-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Fergal Daly writes:
On Mon, Mar 01, 2004 at 02:07:20AM -0000, Niall Douglas wrote:
If people will insist on using off the shelf components, they will have this problem. When I was working for EuroFighter, I was appalled to discover they use x86 kit and Windows which is totally unsuitable.
Commercial off the shelf kit is mass produced cheaply. It's not of high quality and certainly not of high security. As an example, DEC VMS didn't have a single root exploit in 17 years.
The voting machines are using m68k and a very small custom OS which is little more than a loader. It's probably very secure as it had almost no functionality. It's also got ECC RAM.
BTW if Niall's suggesting using tamper-resilient military-spec hardware, I think the cost increases would scupper the project immediately. I get the impression it's a lot easier to spend that kind of money when it's coming out of a "black budget" ;)
- --j.