[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Target audience and security (was: Re: [Demexp-dev] Thoughts on voti

From: William Neumann
Subject: Re: Target audience and security (was: Re: [Demexp-dev] Thoughts on voting machines)
Date: Tue, 21 Sep 2004 14:16:22 -0600

On Sep 21, 2004, at 12:54 PM, David MENTRE wrote:

We need a very very strong security. Enough security that you, as a
computer literate people, would trust the system. Enough peer review
that people would have confidence in it.

I'd change that to "Enough security that a group of competent cryptologists and computer security experts would trust the system". It's been shown by the WEP debacle and many, many other broken protocols that computer literacy is not even close to ensuring security (I mentioned the video of the Crypto rump session in an earlier message, in it John Black gives two entertaining talks on how otherwise computer literate and intelligent people demonstrate how easy it is to screw up crypto and security, they are also well worth watching). I do plan on looking over the existing security plans that were posted earlier on the mailing list and giving my opinions, but I won't be able to get to it until October at the earliest (end of the fiscal year at work == busy, busy, busy). But even I would not trust my own approval until a few other folk that I trust and respect also look it over and give it the thumbs up.

There is another group out there (I'll be darned if I can remember their name, but I'll look through my notes) that is trying to use crypto to help foster free speech and the free exchange of ideas in less than free countries. They might be willing to donate some eyes to look over any proposals we may hammer out. Of course, they were looking for volunteers too, last I heard, so you might have to trade resources to get their help...

William D. Neumann

"You've got Rita Marlowe in the palm of your hand."
"Palm of my hand?  You haven't seen Rita Marlowe..."

                -- Will Success Spoil Rock Hunter?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]