2010 Elections: AES: A Gathering Storm

If data is changed or manufactured and inserted into the whole chain after the first printout of the election return, the data so changed or manufactured will be propagated through the hierarchy of canvassing and consolidation. Since the election returns will be made available to various parties and posed on Comelec’s website, those parties can do their own canvassing and consolidation and compare the results of their canvassing and consolidation with those of the Comelec. Any discrepancy will trigger a review of the source data, which is on the election return. To avoid being detected, the data must be amended or manufactured even before the election return is first printed.

Such a cheating program may have already been written and introduced or injected into the system that prepares the CF Cards. An unknown trigger might have caused the cheating program to execute itself on May 3, 2010 exposing the miscounts made by the PCOS.

SysTest Review Results

Those who have reviewed the SysTest Lab Review Results report that there are indeed many weaknesses in the software that can be exploited so as to enable anybody to introduce a malicious code. The report indicates about a thousand programming weaknesses or bad code which exposes subpar or poor programming practice.

Direct Communication Link

Then there is a confirmed report that there is a direct communication link between the IPStar offices in Clark, Pampanga, and Smartmatic’s offices at Times Plaza at the corner of UN Avenue and Taft Avenue in Manila. The purpose and use of the direct communication link is unknown.

What is known, however, is that 680 VSATs have been deployed to 680 municipalities nationwide, and the VSATs are under control by IPStar.

Is there a command-and-control center at Smartmatic’s offices?

Data Center Operations

Little or nothing is known of the operations of the Comelec national data center where election reports are also transmitted.

Once the canvassing laptops are opened and their communication devices start to wait for transmission from assigned sources, the laptops are open target. The laptops are connected in a nationwide network, open to be controlled by a command-and-control center either at Smartmatic’s offices or from the national data centers (there are two, actually, a primary and a backup).

Comelec and Smartmatic have access to user names and passwords that allow users to access the network from anywhere. Comelec and Smartmatic have in their possession the System Administrator’s passwords, as well as the signing keys.

Confluence of Facts and Events

The facts and events seem to be coming together. The exposure of a possible cheating program in place in the PCOS, the weakness of the software as revealed by SysTest (now ready for exploitation), the direct communication link that Smartmatic has with IPStar, and the dark operations at the Comelec National Data Centers – these are indeed ripe with all the opportunities for the malicious of mind.

Share This Post