Skimming Chip'n'Pin

Mike Bond at Cambridge University reports some interesting results of experiments attempting to hack chip and pin terminals, much like the current scourge of ATM skimmers. I've wondered about the possibilities here for some time; after all, when you type your valuable PIN into equipment controlled by the vendor, you have no trusted computing base: in theory, your PIN is compromised each and every time you use it, and you're just trusting that the retailer isn't going to abuse its position. The only thing protecting you from a compromised retailer is the difficulty of implementing a skimmer or man-in-the-middle attack. The interesting thing about Bond's work is that it sets a rather low (if unclear) limit on that difficulty.


The ill wind beneath Cullen's wings

(Via ICTE) The Irish Examiner discovers that Monica Leech (who was to Martin Cullen what Karl Rove is to Dick Cheney) still carries the arrogance and bombast that characterised Cullen's responses to any criticism of his evoting plans.


Sketchpad: the first OO system

In his ACM Turing Award lecture at OOPSLA 2004, Alan Kay came up with this memorable quote about Sketchpad:

I went to ask Ivan How could you possibly in one year, in machine code, on this big but rather slow machine with no graphics display on it, have done the first graphics system, the first object-oriented software system, and the first dynamic problem-solving system?. And Ivan looked at me and said Well, I didn't know it was hard.


Touch-screen voting isn't the right answer

This article by John Schneider is a fairly clear explanation of the basic problems with unaudited voting machines, and it's probably suitable for pointing politicians at.

Failure recovery

I've been categorizing distributed system designs into four groups, according to how they recover from the loss of a single critical ele...