Political Tidbits is the prestigious column of Belinda Olivares-Cunanan that ran for 25 continuous years in the op-ed page of the Philippine Daily Inquirer, the newspaper that she helped put up with its multi-awarded founder, the legendary Eugenia Duran-Apostol, in December 1985, just two months before the EDSA Revolution.

Sunday, May 12, 2013

Two versions of source code failed to match in last Friday's Comelec review. What went wrong? IT experts call on lawyers of various political parties to challenge authenticity of ERs on city/municipal and national canvassing levels. As IT expert Lito Averia put it, no set of guidelines has been issued by Comelec on authentication of electronic results.

Tomorrow’s mid-term elections promise to be the most chaotic in our history, owing mainly to the confusing and confounding manner with which the Comelec has run it --- in cooperation with Smartmatic-TIM, which has succeeded in inveigling the poll body to purchase those old unreliable PCOS machines, and the automated election technology supplied by  owner Dominion Voting Systems which has been fighting bitterly with Smartmatic in a Delaware court.

It is almost dreadful to think how the elections would turn out tomorrow --- given the number of PCOS breaking down in the past few days all around the country, needing repair and replacement at the 11th hour. Moreover, there’s unabated skepticism and suspicion about the authenticity and reliability of the source code---the human-readable instruction to the PCOS machine and considered the "heart, brain and soul" of the AES technology---as hand-carried here supposedly by Dominion people three days ago. The political parties and various IT experts opine, however, that the last-minute delivery does not allow a decent review of the source code.

It’s a nightmare to even think about all the problems bound to crop up.


Last Friday morning, as several hundred citizens led by the civic group “Tanggulang Demokrasya” rallied in front of the Comelec to protest what appears to be almost certain electoral fraud, three Caucasian men in suits were seen talking among themselves at the entrance to the poll body.  It was later learned that they had delivered the day before to Comelec the much-disputed source code in a compact disc from the Canada-based Dominion, and that they flew out of the country at noon that same Friday (hindi man lamang nag-antay ng eleksyon dito).  

Last Friday the Comelec (then already in possession of the source code after UNA senatorial candidate Richard Gordon had earlier filed a lawsuit before the Supreme Court demanding its production) began the review of the source code, in the presence of representatives of various political parties---with the stipulation that the review would continue even after the elections!


A few days earlier Comelec Chair Sixto Brillantes had triumphantly announced that Dominion had agreed to finally yield the source code for tomorrow’s elections. This has given rise to speculation from various commentators, including Manila Times analyst Rigoberto Tiglao, that maybe the poll body had paid Dominion the $10 million it had demanded from Smartmatic in payment for the source code---just to shut up vociferous local critics and get on with the elections.

The IT experts, of course, argued in unison that this ballyhooed source code review would have little bearing, as it takes no less than four to six months to do a decent review.

But Brillantes, who, as one wag who sounds like Ado Paglinawan put it, “is the only briliante that’s actually a puwit ng baso,” dangled the source code before the Filipino electorate, and at this very late stage it seemed better than no source code at all. That’s how desperate the electorate is, and Brillantes knows it.  But was it better than nothing?


As the weeks and months wore on leading up to tomorrow’s mid-term elections, news reports said SLI Global Solutions, the third-party reviewer of the source code, had already made a 16-page report on this document. But Dominion refused to allow SLI to publicly release it as its court battle with Smartmatic was raging in Delaware.

Interestingly, we all were made to believe during the May 2010 presidential elections that Smartmatic had deposited the source code at Bangko Sentral ng Pilipinas in February that year, as mandated by the AES Law, RA 9369. In fact, there was a grand ceremony of deposit at BSP with all its top officials in attendance in February 2010.


But that assumption lost basis, as Smartmatic’s lawsuit against Dominion filed in September of 2012 came to light. In its pleading Smartmatic admitted that no such document was actually deposited in the BSP, as Dominion had refused to yield it unless Smartmatic coughs up the $10 million for the AES technology.

