PRESS RELEASE

Center for People Empowerment in Governance (CenPEG)

April 5, 2010

Comelec is stripping away

AES’ dignity and security

The lack of safeguards in the Comelec’s automated election system (AES) has been
likened to a strip show that bares the computerized elections to bad elements.

The Center for People Empowerment in Governance (CenPEG), through IT analyst

Lito Averia, today said the Commission on Elections “is performing a strip show” by
doing away with major safeguards thus leaving the AES “with few processes and
features designed to thwart or prevent electoral fraud.”

Averia, IT consultant for the European Union-CenPEG Project 30-30 and a convener
of AES Watch, identified at least seven “striptease acts” that now imperil the AES
system.

The seven striptease acts, he said, are: the withholding of the source code review;
disabling of machine’s capability to scan the ballots’ ultraviolent security mark; non-
requirement of the Board of Election Inspectors’ digital signature to attest to the
accuracy of the election returns; use of an untrustworthy build or compilation process;
lack of voter verifiability of vote counts; lack of random manual audit; and the non-
categorical language of the certification of the Technical Evaluation Committee of the
source code review conducted by a contractor.

Stripping away these security features means that on May 10, election day, “the
country will have an AES that has been stripped of processes and features designed to
resist attacks by third parties, data manipulation, and fraud,” Averia asserts, adding that
this is not the law’s objective.

Calling the source code review “the longest strip act in the AES project,” Averia hits
Comelec for failing in its legally-mandated duty of “releasing the source code of the AES
to political parties and interested groups inspite of letters of request and the joint
statement by various parties.”

Comelec had failed to act on the offer by CenPEG as early as May 2009 to conduct
the source code review for free. CenPEG had gotten the pledge of at least 20 renowned
computer specialists, many of them professors of computer science and mathematics, to
conduct the source code review.

Meanwhile, many parties, including some presidential contenders, have taken issue
with the removal of ultraviolet scanning of the ballots to check their security markings
since this would slow down the voting process and might lead to massive rejection of
ballots since the marking might be printed off the programmed point.
 Observers, Averia noted, are also asking if Comelec is indeed preparing for manual
counting in at least some areas of the country, if it is printing new ballots and report
forms for manual counting, and what precincts would be affected and their location, and
if the results of manual counting will be merged with the automated process.

Election watchdogs are also taking issue with Comelec’s waiver of the Board of
Election Inspectors’ digital signature requirement, a security feature mandated under RA
6396, and required as basis for the canvassing of votes and proclamation of a
candidate.

The fourth striptease act, according to Averia, is the “untrustworthy trusted build
process” or the compilation or generation and recording of the hash value of the
executable code from the certified source code.

Averia said the hash value, a simple numerical code, could be used in the future to
verify that the executable code copies loaded into the counting machines are the same
as the executable code generated by the trusted build or compilation process.

Comelec Commissioner Gregorio Larrazabal confirmed the existence of two hash

values generated, and explained the hash value was regenerated to correct an error in
copying it for the requesting parties.

AESWatch, however, believes that the error casts doubt on the whole trusted build
process since “If the trusted build process cannot be trusted, how can anyone trust the
output of the process?”

Observers are also apprehensive over the lack of voter verifiability of vote counts, a
provision of RA 9369, and thus a requirement of law. It was apparently waived to ensure
speed over correctness and accuracy of the vote counts.

They also noted the lack of guidelines or general instructions on the concerning the
random manual audit of at least one counting machine per congressional district,
another legal requirement. Comelec Chairman Melo had explained it is still waiting for
the recommendation of the Parish Pastoral Council for Responsible Voting.

Poll observers also find it discomfiting that the certification issued by Technical
Evaluation Committee (TEC) is written in a non-categorical language. Parties monitoring
the May 10 polls, RA 9369 requires a non-categorical certification in “no uncertain terms”
that the AES “is operating properly, securely, and accurately.”

For further information, please contact:

Ms. AJ Tolentino
TelFax +929-9526; Mobile Phone 0915-5132483
3/F CSWVD Bldg., University of the Philippines
Diliman 1101 Quezon City, Philippines
Email: cenpeg.info@gmail.com, info@cenpeg.org
www.cenpeg.org
Project office: No. 9, Malingap Street cor. Malumanay, UP Village, Quezon City
Email: project3030.cenpeg@gmail.com; www.eu-cenpeg.com