No end to ‘horror’ tales 6 days to polls
By Leila B. Salaverria
Philippine Daily Inquirer
MANILA, Philippines—Misaligned ovals and ultraviolet security marks. Untested servers, modems and websites.
There’s no dearth of reasons to worry about the credibility of the country’s first automated elections with just a week away, officials of the poll watchdog Kontra Daya said at a news conference Monday.
Kontra Daya, which groups church, civil society and militant organizations, said the servers that would receive and store results fed by the precinct count optical scan (PCOS) machines in the field had not been submitted for testing and certification.
The servers will be used not only by the Commission on Elections (Comelec) during the May 10 balloting, but also its partners such as the Kapisanan ng mga Brodkaster sa Pilipinas.
Also untested are the PCOS modem firmware, the ballot production toll and the public website where results of the voting in the 76,000 precincts will be posted, the group said. The data could then be used to double check the tally.
Kontra Daya said that the deficiencies were disclosed in a March 5 memo of Comelec’s technical evaluation committee, which is tasked to certify that the components of the automated election system are operating properly, securely and accurately.
The group said the Comelec should explain why these “crucial items” were not tested and certified as required by law.
Kontra Daya also disclosed that the review of the US-based computer firm SysTest Lab on the source code, which is the set of instructions to be followed by the counting machine, showed that there were 23 minor problems in the code.
Kontra Daya convenor Rodolfo Lozada Jr., an IT engineer, said the lack of testing and certification of the automation components showed that the elections were being done unlawfully, and this could lead to the political exercise being wasted.
“Does this mean the results would also be unlawful?” Lozada said during a press conference. “All we’ve done might be wasted because the implementation of the law creating the automated election system was not done.”
Lozada blew the whistle on alleged bribery and overpricing in the $329-million National Broadband Network deal with China to electronically wire the nation’s bureaucracy that was subsequently scuttled by President Gloria Macapagal-Arroyo.
Result doubtful without test
Scientist Giovanni Tapang voiced concern at the lack of testing and certification.
“Even if the PCOS machines are working well, we are not sure if the end result would be correct,” Tapang said.
“The weakest link of a chain are those parts that were not tested. Even if the other parts are working, but there is a weakest link, there would be problems,” he added.
Tapang noted that there may not be time to take legal action against the Comelec. He said the people would have to be vigilant at every step of the electoral process, right up to the national canvassing level.
As for the source code, Rick Bahague of Kontra Daya and the Computer Professionals Union said that although SysTest Lab said the problems were “minor,” these could still cause problems, especially if safeguards are not in place.
Bahague said that these minor problems could cause data corruption. Even if a vote is recorded in the precinct, it could disappear when the results reach the canvassing centers.
Data corruption feared
According to Kontra Daya, one of the issues that SysTest raised was that the election data may not always be properly encrypted before being stored, and the certificate of canvass and statement of votes are not always encrypted before transmission.
“Erroneous programming on the database can lead to serious problems in data corruption and integrity. Transmission of data is not always encrypted and this can be exploited to manipulate results,” Bahague said.
SysTest also noted that the source code may not properly record undervoting. This means that if a person chooses less than the required number of candidates for a particular position, the machine may not record the choices correctly, according to Bahague.
He noted that SysTest reported that the software inventory that Comelec’s automation partner Smartmatic-TIM provided was inadequate. SysTest also pointed out that security tokens could be turned off when data are being imported to the consolidation and canvassing system.
This means that the whole system might be accessed, Bahague said.
Earlier, information technology expert Robert Verzola of Halalang Marangal raised the possibility that the ovals could be misaligned since the ultraviolet security marks in the ballots were misaligned during the printing.
The error in the ultraviolet mark printing has prompted the Comelec to purchase UV lamps so that these marks could be detected.
Verzola said that if the ovals are misaligned, the votes could be misread or not read at all, thus resulting in an inaccurate count of the votes.
Comelec spokesperson James Jimenez said that the poll body was looking at concerns raised by Kontra Daya and the other watchdog organizations.
He said that the independent certifying authority saw nothing wrong with the source code and downplayed concerns that the ovals in the ballots that voters need to shade could be misaligned, which could lead to an inaccurate counting of the votes.
Jimenez said all of the ballots that the poll body printed had passed through the PCOS machines to check if they would work properly.
There would also be a final sealing and testing of election paraphernalia to be conducted before the May 10 polls.
“The test ballots that we will use for testing and sealing are the same run of ballots that we’re actually going to use. So if there would be problems in the actual run [of ballots], these would show up during the testing and sealing,” Jimenez said. With a report from Maricar Cinco, Inquirer Southern Luzon