Safeguards for poll automation project set - INQUIRER.net, Philippine News for Filipinos

MANILA, Philippines — The Commission on Elections (Comelec) said the poll automation project have safeguards in place to ensure clean and fraud-free elections in 2010.

“Fear mongering does not do anything for the project except to undermine people's confidence on automation. We do not have the system yet so it’s curious how they already have this list of vulnerabilities. When we come out with the system, then send this list to Comelec and [so we can] talk about it,” Comelec spokesperson James Jimenez said on Monday, as he reacted to comments made by Center for People Empowerment in Governance (CenPEG) political analyst Bobby Tuazon

Tuazon said on Monday that the May 2010 elections “may end up a disaster if Comelec and the winning bidder fail to install safeguards and security measures to secure 30 vulnerable spots of the automated election system.”

Tuazon said the vulnerable spots include “the lack of source code review, lapses in digital signature, and possible unofficial access to canvassing servers and lack of voter's verifiability” among others, which make the poll automation project “prone to internal rigging, tampering and cheating.”

Jimenez however assured that Comelec would implement safeguards to ensure that the whole process, from preparation until Election Day, is secured. “But before this, we will have to sign the contract first,” he added.

Tuazon urged the Comelec to post the source code in the Internet “one or two months before customization.” Jimenez said Tuazon’s suggestion was impossible.

Jimenez said after the programs are customized for Comelec use, that is only the time it would start source code review to ensure that no one can tamper with the machines and its contents.

“Once the contract is signed, activities such as customization of the machines--through programs or set of computer instructions called source code--will follow. It will be futile to review a code not yet customized for Philippine elections months before the customization process. We have told CenPEG and other groups repeatedly that we would release the schedule of the source code review and other activities once the contract is signed,” Jimenez said.

But the posting the source code of the election system on the Internet “will not be likely,” Jimenez added, due to intellectual and proprietary rights issues.

“Guidelines for the source code review will be drawn up to make sure that we don't waste our time grouping the serious from the crackpot suggestions. In addition, we will install smart anti-virus programs that will detect and prevent tampering of the machines,” Jimenez said.

He assured the team who would handle the project implementation would be composed of technology experts.

Before Comelec accepts the poll machines for use in the May 2010 elections, it is required to hold five redundant tests of the system.

Comelec expects to sign the automation contract with winning bidder consortium of Smartmatic and Total Information Management on Friday, a month after Comelec awarded the contract on June 10.