System can be used to manipulate votes—IT experts

By Faye Monchelle Gonzalez, Halalan Volunteer

Posted at May 28 2010 01:19 PM | Updated as of May 28 2010 09:19 PM

Manila, Philippines – The system used to automate the May 10 elections is unsecured and can be used to commit dagdag-bawas (vote shaving). 
This was the observation made by 2 of the information technology experts on ANC’s Headstart on Friday, May 28.
IT experts Bettina Quimson, Director of the Philippine Software Industry Association and Atty. Al Vitangcol, both of whom have testified earlier in congressional hearings concerning alleged vote rigging during the recent elections, noted for one thing that the statistically allowed percentage error is .0005.
This translates to 1 out of every 200, 000 PCOS machines.  
“Computer programming is an exact science,” Vitangcol responded when asked about  vote count discrepancies. “Any error is unacceptable.”
Even discrepancies in dates and time recorded should not be taken lightly, Vitangcol said. 
The law, he pointed out, dictates election returns should contain the date and time during which relevant processes took place. Quimson said that on the technical side, a different date means the voting could have taken place on any other day. 
Unreliable transmission
The transmission process is riddled with problems as well, both experts pointed out. “There are more than 200 cases wherein the actual ballot counts were not transmitted to the board of canvassers. What was transmitted was the result of the final testing.” Vitangcol said.
“It can be done to remove the name of a certain candidate,” Vitangcol added. “The CF cards could be used to actually erase the counts.” 
The two experts agreed that the system, on the whole, is ‘unsecured.’ 
Quimson said other stakeholders should have been given digital signatures or pin numbers different from those provided by the vendors to ensure greater transparency. 
Vitangcol, on the other hand said what was most unsecured was the transmission process. He added that even in an advanced country like Japan, elections are not automated.
For Vitangcol, these errors speak of something larger than the numbers:  the lack of preparation.  “In designing a particular information system, one has to exercise due diligence from the very beginning.”  
Machines not properly tested
Quimson said that the PCOS machines had also not been properly tested. “They didn’t test it based on what it would be like in the field so they cannot certify what happens in the field.” No stress test, one that would subject the PCOS to the actual conditions during the elections, was conducted. 
“When COMELEC is insisting that the experts go in and test the system in their controlled environment, we said no. We had to bring this out of [their] control and into the control of the experts to fully test it properly which is why SysTest Labs was called in.”
Vitangcol noted that SysTest Labs, a Colorado-based company that certifies that a software is in good condition, did not approve the software submitted by the relevant body. 
According to Quimson, the report sent back to the COMELEC states that the system is peppered with errors. Quimson added that Instead of fixing these glitches, “We changed the rules in order to match problems occurring in the system.” 

The mock polls conducted prior to the elections, according to the two experts, occurred in this controlled environment.  - by Faye Monchelle Gonzalez, Halalan Volunteer