Monday, October 09, 2006

Open and closed Source voting

In several countries voices are raised against the use of voting computers. The latest objection was raised by the CCC in germany. According to security analysis, voting machines are insecure, and allow for untracable manipulation of voting results and voter privacy. The software can be exchanged and votes could be manipulated without any traces. The systems used for voting in Germany are very similar to those in the Nederlands. Similar objects were raised before in this country. Andy Müller Maguhn wrote:
Die Bauartzulassung der Nedap-Wahlcomputer ist nach den nunmehr vorliegenden Forschungsresultaten hinfällig. Das Bundesinnenministerium muss daher die Zulassung entsprechend § 3 Absatz 3 der Bundeswahlgeräteverordnung widerrufen
It does not surprise that similar story are percepted in the USA, where some rumour around the company "Diebold Election Systems" raised, after a group of college students found some memos about the poor security of the system from developers of this company, which somehow sliped onto a public area of the companies website.

After the companies lawyers tried with the help of the "Digital Millennium Copyright Act" to force the university to remove these memos from the servers(yes they are copyrighted material...) the sutdents had to use peer to peer file shareing software to keep the memos online.
The NY Times wrote in an article:
The files circulating online include thousands of e-mail messages and memorandums dating to March 2003 from January 1999 that include discussions of bugs in Diebold‚s software and warnings that its computer network are poorly protected against hackers. Diebold has sold more than 33,000 machines, many of which have been used in elections.

Now a debate araised around the question wheter voting software should be open source or closed source, to assure maximum demoncracy. While I think that one should also keep in mind that the main problem of demoncracy is missing participation, I am convinced that an open source solution is the only appropriate way to ensure a secure voting process.
Clive Thompson wrote:

So now you're caught up. The reason I give this bloated preamble is to point to the real solution: Open-source software.

As the Diebold scandal illustrates, it's incredibly dangerous to let a private company develop proprietary voting software. If they "own" the code, they'll keep it a secret. That means we'll have to trust them that the software is secure. If they're lying to us -- or, more likely, if they're well-intentioned but just unable to realize how buggy their code is -- democracy is screwed.


Open source software could be manipulated by enemies of demoncracy, but that, at least would show up immediately, and it is an advantage of open source software, that the participants are not bound by any contracts or employers, and may talk freely about the problems of the software without the vendors commercially motived blur.

I therefore disagree with Barry Briggs, who answers to Clive Thompson:

I don't think it's perfect at all. Open-source rests on several cornerstones including programmer anonymity and zero accountability. What if we were to find out that a key contributor to our voting machine software was a member of Al-Qaeda?

In fact, the last people I'd trust to verify the correctness and trustworthiness of something as critical as voting machine software would be a loose group of international programmers who could care less about the integrity of our republic.


And who will be eager to write such software? Of course not the enemies of demoncracy, but those who realize the very value and importance of free elections. And it is really motivating to be part of the team that wrote the software, that drives a vital part of the election process.

Links:

Friday, October 06, 2006

Real Programmers :-)

Real Programmers Don't Use Pascal!


Read more...

Java Locking

Here are some nice Articles about Double checked locking, the singleton pattern
and the friendly comepetition between people doing VM level locking (aka Synchronized) and Java locking (1.5 Reentrant locks)

Thursday, October 05, 2006

AMDD

I like MDD, SCRUM and extreme Programming, so AMDD just seems so natural.

Monday, October 02, 2006

AntiPattern: AbstractionInversion

After trying to understand the AbstractionInversion antipattern, I wonder if this pattern is really a unique pattern and not actually more like a combination of other, more abstract AntiPatterns.

Is AbstractionInversion a special case of code duplication, where a dependend class not only duplicates effort, but also escapes its level in a stack of abstracness layers inside an application?

It seems to be common to most examples I have read so far, that AbstractionInversion occurs in conjunction with code/concept duplication in two dependent modules with diffrent levels of abstraction. To explain my thought I will rely on the ADA RendezVous example mentioned here.

If i.e. a mutex is implemented by using the RendezVous concept, a mutex concept is actually implemented by using something at least as complex as a mutex, and code is likely duplicated.
Furthermore the one-class-one responsibility rule seems violated in the above example, as the abstraction to the gory details of the model relate to the concepts used in order implement the level of abstraction used by a dependend class, that itselfs tries to escape its level of abstraction by using concepts with a much lower level of abstractness that would actually be appropriate for the position of the dependent class in the hierachy of abstractions.

Does AOP solve the problem?

Another observation in the ADA example is, that abstraction invsersion stems from some backdraws of object oriented desing, wich lacks efficient and clear modeling of cross cutting concerns(like Mutexes), and therefore confuses unexperienced developers, by creating the temptation to include certain aspects into strict hierachies of abstractions, aka class hierachies, even if this is not required by the application domain, but merely by technical issues.

Sunday, October 01, 2006

New Emoticons

Every owner of a german keyboard, will know these already, but might not have noticed them as first class emoticons painted so obviously on the keys ...

Ü

and

ö