Would cheating be that easy in the recent election?

[first_light]

Kaya next time, mas maganda kung may parallel manual counting para talagang ma-verify ang electronic counting. Ngayong tapos na election, I don't think may mahahabol pa. Nakakatawa na naman tayo sa ibang bansa. Ang mga bansang nag-aacquire ng electronic voting system for the first time, ay nag-uunahan ang mga sindikato para bumenta sila at magkapera. Yan ang takbo mg mercado ng mundo.

[Gerbo]

Haaay...Bakit di na lang tanggapin ang pagkatalo at magserbisyo na lang ng totoo para sa susunod na halalan maalala ng taong bayan.

[niky]

He might be right, he might be wrong. We don't know yet. But I believe that there is always cheating. Hindi naman mawawala iyon eh. Kung Pentagon, na-love bug. Kung mga credit cards, naha-hack. Kung U.S. stock, meron glitch daw? See this video, baka mag iba ihip ng hangin:
http://www.youtube. com/watch? v=ifJw0r0rz_ I

Credit cards can only be hacked after being scanned in-person. The love bug? It's easy to create a virus that does nothing but destroy data... but to manipulate encrypted data? That's a feat of a different magnitude.

To systematically change the data coming from all the stations would require the cheaters to either control the PCOS machines themselves or control the servers.

Otherwise, they'd have to control all the personnel at all the stations, which they can't.

[jansky]

He might be right, he might be wrong. We don't know yet. But I believe that there is always cheating. Hindi naman mawawala iyon eh. Kung Pentagon, na-love bug. Kung mga credit cards, naha-hack. Kung U.S. stock, meron glitch daw? See this video, baka mag iba ihip ng hangin:
http://www.youtube. com/watch? v=ifJw0r0rz_ I

Remember Computer virus is different from hacking

Definition(virus)
A computer virus is a computer program that can copy itself[1] and infect a computer.

(hack)

Computer hacking is illegally using the computer resources for malicious intent

(glitches or bugs)
A software bug is the common term used to describe an error, flaw, mistake, failure, or fault in a computer program or system that produces an incorrect or unexpected result


rules of engagement

to able to break the security one must have a deep well understanding on 128 encryption / what kind of 128 encryption method use : eg. Math formulas (but could be also 256 or 512 encryption)

how about firewall ? firewall configured on the side of server. which filter incoming and outgoing. it gives protection and rights to the data

part of network? each machine has its own unique IP and has its own MAC address. this IP or Mac identified by the network group assign. so there is already filtering . Aside from that , dont forget the "HELO" message when broadcasting


to have a valid data pass to the sytem. it must meet the requirement above stated

[shadow]

As I haven't seen the actual implementation and configuration of the PCOS machines and servers used, it would be very difficult to give an accurate assessment of how easy (or hard) cheating could be done.

However, there are various avenues of attack for any system that relies in data transmission from remote locations going to central servers.

The normal process used to protect data are to encrypt for protection and generate checksums to serve as validation. Checksums (or hashes such as MD5) are very important because changing a single character or changing the position of two characters in the same set of strings will result in vastly different checksums. As an example, see the MD5 hashes of the different strings below:

tsikot: e3f75b618adb2c5fec33305ff55ff27b
Tsikot: 72dad29a0df6c6765221c1b29c6497e8
tsokit: f265e69f522ff38ab31180ee169ceef6

even an extra space or capitalizing one character can have immense changes in the resulting hash value. The normal procedure is to generate an MD5 hash of the raw data in salted form (raw data appended with some secret value), and this hash is sent over along with the encrypted data. The server will then decrypt the data and compute for the MD5 hash and compares the value it received with the value sent by the PCOS. If it is not a match, then something funny happened somewhere.

Data transmission itself is also protected by using secure sockets, and in the firewalls that receive data from the PCOS, there would either be secure tunnels or secure IP implemented.

So man-in-the-middle attacks can be easily detected.

Koala Bear's point shaving claims is therefore quite hard to accept. There are too many safeguards in that front, and tampering in that direction can be relatively easy to detect. I find his claims to be quite unrealistic.

That said, the implementation of the automated election had a lot of lapses and due to the sheer volume of machines involved -- some in remote locations -- as well as the whole lot of manual interventions/processes done (due to machine failure, transmission failure, etc), the surface area of potential fraud has increased in size significantly.

