CppCast - Election Security
Episode Date: October 17, 2019Rob and Jason are joined by Patricia Aas from TurtleSec. They first discuss blog posts on module linkage and Visual Studio integration of clang tidy. Patricia then talks about her recent efforts to hi...ghlight the work of female engineer role models. Lastly they discuss Patricia's efforts to improve election security in her own country and the concept of software independence with election software. Links NDC TechTown 2019 Keynote: Elections: Trust and Critical Infrastructure - Patricia Aas TurtleSec Tech Women Norway Oslo C++ Users Group #include discord Sponsors Backtrace Announcing Visual Studio Extension - Integrated Crash Reporting in 5 Minutes JetBrains
Transcript
Discussion (0)
Thank you. windows mobile and gaming platforms check out their new visual studio extension for c++ and
claim your free trial at backtrace.io cppcast and by jetbrains makers of smart ids to simplify
your challenging tasks and automate the routine ones exclusively for cppcast jetbrains is offering
a 25 discount for a yearly individual license new or, on the C++ tool of your choice, C-Line, ReSharper
C++, or AppCode. Use the coupon code JETBRAINS for CppCast during checkout at www.jetbrains.com. In this episode, we talk about module linkage.
Then we talk to Patricia Ose from TurtleSec.
Patricia talks to us about female engineer role models and election security. Welcome to episode 219 of CppCast, the first podcast for C++ developers by C++ developers.
I'm your host, Rob Irving, joined by my co-host, Jason Turner.
Jason, how's it going today?
I'm all right, Rob. How are you doing?
Doing okay. I hear it's pretty cold over for you, though, right?
Yeah, it's, well, okay, yeah, it's officially cold.
It doesn't really matter what unit system you use or anything like that oh no it's actually it's almost freezing
already this morning yeah it seems a little too early for that i mean well i mean it's almost
above freezing that is yeah yeah oh you mean october is too early for that yeah yeah it's
funny because there's like a bunch of tweets and stuff about this like oh come on colorado are you kidding me like this is too early for snow 30 like exactly one year ago we
had our first snow on october 11th like this is normal this is not this is not surprising in any
way and then it's going to be back up to let's see 75 on wednesday or whatever right like just
nice and uh let's see i'm sorry i whatever right like just nice and let's see
I'm sorry I don't know what 75 is that's what
that's room temperature what is that
what is that in Celsius what's room temperature in Celsius
I don't know like 20
I don't know it's warm enough anyhow
okay
well the top rope sort of like turned a piece
of feedback
and this week we got this tweet
from Juan
Delatorre replying to our
last episode saying, awesome show.
This is now one of my favorite CBBCast episodes.
Jerry's enthusiasm is
contagious. You should have her back with one of the
software developers to see how both hardware and
software interact. And
yeah, we did actually, you know, we reached out
to Jerry a couple weeks ago
and she originally suggested that she would come on with her CTO, who would be more familiar with the SDK.
But he unfortunately wasn't able to come on the day of the interview.
But maybe we could do a follow-up when they're actually starting to release the product and the SDK is maybe more available.
Yeah, I think that would make sense once the SDK is publicly available or whatever
and they're ready to go down that road or something.
Yeah, I definitely agree, though,
that it was great talking to Jerry
and it was definitely a really fun episode.
Oh, yeah, super fun for me.
Love talking about the old stuff.
Yeah.
Okay, well, we'd love to hear your thoughts about the show.
You can always reach out to us on Facebook, Twitter,
or email us at feedback at cps.com.
And don't forget to leave us a review on iTunes or subscribe on YouTube.
Joining us today is Patricia Ose.
Patricia has spoken at conferences on subjects ranging from sandboxing and Chromium to vulnerabilities in C++.
She has taught a range of subjects in computer science at the University of Oslo
and is currently teaching Intro to C on Linux at a college in Oslo.
She has a master's degree in computer science and 14 years professional experience as a programmer, of Oslo and is currently teaching Intro to C on Linux at a college in Oslo.
She has a master's degree in computer science and 14 years professional experience as a programmer, most of that time programming in C++.
During that time, she has worked in codebases with a high focus on security, two browsers
including Opera and Vivaldi, and embedded Cisco telepresence systems.
Currently, she works as a trainer and consultant for the company TurtleSec, which she co-founded,
which specializes in the intersection of programming and security. Patricia, welcome to the show. Thank you. Thank you so much for having me. Yes,
thank you for having me again. So some of us have been following your adventures with teaching
C at the university via Twitter. Yes. So give us a little bit of a rundown. How's that gone
so far? Or how did you end up even teaching that class too? Is another
question I have? Well, actually, it was, it was another consultant to who was asked to, to teach
it as an emergency, because the actual lecturer, he, he had a baby, it was a premature baby. So it
wasn't really planned that way. And so I got a two days notice and they said can you come and teach c
in two days and i was um yeah sure why not let's give it a shot and uh it's been a lot of fun it's
more fun than i thought it would be actually uh and i'm really enjoying it i feel like if i imagine
if i tried to do that i would be like like, Oh, no, that's C++.
All right. All right. Okay. How do we do this again? And see, like, are you having any of those
problems? Well, I Well, the thing is, that's interesting that I, they don't know any C++.
