• Hold PCOS hacking demo, watchdog asks Congress

    2

    The Commission on Elections (Comelec) can use technology to undermine every Filipino’s right to vote with the aid of a hacked counting machine, and this is the surest way to kill democracy in the country.

    Under this rallying cry, the Automated Election System Watch (AES Watch), a broad citizens’ election watchdog of 40-plus affiliated organizations, on Wednesday asked Congress to conduct a demonstration to show that Comelec’s Precinct Count Optical Scan (PCOS) voting system can be hacked.

    In an urgent letter to the Joint Congressional Oversight Committee (JCOC) on AES, Senate Committee on Electoral Reform and People’s Participation (CERPP) and House Committee on Suffrage and Electoral Reform (CSER), the AES Watch’s information technology (IT) members composed of programmers and IT security experts said they accept Comelec Chairman Sixto Brillantes Jr.’s challenge to show that the PCOS system can be tampered with, and that election results can be rigged electronically.

    The letter was signed by AES Watch’s lead conveners and members including Nelson J. Celis, group spokesman; Bishop Broderick Pabillo, AES Watch co-convenor and CBCP public affairs commission chairman; Dr. Pablo R. Manalastas, a programming guru from UP and Ateneo and CenPEG IT Fellow; Maricor Akol of TransparentElections.org; and Leo Querubin, president of Philippine Computer Society.

    Former Comelec Commissioner Gus Lagman, the country’s first IT practitioner and co-convener of AES Watch, earlier accepted Brillantes’ challenge to demonstrate automated hacking.

    AES Watch asked the three Congress committees to hold the demo within the week or before Brillantes, along with two commissioners, retire on February 2.

    “External hacking is not the main problem,” AES Watch said. “What is most worrisome is the PCOS machines are vulnerable to tampering by an insider.”

    Lagman’s January 12 letter to Brillantes said: “Not only can the PCOS software and CF [compact flash]cards be tampered [with]by an insider, but also the Consolidation and Canvassing System and the Election Management System. They shouldn’t be if Smartmatic made tight controls, which it didn’t.”

    Brillantes, last January 7, dared Lagman to show at the Comelec and in the presence of election stakeholders and media how the (election) results can be tampered with.
    Lagman replied: The onus of proving the system safe from manipulation is on Smartmatic and Comelec “since both removed all the safeguards. Still, I accept your invitation.”

    Lagman, however, asked for the presence of at least one Smartmatic technician—an “insider” computer programmer—who knows the software and how to modify it.

    “I will ask him to explain the different modules that comprise the software, as well as the data format and contents of the CF cards; after which, I will instruct him where and what to alter,” he said.

    Since 2010, numerous reports and evidence-based cases have surfaced after the first Smartmatic-supplied automated election was held, showing system vulnerabilities and deficiencies that include tampered election returns, altered CF cards, programming errors and other disturbing incidents.

    Early in 2014, the Technical Evaluation Committee (TEC) of the Department of Science and Technology (DOST) revealed signs of election results possibly changed with distorted digital lines appearing in ballot images.

    There have also been reports of local poll officials and fraud specialists approaching candidates to make them win electronically for a huge fee.

    Sweetheart deal
    Meanwhile, several election watchdog groups also on Wednesday asked the Supreme Court to blacklist and void the alleged sweetheart deal between the Comelec and Smartmatic-TIM for the procurement of counting machines for the May 2016 polls.

    In a petition for certiorari, the watchdog groups asked the High Court to junk the Comelec-Smartmatic contract, citing the poll body’s grave abuse of discretion amounting to lack or excess of jurisdiction.

    The petitioners include the Citizens for Clean and Credible Elections, National Labor Union, League of Elder and Aging Persons, Philippine Association of Free Labor Unions, Anti-Trapo Movement of the Philippines, Alliance of Government and Private Retired Employees, ACCO Homes Neighborhood Association and Kaakbayparty-list.

    They also sought a temporary restraining order or writ of preliminary injunction against Comelec and Smartmatic-TIM to immediately stop the bidding.

    The petitioners pointed out that the election court must be reversed in granting eligibility to Smartmatic and proceeding with the bidding for the procurement of Optimal Mark Reader (OMR) and Direct Recording Electronic (DRE) machines, as well as the lease of election management system (EMS) and Precinct-Based DRE technology due to several violations allegedly committed by Smartmatic-TIM in its former contract with the poll body.

    The petitioners also cited grounds to blacklist Smartmatic for allegedly committing misrepresentation in certain information in its qualification statements by submitting a single largest contract in the name of Smartmatic International Holdings, B.V. or a subsidiary of the latter, Smartmatic Deployment Corporation, and not a contract entered into by Smartmatic International Corporation, the entity which entered into a joint venture with Filipino firm, TIM.

    The petitioners accused Smartmatic of committing misrepresentation in its qualification statements when it claimed that Jarltech International Corporation was its subsidiary.

    Smartmatic was also accused of deliberately concealing the fact that Jarltech transferred the production of the PCOS machines from Kenmec Mechanical Engineering Company to Quisda Corporation.

    Smartmatic-TIM violated the 20 percent maximum allowable limit for subcontracting under Republic Act 9184 (Procurement Reform Law), in its Implementing Rules and Regulations and Request for Proposal when it sub-contracted the manufacture of the PCOS machines to Jarltech and used the software of Dominion Voting Systems International Corporation.

    In addition, Smartmatic is a mere licensee, not the owner, of the PCOS technology, and, thus, again misrepresented itself to Comelec, they said.

    As such, Smartmatic cannot provide modifications and enhancements on the software without the written prior consent of Dominion, the petitioners added.

    Share.
    loading...
    Loading...

    Please follow our commenting guidelines.

    2 Comments

    1. Then its very simple, these people say the machines are easily altered to do what they want. So let them show you how easy it is. It doesnt take a rocket scientist to see how easy it is to see if they are telling the truth. Then if these machines can easily be altered they should be scrapped as someone will use them for cheating, guaranteed.

    2. The petitioners are not politicians. They are recognized IT experts, respected professors, and nonpartisan but solidly prodemocracy NGOs. If Comelec Chair Brilllantes and Smartmatic do not have anything to hide why did they not agree to have the Code reviewed? Why did they disable all the safety and verification features of the PCOS machines? Why was Smartmatic allowed to replace the CF cards in all the 86,000 PCOS machines all over the country just before the elections?
      This is a very serious matter involving the usefulness or not of having elections whose results cannot be verified at the precinct level.
      Many Filipinos, including millions who have not bothered to learn abut this issue, think our elections since 2010 have improved. That is not true. Since the PCOS machines were used precinct counting results have become unverifiable and doubtful and untransparent.