>Beyond that, I can't really discuss any technical details of the system >for obvious security reasons. > > That is not obvious. There is a lot of evidence that open systems are > more secure than closed systems. OTOH, "... can't really discuss any > technical details of the system for obvious *proprietary* reasons" is > obvious :) Crispin, we're not talking about a word processing program or an open source version of Everquest here. This is a government system for elections. It's a little more important than some open source project. And the state is doing something to ensure security. It mandated security expertise in this project and Saber hired Anitian. And while I might not share your vision of security, I do know what it takes to make a system work securely. I also respect the scientific process. It's the core element of my company's methodology (see our web page.) The scientific process demands collaboration with peers. So at some point, Anitian probably will call upon the community for input and advice. I don't know the level of that involvement, I'll have to clear that with the state. But, suffice to say, we're not doing this in a vacuum. Many of the ideas discussed right here are getting into the design meetings because I recognize their importance. Consider the alternative...this project could be done by some huge out of state company who has no investment in Oregon at all. ___________________________________ Andrew Plato, CISSP President/Principal Consultant Anitian Enterprise Security 503-644-5656 Office 503-214-8069 Fax 503-201-0821 Mobile www.anitian.com ___________________________________
This archive was generated by hypermail 2b30 : Sun Jan 25 2004 - 02:46:20 PST