So so some of them might know C++ in the future. So what I keep on doing is saying,
this is how we do it in C. But when you get to C++, this is not how you're going to do it anymore. And so and but I'm also like, kind of like trying to pull in things from
from because they have a little bit of Java and a little bit of JavaScript, and then trying to say,
okay, so like, this is not like JavaScript, and this is not not like java but but it is it is interesting to teach people that
know that haven't programmed for a very long time like some of these people have maybe been
programming for a year and and c is c is a challenge uh even for experienced people so yeah
no it's been very interesting and also also teaching is specifically tied to platform means teaching it as like a platform programming language. And that's also interesting. So yeah,
no, I'm enjoying it. I find it very interesting, but it's also very challenging.
So since it is specifically Linux, do you ever take the opportunity to be like, okay,
so this is specifically Linux, but just so you know, on Windows or Mac OS, this,
this or this might be different? Or do you just ignore that and stick with the Linux bit?
Yeah, well, I'm mostly ignoring that because it's too much complexity.
It all becomes too big.
But I do say that all of the operating systems kernels are basically written in C, and C can run on all of these platforms.
But we are going to focus on Linux.
So even though C is portable language,
it is almost always very platform-specific.
So it's, yeah.
I wouldn't have taken up the challenge just for the record.
I'd be like, no.
A lot of people said that on Twitter.
I got a lot, I got a really hard time from a lot of the C++ developers.
They were not happy about me teaching C.
A lot of the C devs, they were really happy though.
So, um, yeah, no, but I, I don't know, like, hey, they're paying me.
So that's good.
I like being paid.
Being paid is always nice.
Yeah, it's a feature.
And I find it challenging and interesting.
And I think I enjoy the teaching aspect a lot.
And also, you learn something in a deeper way, I think, when you teach it.
Absolutely. Yeah, I mean, as a deeper way, I think, when you teach it. Absolutely.
Yeah, I mean, as a consultant for the last 10 years, and I'm sure you appreciate this,
when people ask me what kind of work that I do, I'm like, what people pay me to do.
Yes.
Yes.
Yes.
That is a central topic.
Okay, well, Patricia, we've got a couple of news articles to discuss uh feel free to comment on
any of these and we'll start talking more about um election security and other stuff you've been
working on okay sounds good okay uh so this first one we have this article on uh paul's dev blog
beating stood visit without really trying where he's doing a couple comparisons between C, C++, and D,
comparing std visit with some of the library types that he was working on.
Yeah, and the conclusion is that D wins, basically.
Well, no, the conclusion is that C wins,
and D was almost as good as C.
Right.
But C had to be, it couldn't be generic at all.
The C version was 100%, yeah, hand-coded.
Yeah.
Yeah, but it was hand, well, the thing is, well, yeah.
At this point, yeah, hand-coded.
The thing is, he has a point, I think.
But also, I also think that probably the compilation is going to improve over time.
Yeah.
So the C version has basically been tweaked for...
That kind of construct has been tweaked in compilers for decades now.
So it wouldn't surprise me if it
improves over time. Yeah. My only real complaint about the article is I don't think he's beating
std visit, he's beating std variant. Yeah. And just for the record, I have actually hand rolled
my own std visit that did better perform gave me better optimizations than the ones that
are available in the standard library because i needed a simpler use case and that what std visit
actually is overly in my opinion overly complicated because you can visit on multiple variants at once
so that makes the implementation of it like an order of magnitude more complicated than it would necessarily have to be.
So should there be a more simpler version? Do you think?
I don't know. I'm guessing that the, I don't know. I've reached a point where I've decided,
you know what, maybe I'm not going to comment on what's in the standard library because the
requirements that they have are so beyond what normal code has, right?
I mean, standard library code has to be so defensive and so generic and so everything.
Yeah, but the thing is, sometimes I think that because the requirements are so large,
the implementations become so complicated. I don't know, like somebody was
joking because I was
I had to write an
exam for my students for the C class
and I started off using
catch, but basically
not to give too much
away, more than I gave away on Twitter
already, is that
I needed to know what
they were writing to standard is that I needed to know what they were writing to Standard Out. And I needed
to feed them something on Standard In. And then I was like, okay, so how can you do that in Catch?
And then somebody said, you can do it in Google Test and blah, blah, blah. And it kind of just
went to, you could just do it yourself. And then I was like, you know what, you're right,
I could just do it myself and so basically that's
what I ended up doing so I wrote my own like you know asserts and then I did it myself
um and it was kind of nice and but but somebody was joking okay so so two months go by and
Patricia tweets oh so I made a testing framework but the thing is I but the thing is, what I made was exactly what I needed.
Whereas Catch and Google Test has like a bazillion features that I don't need.
I just need these two things.
And so when you know your use case, you can make something that is very simple
and maybe much more fully featured to your use case. Right. So I don't know. So I don't know. I watched Chandler's talk
from CppCon. There are no zero cost obstructions. Yeah. And I don't know, there might be like
deeper truths to that. I don't know. It's like existential
whatever here.
You're like,
I just don't know.
But I think that's something
that happens always.
Like if you have a lot of requirements,
you have to make something
that can deal with
all of the requirements.
And that is necessarily more complex.
I'm just thinking like it's a developer bingo here.
You've already worked on a web browser,
and now you're writing your own testing framework.
Have you done any game engine work?
No.
Okay, well, that's probably going to be next.
Well, I actually really, really, like when I finished university,
that was one of the things I wanted to do.
I wanted to work in games just because I think the technology is very interesting,
not because I'm like really into games.
