I think time not only proved Tannanbaum wrong, but gave him a huge ass-whooping, and made him go into the kitchen and make him a pot-pie!
Whatever "theoretical" basis may be true - the practical reality has told us otherwise.
Below is a 1992 email debate between Torvalds and Tannanbaum.
http://www.oreilly.com/catalog/opensources/book/ap pa.html
Q: The PowerPC specification is open? How long has it been open?
A: It has been open since its inception; the architecture specifies an instruction set architecture (ISA) that allows anyone to design and fabricate PowerPC-compatible processors, and source code for software modules developed in support of PowerPC is freely available.
From: http://www-128.ibm.com/developerworks/power/newto/
So if by "open", they mean "the architecture specifies an instruction set architecture (ISA) that allows anyone to design and fabricate compatible processors" - - Doesn't that mean EVERY architecture is "open"??
I am definitiely not the expert on this - so don't take my comments as the absolute authority:
Part of the system was that you had one list of people who voted - and another of votes. The two cannot be corrilated - but if the two lists weren't the same size - that's a problem. (to certian degree).
Also - there was also some timestamp - or index-stamp on each receipt. So they couldn't be duplicated.
[And everything was cryptographically signed].
I had actually just borroed the book from someone - so I can't even refer back to it - but I thought it was a great system!
Here's they key point:
The system relied on:
1. Full, public disclosore of all voting information
2. Individual people auditing the system - making sure their vote was cast and counted correctly.
i.e. (to my previous point) it was the voting system, or infrastructure which made it work - not the security of the individual machines, or ballot boxes.
There was a very popular book (I believe now out of print - published in 1994 - "Applied Cryptography".)
In it - it had a very good example of "secure voting". (I believe this concept has been published/discussed outside of this text - sorry to those who might have came up with it.)
To try to summarize (removing cryptographic references where possible) - everyone gets a "ticket" saying they voted - and everyone gets a (separate, non-trackable) "ticket" saying *what* they voted for.
Lists of both "tickets" are made public.
Anyone and everyone can verify that their vote was cast and recorded properly.
The point here - is that the the security in the system isn't in the machine, but rather in the system.
Wouldn't that make more sense??
I hate this idea. Clustering - okay. But SMP? No way. The more CPUs - the more points-of-failure - and for SMP - that bring everything down.
Can you imagine the MTBF on a puppy like this?!
Now if were talking about two-by-n redundancy - (or something of the equiv.) - that's a whole other story - but now were not just talking CPUs - caches too.
But since that technology itself is more complicated than just copy-and-pasting a bunch of cores - I don't think that's the kind of think that can be "slapped-in" at the last minute - nevermind the software implications...
Slashdot Mirror
I think time not only proved Tannanbaum wrong, but gave him a huge ass-whooping, and made him go into the kitchen and make him a pot-pie! Whatever "theoretical" basis may be true - the practical reality has told us otherwise. Below is a 1992 email debate between Torvalds and Tannanbaum. http://www.oreilly.com/catalog/opensources/book/ap pa.html
I read this and assumed they were naturally talking about the AT&T Wireless + Cingular merger...
Part of the system was that you had one list of people who voted - and another of votes. The two cannot be corrilated - but if the two lists weren't the same size - that's a problem. (to certian degree).
Also - there was also some timestamp - or index-stamp on each receipt. So they couldn't be duplicated. [And everything was cryptographically signed]. I had actually just borroed the book from someone - so I can't even refer back to it - but I thought it was a great system! Here's they key point: The system relied on:
1. Full, public disclosore of all voting information
2. Individual people auditing the system - making sure their vote was cast and counted correctly. i.e. (to my previous point) it was the voting system, or infrastructure which made it work - not the security of the individual machines, or ballot boxes.
It's just annoying because there are things like "Will the government ever replace DES?" - and no mention of SHA, AES, etc...
There was a very popular book (I believe now out of print - published in 1994 - "Applied Cryptography".) In it - it had a very good example of "secure voting". (I believe this concept has been published/discussed outside of this text - sorry to those who might have came up with it.) To try to summarize (removing cryptographic references where possible) - everyone gets a "ticket" saying they voted - and everyone gets a (separate, non-trackable) "ticket" saying *what* they voted for. Lists of both "tickets" are made public. Anyone and everyone can verify that their vote was cast and recorded properly. The point here - is that the the security in the system isn't in the machine, but rather in the system. Wouldn't that make more sense??
Is it me - or did that post make no sense...
I hate this idea. Clustering - okay. But SMP? No way. The more CPUs - the more points-of-failure - and for SMP - that bring everything down.
Can you imagine the MTBF on a puppy like this?!
Now if were talking about two-by-n redundancy - (or something of the equiv.) - that's a whole other story - but now were not just talking CPUs - caches too.
But since that technology itself is more complicated than just copy-and-pasting a bunch of cores - I don't think that's the kind of think that can be "slapped-in" at the last minute - nevermind the software implications...