Notice: get_settings is deprecated since version 0.0! Use get_option() instead. in /home/doiwl/public_html/wp-includes/functions.php on line 2970

Notice: get_settings is deprecated since version 0.0! Use get_option() instead. in /home/doiwl/public_html/wp-includes/functions.php on line 2970

Archive for September, 2007

What a mom would say in 24 hours?

doiwl September 28th, 2007

This is really hilarious, and a must watch for moms!
Wonder what a mom would say in 24 hours? Hear it in 3 minutes now!
Continue Reading »

Can what we built today take us into tomorrow?

Drastic & Dramatic (Part 3) – Tech talk continues…

doiwl September 21st, 2007

Haha, if it is hard to understand, never mind. My tech-talk continues…

This is the design of yesterday e-voting system.

LOUSY & SIMPLE E-VOTING DATABASE

lousy.jpg
OK… if this is the only thing I can retrieve from the database, can you enlighten me how you show the source of this figure?

In the lousy voting system, the database only holding the latest sum of votes for each candidate, nothing can be done to trace the authenticity of this figure. There is no way to prove the summation is right and not being tampered.

The programmer should really design a better system that allows certain degree of audit. More trails in the database means the system is more error-prone, as follows:

A BETTER E-VOTING DATABASE
detailed.jpg

  • “Student ID of voter” column should be unique, to ensure that a student only vote for once (no double voting).
  • Why is it being MD5 hashed? This is to protect privacy of the voter.
  • The rationale of timestamp, computer ID and other columns are to make it more like traditional paper balloting. 
  • When more trails are left behind, at least we can trace back how many people voted in a particular timeframe, or how many people cast the vote on a particular computer, to judge whether the figure is realistic or not.
  • No one can change the result or insert any data easily unless he is able to fake so many timestamps without clashing on the same time on same computer.
  • Recount & audit is possible.

Aisk, MMU can do it in a professional way and not a joke like yesterday! The staffs did not pay attention on all these things, is it because of the tak apa attitude? Or the decision to use such simple system is made deliberately, avoiding the possibility of audit? No matter how this incident somehow affects the reputation of MMU, when no one pay attention to design a better computer system.

Drastic & Dramatic (Part 2) – why a ambiguous system being used?

doiwl September 20th, 2007

I suppose that this is the first time of MMU history where SRC Election have to be cancelled half way.

This is also the first time, the Election Committee decided not to use the CMEAD production of e-ballot system, and instead use a simple voting website, hosted on the Internet, called BALLOT-BOX (source) for the SRC General Election.

The Ballot Session was cancelled halfway. I wouldn’t comment on which department did wrongly. I would rather comment on this Ballot-Box system itself (if it is really being used during the SRC General Election Ballot Session earlier today.)

A major flaw exists in this Ballot-Box system that makes it intolerable for a General Election. This website is way too simple like ”main masak-masak”.

Flaw #1: The admin are allowed to EDIT or TAMPER with the votes.
1.JPG 

Flaw #2: Or… if you choose not to edit the votes, you can edit the options (switch the names of different contestants)
2.JPG
At first the Candidate B is gaining 2 votes, now I can switch the names.

Flaw #3: This is according to the MMU SRC Election Rules & Regulations, if I’m not mistaken sounds like this: a voter must vote for only 5 contestants. Hah, but I can vote for 1,2,3,4,6,7 as I wish in this system.

In the traditional CMEAD built system, a voter can only vote once, and he / she can only be voting 5 contestants, more or less than it will not pass the javascript validation. (By the way, there is a minor mistakes of the traditional CMEAD e-ballot system also because it forbids the right to cast a blank vote.)

If students’ representative of MMU Cyberjaya are being chosen using this system, in my opinion I would say that it should be considered void as well!

Haih, I cannot believe that no MMU staff are able to design this e-ballot system. We still have lots of FIST and FIT academicians & undergraduates who won in various programming competitions, right?

In my opinion, the “connection down” incident happened today allowed us to look deeply into this issue. Nothing can be done if any contestants challenge the result of today’s election - such a simple design cannot allow us to audit/recount the votes.

Ok, that’s all until now. I am willing to help and share my ideas on the design of this e-ballot system. Is there anyone doing FYP on this? Maybe I should propose this title when it is my turn to do the FYP.

(I’m proud as a MMU student when I was in alpha year, the e-ballot system was great and it was very efficient.

Anyway now I would say that it is time to understand the source code.)

_____________________________________________________________

这是MMU第一次弃用了引以为傲,自己编写的e-ballot系统,而去使用一个架设在国外,名不见经传的网站-BALLOT-BOX。(资料来源:http://ahchup.blogspot.com/2007/09/why-mmu-melaka-src-election-cancel.html)我是根据真不知道那些部门是怎样做出这样草率的决定。

我不谈到底是哪一个部门的疏忽。下来要说的是这个系统的根本性和程序上的根本失误! 

  1. 这个系统可以修改票数。哇,你想想看用一个这么儿戏的东西来进行选举?
    1.JPG
  2. OK,如果不要从票数那里改,这个系统还允许admin修改选项!
    假设原本Candidate B得2票。我不修改票数,可是我可以修改选项秩序!
    2.JPG
    看到了吗?我可以把原本的名字和别人的名字(Candidate A & B)对调。
  3. 另外一点是根据MMU选举的规矩,GM1选区一定要投选5个人,多过或者少过5个在MMU传统的电子投票系统里面是完全不能通过,就是投不到票。但是在这个不知名的系统里面,完全不能知道到底谁投了废票!(另注:不过传统的mmu投票系统也是存有缺陷,就是剥夺了投废票的权利)

如果说MMU Cyberjaya也是使用这一个投票系统的话,那我只能说通过不formal,不正规的系统来投出来的人士没有公信力!

看到这么多问题了吗?是不是让人怀疑?

就算全部MMU CMEAD 或者ICEMS的职员都不会做这个系统,不过不要忘记还有这么多FIST和FIT的教授和学生,没有人不会吧。真是奇耻大辱!

总结,基本上今天的投票被取消了,我觉得是好事。因为这个系统真的太儿戏也完全经不起考验。若有任何一方对于投票结果不满而要求挑战,它完全不能够验票。这种投票方式完全没有公信力。

OK,待会儿来讲这种电子投票系统该怎么写才对!我不相信如果学会的senior都可以写到公平公正的系统,为什么做不到还要outsource?那干脆用纸笔投票吧!

Next »