[Tfug] Let's play "ID this code"! (serious issue actually)

[Zack Williams]

>> 4) There are RULES about voting systems.  Two of them are "all code
>> used needs to be checked out by test labs and then hash-checked to
>> make sure the code in the field is the approved crap" (paraphrase
>> obviously).  This mess doesn't just violate that rule, it stomps all
>> over it.  Because data and program code are mixed into the same file,
>> hash-checking is impossible.  It violates two more rules: "no
>> machine-modified code" (these databases with the program code embedded
>> are created by one of two apps from this vendor) and "no interpreted
>> code" - the latter mainly because it's "field modifiable" which is
>> supposed to be banned too.
>
> *All* code is "interpreted" by something.  Even "machine level"
> code is interpreted by the hardware "machine".  There is nothing
> that inherently makes "interpreted code" (in the sense you
> intend it here) more vulnerable to tampering than "compiled code"
> (again, playing fast and loose with terminology here)

I think what Jim is getting at is having a logical split between the
data and how the data is modified, kind of like how in the MVC
programming methodology the data is encapsulated by the Model, whereas
all the logic is stored in the Controller.

That said, because this is a database dump, the vendor may consider
the "hash checked" system to be the original state of the program with
an "empty" database, which in reality contains the schema and a bit of
program logic.

- Zack