1.  

    Was curious if he was using a UPS or not, apparently in the comments he mentions he wasn’t using one:

    “Think the issue boils down to complacency and stupidity on my behalf. I’ll respond to each of your points for completeness though: 1) I did not have surge protection or UPS in front of the NAS. I just assumed (stupidly) that in 2019 the power grid in the UK was better than that – I won’t be making that mistake again.”

    While I’m here, I suggest if you order a UPS spend a bit more and get a true sine wave one if you’re powering to a server or anything using power factor correction (PFC).

    1.  

      Paper ballot: physical presence at the scene of the crime for a few thousand votes.

      Electronic voting: might be able to get with it, one person can sway an entire country. You only need access to a few machines at any point before the event.

      The risk/reward for an attacker heavily favors paper ballots. Nothing is absolutely safe, there are people who disrupted paper voting too. They got a lot less for their actions and the rest of the system was safe.

      1.  

        This is quite old (2003) – today emoji would definitely figure into the “absolute minimum”.

        1.  

          That sounds more interesting to me than what op suggested.

          1.  

            I did this two or three years ago with Ubuntu. It worked rather well even if a few ordinary tasks like printing over the network were somewhat complex to troubleshoot for her (not sure if Windows is better here though, but hopefully Google Cloud Print did help a lot) and using LibreOffice after years of MS Office 2007 was like taking a step back into the past (yes I showed her Google Docs but she kept using LibreOffice). It was still much better than Windows Vista (I also tried to install Windows 10 but it wasn’t stable at all on her old hardware).

            Eventually I switched her over an iPad a year ago. This is a very non-Free-as-in-Freedom solution but it solved almost all Windows issues and all of the few Linux issues :)

            1.  

              I said that secure digital voting is impossible.

              Digital voting is fundamentally not something that will ever be possible

              ¯\_(ツ)_/¯

              While I’m here, though: no, it’s not provably anonymous. We do need to trust the procedure that after vote deduplication, the remaining encrypted votes are passed onto the systems with the actual keys for decryption without any identifying data. This is why I said it’s not unflawed or perfect. At the end of the day, we do have to put some trust in the government running the show, rather than in cryptography. Not ideal, but it still does effect digital voting. You can’t just stick your head in the sand and shout that digital voting is impossible while it’s happening, even if it’s flawed.

              But at the same time, due to this property, your other point is moot. The ability to recast your vote means blackmail, bribes, etc. cannot be committed effectively.

              1.  

                I said that secure digital voting is impossible.

                1.  

                  That clarifies things a lot. I know you can mix Terra and Lua within code but it helps to understand where you see the software fitting in.

                  1.  

                    Let’s just hope it doesn’t become self-aware and fall into a solipsistic crisis that results in its detonating and destroying the ship.

                    Seriously, though, excellent work!

                    1.  

                      I’ve noticed that systemd-based OSes really scream at booting. That, coupled with lack of dead simple power management and the slow fsck times, keeps me using Debian on laptops.

                      1.  

                        Note that arc4random was proposed for POSIX. Read the discussion.

                        1.  

                          I’m responding only to the claim that digital voting is impossible by pointing out that it is happening now and has been happening for decades. Thanks!

                              1.  

                                Duress codes would be unique to the voter with the system showing the vote was tallied. Obviously. Otherwise, it wouldnt work.

                                1.  

                                  The article you link to has a large criticism section, and nothing in it seems to explain how they’ve got past any of the issues of online voting.

                                  Firstly, there’s absolutely no way that your vote can be anonymous if it’s clearly recorded, which it has to be in order to be able to be erased by the same person making a subsequent vote.

                                  Secondly, they haven’t solved the problem that such a system destroys the most important attribute in a voting system, above all other attributes, which is to have a secret ballot. If someone can watch you vote, then they can force you to vote a certain way. They can blackmail you, they can bribe you, etc. That’s antithetical to a fair voting system.

                                  1.  

                                    Paper ballots definitely don’t have the same problems. With paper ballots, you are sure your vote was counted, you can’t prove how you voted, you are sure that nobody vote was counted twice, you are sure nobody voted twice, and you are sure nobody can see what you voted for. The system is designed to sort these issues out, quite well.

                                    1.  

                                      I mean, people used to hold protests because a black person might use the same water fountain as them, so I don’t think we’ve ever not lived in an age of outrage…

                                      Not everyone lives in the United States, thankfully. What people used to do a couple of hundred years ago in a country I have no intention of living in.. doesn’t really bother me much to be honest. I’m talking about today vs. what the world was like a couple of decades ago.

                                      If 10% of all drivers rammed into the bridge supports on a daily basis to “test it out”, some drivers drove backwards “for lulz”, 75% of drivers were unlicensed, etc….we might see more bridge failures.

                                      If a driver rams into a bridge support, it doesn’t damage the bridge. Bridges are designed to handle people driving into columns. People driving backwards has nothing to do with bridges, and neither do unlicensed drivers.

                                      This is sort of what I’m getting at, really. People claim that software is super different from these other disciplines, but I really don’t think it is. The problems that are faced are the same. Planes, buildings, etc. all face threats of attack. They’re designed not to be taken down by a single attack. Planes have thick reinforced cockpit doors that are locked from the inside, for example.

                                      If people used bridges like they use software, they might need a bit more maintenance, but they wouldn’t just break. Most software is completely broken under even slight attacks.

                                      That being said, we don’t account for a common (if malicious) use case in software, and I think it’s a lack of professionalism, as you said. The reality of the situation is that software is attacked regularly and its users aren’t licensed or trained, and so software professionals should account for that.

                                      Absolutely.

                                      1.  

                                        Amending the last commit isn’t at all similar to changing the staging area. When you amend the last commit, you’re changing what is in the last commit. When you’re adding something to the staging area, you’re changing what will be the next commit.

                                        When you make some changes in your repository, you do not always want to actually commit all of them. That’s why there’s a staging area. You can skip it in git, using commands to commit while also adding all unstaged changes (commit -a), but it’s a bad idea. Every time I’ve tried this I’ve inevitably ended up with things I didn’t want getting added.

                                        The staging area forces you to consciously acknowledge every change that goes into your commits. That’s really important in my opinion. Everything in the commit is something a human has consciously decided to put there.

                                        1.  

                                          Okay, that’s your experience. But my experience is quite the opposite. I think its user interface is fantastic. When I try to use something like Mercurial, I find its user interface to be absolutely horrible. To get something like the staging area in git you need to enable various extensions, and even then you’re working with a bunch of commands all prefixed by ‘q’ or something, last I checked.

                                          Git is just easy in comparison. A bunch of simple orthogonal commands.