB's.
Now, Debian people keep going on about how the Debian packaging system is so superior to RPM's, but I've still not seem a single coherent explanation of WHY they think that is the case.
The packaging alone would put me off UserLinux. They'd have to support RPM to be LSB compliant, so why yet another packaging format? Unless they are planning on making a system that can support both packaging formats interchangably, and manage to do it well enough that the users won't immediately screw it up.
It's obviously a coconut.
Why BSD? Why not Linux? There's nothing inherently more secure about BSD. Many Linux distributions might ship with silly default configs, but that's it. As for their security concerns with Windows, the security concern boils down to having unaudited closed source software from a single US company that could very well be putting backdoors everywhere.
Considering these will be government machines deployed in government office, I think you can be 100% that the government would have access without needing any backdoors... How many large companies or government offices have you worked for where the IT department doesn't have the root passwords and full access?
No sane XML schema implementation would rely on the schemaLocation attribute as a definitive location for the schema. In fact, I'd go so far as saying that any schema implementation that DOES honour the schemaLocation attribute without matching the value of the attribute against a set of legal patterns and/or rewriting the value is severely broken. This simply isn't a problem - you look at the namespace attribute and look up the schema based on that.
With my drawings, there were very fuzzy lines in what I'd work on in front of them and show them, and what I wouldn't show them. It could be an image that had some particular emotional attachment for me, or simply a drawing I wasn't happy with and didn't want anyone to see because I didn't think it was good enough.
Taking away childrens privacy also deprive them of a lot of things they would not EVER consider doing in front of their parents because it for them for some reason very private.
For me, a lot of those things involved using the computer.
There's few things that pisses me off more than parents that do their best to run their home like their kids were serial killers on death row instead of idependently thinking individuals they share a home with.
Do you seriously think that having the family computer in an open area will stop a teenager from watching porn? My tip: When you have kids they will quickly do one of the following: a) shuttle floppy/zip-disk's/cd's/dvd's with content downloaded while you were out to their rooms on a regular basis, b) learn how to set up a proxy on the family computer that you don't know about, c) learn how to disable your restrictions on their computers, d) go to friends houses and shuttle assorted storage mediums from their, e) go have unprotected sex and knock up the neightbour girl in pure desperation.
If my parents had been as restrictive as you, I would have never done anything creative on the computer. I didn't like having them watch what I was doing, even if it was things like programming or drawing pictures. I guess I was rather self conscious - I was doing MY stuff and it wasn't their business.
So if your children wants to watch porn, they will make friends with kids with more lenient parents, or learn to evade your logging.
Right... And once you've confronted them once, they'll figure out how you caught them and find a way to evade it. Nothing makes children learn faster than a desire to outsmart oppressive parents...
Ask yourself: Why is it your business to know what they are doing? What are you concerned about?
If you're concerned about your children coming across something you don't like, then NEWSFLASH: If they can't look at it at home, they'll look at it at a friends house, or find a way to hide it from you. If it's against the rules, it's automatically cool.
Teat children like they're stupid, they will do their best to prove to themselves that they know how to get away with whatever you've forbidden them, and they will manage.
If it's your kids physical safety you're worried about, then be upfront about that with your kids. Explain to them that sometimes adults try to trick kids to meet up, and because of that there are certain, very limited, rules to keep them safe. Even discuss the rules with them to make sure they AGREE with you. If they don't agree, they'll try to bend it. And more importantly: Establish a may for them to arrange legitimate meetings with people they talk to - allow them to meet if you're present at first to confirm the person they meet are who they say they are, etc.. In other words: Take away the reasons for them to lie and break your rules.
The biggest problem with these systems being closed is that as long as large number of machines are being purchased from the same vendor, and the number of vendors are small, there's now a trivial way of fixing the elections.
A little trivia: We know the security at Diebold is ridiculous as is. But let's say they do code reviews. Lets say check ins are monitored.
Heck, maybe they even open source the system.
Then it would be safe, wouldn't it?
WRONG
Without an audit trail in physical form, verified by the voter, these systems will NEVER be safe.
Consider this little todo list if you decide that voting fraud would be an interesting career choice:
The list of fun stuff to try would be endless.