How so? First, how sure are we that there are only 76,000 PCOS machines involved? What if there were more, hidden somewhere and used to generate "election returns." Second, how sure are we that all valid returns have been actually transmitted? What if valid returns were simply not sent to the server and replaced with something else (that still computed correctly as far as checksums go). Third, it is not wholly transparent to everyone what the encryption, validation, and data transmission processes are. Where they followed judiciously? Or where questionable data (like data with suspicious checksum values) still accepted by the aggregating servers?

In a perfect world, there would have been no technology glitches and all transmission would have been done electronically and copies of each PCOS machine's summary results (with checksums) should have been provided to the different party representatives as well as audit groups. This could then be manually tallied and compared with the aggregated result. If we are gonna be strict (as strict as company financial accounting goes), a single voting discrepancy should already be a cause for concern. Note that in financial accounting, a difference of 25 centavos between individual item results as opposed to journal results can be cause for massive re-computation. This I know as I have worked with a lot of financial systems implementation for quite a while. (I wonder what the difference is between the server-aggregated results from manually aggregating the result of each known PCOS machine, hehehe).

To summarize, if the automated election process was implemented strictly following industry-standard, enterprise-class security and data integrity protocols, cheating as per Koala's claims does not compute. However, if the implementation had a lot of loopholes and human workarounds, then cheating could still be done... not in the manner that Koala narrated, but in an even more sinister form.

-----

As a backgrounder, I work in the IT department of a company that does its business online and turns over almost US$1 billion per year in real-time transactions. Security and integrity is our top priority and I'm basing my above comments on a highly-simplified version of some of the things we do to protect our data and customers

ikaw si koala bear

[Rleo6965]

I think koala's cheating will easily detected by Comelec or PPCRV even their "player modem" had successfully transmitted to their server. How many registered voter we have now in 2010 election? Then add around 8 million vote for their "winner candidate" that " player modem" transmiited. So there's a discrepancy of additional 8 million voters. No way "koalas cheating" will work.

[claRkEnt]

^ huh? ...

[rael]

good input, digitalron.

the "hacking" process has been oversimplified (maybe due to the influence of "hacker" movies). it takes geeks + insiders + resources to pull it off so it's no easy feat.

i loved it when i first heard that they're getting a third party, outside pinas, to service the automations. the company would have to do everything in their power to keep their integrity or lose their entire clientele.

secondly, how ever fullproof a system is, an audit system is a must. nope, you don't have to do parallel counting (which i think means manually counting all ballots). you just need statistical random sampling.

[digitalron]

ikaw si koala bear

Well... though my wife sometimes calls me her Grizzly Bear (hehe), I am definitely NOT the notorious Koala Bear.

*rael: thanks! I myself take part in regular security audits which include various forms of attacks... both to penetrate a system and to prevent a system from dispensing its services (called a denial of service or DOS attack). In my experience, system security is almost always weakest where human intervention or a manual process is involved.

What I find reprehensible with Koala's claims is that he's taking advantage of people's unfamiliarity with the PCOS system and using it to sow intrigue and mistrust on the recent election.

If he were really serious with his allegations, he should prepare a detailed treatise on how the point shavings are done. For all we know, he and his handlers are just rehashing the stuff they gleaned from the Youtube video shared by first_light.

In fairness to the PCOS system as well, I'm sure that the manufacturer has learned some lessons in the past (including the US elections) to be able to prepare for various attack scenarios. If they didn't, shame on them... and shame on the Comelec for not calling on our local IT experts (who are really very good!) to help in the planning.

======

I hope the Comelec would be more transparent with the PCOS and the protocols they follow. Contrary to what some people think, publishing the protocols and source code WILL NOT increase the likelihood of an attack. In fact, doing so could help reduce the likelihood of attack because loopholes can be seen by experts and ways to remedy the shortcomings could thus be recommended.

In computer security, the integrity of a system should never rely on "hiding" how it was implemented. This is called "security through obfuscation" and is never good because someone will always discover how a system is implemented. A really secure system will be able to anticipate the various attack vectors and protect the system even if the implementation is known.

[tidus1203]

Nako nagsisilabasan na mga talunan saying they were offered the ability to cheat (as usual without names)... Question to them is WHY expose this NOW when the elections is done? Why not before the elections? Pustahan tayo kung nanalo sila these expose would not come to life. Our election process is now automated but our political system is still very old school. Basta natalo, NADAYA! or may anomalies... As usual the winners are silent!