What exactly would you be taking a hash of, however, and how would you verify the vote totals? Are you hashing the ballot serial number + the vote? Just because the election authority has published a hash that matches your, doesn't mean they used your vote in the announced total.
David Chaum developed the punchscan voting system as an end-to-end verifiable election protocol for paper ballots that allows anonymity and verifiability. Scantegrity is a successor system to that: http://scantegrity.org/.
Punchscan and Scantegrity both fulfill your requirements. The key is that each ballot is printed with a unique correspondence between the symbol marked and the candidate chosen, and the checksums for that mapping (and the ballot serial number) are published before any of the ballots are marked.
The only piece of cryptography you need to understand is what a hash function is, and how hard it is to reverse a hash. Everything else is about as hard to understand as, say, the quicksort algorithm is the first time you see it.
Now, that means that most people won't bother learning it in detail, but that doesn't mean the average voter should not trust such a system anymore than the fact that most people who use ssh don't understand the RSA algorithm in any depth should mean that they should not have any confidence in ssh.
It only takes a small minority of interested technical people to vet such a system.
The minute the locked tubs leave your sight, you are relying on an army of other people to make sure they aren't unlocked while you aren't looking and the ballots switched, so no, you can't verify the paper trail when you vote.
With an end-to-end verifiable paper ballot protocol like punchscan and integrity, however, you (individually, without relying on an army of eyeballs to preserve chain-of-custody) can verify that the vote count is accurate because throughout the election (from the printing of the ballots to the scanning of the ballots to the final vote tallies) enough information is made public about the ballots and how they are marked that it is impossible for the election authority to steal more than a few votes without being caught. The probability of one vote being stolen without being detected is 1/2, 2 votes 1/4, 3 votes 1/8, and so on. At the same time, the information revealed is not enough to determine how any individual person voted, so anonymity is preserved.
At the heart of such protocols is the concept of a cryptographic commitment. Suppose you and I want to flip a coin fairly via an email exchange. If we were face-to-face, you would call heads or tails, I would then flip the coin, and we would see who won the toss.
How do you prevent cheating in a similar exchange over email?
The key is that I flip the coin first, generate a commitment and email it to you, then you call heads or tails, and then I reveal the key that unlocks the commitment, whereupon we both know who won the toss.
How do I generate a commitment that I can't modify later? Suppose I flip the coin and it comes up heads. I then generate a 128-bit random number, concatenate "heads" to it, and calculate the SHA256 hash of that string. I send you the hash. You call heads or tails. I then send you the 128 bit random number I used, and tell you it was heads. To check me, you take the random number, concatenate heads to it, and calculate the SHA256 hash. If it matches what I originally sent you, then you know I didn't cheat. If it doesn't, then you know I tried to pull a fast one.
Now I grant you that not very many people will take the time to understand how a complicated protocol like that works. But it would only take a small minority of people to vet such a scheme so that the wider population would have confidence in it. Just as it only takes a small minority of people to understand how RSA works for the rest of us to use ssh with confidence.
What happens when the only provider in your area is one who prioritizes Torrent Traffic over Netflix and Youtube?
And how did your one provider manage to roll out access to your area when no other company could? By using government right-of-way and subsidy.
I think the basis for forcing a monopoly provider to route packets neutrally should be that they accepted right-of-way and subsidies, not just that they are operating a network.
I don't think the phrase 'net-neutrality' captures that concept. It suggests that even if you run a private network that was built without subsidy, you are under some moral obligation to route packets without preference.
Unless I miss my guess, all the legistaion inspired by the phrase 'net-neutrality' will also miss that point, and instead establish the principle that if you operate a network, you can only use government approved routing algorithms. In other words, it will open private networks to arbitrary legistation.
I wonder if the internet as we know it could have grown so useful so fast had the government not been as hands-off as it had. I worry that once the hands-off approach is gone, its further development will greatly slow down, and that the slogan of net-neutrality is doing great damage to society's commitment to the hands-off concept.
