lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <188279096.20041123200055@comcast.net>
From: hggdh at comcast.net (hggdh)
Subject: University Researchers Challenge Bush Win In Florida


Hello Gregory,

Tuesday, November 23, 2004, 17:27:34, you wrote:


GG> So, while the circular reasoning comment is cute, I support Paul's somewhat
GG> cautious approach. After all, if say we were discussing a vulnerability
GG> in Win2K or something similar, we would make damned certain that the
GG> thing works and worked properly and consistently before we pass it around
GG> or disclose it, for fear of incurring the wrath of the population of this
GG> list, for example.

This is indeed the case. I had replied directly to Paul before, and
will now expand a bit here on this.

My problem with Paul's argument was his choice of "more respected
peers". The UCB people published what they *think* was correct, gave
the reasoning, and provided the sources and the raw data.

So, if I want to prove/dispute/verify, I can analyse UCB's reasoning,
even collect the data all over again -- which would be safer --, run
other analysis, etc. I may *reproduce* it, *verify* it, I may
*disprove* it.

On the other hand, the others provided a _statement_ that they did not
see anything weird. No data, no reasoning, no anything. Just by being
"academic", and very cautious, I am forced to disregard this. I cannot
prove their statement to be correct or incorrect. It's just hot air.

I absolutely agree with Paul -- there is *NOTHING* to investigate in
the judicial sense of the word, since there is nothing proving or
suggesting a crime was commited. And, mind you, neither did the UCB
people suggest a crime had been commited. They state more analysis is
required. They state the results are not coherent with the models.

There is, nevertheless a LOT to investigate by the academia --
specifically, UCB's assertion.

Only after such an analysis -- which should either confirm or not
confirm UCB's results -- can we then think on what can be done (if
needed). But to state that UCB's results PROVE fraud is as hot air as
the statement as I commented earlier.

After all, this is statistics, and almost anyone of us that has played
in this field knows how to truthfully lie with it.

Now, I hope we can bury this argument and go back to the usual stuff.

Huh, perhaps this IS the usual stuff...


-- 

 ..hggdh..

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 218 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041123/e6ffd70b/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