2009/7/13 Pablo Manalastas <[email protected]>: > 2. The canvassing machines are off-the-shelf computers (during testing, > Smartmatic used laptops), probably desktop > Intel PCs, since these are cheaper than Intel laptops. They run some Linux > distro, and the actual election canvassing > program is a web application (REIS v2.0), probably running under Apache. > During the testing conducted by the SBAC > (Special Bids and Awards Committee of the Comelec) on May 28, 2009, I > observed that the URL on the browser is > http://localhost/someElectionAppName. I asked the techie guy who was > helping out during the testing to open an xterm and > issue the command "ps ax". I saw one java process running, so I guess this > must be the connection to the network, a Java > thread for each incoming precinct ER.
This is probably a Java web (servlet) application. Since it is much easier to cheat here, we need to make sure of the integrity of this web app. But even if the app is good at the source level, how do we know that it won't be substituted with another version at election time? Also, what is the network involved? Is there a VPN or Internet connectivity between the canvassing machines nationwide? Somebody could log in or issue some backdoor API calls separately. _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
