Re: [Moshe Zadka <m@moshez.org>] Independent Count

To: debian-devel@lists.debian.org
Subject: Re: [Moshe Zadka <m@moshez.org>] Independent Count
From: Manoj Srivastava <srivasta@debian.org>
Date: Mon, 24 Mar 2003 15:26:34 -0600
Message-id: <[🔎] 87isu88nhx.fsf@glaurung.green-gryphon.com>
In-reply-to: <[🔎] 200303241958.45729.russell@coker.com.au> (Russell Coker's message of "Mon, 24 Mar 2003 19:58:45 +0100")
References: <878yv4agin.fsf@glaurung.green-gryphon.com> <[🔎] 20030324165614.GC29474@khazad-dum.debian.net> <[🔎] 200303241958.45729.russell@coker.com.au>

>> On Mon, 24 Mar 2003 19:58:45 +0100,
>> Russell Coker <russell@coker.com.au> said: 

 > Given that the hashing prevents the secretary from altering a cast
 > vote, how would a malicious secretary fake a vote?

 > They would cast a vote on behalf of a non-voting developer.
 > Obtaining a list of MIA developers is not too difficult.  If
 > someone does not vote then they may not notice if the voting talley
 > indicates that they cast a vote.

	Any audit would show such a vote was added; unless you think
 the secretary can forge a signature from the non-voting member.

 > Is the secretary in a position to add votes to the talley without
 > confirmation messages being sent out or in a position to subvert
 > email to @debian.org addresses to make sure that such mail does not
 > reach it's destination?  If so then they could concievably fake
 > some votes without much risk of getting caught.  I expect that
 > almost no-one checks to make sure that the fact that they did not
 > vote was correctly registered...

	I don't see how this would help. So, I forge logs that say
 mail came in, and ack went out (I can't, but for the sake of
 argument). The people who check logs weould also check the ballot,
 and unless I managed toforge the sig, I shall be caught.

	Does ability to forge mail logs change this? no.

 > To check the actions of the secretary someone else needs access to
 > the signed vote records to ensure that every registered vote is the
 > result of a signed email.

	Any one who has root on master has access.

	Of course, someone has to check the work done by the
 secretary; but this person should not be known in advance, to prevent
 collusion.


	The question then becomes: who watches the watcher?

	manoj
-- 
Hale Mail Rule, The: When you are ready to reply to a letter, you will
lack at least one of the following: A pen or pencil or
typewriter. Stationery. Postage stamp. The letter you are answering.
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to:

References:
- Re: [Moshe Zadka <m@moshez.org>] Independent Count
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: [Moshe Zadka <m@moshez.org>] Independent Count
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: Bug#185997: ITP: gnome-ticker -- Gnome Ticker is a Stock watching program.
Next by Date: Re: [Moshe Zadka <m@moshez.org>] Independent Count
Previous by thread: Re: [Moshe Zadka <m@moshez.org>] Independent Count
Next by thread: ITP: ParMETIS: distributed graph partitioning and sparse matrix reordering
Index(es):
- Date
- Thread