Comelec must heed vulnerabilities of AES pointed out by AGHAM and Kontra Daya

Published by rudy Date posted on May 30, 2010

Dr. Giovanni Tapang, chairman of the well-respected organization AGHAM, the Samahan ng Nagtataguyod ng Agham at Teknolohiya para sa Sambayanan, which was founded in 1999, wrote extensively in his The Manila Times column the serious vulnerabilities of the Commission on Elections-Smartmatic Automated Election System.

Below is his assessment of how the AES fared.

___

More than two weeks after the May 2010 election, the issues regarding its vulnera-bilities keep on cropping up in different forums. Prior to election day, those who pointed out these vulnerabilities were alternately tagged as doomsayers and doubters by the Commission on Elections (Comelec) and even by those who are only realizing the weaknesses now.

These same vulnerabilities are now being aired out at the House of Representatives where congressman Teddy Boy Locsin and his colleagues appear to belatedly see the problems in the Automated Election System (AES) as implemented by the Comelec and Smartmatic. They are now raising issues regarding the vulnerability of the compact flash cards, the time stamps, the wrong totals in the servers and other issues which cast doubt on the veracity of the polls that just transpired.

Bruce Scheiner, a well-known security and cryptography expert, outlined five major characteristics of an AES—Accuracy, Anonymity, Audit, Scalability and Speed. Anonymity is there to guard the secrecy of the ballot. Scalability issues are related to the system being able to handle large-scale elections. As such, we have seen problems in scalability in the Comelec-Smartmatic AES when it tried to have large precincts that led to long queues in the morning of May 10. Speed refers to the time that the tally is done to the moment of proclamation.

Despite the Comelec-Smartmatic AES, we still have yet to wait for a week to proclaim our senators and more than that for the party-lists, vice president and presidential posts.

Accuracy refers to the way the AES records the voter’s intent into a tally. This would include informing the voter through feedback that the machine has read his or her votes and asks the voter to verify this fact. The Comelec-Smartmatic AES has failed in this regard. It disabled the display in the Precinct Count Optical Scan (PCOS) machines and just printed out a “Congratulations!” message. The absence of this feedback makes the whole voting process opaque to the voter and makes reports from the field on votes cast but not reflected on the election returns plausible.

Accuracy also would include the correctness of the tally that the machines do. One such glaring problem was found out by the congressmen themselves as they saw the impossible figure of 256 million registered voters in the canvassing servers in the House of Representatives.

Previously, the same glitch printed out 153,902,003 at the national canvassing in the Philippine International Convention Center. Smarmatic explained this away as a problem in addition among the main server and its backups. What other “problems in addition” will crop up? We had no independent guarantee that the votes were not tampered with nor changed by the PCOS machine or the server.

Scheiner appropriately sums it up in his statement that “Accuracy is not measured by how well the ballots are counted; it’s how well the process translates voter intent into properly tallied votes.”

A proper audit would show where the system failed to uphold the accuracy requirement. “Voter-verifiable-audit” trails should be in place. A voter-verifiable-audit mechanism allows a voter to check consistency between his or her ballot and the recording made by the AES. In the event that machines fail, there should be a way to recount votes independently from the machines.

It is not enough to fulfill one of the five characteristics above (the Comelec chose speed over everything else), all of them must be satisfied. Sadly, even the required Random Manual Audit is being done several days after the election has been done and no definitive result has been heard from that exercise.

One other procedural problem has reared its ugly head during the House of Representatives hearing.

The absence of definitive and trusted records now shifts the onus of proof to those who doubt the results of the election to prove that those results are indeed wrong. The PCOS machine spews out the election return, which assumes that the PCOS machine is working correctly. This would have been the basic document for protests in the past elections. This time the only way to actually prove that the machine miscounted is to go through the ballots themselves.

Like a chicken-or-the-egg problem, asking the Comelec to go through the ballots needs strong basis for the officials to open the box.

The main evidence or proof is made inaccessible by Comelec’s desire to fast track the proclamation of the winning candidates.

The points raised at the Batasan do not yet include other “non-expert” ways to influence the results of the elections. These include ballot snatching, pre-shading of the ballots and pre-selected voters such as the information that was received by Kontra Daya lists down. Technologies such as the AES will not solve these types of fraud. An improperly designed, poorly executed and rushed implementation such as the one Comelec and Smartmatic foisted upon us would even make things worse. –DR. GIOVANNI TAPANG AGHAM CHAIRMAN, Manila Times

Nov 25 – Dec 12: 18-Day Campaign
to End Violence Against Women

“End violence against women:
in the world of work and everywhere!”

 

Invoke Article 33 of the ILO constitution
against the military junta in Myanmar
to carry out the 2021 ILO Commission of Inquiry recommendations
against serious violations of Forced Labour and Freedom of Association protocols.

 

Accept National Unity Government
(NUG) of Myanmar.
Reject Military!

#WearMask #WashHands
#Distancing
#TakePicturesVideos

Time to support & empower survivors.
Time to spark a global conversation.
Time for #GenerationEquality to #orangetheworld!
Trade Union Solidarity Campaigns
Get Email from NTUC
Article Categories