RE: CRIME Security experts nix Internet voting plan

From: Andrew Plato (aplato@private)
Date: Sun Jan 25 2004 - 01:47:34 PST

  • Next message: Crispin Cowan: "Re: CRIME Security experts nix Internet voting plan"

    >Beyond that, I can't really discuss any technical details of the system
    
    >for obvious security reasons.
    >
    > That is not obvious. There is a lot of evidence that open systems are 
    > more secure than closed systems. OTOH, "... can't really discuss any 
    > technical details of the system for obvious *proprietary* reasons"  is
    
    > obvious :)
    
    Crispin, we're not talking about a word processing program or an open
    source version of Everquest here. This is a government system for
    elections. It's a little more important than some open source project.
    
    And the state is doing something to ensure security. It mandated
    security expertise in this project and Saber hired Anitian. And while I
    might not share your vision of security, I do know what it takes to make
    a system work securely. 
    
    I also respect the scientific process. It's the core element of my
    company's methodology (see our web page.) The scientific process demands
    collaboration with peers. So at some point, Anitian probably will call
    upon the community for input and advice. I don't know the level of that
    involvement, I'll have to clear that with the state. But, suffice to
    say, we're not doing this in a vacuum. Many of the ideas discussed right
    here are getting into the design meetings because I recognize their
    importance.
    
    Consider the alternative...this project could be done by some huge out
    of state company who has no investment in Oregon at all. 
    
    ___________________________________
    Andrew Plato, CISSP
    President/Principal Consultant
    Anitian Enterprise Security 
     
    503-644-5656 Office
    503-214-8069 Fax
    503-201-0821 Mobile
    www.anitian.com
    ___________________________________ 
    



    This archive was generated by hypermail 2b30 : Sun Jan 25 2004 - 02:46:20 PST