However, I've found writing a proper test suite that deals with databases, network communication+++ and not just the application itself is pretty hard
Writing a comprehensive test suite that did all of that would be an enormous undertaking. Writing a single automated test dealing with network comm or with a database interaction, however, is not a huge task, although it does take more time than manually testing for the existence of some bug you are in the middle of fixing. If you only automate a small fraction of the bugs you manually test for, however, those automated tests will grow in their usefulness over time, as some of the bugs they test for will resurface in the future and be found immediately thanks to the test script. This usefulness can be observed by teammates and managers and inspire imitation. At developers meetings, the next time a bug resurfaces in one of your colleagues work, a manager might even ask "Wouldn't you have found that faster if you had written an automated test for it like Steve over there has been doing for his work? Maybe you should spend some time with Steve so he can show you how to write automated tests."
I had the same reaction. If the OP is a developer working on this code, and has to fix some of these bugs when they come up, then he should start writing scripts that detect existence of the bug in the app, then fix the bug like he normally would. The next time one of his colleagues reintroduces the bug, his test script will catch it and he can point it out.
Bugs that go away by themselves, come back by themselves. Automated unit tests let you know exactly when they come back, and why (as long as you run them often, then not much will have changed in the code since the last time the test passed, letting you know that something in the last small change provoked the bug).
You don't need to write a massive suite of tests to demonstrate the usefulness of automated testing. Automated testing pays off in small increments as well. If the OP starts writing automated tests for the work he is doing, then the success of those tests will speak for themselves.
I think the main reason so few developers write automated tests is that it is a non-trivial skill that takes practice and time to learn. So the first task is to get good at doing it yourself. Then you can lead by example.
I found a link to David Bismark's home page here. He is explaining how Pret a Voter works. This is related to the punchscan system, although it works by randomizing the order of the candidate list instead of introducing an indirection symbol like punchscan does.
Odd that the wired article would not give credit where it is due and mention Pret-a-Voter.
BTW, everyone, this is not an electronic voting system, even though it is uses computers if various ways, it is an optical scan paper ballot system.
This sounds a lot like the punchscan voting system. I am at work and not able to see the video right now, but I googled bismark and found this article, which has some details.
Punchscan and its variants do allow you to be able to prove to yourself (with a 50% probability) that your vote was counted as you intended. That might not sound like much comfort (only 50%?), but if the election authority tries to change 2 votes, their probability of getting away with it falls to 1/4, then to 1/8 with 3 votes, and so on. So stealing more than one or two votes becomes infesible pretty quickly.
However, I do believe that in all such schemes, the possibility of large scale vote buying becomes a real threat that has to be managed carefully, since the election authority has the keys that allows the all the ballots to be decoded. So if the Election Authority shares the keys with, say, the autoworkers union, or with GM, then those orgs would be in a position to decrypt the votes and thus coerce their voters. Of course, large scale intimidation of that type would be hard to hide from investigators. For this and other reasons, I think the threat of large scale vote buying is managable, and well worth the accuracy and accountability these systems provide.
The 2 key ideas that makes these schemes work are "cryptographic commitment" and the "cut and choose" protocol. If you are insterested, I've written up a detailed explanation of these concepts, and how punchscan like systems work, here.
people like to tinker with different things
on
iPad Jailbroken
·
· Score: 1
I am with the I-don't-like-shiny-computers poster above as far as computer preferences go, but I have to hand it to you, that was a beautiful reply you penned.
The real question here is what are you interested in tinkering with. Some people like to tinker with computers and some people like to tinker with any of a myriad other things. Very few people like to tinker with more than a few things, though, and expect almost everything else they own to "just work".
I don't care how well written my furnace's user manual is, or how well designed the controls are, I haven't the slightest interest in learning its fundamentals. If it stops working, I call an HVAC guy to fix it.
>What does this even mean? How can a mathematical truth be 'known" if it cannot be proven?
I belive I can shed some light on that question.
In any formal system, you can write out a mechanically checkable proof of a statement using the production rules of the system (a derivation of the statement if you will), or you can exhibit a model in which the statement is false (a model can also be mechanically checked for correctness).
This roughly corresponds to an informal proof of a statement, or a counterexample in which you can show the statement to be false.
If you can prove a statement using the production rules, then you know the statement will be true in all possible models of the system.
