[E-voting] Re: Re: a new voting system

Colm MacCarthaigh colm at stdlib.net
Thu May 17 15:17:09 IST 2007


On Thu, May 17, 2007 at 02:15:14PM +0100, vote at electronic-vote.org wrote:
> "ClearSoftware is a patent-pending method of writing,
> producing, publishing, distributing, installing and running
> software that ensures the total absence of any computing
> tricks that could produce unwanted results. 

This is fundamentally incompatible with the laws of physics. Electronic
components are simply too small and operate at too quick a time-scale
for any level of surity. 

You're making an extremely bold claim here, and are not willing to back
it up.  As such I think it is safe for us (and any investors) to assume
that it is complete nonsense. Either provide some detail so that we can
analyse your claims, or stop wasting our time.

> ClearSoftware allows the easy verification of such absence to anybody
> with a small knowledge of computing. ClearSoftware is not only
> applications software but also the whole operating environment in
> which they are executed  To be ClearSoftware compliant, a software
> must be 100% Open Source and it must adhere to several constraints". 

But if you are unwilling to subject the ClearSoftware process to the
very same level of open-ness and verifiability, what's the point?

It sounds like it might be some kind of signed binary byte-code with
compiler canaries and so on, or the addition of verifiable test code-paths
or a comubination of these and other standard means for ensuring that
compiled byte-code is the corresponding output from some known
source-code. 

All steps along these lines are pointless, even hardware signing and
checksum verification, like what TrustedComputing tried to achieve,
is pointless. We *still* can't verify the hardware non-destructively
or software non-exhaustively.

-- 
Colm MacCárthaigh                        Public Key: colm+pgp at stdlib.net



More information about the E-voting mailing list