But then I spoke to people who worked in games and yeah.
So then I didn't do that yeah you know we have yeah we have a few friends in the games
industry right that we know from conferences and twitter and come and and i've been on cbpcast
and i would be willing to work with those specific people yes yes that is what i know
yeah can we just bring those people together and we'll just make a gaming company with them?
But I don't know.
I think it's an industry that just kind of developed this culture where you are feeding off of people being passionate about what they do.
Yeah.
And crazy deadlines and and weird budgeting and
because the whole thing is kind of weird you you you have to invest a lot in something that might
be a massive success or might be a total failure and the deadlines are very hard and it's yeah
no so i i can appreciate that it's a hard industry in general. It's probably much more like making a movie
than it is like making a software product in general.
Yeah, it's a good comparison.
Yeah.
Okay.
Rob wants to continue on.
No, no, it's fine.
Yeah, next article we have is another post
from Vector of Bulls series on understanding super plus modules
i think the the last post in this was at least a month ago that was more than that i'm sure yeah
well this one is uh part three linkage and fragments and i'll be honest it's a really
long post i didn't have a chance to go through all of it but he's going over you know what it
means to be importing and exporting modules, what the global
module means. From what I read, it was pretty interesting so far.
Yeah, I don't have anything to add beyond that. I know that there's just a lot about
modules that I've yet to. Yeah.
Yeah. I'm starting to feel very much that I need to make more things because I don't feel that I know this topic well at all.
I have like high hopes, but that's a problem.
I should probably like lower my hopes.
Well, the thing is whenever you go like, oh, this is going to be amazing.
And then you're like, oh, oh, okay.
Well, I spent like three or four years being completely skeptical about modules because i'm
like 90 of what i do is header only out of necessity because it's all templatized and
that's not going to gain me anything and then the more constexpr stuff i'm doing i'm like well
that's even more stuff that's in headers so i'm basically in a land where almost out of necessity
everything i write's in a header and and but then i was
talking to someone who who knows module-y things and they're like oh yeah no that'll totally work
because it'll still give you like some of the advantages of like pre-compiled headers and stuff
using modules in that library and i'm like okay i guess it's time for me to learn some more about it
but i'm still like anything else i wait until there's a solid implementation that I can play with before I...
Because I don't want to learn the wrong stuff.
I want to learn what the compilers are doing.
And then when I teach it, I can be like, well, this is what the spec says, but this is what the compilers actually do, you know?
Yeah.
Yeah.
Yeah.
And on that note, I still wonder how much modules are really going to see over the next few years after C++ 20 comes out,
because the STL is not going to be modularized.
That's not a requirement yet.
Yeah, not until 23 probably.
Yeah.
So that makes it 2025 when the average programmer will be using it probably.
Probably.
That's true.
I hadn't really thought about it like that, but yeah.
Wow.
That just immediately makes me feel old that I'm even talking about the year 2025.
Yeah.
Am I going to be retired by then?
What year is that?
I don't even know.
Certainly I'll have a flying car by then.
Well, the thing is, I just recently, this is very stupid, but I just recently realized that next year is 2020.
Yeah.
Yeah.
I only realized that because I have some government subcontracts that do fiscal year that starts on October 1st.
And so I was signing 2020 contracts and I'm like, what madness is this?
What would like kid me think?
This is where we are at.
Where are all of the things?
How can this be 2020?
It's like the 90s.
Well, we have cell phones.
I guess cell phones are cool.
We have cell phones, yeah.
We don't have flying cars.
We don't have flying cars, but there is that guy who made an Iron Man-like suit,
which is pretty cool.
We have flying cameras.
Yeah.
Okay, drones are cool.
Drones are cool.
That's true.
That's kind of like a flying car.
Very small flying car.
It's a flying car for your G.I. Joe.
I think Kid Us would definitely be disappointed
in this 2020 version it's like yeah it's like it's meh it's like i thought you would have gotten
further why aren't you on mars yet what is up with that can can you can you place an age on kid
us because i'm going to try to put myself in this okay um 11 11 11 so 1989 for me i think in 1989 if
you told me i had access to all the world's knowledge in my pocket anywhere i walked
anywhere in the world i would be impressed that is cool but then there is of course you know the
meme that you know but basically we just use it for watching stupid cat videos anyhow so which is true which is true so i guess i would be both
excited and disappointed i definitely thought we would be on mars by now i definitely thought we
would do all sorts of like space exploration and things like that and um yeah that was the
height of the space well of the shuttle program right yeah at least at my 19 11 years old i'm
hopeful that within our lifetimes we'll still see that though yeah during the mars yeah yeah
private venture sponsored by tesla yes yeah. It'll be Virgin Air Shuttle.
Hey, you know what?
If Virgin Galactic actually takes off, I will be thrilled.
I want to see the first commercial space flight, for real.
And I want to see it get down low enough within my dad's lifetime that it would be possible for my dad to take that trip.
And he's 75.