So there are two formal notions of truth at play here. In the first one, you wonder whether a statement can be derived. In the other, you wonder whether it is true in all models of the formal system.
What godel showed was the in a sufficiently power formal system, there will be statements that can't be derived, but which are still true in all models.
How can you know that a statement X is true in all models, if you can't derive X in the formal system?
You can use the formal system to talk about itself (which is like using a program to generate the text of another program to solve a problem, instead of writing a program to solve the problem directly), and derive the statement that "X is true in all models of the formal system". This is known as a second order proof.
Goedel's theorem can not stop you from discovering a formal proof for any mathematical principle that a person can informally recognize the truth of. Whether that proof is first order, second order, third order,..., however, is up for grabs.
The other posts in which people go on about how goedel proved that people have souls because they can do something a machine can't (recognize the truth of a statement that can't be formally proved) are mistaken.
> So seriously, can anyone tell me what is so hard about automating a paper process that has ticks in boxes?
First of all, there is a huge payoff for any group that can subvert an election, so any voting system is going to have to be able to thwart very well funded efforts.
What is so simple about paper ballots is not how easy it is to vote, but how easy it is to scrutinize the whole process from end to end.
As soon as you try to use an electronic voting machine, you make it hard to scrutinize the voting process end-to-end and easy for well funded efforts to subvert.
I think if we are going to go the electronic route, we need to give voters a receipt that they can use to prove to themselves that their vote was counted correctly, but that can't be used to prove to others how they voted (http://www.punchscan.org/).
Then, we don't have to worry about making the machines secure against well funded efforts to subvert them, since we can tell whether the vote was counted incorrectly or not, and any subversion would be detected and void the election.
That sort of voting machine is very easy to design. You can use any old PC and the software has already been written.
Does anyone remember reading about a scheme for turning the usual QoS technique upside down?
That is, instead of marking packets you really care about (VoIP packets, say) high priority, you mark the ones you don't care that much (bittorrent downloads) about as low priority?
I recall reading about low priority marks having interesting advantages over high priority marks. It had to do with the high priority marks relying on perverse incentives (almost all routers would have to play by the rules and the more they did, the higher the payoff for not playing by the rules), while the low priority marks did not (you would start to see benefits if only a few routers amongst a sea of cheaters honored the concept).
Not so fast. The publisher should be free to ask whatever price they want to when selling its books to book stores, and Amazon should be free to ask whatever price they want to when reselling the books.
Where does a publisher get off setting the price at which Amazon can sell books?
So the government is setting the price at which companies can sell books relative to a number the publisher gets to choose. That's still the government setting the price.
Why should the government give upstream suppliers any say in what downstream sellars charge?
"The net effect on the consumer? You can get Harry Potter or 2 dozen other titles for £2, but you're screwed if you want something else. I think it's fair to say that most/. readers want to buy books other than John Grisham, Harry Potter, and celeb biography du jour."
What about the net effect on the consumer of the government setting prices? How can Europeans give in so easily to the passage of so many rob-peter-to-pay-paul laws and still have functioning economies? I don't doubt that they have some way of restraining the effect of these laws and that they have powerful economies, but it must take some other form than making classic liberal arguments to prevent their passage. What form? Does anyone know?
Anyway, back to the argument at hand, how exactly am I screwed if I want to buy a wider range of books, absent this law? Living in the U.S. (without such a law), I have no problem buying a wide range of books cheaply.
If you are a government annointed ISP monopoly (you were given huge subsidies and/or exclusive right-of-way to build your network), then it makes sense for the government to require you to have relatively simple and open billing policies and prevent you from playing games.
You wouldn't be allowed to charge someone a differnet rate for internet access because you thought they could pay more (like an electric company charging you more per kilowatt hour because your company making a lot of money, or giving you a discount on your bill because you bought a GE dishwasher and GE did a side deal with them), but you can charge more for a faster line.
If, however, you own a private network that wasn't given monopoly priviliges by the government, then you can make your billing arrangement however you like (third party deals out the wazoo) and the worst than can happen is your customers will get pissed and switch to one of your competitors.
First of all, thanks for starting with a clear explanation of what the problem is (AT&T pissed at google).
I worry about exactly how such a law would be written, however, if congress felt it had to act to preserve "net neutrality".
What should such a law say? What well-accepted principle should it be defending?
I don't think the issue is free speech. I think is has to do with government established infrastructure monopolies.
I would start by observing that certain companies were given the exclusive right to dig up the streets and lay fiber/cable or were given enormous subsidies to do so, and are therefore huge government established infrastructure monopolies.
If the government gave you the exclusive right to build infrastructure at huge taxpayer expense, then it is reasonable that you be required to operate in an open and non-discriminatory way. Imagine if power companies could charge different electricity rates to differnet companies/neighborhoods based on how much money they could afford to pay. Now THAT'S a principle everyone can agree on. I don't see what it has to do with free speech.
If however, your company built a private network without special government privilige and you sell services to the public (or you resell internet service and don't own the infrastructure) I see no reason why you shouldn't be able to offer internet connectivity that restricts which sites you can go to based on third party deals (say a hotel wants to prefer google as the search engine their guests can use so they block throttle yahoo and others and that google offsets the cost of the internet service at the hotel).
It's not that I want hotels to operate that way, it's that I think if some group of hotels tried to do that, it would be annoying enough that the hotels that didn't do that would get more customers.
In other words, I only see net neutrality as an issue when a monopoly on internet service exists. I only see that existing in the last mile because of cable companies being given exclusive right of way or other companies being given huge subsidies to build infrastructure.
An obfuscator is much easier to write from scratch than a compiler.
In an open source world, the defenders already have the upper hand against the attackers, because compilers like gcc are being modified so much that whatever static structure the trojan is keying off of can only last so long before it is re-written, defeating it.
My suggestion is for an additional measure that would give the defenders an even bigger advantage.
If you knew exactly how my obfuscator worked, you could probably write a compiler detector to defeat it. However, if I knew how your compiler detector worked, I could write an obfuscator to defeat that. The cycle could then repeat.
Which activity, though, is eaiser to do? I don't know how to prove it, but I think obfuscation is far eaiser than detection.
As the Anonymous Coward replying to me pointed out, writing a program that can always detect when another program is a compiler is as hard as detecting when another program is guaranteed to halt. In other words, it's undecidable.
How does the bugged compiler binary recognize the fact that it is compiling the source to a compiler?
In Thompson's case, he had it scan the source for recognizable text.
Defeat the "am I compiling a compiler?" test of the compiler binary and you are done.
All you need is a source code obfuscator. Randomize variable/function/file names, and insert red-herring calling sequences and recompile the source to the compiler to obtain a non-bugged compiler binary.
Writing a source code obfuscator (capable of defeating the compiler trojan's test) is much easier than writing the source to a compiler, and a great deal easier than hand composing a compiler binary.
I wonder what fraction of U.S. court servers run SAMBA as a critical service?
SAMBA happens to be a VERY useful piece of software, you know. It finds its way into all sorts of deployments and embedded devices.
Trying to shut down SAMBA on patent grounds may be like walking up to a judge and saying,"Your honor, I would like to present an argument that you are a filthy thief."
I assumed this was about their not offering the source to some component they wrote, not failure to make the source code to busybox available, which I don't think they have modified.
I realize they have to make the source to busybox available under the GPL it they use it in their firmware.
It's not like the source to busybox is hard to come by. Only they can release the source to their custom components, however.
I thought the concensus was that in order to create a derived work of program X, you had to either modify some of X's source files, or write some code that linked against a some piece of X.
I am assuming that the company did not link against any busybox code, or modify it. They simply included it together with other programs that they wrote. In other words, mere aggregation as in:
"In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License."
Slashdot Mirror
You are playing around with the right concepts.
What exactly would you be taking a hash of, however, and how would you verify the vote totals? Are you hashing the ballot serial number + the vote? Just because the election authority has published a hash that matches your, doesn't mean they used your vote in the announced total.
David Chaum developed the punchscan voting system as an end-to-end verifiable election protocol for paper ballots that allows anonymity and verifiability. Scantegrity is a successor system to that: http://scantegrity.org/.
I wrote up my explanation for how this works here: http://seedsofgenerality.blogspot.com/2010/09/secure-voting-protocols.html
The key concept is that of a cryptographic commitment.
Punchscan and Scantegrity both fulfill your requirements. The key is that each ballot is printed with a unique correspondence between the symbol marked and the candidate chosen, and the checksums for that mapping (and the ballot serial number) are published before any of the ballots are marked.
I have written up a description of how punchscan works here, if you are interested: http://seedsofgenerality.blogspot.com/
The only piece of cryptography you need to understand is what a hash function is, and how hard it is to reverse a hash. Everything else is about as hard to understand as, say, the quicksort algorithm is the first time you see it.
Now, that means that most people won't bother learning it in detail, but that doesn't mean the average voter should not trust such a system anymore than the fact that most people who use ssh don't understand the RSA algorithm in any depth should mean that they should not have any confidence in ssh.
It only takes a small minority of interested technical people to vet such a system.
The minute the locked tubs leave your sight, you are relying on an army of other people to make sure they aren't unlocked while you aren't looking and the ballots switched, so no, you can't verify the paper trail when you vote.
With an end-to-end verifiable paper ballot protocol like punchscan and integrity, however, you (individually, without relying on an army of eyeballs to preserve chain-of-custody) can verify that the vote count is accurate because throughout the election (from the printing of the ballots to the scanning of the ballots to the final vote tallies) enough information is made public about the ballots and how they are marked that it is impossible for the election authority to steal more than a few votes without being caught. The probability of one vote being stolen without being detected is 1/2, 2 votes 1/4, 3 votes 1/8, and so on. At the same time, the information revealed is not enough to determine how any individual person voted, so anonymity is preserved.
At the heart of such protocols is the concept of a cryptographic commitment. Suppose you and I want to flip a coin fairly via an email exchange. If we were face-to-face, you would call heads or tails, I would then flip the coin, and we would see who won the toss.
How do you prevent cheating in a similar exchange over email?
The key is that I flip the coin first, generate a commitment and email it to you, then you call heads or tails, and then I reveal the key that unlocks the commitment, whereupon we both know who won the toss.
How do I generate a commitment that I can't modify later? Suppose I flip the coin and it comes up heads. I then generate a 128-bit random number, concatenate "heads" to it, and calculate the SHA256 hash of that string. I send you the hash. You call heads or tails. I then send you the 128 bit random number I used, and tell you it was heads. To check me, you take the random number, concatenate heads to it, and calculate the SHA256 hash. If it matches what I originally sent you, then you know I didn't cheat. If it doesn't, then you know I tried to pull a fast one.
How do you build a paper ballot election protocol out of that? That's a longer story. If you are interested, I wrote up my explanation of it here: http://seedsofgenerality.blogspot.com/2010/09/secure-voting-protocols.html
Now I grant you that not very many people will take the time to understand how a complicated protocol like that works. But it would only take a small minority of people to vet such a scheme so that the wider population would have confidence in it. Just as it only takes a small minority of people to understand how RSA works for the rest of us to use ssh with confidence.
And how did your one provider manage to roll out access to your area when no other company could? By using government right-of-way and subsidy.
I think the basis for forcing a monopoly provider to route packets neutrally should be that they accepted right-of-way and subsidies, not just that they are operating a network.
I don't think the phrase 'net-neutrality' captures that concept. It suggests that even if you run a private network that was built without subsidy, you are under some moral obligation to route packets without preference.
Unless I miss my guess, all the legistaion inspired by the phrase 'net-neutrality' will also miss that point, and instead establish the principle that if you operate a network, you can only use government approved routing algorithms. In other words, it will open private networks to arbitrary legistation.
I wonder if the internet as we know it could have grown so useful so fast had the government not been as hands-off as it had. I worry that once the hands-off approach is gone, its further development will greatly slow down, and that the slogan of net-neutrality is doing great damage to society's commitment to the hands-off concept.