Smartmatic not only had lied about the docu's deposit in the BSP, but it obviously also withheld this information about no source code from Comelec, while the two of them were bargaining for the fire-sale purchase by poll body of the 81,000 used PCOS machines for the 2013 elections.    

The realization that there was no source code for 2013 prompted Comelec to seek the intervention of the Canadian government to persuade Dominion to  yield it --- which is why analysts like Bobi Tiglao suspect that Comelec actually paid that $10 million to Dominion. 


 At any rate, last Friday morning, before representatives of the political parties and the most-favored watchdog organization, the PPCRV of Henrietta de Villa, Comelec began the "review" of the source code.

But first it asked all those in the room to sign a non-disclosure agreement (NDA) on the results of the review. At first blush the NDA could raise eyebrows as it could look like censorship; but to be fair, a computer expert asserts that signing NDAs is standard practice in the IT industry, for the protection of software owners/authors. 

Besides, Comelec officials justified the NDA by arguing that the legal battle between Smartmatic and Dominion was still going on.


It’s not the NDA, however, that’s WORRISOME, but the fact that according to reliable inside reports, the version of the source code supplied by SLI Global DID NOT MATCH THE VERSION from Dominion. The two source codes failed to reconcile---when SLI was supposed to just be doing the third-party review of the Dominion code, and it was finished in February this year.

Because of the NDA signed at Friday's Comelec review, no news came out in media about the mismatch. But  party representatives who were SO BOTHERED by it reported it  to their party principals. That very night, various leaders from political parties were meeting till close to midnight to discuss the full implication of the differences between the two source codes.

Reports said some party leaders could smell manipulation, but since it was too close to the elections, they couldn't raise a ruckus anymore. 


Our AES Law provides for a third-party reviewer and this was, by mutual agreement between Dominion and Smartmatic, the US-based SLI Global Solutions (formerly Systes Lab). If there is a discrepancy over source code versions, where did it go wrong? 

 Note that the source code turned over by Dominion to Comelec was reported to be the same one used in 2010 but “enhanced,” though Brillantes admitted in media that there were eight or nine “enhancements” (or more bluntly, 'bug fixes') that were not done. These bugs will predictably hound tomorrow's elections. 


Former Comelec Commissioner
Gus Lagman
Former Comelec Commissioner Gus Lagman, whom Malacanang failed to reappoint after his confirmation was turned down by the Commission on Appointments, met last Monday with editors of the Manila Times and some civic citizens, and he asserted that in view of the lack of source code (eventually turned over last Thursday), the poll body should strengthen “other safeguards” to make the elections credible. 

Lagman stressed that while there’s less danger of external hacking since such an attempt would take so much time, the PCOS remains VERY VULNERABLE TO "INTERNAL TAMPERING."  In fact, in another forum I heard Lagman liken the electorate to the home-owner who worries about a thief breaking into his house, so that he installs an elaborate security system e.g., burglar alarm, CCTV, etc. But what he doesn't realize is that the thief is already inside the house!

IT Expert Nelson Celis
With the mismatch of the two source codes last week, the deep apprehension of IT experts and citizens about free and honest elections tomorrow is absolutely justified---especially since, as IT expert Nelson Celis argues, the discarding of digital signatures of the BEIs and the Board of Canvassers in 2010 and again in tomorrow’s elections becomes  NO BASIS FOR PROCLAIMING WINNERS.


IT Expert Lito Averia
Sufficiently alarmed at the Comelec's moves to weaken faith in the electoral system,  IT expert Lito Averia calls on all the political party lawyers nationwide to challenge the authenticity of election returns received by the city/municipal canvassing and consolidation systems (CCS) and the national CCS, in accordance with Sec. 25 of the RA 9369. Said Averia: “As far as I know, no set of guidelines has been issued by the Comelec on the ‘Authentication of Electronically Transmitted Election Results.’ ”

We citizens have to be vigilant in tomorrow’s elections and beyond---and of course, we need tons of prayers.

For comments/reactions, please email: