The requirements to verify the voting process if voting machines are used: electrical engineer and programmer proficient in all related languages and access to the source code, months of time verifying the voting machine, then making sure the voting machine used at the election is the same one you verified.
This is only needed to ensure that fraud won't happen (note future tense), but it's actually a lot easier if you just want to detect if it did happen (past tense, after the fact). If the machine prints a paper receipt, shown to the user as confirmation, but behind glass, which then automatically goes into a lock box, you can open up the lock box and count the votes to verify the count on the computer. Just have a standing policy of doing this to a randomly selected sample of machines, and you'll catch any significant activity. Of course it will be after the fact, but then you just throw some people in jail, and hold a new election.
This should be done regardless of how hard you make it to infect the machine in the first place, and I consider it extremely irresponsible that most of these machines don't do this. Every store's checkout cashier and ATM in the country prints receipts, how hard could it be to put those on the voting machines as well?!?! That the manufacturers didn't do it as a matter obvious necessity makes me want to break out the tinfoil hat.
Yup, and here's the links showing how to hack their voting machines: http://video.google.com/videoplay?docid=8673726680 080882009&hl=en
More info: http://itpolicy.princeton.edu/voting/
This is *extremely* scary stuff. Not just theoretical, these guys have working code which proves you can steal votes without detection -- it lies dormant during the testing phase, and only "activating" during the real election.
It doesn't have to be like this -- electronic voting *can* be done properly (confirmation sheet behind a glass plate which goes into a lock box), but the approach being taken is inexcusably irresponsible of both the gov't purchasers and manufactures, to the degree it makes me extremely suspicious of the motivations of those involved. Especially, if you remember, when the CEO of the Diebold makes statements like he is "committed to helping Ohio deliver its electoral votes to the president next year" in a fundraising pitch. http://money.cnn.com/2004/08/30/technology/electio n_diebold/
I am proud of our military's performance in Iraq. The lightning attack, the shock and awe, prying Saddam out of a hole. You can't blame them for the civil war.
Right, the military did its job well enough. (in that their job isn't supposed to be as a police force and cultural ambassadors, so we can't really blame them for mishaps there)
Its the administration which screwed up by putting them there in the first place, and expecting a friendly democracy to sprout out of the wasteland. Perhaps someone should tell the "I listen to the voices in my head" president to grow up and *think* about his decisions, but I guess that would mean he'd have to take responsibility for the mistakes instead of brushing them off as the will of God or some crap like that.
God damn it people, the man started a war based on faulty evidence and made us far more enemies than ever before -- performance that would make a moral man shudder at the scope of his errors, damage, deaths he caused, and resign in apology to the American people. Instead this guy runs again, and we re-elect him. The first is bad enough. The second is just sickening that so many people would reward that performance.
Does anyone still remember that the enemy was in Afghanistan? You know, that Osama guy that attacked us and we still haven't found? The enemy who wasn't in Iraq, but is now that we've pissed them off and they've found new allies against us?
You can complain to me about senators thinking critically and re-evaluating decisions (aka "flip-flopping") as people play games with bills like adding unassociated riders to bills for funding the troops when there aren't much bigger problems being caused by your party.
I'd say the "tech savvy" quotient of Macs is going up as those with a clue switch from "don't know the options (running windows)" and move to a Mac instead. The un-savvy stay behind. It's about wanting to use your computer to get stuff done instead of living in fear of hackers, viruses, malware, and paying out the nose for more software because you can't run the open source stuff as readily. But it's also about not *having* to spend time learning about minutia, unless you really want to, in which case you can tweak away almost as well as Linux. It's a very happy medium.
I'm doing a Ph.D. in CS, and as far as I'm concerned the Mac is ideal, and I've been seeing many more of my fellow students jumping to OS X than I ever thought I would, and this is definitely a savvy crowd.
WTF are you talking about? My memory is a little fuzzy about the OS9 days, *perhaps* there was some issue with forward delete back then. (I seem to remember running some extension that made forward delete work right consistently, so it wasn't an issue for me anyway...)
But I've never seen forward delete not do what you expect in OS X, that much I know for sure. The only place I can think of where I've seen an issue is that some console programs/shells don't handle the terminal emulation quite right, but that's a broader historical issue, and not specific to OS X in any case. Not that most people who would care do care, because we type ctl-D instead. (Which, incidentally, works outside of the console in normal Cocoa GUI text boxes as well)
You're confusing Asia with the Middle East...
As the tourist T-shirts go, Singapore is a "fine" city -- they'll just give you a fine for something like that. They reserve the more corporal punishments for truly criminal acts where there's no doubt you should know better but did it anyway. You might spit if you get some sand in your mouth, but you don't "accidentally" graffiti someone's car. (and repeated offenses in the case of the dumbass who finally got himself caned a few years back)
Yeah add me to the list of people who never touched windows during their CS program. Our faculty did a good job of letting us choose our own development platform, and I chose Linux at first, and OS X shortly after it came out. When we did group work in the computer cluster, Linux was the common ground. Nowadays, Windows users are becoming such a scarce commodity around here, I keep surprising myself when I'm reminded how the business world is still putting up with Windows. Thbtbtbt.
Do these low-end iMacs still support screen spanning? (I know the other Intel iMac models do)
For a $20 mini-dvi adapter, grab a CRT, double your screen space for cheap. (assuming your university has loads of old CRTs sitting around (I know mine does...))
I think it's also important to keep in mind whether people are talking about "theoretical" security, or "practical" security. Theorists are concerned with being impenitrable by nature, with as few secrets on your part as possible -- the assumption being that the spread of information is inevitable. In this view, obscurity is only a short-term, O(1), solution.
Of course, we all know there's a big difference between theory and practice... I agree that obscurity is a valuable tool in the arsenal, but it's only a bandaid compared to the theory side of things... obscurity may protect you against the common script kiddie nuisance, but you need theory to protect you against the professional cracker, which is the real danger to whatever you're trying to protect.
From that perspective, one could argue it's better to let the script kiddies bang on your system to ensure it's secure. If they do get through, the worst you get is a spambot or some other relatively obvious, but minor, mess to clean up, and you know you've got a hole to fix. But if you left that unknown hole sitting around, when the real cracker comes, he's going after your corporate business plans and new prototypes, and he's probably not going to be as obvious about it... which leaves you in for a surprise when your competitors beat you to market with a cheap copy of what you've been working on, costing you far more than the script kiddie cleanup ever would. Just a thought.
I think if you get a utility* to make a preview icon**, it can run through your files and store these icons so the Finder doesn't have to recompute them. I agree with your complaint though -- I had the same problem with big TIFF files on a USB drive just yesterday.
Also, as for PhotoShop files, there's a preference item (Preferences -> "File Handling", select "Full Size") to have it generate the preview icons automatically when it first saves the file.
* I like versiontracker
** e.g. GraphicConverter has a function for this
Trust me, OS X runs fine on a 700MHz iBook -- I'm posting from one right now, and I throw a lot of serious work on it. (I'm a grad student -- software research & development, graphics for posters & papers, web stuff) The OS on this hardware is no problem at all. Even the 300 MHz Blue & White G3 I started with is still usable for the basics, but I admit I wouldn't be able to work on it.
Personally, I agree with you. Basically this boils down to "don't trust the user". That's fine in big corporate environments where there's a separate department of office monkeys dedicated to each task which needs to be done, but it's going to be a pain in the ass (for both worker and administrator) in a smaller environment where people need to be flexible in their work routine.
Most days I write software, some days I try out new libraries or sample code, some days I work on web pages, some days I write papers, some days I do graphics. I appreciate it if the computer has a watchful eye to cover my backside, but I would be very annoyed if it blocks my activities outright and I have to run to the nanny every time I need some permission to do something new.
In that vein, each of the points has some applicability, but it's pretty obvious. Confirm unusual activity, address causes not just symptoms, write good code, test the waters. No duh. And if you're a sysadmin and don't want to do any work, lock all the computers in a closet and give everyone an abacus. It's easy to preach security by removing functionality.
And just food for thought -- #6 (test the waters) conflicts with #3 (redesign) and #4 (don't crack). #3 because redesigning code has a tendancy to just reopen old wounds as much as fix potential problems -- you're trading the well-known for the cutting edge, which is exactly what #6 advises against. #4 because you can't expect people to know how to do things "right" without first learning from others' mistakes -- learning current security problems and how they are exploited *is* important. It has nothing with being "cool". It's useful information.
You know, Sony is supporting development of new software for the AIBO (*) You can create new personalities using high level tools like R-Code, or download their software development kit (for free!) and code in C++. It's an impressive piece of hardware.
If you're interested in the low level processing, which allows direct processing of the camera images, networking support, real-time control of joints, etc., then of course I'm going to recommend the software framework I'm currently working on: Tekkotsu. However, there are number of other options available as well. (see my prior post)
Anyway, we'd always like to have more developers -- help show Sony there are advantages to opening their source code!
(* or at least now they are, originally they didn't like the idea so much, but they seem to have gotten over it somewhat -- hardware is still tightly locked down, but the software interface is pretty available)
It's easy to write code for an AIBO... there's a number of open source software frameworks for this great hardware platform -- although of course my favorite would be my own: Tekkotsu
And it's all supported by Sony -- no hacking required!
There's a variety of levels you can code at as well -- there's several high-level scripting languages like URBI, R-Code, and even a coupleupcoming Python interfaces, as well as a number of low-level C/C++ interfaces (e.g. Tekkotsu) which can run onboard and directly process every bit and byte, or remote control from your PC for maximum horsepower.
Well, I did watch the final German vs. CMU exhibition match on ESM ( http://esm.cs.cmu.edu/ ), and that game was 2-0 for the germans, so I bet the robocup article was posted without having been proofed.
In addition, if the GP says (s)he's from UT Austin and didn't play the Germans [implying "at all"], then I would tend to believe that this means the original article screwed up the names.
I had a shell script that, on a certain command, was supposed to erase the contents of a directory specified by the user. E.g.: rm -rf ${dir}/*
Looks reasonable, right? Except one very important user happens to type a space at the end of the directory name, guess what that expands to? rm -rf/path/to/dir/*
Not only deletes the directory itself (least of concerns at this point), but/* as well!
Sigh. Moral of the story? Be very very careful with user input: rm -rf "${dir}/"*
Also, we now prepend the command with a "are you sure" dialog, listing the command about to be executed, just in case.
Fact of the matter is, 70% (my guess) of Kerry supporters only support him because they think he is better then Bush.
Of course, voting for someone else because you THINK they are better can NOT be a good thing.
Even if most Kerry supports simply think Kerry the lesser of two evils Bush, that's a problem with the two party system, not Kerry. The point of the vote is to pick the best candidate, even if they both suck.
My personal thought is better the questionable evil than the known one.
Although I tend to agree with Republicans on financial matters, Bush is over the deep end on spending - I don't think the guy can think beyond the short term, which shows up in many other matters, such as the war. The thought of him as a lame-duck is just scary - and even if I don't think Kerry is perfect, I'm confident he won't be as bad.
Kerry says one thing, his 20 year senate record says another.
I'd rather have a President who is willing to apply critical thinking and change his position when new information is available than a president who stubbornly sticks to his guns when everything is falling down around him.
Or, another way to look at it is that Kerry is willing to represent the will of the people, and follow when the people change their minds.
Or, yet another view is that Kerry is willing to bite the bullet and vote against a badly written bill (such as the funding bill which gave a no-bid contract to Halliburton) even if it's going to look bad to the unthinking press ("OMG! Kerry votes against funding the troops!" - well, he voted against one bad plan for funding the troops (and bush's cronies), doesn't mean he didn't want to fund them, just do it a different way)
Well, with a laptop you can get kind of close...
http://www.tekkotsu.com/TekkotsuMon.html#WalkGUI
But not quite as slick as a hand held remote control...
or a framework which builds on top of the SDK:
Tekkotsu
The goal of the Tekkotsu project is to eventually be able to train a robot like a dog. It's open-source, so you can try your hand at it if you think it should be easy;)
For those of you who would like to do research with real world data, but don't want to spend time actually building the robot before you can use it - the Aibo is a great platform.
Slashdot Mirror
This should be done regardless of how hard you make it to infect the machine in the first place, and I consider it extremely irresponsible that most of these machines don't do this. Every store's checkout cashier and ATM in the country prints receipts, how hard could it be to put those on the voting machines as well?!?! That the manufacturers didn't do it as a matter obvious necessity makes me want to break out the tinfoil hat.
Yup, and here's the links showing how to hack their voting machines:0 080882009&hl=en
o n_diebold/
http://video.google.com/videoplay?docid=867372668
More info: http://itpolicy.princeton.edu/voting/
This is *extremely* scary stuff. Not just theoretical, these guys have working code which proves you can steal votes without detection -- it lies dormant during the testing phase, and only "activating" during the real election.
It doesn't have to be like this -- electronic voting *can* be done properly (confirmation sheet behind a glass plate which goes into a lock box), but the approach being taken is inexcusably irresponsible of both the gov't purchasers and manufactures, to the degree it makes me extremely suspicious of the motivations of those involved. Especially, if you remember, when the CEO of the Diebold makes statements like he is "committed to helping Ohio deliver its electoral votes to the president next year" in a fundraising pitch.
http://money.cnn.com/2004/08/30/technology/electi
Its the administration which screwed up by putting them there in the first place, and expecting a friendly democracy to sprout out of the wasteland. Perhaps someone should tell the "I listen to the voices in my head" president to grow up and *think* about his decisions, but I guess that would mean he'd have to take responsibility for the mistakes instead of brushing them off as the will of God or some crap like that.
God damn it people, the man started a war based on faulty evidence and made us far more enemies than ever before -- performance that would make a moral man shudder at the scope of his errors, damage, deaths he caused, and resign in apology to the American people. Instead this guy runs again, and we re-elect him. The first is bad enough. The second is just sickening that so many people would reward that performance.
Does anyone still remember that the enemy was in Afghanistan? You know, that Osama guy that attacked us and we still haven't found? The enemy who wasn't in Iraq, but is now that we've pissed them off and they've found new allies against us?
You can complain to me about senators thinking critically and re-evaluating decisions (aka "flip-flopping") as people play games with bills like adding unassociated riders to bills for funding the troops when there aren't much bigger problems being caused by your party.
I'd say the "tech savvy" quotient of Macs is going up as those with a clue switch from "don't know the options (running windows)" and move to a Mac instead. The un-savvy stay behind. It's about wanting to use your computer to get stuff done instead of living in fear of hackers, viruses, malware, and paying out the nose for more software because you can't run the open source stuff as readily. But it's also about not *having* to spend time learning about minutia, unless you really want to, in which case you can tweak away almost as well as Linux. It's a very happy medium.
I'm doing a Ph.D. in CS, and as far as I'm concerned the Mac is ideal, and I've been seeing many more of my fellow students jumping to OS X than I ever thought I would, and this is definitely a savvy crowd.
WTF are you talking about? My memory is a little fuzzy about the OS9 days, *perhaps* there was some issue with forward delete back then. (I seem to remember running some extension that made forward delete work right consistently, so it wasn't an issue for me anyway...)
But I've never seen forward delete not do what you expect in OS X, that much I know for sure. The only place I can think of where I've seen an issue is that some console programs/shells don't handle the terminal emulation quite right, but that's a broader historical issue, and not specific to OS X in any case. Not that most people who would care do care, because we type ctl-D instead. (Which, incidentally, works outside of the console in normal Cocoa GUI text boxes as well)
You're confusing Asia with the Middle East...
As the tourist T-shirts go, Singapore is a "fine" city -- they'll just give you a fine for something like that. They reserve the more corporal punishments for truly criminal acts where there's no doubt you should know better but did it anyway. You might spit if you get some sand in your mouth, but you don't "accidentally" graffiti someone's car. (and repeated offenses in the case of the dumbass who finally got himself caned a few years back)
Yeah add me to the list of people who never touched windows during their CS program. Our faculty did a good job of letting us choose our own development platform, and I chose Linux at first, and OS X shortly after it came out. When we did group work in the computer cluster, Linux was the common ground. Nowadays, Windows users are becoming such a scarce commodity around here, I keep surprising myself when I'm reminded how the business world is still putting up with Windows. Thbtbtbt.
Do these low-end iMacs still support screen spanning? (I know the other Intel iMac models do)
For a $20 mini-dvi adapter, grab a CRT, double your screen space for cheap. (assuming your university has loads of old CRTs sitting around (I know mine does...))
I think it's also important to keep in mind whether people are talking about "theoretical" security, or "practical" security. Theorists are concerned with being impenitrable by nature, with as few secrets on your part as possible -- the assumption being that the spread of information is inevitable. In this view, obscurity is only a short-term, O(1), solution.
Of course, we all know there's a big difference between theory and practice... I agree that obscurity is a valuable tool in the arsenal, but it's only a bandaid compared to the theory side of things... obscurity may protect you against the common script kiddie nuisance, but you need theory to protect you against the professional cracker, which is the real danger to whatever you're trying to protect.
From that perspective, one could argue it's better to let the script kiddies bang on your system to ensure it's secure. If they do get through, the worst you get is a spambot or some other relatively obvious, but minor, mess to clean up, and you know you've got a hole to fix. But if you left that unknown hole sitting around, when the real cracker comes, he's going after your corporate business plans and new prototypes, and he's probably not going to be as obvious about it... which leaves you in for a surprise when your competitors beat you to market with a cheap copy of what you've been working on, costing you far more than the script kiddie cleanup ever would. Just a thought.
Also, as for PhotoShop files, there's a preference item (Preferences -> "File Handling", select "Full Size") to have it generate the preview icons automatically when it first saves the file.
* I like versiontracker
** e.g. GraphicConverter has a function for this
Trust me, OS X runs fine on a 700MHz iBook -- I'm posting from one right now, and I throw a lot of serious work on it. (I'm a grad student -- software research & development, graphics for posters & papers, web stuff) The OS on this hardware is no problem at all. Even the 300 MHz Blue & White G3 I started with is still usable for the basics, but I admit I wouldn't be able to work on it.
Personally, I agree with you. Basically this boils down to "don't trust the user". That's fine in big corporate environments where there's a separate department of office monkeys dedicated to each task which needs to be done, but it's going to be a pain in the ass (for both worker and administrator) in a smaller environment where people need to be flexible in their work routine.
Most days I write software, some days I try out new libraries or sample code, some days I work on web pages, some days I write papers, some days I do graphics. I appreciate it if the computer has a watchful eye to cover my backside, but I would be very annoyed if it blocks my activities outright and I have to run to the nanny every time I need some permission to do something new.
In that vein, each of the points has some applicability, but it's pretty obvious. Confirm unusual activity, address causes not just symptoms, write good code, test the waters. No duh. And if you're a sysadmin and don't want to do any work, lock all the computers in a closet and give everyone an abacus. It's easy to preach security by removing functionality.
And just food for thought -- #6 (test the waters) conflicts with #3 (redesign) and #4 (don't crack).
#3 because redesigning code has a tendancy to just reopen old wounds as much as fix potential problems -- you're trading the well-known for the cutting edge, which is exactly what #6 advises against.
#4 because you can't expect people to know how to do things "right" without first learning from others' mistakes -- learning current security problems and how they are exploited *is* important. It has nothing with being "cool". It's useful information.
You know, Sony is supporting development of new software for the AIBO (*) You can create new personalities using high level tools like R-Code, or download their software development kit (for free!) and code in C++. It's an impressive piece of hardware.
If you're interested in the low level processing, which allows direct processing of the camera images, networking support, real-time control of joints, etc., then of course I'm going to recommend the software framework I'm currently working on: Tekkotsu. However, there are number of other options available as well. (see my prior post)
Anyway, we'd always like to have more developers -- help show Sony there are advantages to opening their source code!
(* or at least now they are, originally they didn't like the idea so much, but they seem to have gotten over it somewhat -- hardware is still tightly locked down, but the software interface is pretty available)
It's easy to write code for an AIBO... there's a number of open source software frameworks for this great hardware platform -- although of course my favorite would be my own: Tekkotsu
And it's all supported by Sony -- no hacking required!
There's a variety of levels you can code at as well -- there's several high-level scripting languages like URBI, R-Code, and even a couple upcoming Python interfaces, as well as a number of low-level C/C++ interfaces (e.g. Tekkotsu) which can run onboard and directly process every bit and byte, or remote control from your PC for maximum horsepower.
Well, I did watch the final German vs. CMU exhibition match on ESM ( http://esm.cs.cmu.edu/ ), and that game was 2-0 for the germans, so I bet the robocup article was posted without having been proofed.
In addition, if the GP says (s)he's from UT Austin and didn't play the Germans [implying "at all"], then I would tend to believe that this means the original article screwed up the names.
I had a shell script that, on a certain command, was supposed to erase the contents of a directory specified by the user. E.g.: /path/to/dir /* /* as well!
rm -rf ${dir}/* Looks reasonable, right? Except one very important user happens to type a space at the end of the directory name, guess what that expands to?
rm -rf
Not only deletes the directory itself (least of concerns at this point), but
Sigh. Moral of the story? Be very very careful with user input:
rm -rf "${dir}/"*
Also, we now prepend the command with a "are you sure" dialog, listing the command about to be executed, just in case.
It could happen to you!
My personal thought is better the questionable evil than the known one.
Although I tend to agree with Republicans on financial matters, Bush is over the deep end on spending - I don't think the guy can think beyond the short term, which shows up in many other matters, such as the war. The thought of him as a lame-duck is just scary - and even if I don't think Kerry is perfect, I'm confident he won't be as bad. I'd rather have a President who is willing to apply critical thinking and change his position when new information is available than a president who stubbornly sticks to his guns when everything is falling down around him.
Or, another way to look at it is that Kerry is willing to represent the will of the people, and follow when the people change their minds.
Or, yet another view is that Kerry is willing to bite the bullet and vote against a badly written bill (such as the funding bill which gave a no-bid contract to Halliburton) even if it's going to look bad to the unthinking press ("OMG! Kerry votes against funding the troops!" - well, he voted against one bad plan for funding the troops (and bush's cronies), doesn't mean he didn't want to fund them, just do it a different way)
Well, with a laptop you can get kind of close... http://www.tekkotsu.com/TekkotsuMon.html#WalkGUI But not quite as slick as a hand held remote control...
System SDK: OPEN-R
or a framework which builds on top of the SDK: Tekkotsu
The goal of the Tekkotsu project is to eventually be able to train a robot like a dog. ;)
It's open-source, so you can try your hand at it if you think it should be easy
For those of you who would like to do research with real world data, but don't want to spend time actually building the robot before you can use it - the Aibo is a great platform.
There's a free software development kit from Sony as well as an application framework to get you jump-started.