Re: Richard Stallman is responsible for the shrinking economy

Chris H wrote:
In message <49ec75d4$0$26331$8404b019@xxxxxxxxxxxxxxx>, David Brown
<david@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> writes
Chris H wrote:
In message <49ec2c6c$0$26346$8404b019@xxxxxxxxxxxxxxx>, David Brown
<david@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> writes
Here's an article that might be of interest regarding the use of open
source software in safety-critical and security-critical software:

<http://www.embedded.com/211600582>

(I've started a new branch, because other branches are getting too deep
to look nice, and too long to find an appropriate leaf to reply to.)
As they are a suppler of Open Source and their business is in the
Ada
market it does make them rather biased doesn't it?

I know they are biased - I posted the link for interest, not because I
necessarily agree with all of it.

Also I disagree with some of their conclusions.

As do I.

This is a trick isn't it? :-))))


No, no - everyone else is at least partly mistaken. When people write opinion pieces, they are bound to differ occasionally from the facts I write.

There is a place for open source software, and a place for closed
source software.

I was thinking more of the development and test procedures. Than simply
FOSS or CCSS (Commercial Closed Source Software)


There is also a place for open development, and closed development, and open testing, and closed testing.

Something like the software for avionics would not benefit from being
open source (though I think the tools used should be open source - on
that point, we must agree to disagree).

Of course :-)

The developers of the avionics software have nothing to gain, but lots
to lose, by making their source freely available.

Lives in some cases. I kid you not.


You kid. Making the sources of their avionics software available to anyone will not make it unsafe - unless you are suggesting that avionics software typically contains such serious security flaws that "bad people" could disrupt its operation if they saw the code. If that were likely, then the developers should be *forced* to reveal their code - and forced to suffer the consequences of losing their contracts, validations, certifications, reputations, and whatever else they may have of value. You write security-critical code on the assumption that the "bad people" have read access to the source code.

However, their software *should* be clearly and directly available to
appropriate authorities and independent groups able to check the
correctness of the software. (That might already be the case, I don't
know that industry.)

It is for ALL safety critical SW as some one else has to verify it.


Fairy 'nuff.

Software for electronic voting machines should be available for
inspection for anyone who wants it.

I agree. That is to prove there are no back doors or cheating. Though
in the case of the US elections they have more pressing problems on
legitimacy.


That's certainly true - the voting machines are only a minor point in the gap between US elections and actual democracy (here's a hint for the uninitiated - a fair democratic election requires the same rules for everyone, not different machines and different laws for different people. It also requires that everyone's vote counts equally - that means that everyone votes at the same time, and *no* votes are counted or even predicted until all voting is closed).

It should not necessarily be under an open source license - there
should be no requirement that I can download the software and re-use it
in other projects, or for building a rival machine.

I agree.

But I should be able to download the source for any voting machine I
use, and inspect that source. I should be able to compile it and test
it myself, and look for backdoors and flaws.

Yes. A good idea in this scenario.

Groups purchasing such machines should be able to compile the source
code and compare it to the binary in the machines themselves, to verify
that the machines are running the same code (note that this is a
different thing from being able to compile and install their own
binaries - they should be able to verify the binary,

An independent observer should. There are many who would love to be able
to get hold of the SW amend it and load it to the machines in their
area.


*Anyone* with physical access to the machine (such as election workers, and independent observers - preferably from other countries) should be able to verify the binary. In fact, I believe that any voter should be able to do this too. It could be done in a simple process - the person checking the software would enter a phrase of their choosing. The software would use that to initialise the shift register of a very wide CRC check (or other hash algorithm), and run its binary through the CRC, and print out the checksum. The voter could download the source code from the manufacturers, compile it using the compiler version used by the manufacturers (which would be a specified version of gcc, letting people check the code there too if they want), generate an identical binary himself, and do the same checksum at home. Of course, that would only verify that the expected binary is on the machine, not necessarily that it is the code that is running - somewhere along the line, you have to trust the election officials.

Actually uploading new software to the machines should only be possible for independent observers, preferably from another country.

Alternatively, they could just apply the same rules and rigour that the state of Nevada does when certifying gambling machines.

but changing it should be a carefully controlled procedure).

Hanging offence I think to tamper with voting equipment. (At least it
should be. )


That sounds like a fair and balanced view...
.

Relevant Pages

  • Open source (was: Richard Stallman is responsible for the shrinking economy)
    ... As they are a suppler of Open Source and their business is in the ... It is for ALL safety critical SW as some one else has to verify it. ... not different machines and different laws for different ... *Anyone* with physical access to the machine (such as election workers, ...
    (comp.arch.embedded)
  • Re: Richard Stallman is responsible for the shrinking economy
    ... Something like the software for avionics would not benefit from being open source ... Groups purchasing such machines should be able to compile the source code and compare it to the binary in the machines themselves, to verify that the machines are running the same code. ...
    (comp.arch.embedded)
  • Re: the exploit that wasnt
    ... The other Mac Book Pro? ... brought Microsoft into a security discussion about Mac OS X. ... The number of security patches, ... if you were to scan random machines on the internet for a week, how many Unix machines do you believe you would hit? ...
    (comp.sys.mac.advocacy)
  • Re: Cryptogram Comment
    ... Or had to go through setting up basic security for their ... > bother me with Windows questions. ... > machines are broken. ... and Linux and other open OS's make all patches FREE to redistribute. ...
    (sci.crypt)
  • Re: Temporary Ban On Links In Posts To SRI
    ... understand that there is a risk when clicking ... low)" in the general case does not apply to SRI. ... implement the security measures recommended. ... update" even with machines that are restricted to only applications ...
    (soc.religion.islam)