That would be awesome yeah i mean he's always
like my dad became an engineer because of the space race so if it were possible for dad to get
a commercial flight to space that would be amazing but you know what's the likelihood in the next 10
years don't know yeah no yeah okay uh we have two more quick we digressed we digressed from
modules no that's fine it's fine so in yesterday's episode for those who didn't listen to it yet we
managed to digress far enough that we did not do news yeah we skipped over it yeah okay uh this one is a code analysis with clang tidy and visual studio and yeah there's now a
checkbox to uh get supposed to clang tools in visual studio when you're installing uh 2019
and you can configure clang tidy to do as part of the code analysis which is pretty awesome yeah and uh if you have
cmake integration you can set it up there easily too and this blog post will show you how to do it
i sent a message to our friends at clang power tools asking them what they thought the implication
of this was for their project i did not receive a comment in time for this episode though and
i don't i don't know if there's anything they would want to say publicly about it, but I am
honestly very curious.
Because they offer other things as well.
Okay, besides just client ID.
Yeah, but the fact that it's even
got built-in support with
CMake projects and stuff is pretty awesome.
Yeah. Okay, and then
the last thing is just that we have
a call for proposals for
ACCU 2020.
And it looks like the final date for that is October 25th.
So if you're listening to this when it comes out, you've got about a week left to get your proposal in.
Do you have yours in yet, Patricia?
Yes.
Ish.
Did you submit a proposal or not?
Well, no.
Well, the thing is that you can ask.
When is ECU 2020?
The thing is they asked me if I could hold a keynote.
Oh.
Wait, is that public?
No.
Oh, well, is it okay if you just said it just now on air?
Well, it was hard because you asked me a yes or no question.
I sounded really dumb.
Do you need Rob to edit it out?
I don't know.
It's probably fine.
I assume.
Nobody told me.
Nobody told me I had to keep it a secret.
So I guess it's fine
so what we know is that you are discussing a keynote with them yes yes okay that's cool
yes so so so that meant yes and no right i understand yes i've been invited to speaker
conferences as well and i i did not even consider that. I'm sorry. But that was, yeah, no.
So, yeah, so that was for 2020.
Yeah.
Okay.
Well, congratulations on probably speaking there.
Okay.
Thank you so much.
Yes.
It will be something security related and something.
The best part of being asked to speak at a conference is you have much more flexibility
in what you speak about.
Yes.
Yes.
So they just kind of gave me like a broad category.
So something security, programming things.
Programming.
Cool.
Yes.
Sorry for pushing you.
Sorry.
Okay.
Well, before we talk more about security, I just wanted to bring up this tweet that I saw yesterday, Patricia, or two days ago, from Peter Bindles, talking about the Patricia Osa word. I was wondering what that was exactly. I don't know who made that title of that article.
It's okay.
Yeah, because there's no such thing as a Patricia Ols award.
But somebody made like the headline of the article to be like, you know, these women got the Patricia Ols award.
But basically, so the thing is that here in Norway, we've had for years, we've had this organization, which is supposedly for women in tech, but it has been publishing this list of like top that work in tech, which I always thought sectors, like from finance or from other things.
So I've kind of been asking or complaining and saying that I want them to, you know, lift up women who actually do all the things and they haven't been really interested. And so a couple of years ago, well, now it's like a year
and a half ago, I guess. I started my own like Twitter account, because I just wanted to follow
all of these women and just see all the things they're doing,
just to be inspired by them, I guess.
But the whole idea from the beginning
is that I'm going to make my own event and my own list
and I'm going to something.
But then it happened again this year.
They basically did the same thing.
And then I got annoyed on Twitter again.
I think that somebody joked about me.
I joked in one of my talks that I did at EuroBSD cons.
I said I was annoying as a service.
But it's not only that I'm annoying as a service.
That was more in the election kind of thing. But I'm also so I do things based in annoyance. If I am annoyed, I might actually do something about it.
So in this case, I was annoyed and I was complaining on Twitter. And then this journalist called me and I said, I will make my own event and I will do it myself.
And I'm going to do it on October 8th, which is Ada Lovelace Day.
And then, you know, somebody asked me, okay, so you're doing this thing?
And I was like, yeah, well, I have to do now because I told the newspaper.
So basically, that made a mini conference where we had only female speakers.
They had like 20-minute talks, one single track conference.
And then at the end, we presented 25 role models that had been nominated by the community and selected by a jury.
And then we presented that.
So the idea was to basically showcase women who work in tech in different things, like
all the way from people who work in academia as researchers to people who work in games
to people who work as designers or testers or so it's all sorts of
different roles it's not only in programming and it seems a lot of people were really happy and and
really were missing this so it's it's become like super popular amongst the whole tech industry
in norway where men and women i think this is really great. Wow. So next year, we'll probably be even bigger.
Yeah.
So you have to, right?
You have to now.
Yeah, I have to now.
So it became like we basically, it was a free event, but we sold out in like four days.
We've had waiting lists since four days after opening the registration.
And so it's been um
i i think yeah i think it was needed i wasn't the only one that was annoyed but i was only
the only one that was annoyed enough to do it so how many people came to your mini conference
there was around a hundred people so men and, like the audience was like anyone could come. It wasn't like only for women, but it was only women who were speaking.
And there was like, of course, one guy who got annoyed at the thing that there was only women speaking.
And I was like, oh, so you can't go to a tech conference where all of the speakers are from a different gender than you are i see
i can i can see how that's difficult yeah and and you're in a minority in the audience as well yeah
yeah i can see how that could be hard
so but it was funny because several men actually talked about that afterwards after being there
like they went and they they were there and they thought it was awesome and they felt super welcome
and all of those things uh but they said afterwards that it was a very strange experience
for them to be in a minority in in a tech conference that that was a new experience
and i think that's a it's a good thing Because when you feel it, then it's easier to
relate when other people talk about it. So definitely, we need both men and women to help
make this industry more diverse. And it's not something that anybody can do by themselves.
