[EM] An urgent plea for your assistance -- this is NOT spam!]

David GLAUDE dglaude at gmx.net
Mon Dec 15 13:55:42 PST 2003

Does anybody here believe a vendor will make any effort to write clean, 
standard, bug free, documented code if there is no reward for it, no 
penalty for ugly non-verifiable code and only insider will have a look 
at it?

Open Source, not Free Software (prefered) is the solution:
1) Only expert can read the code... 99.9% of the population must trust 
the other.
2) Durring the election, there is no way to know what software do run in 
the computer.

We have the code of Belgian e-voting system and we are unhappy with it:

Casual inspection off the code reveals obvious errors (3),(5) from which 
we deduce scant peer review of the code, if any, has taken place. Nor do 
we see evidence that somebody has tackled the problem of creating 
entropy for the encryption keys (2). Also troubling is the fact that 
keeping the voting anonymous isn't high on the priorities list: global 
and stack variables are not zeroed after their useful lifetime has 
expired (1).

1) You do NOT vote in secret.
2) Generating entropy is a detail left to the compiler, if at all.
3) Using variables outside their defined scope.
4) There's not enough space to write a 64-bit hash to the card, so only 
24 bits get written.
5) another OBVIOUS error that has escaped peer review:

As computer scientist... the one I like best is
void Generate_Mav_Session ()
    randomize();                // initializes random number generator

    for( int i=0; i < DESKEYLEN; i++)
       mavSessionKey [i] = random( 10) + '0'; // '0' to '9' is possible

    mavSessionKey [i] = 0;

A real compiler should not accept that...
After the loop, "i" should be undefined.
So saying "mavSessionKey [i] = 0;" should not compile and if it is 
compiled, then the behaviour is undefined and maybe unpredictable.

Will it be DESKEYLEN-1? DESKEYLEN? or DESKEYLEN+1? or it depend on stack 
usage durring interrupt (IRQ).


Forest Simmons wrote:
> On Mon, 15 Dec 2003, Dave Ketchum wrote:
>>      Further, if we frown on vendors copying each other - if we buy only
>>open source then all can see whether there is any copying.
> What computer scientist would be so stupid that he couldn't figure out how
> to write a "For Loop" for adding up a bunch of numbers?
> That's the first assignment in computer science 101.

More information about the Election-Methods mailing list