--- On Sat, 4/18/09, Jerome Macaranas <[email protected]> wrote: > http://www.redorbit.com/news/technology/501251/experts_see_new_diebold_flaw_they_call_it_worst_security/
The Comelec just issued the "Request for Proposals", which specifies the terms and conditions covering the computerization project for the 2010 elections. It is clear that you have not read this document, and that you are reacting to my post without complete knowledge of the computerization plans of Comelec. The Comelec will be using PCOS machines (precinct count optical scanner), which are actually OMR (optical mark readers) - scanners attached to PCs. Voters will use paper ballots that they mark with felt-tip pens near the name of the candidate. After filling up the ballot, the voter himself will feed the ballot into the PCOS scanner, which will count his vote. At the end of the day, the PC will connect to Comelec to transmit the precinct ER. Comelec will not use always-online push button voting machines like the Diebold equipment mentioned in your article. The security risk of being online does not exist in the case of PCOS machines simply because the PCOS machines are not online, but will connect online only to transmit the end-of-day precinct election return. > i doubt that this will happen, what the comelec can do is > require the > winning bidder to ask a couple of well known security firms > to review the > software and just have an NDA with them. If you read the law (RA-9369), the winning bidder is required to do a source code review of all his programs. I talked to James Jimenez (of Comelec) Thursday night why the RFP (request for Proposals) did not mention the source code review in the schedule of deliverables by the vendor, and Jimenez said that it is just an oversight and he further added that Comelec is aware of this provison in RA-9369. Since the law requires Comelec to do this source code review, the easiest way is to do a continuous always-running source code review. Is this not easily convertible to GPL open source? _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