Do you think there's some of the first time women speakers at your conference might
be submitting talks to other conferences coming up as well.
That is that is the goal.
That is the goal.
So so I don't know if that was an explicit goal, but.
Oh, yes.
Oh, yes.
I had like multiple goals.
One of the things was that was that I got a sponsor to pay for the recording.
So we had like a professional company
that did the recording and the live stream.
So we had live stream
and people were watching the live stream.
And then I just got all of the recordings
and I'm going to make like a YouTube channel
where I'm going to post all their talks
so that they can,
when they submit to other conferences,
that they could like provide a YouTube link.
Here is me speaking at another
event which can really help when getting through like call for papers oh yeah that people yeah so
so that's that's a part of the goal and also a part of the goal is trying to get like to get
paid like get these women jobs and better things and interesting opportunities and And so yeah, all of that is like, it's a part of the secret plan.
That's, I've had conversations with several people recently who want to go out on their own
or publishing a book or whatever. And they're like, how do I get the word out? I'm like,
well, you speak at a conference, and you say, I'm looking for a job in your talk.
And that goes a long way.
But it is just putting things out in the universe and people seeing you.
And suddenly, almost all of my work that I've had,
like jobs that I've gotten since I started TurtleSec,
was basically people who knew me from some other context.
It's like either they've seen videos of me, they've seen me at conferences, they've worked with me in the past, they, you know, they somehow like, and I'm not
like very good at the sales part. So basically, what happens is a developer in some organization
thinks, you know what, what we need right now in this situation, we need Patricia to come in and
help us. and that's basically
what happens then they tell their boss and then their boss calls me and goes okay so my developers
tell me i need you excellent so that's how i'm currently getting paid um okay so it's a small
conference held in norway for norwegians well and it's for everyone or anyone who's here, right?
So any...
I'm sorry.
No, I was leaning towards a specific question.
Sorry.
I was just curious.
Were the talks in English or in Norwegian?
English.
That just astounds me.
Well, it's easy for me to promote them to international conferences if they are in English.
Ah, okay.
That's a good point.
See, that was a part of the plan.
Right.
A part of the plan is for them to go out into the world and speak at conferences and talk about all the things.
And there were so many really interesting topics and really different topics.
You had one woman talking about computer forensics, one woman talking about modeling data for the health sector
and how are you going to model all of these data formats so that you can exchange health information between different
vendors and healthcare and and one who was talking about about 3d avatar design and making
virtual reality and so it's like all sorts of different topics um yeah and you said there
were 20 minute talks yes so it's almost like a full day of enhanced lightning talks or something i bet it would actually be very interesting to go to a conference like that for real like Yes. And so the good thing about like, because especially because it's single track, you don't really there's no option, you kind of have to see it all. And then I so so I what I wanted is to give people enough time to talk a little bit about their field. But at the same time for the audience to know that, okay, this wasn't for me, but it will be over in, you know, 20 minutes. So it's fine.
Yeah.
So it's still fine.
It's like, and also because I want to squeeze in as many people as possible because it was only a half a day conference.
So it started with breakfast and ended with lunch.
And I wanted to have like eight speakers.
So I just basically, they got no breaks.
Like the audience, I mean i i feel bad for them
but it was they had breaks but it was hardly any so it was um three talks short break three talks
short break two talks and then the list and then lunch and we're done so it was very intense
so you said it was free but clearly it it wasn't free to host. You already said you had a sponsor for the video,
but I'm assuming someone sponsored the venue as well then?
Yeah.
So it was a company that, so I basically, what I do, I ask on Twitter,
I say, I need a venue.
And then like seven different companies and universities and whatnot,
they said, okay, you can have it here.
And so I actually could go like
shopping for a venue. So I basically I went and I visited a lot bunch of venues, and then I chose
this one and it but they were all like super nice. And, and then when I said like, Oh, I need
a thing like I need food, then two companies said we could sponsor the food and so it ended up so cisco did the food
blanc as a as a company here and also they had the venue uh ndc conferences uh paid for the
for the filming uh yeah so so and basically all just me saying hey i need a thing and then
somebody's saying yeah we can do that so next time you chat with, you know, one of the other people who runs a conference like Phil
or Adi, you just be like, I don't know what your problem is. Running a conference is super easy.
I just throw some stuff out there and it all gets done.
But basically, it's not like a real conference because I didn't even have a budget. Like
there's nobody gave me any money. I have no money. I didn't even have a budget. Like there's nobody gave me any money.
I have no money. I didn't take money from anybody. Basically, I just said I need a thing and then people would just buy it for me, which means I don't even like there's not even an official
organization or anything because there's no money involved. I just kind of I just did all the
organization and the web page and stuff. And then I said on Twitter, I need help because the web thing is too much.
And then some guy in Trondheim said, I do web.
And I was like, yeah, okay, can you help me?
And he's been fantastic.
His name is Marcus.
And he's been absolutely fantastic.
I just kind of write to him on Slack saying, I need a thing.
And then he just sends
me a pull request or just push it straight to production. So it's like, it's magic.
I'm sorry, but to get back to Rob's original question, what was the actual name of the award?
It was Tech Role Models 2019.
Oh, okay.
Yes.
