lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2147483647.1100978635@[192.168.2.100]>
Date: Sat, 20 Nov 2004 19:23:55 -0600
From: Paul Schmehl <pauls@...allas.edu>
To: Daniel Veditz <dveditz@...zio.com>
Cc: Jason Coombs <jasonc@...ence.org>, full-disclosure@...ts.netsys.com,
   bugtraq@...urityfocus.com
Subject: Re: University Researchers Challenge Bush Win In
 Florida


--On Friday, November 19, 2004 2:30 PM -0800 Daniel Veditz 
<dveditz@...zio.com> wrote:

> Paul Schmehl wrote:
>>
>> Even *if* they are correct (which is at least debateable) the 130,000
>> vote  discrepancy they argue for won't overcome Bush's lead of 380,000,
>> so this  is, at best, an academic exercise.
>
> If they are even possibly correct a discrepancy that large must be
> investigated to make sure it won't happen in a future election which might
> be a lot closer.
>
I disagree.  Until the research is credible and vetted, investigating is 
premature.  Many people don't seem to understand, investigating supposed 
discrepancies in the vote costs millions of dollars.  The recount in Ohio 
will cost the state $1.5 million.  That's money that could pay for other 
things.  So you don't run off on wild goose chases just because some 
"researcher" says, "Oooooo, look at this.  This looks really unusual."

*If* the research is credible and stands up to scrutiny, *then* you spend 
whatever is necessary to get to the bottom of it and determine if there is 
a problem.  In this particular case, their "research" is laughable and 
doesn't merit followup, much less the expenditure of millions to get to the 
bottom of a nonexistent problem.

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