Writing a comprehensive test suite that did all of that would be an enormous undertaking. Writing a single automated test dealing with network comm or with a database interaction, however, is not a huge task, although it does take more time than manually testing for the existence of some bug you are in the middle of fixing. If you only automate a small fraction of the bugs you manually test for, however, those automated tests will grow in their usefulness over time, as some of the bugs they test for will resurface in the future and be found immediately thanks to the test script. This usefulness can be observed by teammates and managers and inspire imitation. At developers meetings, the next time a bug resurfaces in one of your colleagues work, a manager might even ask "Wouldn't you have found that faster if you had written an automated test for it like Steve over there has been doing for his work? Maybe you should spend some time with Steve so he can show you how to write automated tests."
I had the same reaction. If the OP is a developer working on this code, and has to fix some of these bugs when they come up, then he should start writing scripts that detect existence of the bug in the app, then fix the bug like he normally would. The next time one of his colleagues reintroduces the bug, his test script will catch it and he can point it out.
Bugs that go away by themselves, come back by themselves. Automated unit tests let you know exactly when they come back, and why (as long as you run them often, then not much will have changed in the code since the last time the test passed, letting you know that something in the last small change provoked the bug).
You don't need to write a massive suite of tests to demonstrate the usefulness of automated testing. Automated testing pays off in small increments as well. If the OP starts writing automated tests for the work he is doing, then the success of those tests will speak for themselves.
I think the main reason so few developers write automated tests is that it is a non-trivial skill that takes practice and time to learn. So the first task is to get good at doing it yourself. Then you can lead by example.
I found a link to David Bismark's home page here. He is explaining how Pret a Voter works. This is related to the punchscan system, although it works by randomizing the order of the candidate list instead of introducing an indirection symbol like punchscan does.
Odd that the wired article would not give credit where it is due and mention Pret-a-Voter.
BTW, everyone, this is not an electronic voting system, even though it is uses computers if various ways, it is an optical scan paper ballot system.
This sounds a lot like the punchscan voting system. I am at work and not able to see the video right now, but I googled bismark and found this article, which has some details.
Punchscan and its variants do allow you to be able to prove to yourself (with a 50% probability) that your vote was counted as you intended. That might not sound like much comfort (only 50%?), but if the election authority tries to change 2 votes, their probability of getting away with it falls to 1/4, then to 1/8 with 3 votes, and so on. So stealing more than one or two votes becomes infesible pretty quickly.
However, I do believe that in all such schemes, the possibility of large scale vote buying becomes a real threat that has to be managed carefully, since the election authority has the keys that allows the all the ballots to be decoded. So if the Election Authority shares the keys with, say, the autoworkers union, or with GM, then those orgs would be in a position to decrypt the votes and thus coerce their voters. Of course, large scale intimidation of that type would be hard to hide from investigators. For this and other reasons, I think the threat of large scale vote buying is managable, and well worth the accuracy and accountability these systems provide.
The 2 key ideas that makes these schemes work are "cryptographic commitment" and the "cut and choose" protocol. If you are insterested, I've written up a detailed explanation of these concepts, and how punchscan like systems work, here.
I am with the I-don't-like-shiny-computers poster above as far as computer preferences go, but I have to hand it to you, that was a beautiful reply you penned.
The real question here is what are you interested in tinkering with. Some people like to tinker with computers and some people like to tinker with any of a myriad other things. Very few people like to tinker with more than a few things, though, and expect almost everything else they own to "just work".
I don't care how well written my furnace's user manual is, or how well designed the controls are, I haven't the slightest interest in learning its fundamentals. If it stops working, I call an HVAC guy to fix it.
>What does this even mean? How can a mathematical truth be 'known" if it cannot be proven?
I belive I can shed some light on that question.
In any formal system, you can write out a mechanically checkable proof of a statement using the production rules of the system (a derivation of the statement if you will), or you can exhibit a model in which the statement is false (a model can also be mechanically checked for correctness).
This roughly corresponds to an informal proof of a statement, or a counterexample in which you can show the statement to be false.
If you can prove a statement using the production rules, then you know the statement will be true in all possible models of the system.
So there are two formal notions of truth at play here. In the first one, you wonder whether a statement can be derived. In the other, you wonder whether it is true in all models of the formal system.
What godel showed was the in a sufficiently power formal system, there will be statements that can't be derived, but which are still true in all models.