And it does say so in the article.
It just doesn't say that in the headline.
Yeah.
But yes, yeah.
So I found that a little bit embarrassing.
The headline was a little bit like, yeah, yeah, I'm going to make an award and I'm going to name it after myself.
You can wait until I'm dead or something and then you can do that.
Well,
that is generally how those things go,
right?
If it continues for the next 30,
40 years and then you die,
then it'll be renamed after you,
I guess.
Yeah.
Okay.
That's fine.
Yeah.
Sorry.
I want to interrupt the discussion for just a moment to bring you a word from our sponsors
backtrace is the only cross-platform crash and exception reporting solution that automates all
the manual work needed to capture symbolicate dedupe classify prioritize and investigate crashes
in one interface backtrace customers reduce engineering team time spent on figuring out
what crashed why and whether it even matters by half or more. At the time of error, Backtrace jumps into action,
capturing detailed dumps of app environmental state.
It then analyzes process memory and executable code to classify errors
and highlight important signals such as heap corruption, malware, and much more.
Whether you work on Linux, Windows, mobile, or gaming platforms,
Backtrace can take pain out of crash handling.
Check out their new Visual Studio extension for C++ developers.
Companies like Fastly, Amazon, and Comcast use Backtrace to improve software stability.
It's free to try, minutes to set up, with no commitment necessary.
Check them out at backtrace.io.cppcast.
Okay. So can you tell us more about the NDC talk you gave on election security? How did you get interested in election security? way back when in 2005, well, actually, probably 2004. Because I needed to do a master's thesis,
and I didn't really want to do it. Because that meant I would probably sit around just writing
for six months at least. And, and I wanted to do programming. So and that became, I guess,
a bunch of the professors knew that Patricia didn't want to write a thesis.
And so they kept on trying to sell me a thesis, but I didn't want it.
And then one of the professors, he came to me and he's like, Patricia, I have a thesis for you.
And I'm like, yeah, yeah, sure.
And then he was like, you get to program.
And I'm like, OK, so what is it?
So basically, that's how I is.
So then he later explains that they needed to make a prototype of the Norwegian election system with all of the different subsystems like the voter rolls and internet voting, a voting client, all sorts of parts of the system.
So like an election system usually is a distributed system that involves many different
kinds of systems. You have the system where the parties put in their candidates and stuff like
that, and you have where they print the ballots. And so there's generally many systems involved. And they wanted me to make a prototype of this distributed system and then test a standard
protocol for transferring election information between different systems in an election system,
which is called EML, which is election markup language.
And so basically, they just wanted me to see if you could follow Norwegian election laws and regulations and still be able to transmit everything that you needed using this, which was an XML schema-based thing.
Right.
Yeah.
So then I had to read all the laws and regulations, and then I had to make the system, and that was my thesis.
And I got an A so you know and I guess so I was happy but I hadn't really thought about elections before then
but I basically came to the conclusion that it is very difficult to make an election system where the population can be assured that the result is correct.
And that this is something that people have been working with election security,
not election computer security, but just election security in general,
for centuries have been working on this problem. Because you have the government that is running the election
is also a party in the election.
So how can you make sure that they are not interfering in the election?
How can the population be assured that things are counted and reported correctly?
And it's a problem of a system where you can't trust anyone.
And so it's kind of complicated.
But people keep, like, so I keep on explaining
and having these, like, long threads
where I try to explain things on Twitter
because I've been having a thing with the Norwegian government
for two years.
I've seen some of your thing with the Norwegian government on Twitter.
Yeah.
So, I mean, I've been, yeah, I'm annoying as a service again.
So, but I wanted to finally explain why it's difficult.
Because that is one of the things that people don't understand.
Why is this so hard?
And so the talk is basically like an introduction to election security as a concept.
And why this is so much harder than you think.
So I start off in the talk saying, is an election system very hard? And I was like, no,
I wrote a prototype of the whole election system, including internet voting, in just a few weeks.
The thing is that in my thesis, in my abstract, it says, you know,
ignoring security and anonymity here is a full prototype. But the thing is, the moment you bring in security
and anonymity and some kind of way of auditing the election result, then the problem becomes
extremely hard. And so I want to, I don't know, bring up the baseline of tech people to a certain
point where they realize the complexity of the problem because
if not we keep on having the same discussions over and over and over again without actually
getting any further and so so i hope it's a song so now it's like if somebody i end up in one of
those threads i go like okay go watch my talk and then come back and then we'll have a talk
it's all part of your larger plan yes yes yes see it's to compress
time it's it's like you know go watch the talk come back then you understand where i'm coming
from now we can have a discussion on like a different level so hopefully and also it was
a way of speaking to the government as well, because they're having an issue understanding the problem as well. So hopefully, the right people have seen it. I hope.
Hopefully.
I did watch your talk. I thought it was really good. One of the concepts I had not heard of before was software independence. I was wondering if you could maybe talk about that. Yeah. No, that has become sort of like the core ideal of election security globally amongst people who work in this field.
And it is the idea that you have to have a way to assure the correctness of the result in a way that is independent of software,
independent of hardware as well.
The idea is that as human beings, we have to have some kind of independent way
to assure that the result is correct.
So in the US, what they are trying to achieve, and some states are getting there and some have been doing experiments, is doing what they call a risk-limiting audit.
And that's a manual process where they are doing – it's a statistical model for for for picking certain ballots and i kind of explained it in the
talk but like if you have like a room of a of a hundred you could have saved an hour here if you
just listen but if you have like but let's say that you have a hundred people in the room right
and they've done a secret ballot uh and you know and then somebody counts up the results. And then you say, okay, well, 90 people elected this cat here.
So the cat is president.
This is the president now.
Long live president cat.
But then you're like maybe you didn't vote for the cat.
You voted for this little thing.
I'm not exactly sure what it is let's
say it's a rabbit let's say the rabbit a bunny rabbit so you voted for the bunny rabbit and you
thought like other people would also vote for the bunny rabbit because the bunny rabbit is much nicer
than the cat and then you're skeptical to this result like is the result actually correct and
what you can do is to just pick like 10 people at random and ask them what they voted.
In this case, you will actually look at their ballots.
Just pick 10 ballots at random, look at the ballots.
And then if 70% of the 10 ballots you pick at random are for the bunny, then this did not confirm the result.
And so you're going like, hmm, that looks fishy. I'm going to take 10 more ballots. And so that's how it works. So basically, in a risk
limiting audit, the hope is that if the result is correct, you'd only have to check a few ballots,
like it's a relatively small number. But if it doesn't pan out, like it doesn't seem likely that the result is correct,
then you just pick more and more ballots. And in the end, it can end up being a full manual recount.
So it's basically a process to have a manual process that regular people can do,
that you don't have to have a PhD to do. Just people
in the population that are not in the government, that are not in the race,
that can be monitored by other people to make sure they're doing the right thing,
can do something to assure that the result is correct. So in the US, that's what they're hoping to do more and more.
But to do that, you have to have paper ballots.
So you need physical ballots that can be read by human beings.
And then you have to train people to do this process.
But it's quite simple because it's basically picking out ballots at
random and then comparing them using the statistical model, which is pre-made. But in Norway, what I
managed, well, I managed it sounds like. But after Patricia was annoying as a service for a long time. They changed the law in Norway
or the election regulation in Norway.
So this year was the first year
where they have two counts in Norway
and the first count is now manual in Norway.
So that's been very interesting
to see the differences in the results
because we also have like a scanning system where they scan and count ballots.
And so we're looking at the differences between those all over Norway.
But it's also been a problem, like how are you going to get the data?
How are you going to check that the data is correct?
How are they dealing with differences? Like if they find something, how do you going to get the data? How are you going to check that the data is correct? How are they dealing with differences?
Like, if they find something, how do they deal with it?
And what we're seeing is that they don't know what to do.
They have differences between the manual count and the machine count,
and they don't know what to do about that problem.
So that's going to be probably the next part we have to deal with.
They have to have, we have to have some kind of way of dealing with it if something happens.
But that's also a problem in the US.
Election security experts in the US, they don't think today that the election system
can recover if you have a real manipulation of elections in the US.
It's too big, it's too complicated, it's too expensive.
They don't know if you can ever do an actual new election
if it turns out an election was manipulated.
And that's a problem.
And you're saying if the results of the election were manipulated, to be clear.
Because I think we all agree that through targeted advertising and such, elections have been manipulated.
Yes.
Yes.
Sure.
But in this case, it's basically if you turn out, like if someone gets elected that wasn't actually elected by the population.
Right. gets elected that wasn't actually elected by the population, then that's something that
they don't think you can recover today.
I mean, as you know, every state has their own laws, has their own things differently.
In Colorado, we have some of the highest voter turnout of anywhere in the country because
the default is that a paper ballot is mailed to you.
You fill in the bubbles and then drop them off at a secure box.
So there is some sort of a paper trail.
I think Colorado, if I remember correctly, is one of the states that have been doing
risk-limiting audits for a few elections, I think.
But they have this
mail-in ballot thing
and that has other risk models to it
of course
especially things of being influenced
by family
and employers
to vote a certain way
but
I mean you kind of have to
decide what works
if you have a very dispersed population,
then it might be very difficult to have them come to any kind of place to do their voting.
And there's the flip side that with the mail-in ballots,
there can't be any intimidation at the polling place as well.
Yeah.
Right.
So it's hard because the moment nobody is watching you when you are doing, like you're filling in the ballot and you are mailing it, then suddenly maybe you can actually prove to somebody that you are voting the right way, like that they think is the right way. And that means both intimidation might work, but also that vote selling is possible,
because now you can prove that you voted in the way that you got paid to vote. So right. Yeah.
But there's so many different vectors for for attacking elections. And it's hard to do anything
that is going to be perfect. And currently, just because you have a paper ballot,
and I do believe you're doing risk-limiting audits,
you're basically ahead of everybody else anyway.
So it's like there are other...
When we first moved here, we did electronic machines, right?
Yeah.
And you would punch in your answers, and then it would print out a physical paper receipt for you to look at.
But that receipt went into a secured box.
So you could confirm, yes, this receipt is what I voted for, hit OK.
Or you could cancel it and start over.
And then that would go into a secure box, which I thought was an interesting way of managing things as well.
But I'm sure it has other attack vectors, yes.
Yeah, the problem is that they've done studies and most people don't check.
Oh, I totally did.
Like, I don't trust the software.
I know how software is written.
But that's the thing, though.
We don't trust software, but regular people trust software.
Regular people think, you know, why can't I?
Like I had a guy tell me on Twitter, which I thought was an excellent question.
He said, I don't understand.
I trust my bank to handle my money.
Why can't I trust a computer to handle my vote?
I don't know if i trust my bank i mean
let's be clear i don't have a can in the backyard right but i do look at the transactions in my
account to make sure that they're the ones i expect and that is the thing there is transparency
you have a way to check uh you have a way to check that it is right. And also there's a lot of regulatory oversight.
And also the bank is by law responsible for your money.
They can't just take your money and go.
And so you have lots of other things around,
which is what is guaranteeing the system.
But with your vote, the whole point for vote anonymity is that the moment
it leaves your hand, you have no idea where it goes anymore. And so you lose track of it. And
you have to trust that what happens after it leaves your hand, it's handled correctly. And
that system is managed by a party in the election. So somebody who has a vested interest in the result
is the one that is handling the process.
Right.
And so, yeah.
So it's complicated.
Yeah.
Well, I don't know what Rob was getting ready to say,
but I feel like we're running short on time.
Yeah.
And I was kind of curious, because you also talked in your talk
about some interesting software bugs that have occurred in the counting process. And you don't
know, I don't know, I'm not suggesting that you go into those. But I'm just saying just what,
what are the takeaways for us as software developers? Like, just like, what should what
should I be thinking about when I'm writing software? Like, how does this influence my life? Or does it? I think one of the things that
when when thinking about how we, we are leaving a lot of our lives to computers and to software,
and we are trusting that the answers and what is giving back are relatively correct. But what we
are seeing in a lot of malware that has been deployed
in many different ways is that the malware is manipulating that reality. And that could be
something like, you know, if you have a malware on a regular Windows machine, it might be manipulating
the logings. So it might be erasing traces of itself or making it look like something else or spewing lots of random things into the log that has nothing to do with what it's actually doing.
And you saw the one that I talked about in my talk in Stuxnet, it was attacking an embedded component in, in these, in these term turbines. But the first part of the attack
was basically just sitting there and recording normal data. So it was just, this is, this is
the normal data that, that it will produce. And then when it started in its attack, it replayed
normal data. So it was feeding all of the monitoring systems and all the people who
were looking at the systems, for them, everything looked fine. And they didn't understand why these
machines were physically failing because these were turbines, so they were spinning really fast.
And so they broke, basically, and they didn't understand why that was occurring, because all of the data they were
seeing was fine. And so I guess what I think is as we move to a world where let's say medical
processes are more and more in software, we need some way for people still to be able to
confirm the results they're seeing independently of the machines.
We need some way to, like, if you're using an electronic thermometer,
that you can still put a hand on somebody's face and say,
okay, this thing says you're having a fever,
but you definitely have a fever, right?
And so we know in this business that we have bugs.
We know that even if it's not malicious, we make things that make mistakes.
And you saw in the Boeing, the MAX, what was it called?
737 MAX, yeah. Yeah. Where you had this problem that a sensor was failing,
but there was no way to independently, as a human being,
actually figure out what was going on.
It was a feature that you could buy as an extra feature
to have it into your UI so that you can actually say,
okay, this sensor says this,
but this sensor says something else.
And if you didn't buy the feature, then you didn't get that.
And then as a human being, you couldn't actually make an independent judgment.
And I think we have to think about that sometimes.
How can we bring the human being into the loop more to be able to make
some judgments that are are complicated and and important so i don't know if that answered your
question sure yeah i think so okay well it's been great having you on the show again patricia uh
where can people find you online or or learn more about your consulting company?
We haven't really mentioned that,
but if you want to, I guess, plug yourself, go ahead.
Well, I'm mostly active on Twitter.
So at Patti Gallardo, like the car, like the Lamborghini.
So please just, my DMs are open,
so feel free to say hi.
My company is called TurtleSec.
The address is turtlesec.no.
And yeah, but if you need somebody to help you with security slash programming, then please let me know.
And perhaps just as an aside, if you contact't just say hi say hi this is so and
so this is why i'm contacting you because sometimes just a plain hi dm on twitter you're like that's
weird yes and and that happens a lot so and and the thing is for me it happens a lot with accounts
where i have they have like a little bit they have like a name and then they have like a 10 digit number after and and no tweets and then yeah then i i block uh basically
immediately so so so if you come into my dms just say hi my name is blah i'm contacting you because
of something it's it's sort of like if you going to call a stranger on a phone. Right, you don't just say hi.
Yeah, it's just weird. You say, hi, this is blah, blah, blah. I'm calling you because
it's just normal. So definitely, yes. I don't mind strangers hitting me up in my DMs, but
just pretend you're calling a stranger and we'll be fine.
Okay.
Thanks, Patricia.
Thank you.
Thanks for coming on.
Thanks so much for listening in as we chat about C++.
We'd love to hear what you think of the podcast.
Please let us know if we're discussing the stuff you're interested in,
or if you have a suggestion for a topic, we'd love to hear about that too.
You can email all your thoughts to feedback at cppcast.com.
We'd also appreciate if you can like CppCast on Facebook and follow CppCast on Twitter.
You can also follow me at Rob W. Irving and Jason at Lefticus on Twitter.
We'd also like to thank all our patrons who help support the show through Patreon.
If you'd like to support us on Patreon, you can do so at patreon.com slash cppcast.
And of course, you can find all that info and the show notes on
the podcast website at cppcast.com. Theme music for this episode is provided by podcastthemes.com.