[Tfug] Let's play "ID this code"! (serious issue actually)

[Glen Pfeiffer]

On Mon Aug 24, 2009 at 11:01:14AM -0700, Jim March wrote:
> The hash-check process goes to the same place: somebody who is 
> an independent election observer (say, a tech hired by 
> political parties) should be able to get the hash numbers from 
> the test lab that checked this stuff out and run it against the 
> program to make sure it's legit, unmodified.  Mixing data and 
> code the way they appear to have pulled eliminates that 
> possibility.

It is possible to extract the data structure of all tables, the 
lookup data that is not generated via the casting of votes, and 
all code (triggers, defaults, functions, views, procedures) from 
the database and put them all into a text file and generate a 
hash from it. And that can all be done in code.

But they probably didn't do that.

-- 
Glen