The Danger of Digital Dagdag Bawas On May 10 (Retitled/Updated)
I’d almost rather not write this post.
But the events of recent days seem to be converging at that dark alley called failure of elections of the automated kind.
How can this be, I ask myself given how the advent of automated vote counting and canvassing is supposed to be a watershed event for the Philippines long scarred by election fraud of the Dagdag Bawas kind, punctuated by guns, goons, and gold.
The Commission on Elections needs all the help it can get to buttress its desired for competence and public trust.
But as its officials must very well realize, trust cannot be demand. It Must be earned.
As for competence, particularly of the technological kind, COMELEC is supposed to have found a perfect partner.
So must so that it almost appears like it has outsourced its constitutional mandate to the Venezuelan firm Smartmatic, which perfected a partnership with Filipino firm TIM just a day or two before the partnership signed the automated election system contract with COMELEC (for a whopping P7.2-B: the price of leasing, not owning the system (including the proprietary source codes).
We have been told that the field tests of the PCOS machines, the precinct count optical ballot scanners were generally successful despite ‘glitches’.
I’ll swallow that story for now.
They are telling us anyway that despite the cellular data signal transmissions being hobbled by ‘dead spots’ there is a redundant GBAN or global broadband area network that beams up the election results data to a satellite that sends the information to the canvassing centers through to the COMELEC head office in Intramuros, Manila.
But now this: reports that signal blocking jammers were brought into the country by the thousands (5,000 units, as the information reaching the COMELEC says).
This with the thoroughly criminal intent of sabotaging the promised speed of voting results transmission that’s called a denial of service attack.
The jamming devices effectively cancel ouy the signal transmissions from the telco cellsite dependent PCOS machines.
In local parlance: tinatakpan, sinasapawan, tinatapakan ang signal.
The COMELEC says it is concerned but nonplussed since it has ’contingency actions’ at the ready.
Filipinos are taking a deep breath, albeit nervously, while muttering okaayyy.
Next: the printing of official ballots: all 51+ millions of the more than 2-feet-long-double-sided variety has been delayed yet again owing to the unresolved disqualification of certain candidates in various areas.
Smartmatic is ouch and is raising the prospect of having to outsource the ballots printing using high-tech digital machines from the National Printing Office!!!
They appear to be ignorant of the fact that the NPO is, by law, the only authorized printer of Official Ballots!!!
We we are likely going to be told that legal stuff will be sorted out.
I don’t know if this could be the clincher:
But last Monday came this red flag call from a former Senator:
Former Senator Francisco Tatsad told the Manila Hotel ‘Kapihan forum about the paper by three Princeton University scientists—Ariel Feldman, J. Alex Halderman and Edward Felten — which showed how the Diebold Accu Vote-TS Voting Machine, reputedly the most widely deployed electronic voting platform in the United States, could be easily corrupted by a malicious software.
Although the Precinct Count Optical Scan (PCOS) machines to be used by the Comelec in the May elections are different from the paperless Direct Recording Electronic (DRE) machine studied by the Princeton scientists, their internal infrastructure, which reads and records the vote, appears to be the same, and probably with the same vulnerabilities.
The public may need an iron-clad guarantee, and the most convincing scientific demonstration from Smartmatic that the PCOS machines are not as vulnerable as the AccuVote-TS machines,
Experiments conducted by the three scientists, using a demonstration software that carries out a vote-stealing attack, and a demonstration virus that spreads from machine to machine, showed the following:
1) Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss.
2) Anyone who has physical access to a voting machine, or to a memory card that will later be inserted into a machine, can install said malicious software using a simple method that takes as little as one minute. In practice, poll workers and others often have unsupervised access to the machines.
3) AccVote-TS machines are susceptible to voting-machine viruses – computer viruses that can spread malicious software automatically and invisibly from machine to machine during normal pre- and post-election activity.
After injecting a vote-stealing software inside the machine, the scientists simulated an election with George Washington and Benedict Arnold as candidates. Four voters voted for Washington, and one voted for Arnold. When the machine printed out the results, however, Arnold got three votes, and Washington two.
And because the vote-stealing software was constructed to delete itself after the operation, nothing could be found inside the machine to show that the count was fraudulent or wrong, the Princeton study showed.
In order to safeguard the integrity of automated voting, it is absolutely necessary that the suppliers demonstrate the absolute reliability of their machines, and for the Commission on Elections to review and strengthen the various failsafe measures they have decided to adopt, including maximum security and supervision of the machines.
The Comelec should take note of the finding of the study which showed that the machine could perform well during logic and accuracy tests when fed with ‘pretend ballots’ in a ‘pretend election, but that anybody could inject a malicious software into the memory card to corrupt the machine without leaving any sign that the memory card had been replaced,
The former senator told me he had earlier called on the COMELEC to institute a double-track tally of the election results—-one automated, the other manual, to serve as a possible backup in case of failure of the automated system, and to form part of the records to help settle possible questions concerning the accuracy of the automated count.
The senatorial candidate said he has “full confidence in the board of election inspectors in every precinct to carry out the job.”
Mr. Tatad did not use the phrase, ominous as it is. But what the Princeton report has actually described IS the possibility of Digital Dagdag Bawas!.
I’d like to believe that the COMELEC is aware of this given how the Princeton University findings came out in 2007.
But why, I must ask, are we not being told how THIS danger has been mitigated if not eliminated???
Since I first wrote this another insidious development has taken place.
The COMELEC turned off the ultraviolet security imprint reader of the PCOS machines.
The first resason given by no less than Chairman Jose Melo was that “Smartmatic supplied the wrong UV ink.
Just today, Commissioner Gregorio Larrazabal (of the prominent Larrazabal political clan in Leyte) said the reason the UV mark reader on the PCOS has been deactivated was because the UV ink was not aligned properly on the ballot because of the National Printing Office’s high speed digital printers.
But Larrazabal said now they will supply manual UV lamps TO ALL 72,000+ voting precincts with the Boards of Election Inspectors to scan each of the ballots.
Draw your conclusions.