Creating a paper audit trail is cheap, compared to verifying the hardware design (of the actually delivered boxes, not of what was supposed to be manufactured), verifying the binary images of all the software actually on the delivered boxes, INCLUDING BIOS, drivers, microcode on any "interesting" chips in the system (it would not be surprising if the touch screen had a programmable CPU on it, for instance - after all the good old Amiga keyboard had an embedded CPU with on chip RAM and ROM and a 6502 compatible instruction set - all you'd need to modify the data stream), and how it all works together (see the memory arrangment suggestion).
Seemingly innocent changes to various parts of the system might have distasterous effects once they are combined.
Without an audit trail you will NEVER, EVER have a reliable, safe, tamper proof system - electronic solutions are simply too complex to prevent someone from finding comparatively easy exploits.
Sure, there are lots of details you don't need to and shouldn't bring up, but leaving out all personal details from your CV and not discussing it where it would be natural during job interviews will just make you seem cold, anti-social and unfriendly.
Pure skills are rarely the most important aspect of a prospective employee - someone that don't fit into the team may end up being a liability regardless of skill level.
In past jobs I've turned away plenty of candidates that had great skills because it was obvious that they would be a bad fit with the rest of the team, and several times hired people that were weaker technically.
Sure, if your interests are just plain weird, don't start talking about them (unless they're weird in a way that you think the interviewers will find cool and interesting), but if you're active in sports (especially teams) or participate in uncontroversial organizations (in other words, if you're a member of the local chess club, a drama group, book group or similar, cool, but if you're a member of a political party or a political pressure group, be VERY careful, even if you think the interviewer sympathise with your views), or play an instrument, or work with animals in your spare time, etc. etc. you a) may be lucky and find something the interviewer is interested in, and b) might show skills or personality traits that the interviewer will think fits well in the team.
That doesn't mean you should start blabbering about it unless it comes naturally, but if you're asked about organizational skills, and you haven't managed any team at work, but have organized camping trips for homeless children, or spent your spare time on some other challenging tasks that require the same skill set they have asked for, many interviewers will like that you think outside the box, that you've done something socially worthwhile that also demonstrate the skills they asked about, and that you are open about what you do.
If you do bring up your personal life though, make sure that you point out how it relates to the position unless it is blindingly obvious - the person interviewing you might not know what is involved in your specific hobbies or social activities.
If you make a movie for people who know a book in detail, you exclude almost everyone else.
For my part, I've read LoTR 4-5 times, and I still don't remember the details of the story well enough that I think a faithful representation of the book would have been particularly satisfying, and I think many people who complain about changes would also have found the movies even less satisfying with a direct translation.
Letting a character die without words, might be one of them. In the books, the reader is "forced" to focus on the character because they would otherwise have to skip over paragraphs, while in a movie there will almost always be distractions and character traits that are not specifically visually or audibly focused on might go unnoticed by large parts of the audience.
RTFA. Their scientific goals clearly indicate some interest in commercial exploitation in the form of mining... They are taking an approach that is quite different from the US one.
When the results are blatantly wrong, like in this case, we can be sure that an error will be detected and corrected. However what security do we have that the "corrected" number is truly correct? And what if the result had just been skewed a few percent instead of blown out of all proportion?
Your argument is like saying that public access to government documents is inferring that public access == no mistakes. As with oversight of voting, access to public documents are important not because we're guaranteed that it will result in fewer mistakes being made, but because more people, including those not in power, are given opportunities to try to verify that people stick to the rules should they choose to.
No, you don't KNOW that. You know that they have access to somewhere to put a phone outlet and forward their calls via, and that is all. Yes, it means it's a little bit harder, but if you rely on the phone number to indicate trust you're just begging someone to screw you over.
Criticising the UN for failing to do something it hasn't been granted the power to do is pretty silly.
Hmm. That would be a novel concept - wealth redistribution FROM the rich countries instead of TO them... Why haven't anyone thought of that... No, seriously, why? (if you don't understand what I'm talking about: net debt payments and trade protectionism more than cancel out all development aid worldwide, leading to a net flow of capital FROM the poor countries to the rich, just as it was before the developed countries started pretending they had a social conscience)
So would you agree that since Bill Gates live in the US, and Bill Gates is the richest man in the world, there are no poor people in the US? That's essentially what your logic boils down to. Ordinary people in Saudi Arabia don't see much more of Saudi Arabias oil wealth than you see of Gates' fortune.