How can you know that a statement X is true in all models, if you can't derive X in the formal system?
You can use the formal system to talk about itself (which is like using a program to generate the text of another program to solve a problem, instead of writing a program to solve the problem directly), and derive the statement that "X is true in all models of the formal system". This is known as a second order proof.
Goedel's theorem can not stop you from discovering a formal proof for any mathematical principle that a person can informally recognize the truth of. Whether that proof is first order, second order, third order, ..., however, is up for grabs.
The other posts in which people go on about how goedel proved that people have souls because they can do something a machine can't (recognize the truth of a statement that can't be formally proved) are mistaken.
> So seriously, can anyone tell me what is so hard about automating a paper process that has ticks in boxes?
First of all, there is a huge payoff for any group that can subvert an election, so any voting system is going to have to be able to thwart very well funded efforts.
What is so simple about paper ballots is not how easy it is to vote, but how easy it is to scrutinize the whole process from end to end.
As soon as you try to use an electronic voting machine, you make it hard to scrutinize the voting process end-to-end and easy for well funded efforts to subvert.
I think if we are going to go the electronic route, we need to give voters a receipt that they can use to prove to themselves that their vote was counted correctly, but that can't be used to prove to others how they voted (http://www.punchscan.org/).
Then, we don't have to worry about making the machines secure against well funded efforts to subvert them, since we can tell whether the vote was counted incorrectly or not, and any subversion would be detected and void the election.
That sort of voting machine is very easy to design. You can use any old PC and the software has already been written.
Does anyone remember reading about a scheme for turning the usual QoS technique upside down?
That is, instead of marking packets you really care about (VoIP packets, say) high priority, you mark the ones you don't care that much (bittorrent downloads) about as low priority?
I recall reading about low priority marks having interesting advantages over high priority marks. It had to do with the high priority marks relying on perverse incentives (almost all routers would have to play by the rules and the more they did, the higher the payoff for not playing by the rules), while the low priority marks did not (you would start to see benefits if only a few routers amongst a sea of cheaters honored the concept).
That was beautiful!
There is nothing quite like turning their own argument around. I have never seen a better attempt to do that than the one you just wrote.
Not so fast. The publisher should be free to ask whatever price they want to when selling its books to book stores, and Amazon should be free to ask whatever price they want to when reselling the books.
Where does a publisher get off setting the price at which Amazon can sell books?
So the government is setting the price at which companies can sell books relative to a number the publisher gets to choose. That's still the government setting the price.
Why should the government give upstream suppliers any say in what downstream sellars charge?
Letting a company set whatever price it wants to on the goods it sells strikes you as capitialism-set-loose?
Failing to give small book sellars special protected status amounts to a dog-eat-dog-anything-goes free for all?
Really?
What it tells me is that the stated philosophy and the operating philosophy of a soceity are often at odds.
If Europeans were really as anti-capitalist as they let on, they would not have functioning economies.
So they have some other set of arguments and behaviors that stops regulation from getting out of hand.
Every soceity has its own set of issues on which it plays games like this.
"The net effect on the consumer? You can get Harry Potter or 2 dozen other titles for £2, but you're screwed if you want something else. I think it's fair to say that most /. readers want to buy books other than John Grisham, Harry Potter, and celeb biography du jour."
What about the net effect on the consumer of the government setting prices? How can Europeans give in so easily to the passage of so many rob-peter-to-pay-paul laws and still have functioning economies? I don't doubt that they have some way of restraining the effect of these laws and that they have powerful economies, but it must take some other form than making classic liberal arguments to prevent their passage. What form? Does anyone know?
Anyway, back to the argument at hand, how exactly am I screwed if I want to buy a wider range of books, absent this law? Living in the U.S. (without such a law), I have no problem buying a wide range of books cheaply.
OK. Here's my take on NN.
If you are a government annointed ISP monopoly (you were given huge subsidies and/or exclusive right-of-way to build your network), then it makes sense for the government to require you to have relatively simple and open billing policies and prevent you from playing games.
