May 9, 2013
Reference: Dr. Giovanni Tapang, Convenor
It appears the source code of the precinct count optical scan (PCOS) machines is available for review by political parties and other interested groups. The problem is, with just three days left before the midterm elections, a thorough review of the source code to verify its trustworthiness in counting our votes is now impossible. Thus, all the publicity by Commission on Elections (Comelec) chairman Sixto Brillantes about the source code review is mere drama at this juncture. In reality, it is already meaningless in terms of ensuring the credibility of the May 13 polls. The so-called review is just for show.
Kontra Daya has been among the many groups that were adamant in demanding the PCOS source code opened to political parties and independent experts for meticulous scrutiny. The idea is not simply procedural but goes straight to the heart of automated elections – do we really have a reliable and tamper-proof computer program to read and count the ballots before we even use it? The source code review will take several months to complete and the midterm elections are long done before we can even answer such fundamental and indispensable question.
We could not just simply rely on the accreditation of the source code by SLI Global Solutions and be assured that the PCOS machines will function properly. We have to verify that this source code is translated into the proper program that will run on the machines during election day. This could have been tested during the FTS with the hash codes generated during the trusted build so that we can ensure that the same copy of the program will be running in all of the more than 80,000 PCOS machines nationwide.
And we are only talking about the PCOS source code. Even more dangerous and worrisome is the fact that the source code of the canvassing servers can be modified anytime making the whole system prone to electronic dagdag-bawas.
The Comelec could have saved everyone, including itself, a lot of time and effort if it had required that the source code be made at the time when it procured the system.
But we must also reiterate that the problem is not just the negligence of Comelec. The very design and framework of the country’s automated election system (AES) is deeply flawed as it overly relies on private, foreign corporations and their technology. Lest we forget, the availability of the source code was hostaged by the corporate dispute between foreign vendors Smartmatic International Corp. and Dominion Voting Systems.