The possibility of hacking into the automated election system is “practically nil,” a technical consultant to the Commission on Elections (Comelec) said Monday, disputing allegations made by several groups that the automated machines can be easily tampered with.
Professor Renato Garcia, IT consultant and member of the poll body’s project management office, said that it was next to impossible to interfere with the security measures of the Precinct Count Optical Scan (PCOS) machines because the security features were “even higher than those of banks.”
“The beauty of PCOS is that once the voter cast his vote, it is immediately captured as an electronic image. You have right there and then an electronic form [of the votes], which is going to be available for review anytime. There can be nothing more transparent than an image taken right after the casting of a vote,” added Garcia, also a part-time professor at the Ateneo de Manila University School of Management.
He also dismissed the possibility of the election results being tampered with or changed easily by merely using a flash disk as some of the groups claimed. “The actual exposure of the system is only for a day during election day, and it will only be online during the transmission of votes, which will only be for a few minutes.”
Hacker proof
Garcia said that in case someone was able to hack into the system, there would not be enough time to make changes because the hacker would only be able to see the encryptions, and not change a thing.
The system, he added, is fully encrypted with security measures, so it is ridiculous for some to claim that the system can be easily hacked.
Garcia said that the poll body together with the winning bidder, Smartmatic and Total Information Management (TIM), will be revealing the source code in a “controlled environment” after it receives the certificate of the source code review from an internationally accredited consultancy firm.
A source code consists of a programming language created by a programmer to create or improve a certain software. In the country’s automated elections, the code will be used to improve and customize the software that is needed to transmit and count the ballots that would be cast in the 2010 polls.
The source code, Garcia said, is “an assurance that, yes, this is a keen software, and that it will operate the way we want it to.”
He added that the law specifically states that the source code must be accredited by an international firm. Garcia said that the Comelec, through the technical evaluation committee and the advisory council, is looking at selecting an international consultancy company next week.
Garcia said that his committee had submitted a list of consultancy firms that the commissioners can choose from. “In fact, one firm in the United States is doing an exact review for Dominion,” he added.
Dominion is a Canada-based company that created and owned the source code that would be used for the 2010 polls. Smartmatic was able acquire an exclusive license for the Philippines to use Dominion’s source code.
“By February hopefully, we will be able to release it [source code] under a controlled environment,” Garcia said.
The law requires the certificate of the code review three months before election day.
Reviewing the source code
Garcia, also the president of the Philippine Electronics and Telecommunications Foundation, said that he was not sure if the Center for People Empowerment in Governance (CenPeg) would be allowed to review the source code since “they are not an internationally accredited firm.”
Earlier, CenPeg, based at the University of the Philippines in Quezon City, asked the poll body to give them a copy of the source code so they can review it.
Reviewing the source code was also what the United Opposition (UNO) had in mind when it asked the Comelec to make the code available to independent computer security experts before Smartmatic-TIM starts producing the counting machines for next year’s polls.
In a statement, UNO President and Makati City Mayor Jejomar Binay, also on Monday said that the release of the source code is an important first step in addressing growing apprehension about an “automated Hello, Garci” scenario in 2010 national elections. “Hello, Garci” was what alleged cheating during the 2004 elections came to be popularly known, with Garci referring to former Comelec Commissioner Virgilio Garcillano, the alleged mastermind of the poll fraud. Mrs. Gloria Arroyo won those elections.
Binay said that releasing the source code in November would be too late since by the time Smartmatic-TIM would have started manufacturing the machines.
He cited Republic Act 9369, which allows political parties and other interested groups to review the source code to be used in the automated elections.
Republic Act 9369, or the poll automation law, a certificate of the source code review from an international consultancy firm is required before opening the code to all political parties, poll watchdogs and representatives of different organizations.
The certificate is also required before the customization of the software can be made. Garcia said that the baseline software was there, but the customization could not be done yet because we have to wait for the certificate.
He added though that they were confident with the timeline of the review and even the baseline software. The customization, Garcia said, will be made to suit the Philippine environment.
Comelec assurance
Comelec Chairman Jose Melo, however, eased fears that the source code can be tampered with once it is released to a certain group.
“Magaling sila sa propaganda [They are good in propaganda],” he said, referring to groups questioning the security measures of the Precinct Count Optical Scan machines and offering their own software.
He asked these groups to top criticizing the ballots that were presented during a recent machine-demonstration because the poll body has not come up with the ballots’ final design.
Melo said that the machines were tested in the most hostile Philippine environment during the 2007 elections in the Autonomous Region in Muslim Mindanao (ARMM). “I don’t think there is a more hostile environment than the ARMM. Let us not allow fear to govern our actions.”
— Bernice Camille V. Bauzon, Reporter with Report from Cris G. Odronia
#WearMask #WashHands
#Distancing
#TakePicturesVideos