You wouldn't be allowed to charge someone a differnet rate for internet access because you thought they could pay more (like an electric company charging you more per kilowatt hour because your company making a lot of money, or giving you a discount on your bill because you bought a GE dishwasher and GE did a side deal with them), but you can charge more for a faster line.
If, however, you own a private network that wasn't given monopoly priviliges by the government, then you can make your billing arrangement however you like (third party deals out the wazoo) and the worst than can happen is your customers will get pissed and switch to one of your competitors.
First of all, thanks for starting with a clear explanation of what the problem is (AT&T pissed at google).
I worry about exactly how such a law would be written, however, if congress felt it had to act to preserve "net neutrality".
What should such a law say? What well-accepted principle should it be defending?
I don't think the issue is free speech. I think is has to do with government established infrastructure monopolies.
I would start by observing that certain companies were given the exclusive right to dig up the streets and lay fiber/cable or were given enormous subsidies to do so, and are therefore huge government established infrastructure monopolies.
If the government gave you the exclusive right to build infrastructure at huge taxpayer expense, then it is reasonable that you be required to operate in an open and non-discriminatory way. Imagine if power companies could charge different electricity rates to differnet companies/neighborhoods based on how much money they could afford to pay. Now THAT'S a principle everyone can agree on. I don't see what it has to do with free speech.
If however, your company built a private network without special government privilige and you sell services to the public (or you resell internet service and don't own the infrastructure) I see no reason why you shouldn't be able to offer internet connectivity that restricts which sites you can go to based on third party deals (say a hotel wants to prefer google as the search engine their guests can use so they block throttle yahoo and others and that google offsets the cost of the internet service at the hotel).
It's not that I want hotels to operate that way, it's that I think if some group of hotels tried to do that, it would be annoying enough that the hotels that didn't do that would get more customers.
In other words, I only see net neutrality as an issue when a monopoly on internet service exists. I only see that existing in the last mile because of cable companies being given exclusive right of way or other companies being given huge subsidies to build infrastructure.
An obfuscator is much easier to write from scratch than a compiler.
In an open source world, the defenders already have the upper hand against the attackers, because compilers like gcc are being modified so much that whatever static structure the trojan is keying off of can only last so long before it is re-written, defeating it.
My suggestion is for an additional measure that would give the defenders an even bigger advantage.
If you knew exactly how my obfuscator worked, you could probably write a compiler detector to defeat it. However, if I knew how your compiler detector worked, I could write an obfuscator to defeat that. The cycle could then repeat.
Which activity, though, is eaiser to do? I don't know how to prove it, but I think obfuscation is far eaiser than detection.
As the Anonymous Coward replying to me pointed out, writing a program that can always detect when another program is a compiler is as hard as detecting when another program is guaranteed to halt. In other words, it's undecidable.
How does the bugged compiler binary recognize the fact that it is compiling the source to a compiler?
In Thompson's case, he had it scan the source for recognizable text.
Defeat the "am I compiling a compiler?" test of the compiler binary and you are done.
All you need is a source code obfuscator. Randomize variable/function/file names, and insert red-herring calling sequences and recompile the source to the compiler to obtain a non-bugged compiler binary.
Writing a source code obfuscator (capable of defeating the compiler trojan's test) is much easier than writing the source to a compiler, and a great deal easier than hand composing a compiler binary.
I wonder what fraction of U.S. court servers run SAMBA as a critical service?
SAMBA happens to be a VERY useful piece of software, you know. It finds its way into all sorts of deployments and embedded devices.
Trying to shut down SAMBA on patent grounds may be like walking up to a judge and saying,"Your honor, I would like to present an argument that you are a filthy thief."
I would *love* to see MS try that!
I assumed this was about their not offering the source to some component they wrote, not failure to make the source code to busybox available, which I don't think they have modified.
I realize they have to make the source to busybox available under the GPL it they use it in their firmware.
It's not like the source to busybox is hard to come by. Only they can release the source to their custom components, however.
I thought the concensus was that in order to create a derived work of program X, you had to either modify some of X's source files, or write some code that linked against a some piece of X.
I am assuming that the company did not link against any busybox code, or modify it. They simply included it together with other programs that they wrote. In other words, mere aggregation as in:
"In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License."