The Center for People Empowerment in Governance (CenPEG) is making one LAST FINAL APPEAL to COMELEC to release the source code of the election computer programs NOW, so that we can do a source code review.
If you believe in this CAUSE, please help CenPEG by supporting this appeal. You can do so by replying to this email, adding your name, position, etc to the end of the list, and email this reply to "Evi Jimenez" <[email protected]> Ms.Evi Jimenez is a Director of CenPEG coordinating this appeal. Thanks ~Pablo Manalastas~ Forwarded message: From: evi jimenez <[email protected]> Date: Wed, Sep 30, 2009 at 5:10 PM Subject: For Signing_Joint Appeal for release of source code_Sept30 To: [email protected], "Bro. Vince Fernandez" <[email protected]>, [email protected] Sept. 29, 2009 Dear Friends, After going around to share the findings of our study on the AES, we now ask for your support. Can you help follow up the Comelec to release the source code for review, as mandated in RA 9369 and which was approved en banc to be given to CenPEG for independent review by its network of computer scientists in the academe? The recent storm Ondoy last week hit us unprepared. Many lives were lost and billions of pesos worth of property destroyed. THAT was a disaster of terrible magnitude that could have been prevented, or at least mitigated through a comprehensive disaster preparedness program. The coming automated polls, the first to be implemented nationwide, will need the same preparedness. Please support the cause for a credible and transparent election by signing the following Statement. Emailing us back with a short note to confirm your signature would be most appreciated. You may also download the attached copy of the Appeal and ask your friends especially those who attended our briefings, to sign. We are rushing against time. There is little time left for a meaningful source code review. Thank you very much! Evi Center for People Empowerment in Governance www.cenpeg.org A FOLLOW-UP APPEAL TO THE COMELEC COMPLY WITH THE AUTOMATED ELECTION SYSTEM LAW; RELEASE THE SOURCE CODE FOR REVIEW NOW! September 30, 2009 The country has barely eight months to go before May 10, 2010 when 48 million Filipino voters are expected to troop to the polls. On that day, the voters shade their votes on small ovals opposite the names of their candidates on ballots 2.5 feet long, and feed the ballots into the Precinct Count Optical Scan-Optical Mark Reader (PCOS-OMR) machines that will read and count their votes, and transmit the vote tallies at the end of voting day to the Consolidation and Canvassing System (CCS) machines. If everything goes as planned, the next President, Vice President, and other national and local elective officials will be known in 2-3 days. For the speed that it promises, the Automated Election System (AES) is certainly revolutionary, and the AES Law or RA 9369, a landmark piece of legislation that could modernize the fraud-ridden voting in the Philippines. But speed without addressing the deep-seated problem of cheating in the country will make the automated election a wasteful exercise at PhP7.2 billion. Machines can help, but will not solve fraud completely. The voters must be assured that the machines themselves cannot be used as instruments for cheating, that they have been programmed correctly and are internally resistant to vote rigging. For this, the RA 9369 provides for certain safeguards that the Comelec is duty bound to implement. One of the key safeguards is the source code review provision: Section 12 [Sec 14] of RA 9369 mandates, “Once an AES technology is selected for implementation, the Commission shall promptly make the source code of that technology available and open to any interested political party or groups which may conduct their own review thereof." [underscoring supplied] Source code is the human-readable set of computer program instructions used to specify the internal actions to be performed by the PCOS-OMR called SAES-1800 (Smartmatic Auditable Election System) machines and CCS called REIS (Real-Time Information System) computers. A most thorough examination of the source code for correctness and security of the programs running in the e-voting machines to be used for the first time in the country’s election history must be undertaken by reputable computer scientists who are known for their independence and probity and are unattached to the vendor or the Comelec.. This will ascertain that the programs in the machines will correctly implement the provisions of RA 9369 for counting, canvassing, and transmission of the votes and that any serious security flaws are identified and properly fixed. More than the external procedural features of the machines – that is, feeding of the ballots into the PCOS-OMR machines to printing of the Election Returns – the correctness and the security of the internal programs running in the machines should be of primordial concern. It was in this spirit of transparency that on May 26, 2009, the Center for People Empowerment in Governance (CenPEG) wrote the Comelec requesting for the source code of the counting and canvassing computers as well as the election database and servers. On June 10, the Comelec en banc approved the release of the source code for review through its Minute Resolution No. 09-0366 but it was delivered to CenPEG only on July 10, the day of the contract signing between the Comelec and Smartmatic-TIM. To this day, however, the Comelec has not yet released the source code, citing as reasons the following: “lack of guidelines” (Comelec spokesperson James Jimenez), “premature release” (Comelec Executive Director Jose Tolentino, also PMO), “CenPEG (and other groups) to apply (first) as resource person … and under controlled conditions,” and “the source code does not currently exist” (Atty. Ferdinand Rafanan of the Comelec legal department), and “we are still waiting for Smartmatic-TIM to turn over the source code so that it could be opened for review” (Commissioner Rene Sarmiento who pointed out that the source code is not owned by Smartmatic but by another firm, Canada’s Dominion Voting Systems!). Then on the September 21 poll automation forum on ANC TV, Atty. Rafanan delivered a final blow to the call for source code review by announcing that “CenPEG (and other interested groups) will not do a source code review, but that an international certification agency will do it as a requisite to TEC (Technical Evaluation Committee) certification.” This announcement is misleading. As clearly spelled out in RA 9369, the certification by TEC through an international entity is a separate requirement (Sec. 9) from the mandate to release the source code for review by interested groups (Sec. 12). We, concerned citizens and organizations from various professions and sectors, join other interested groups like CenPEG in demanding that the source code be made available to interested groups as provided by law so that it may be reviewed by competent computer experts who are not vendors or Comelec-designated but are independent and known for their probity and integrity in the IT hardware and software security industry. Source code review, in accordance with international standards, takes time. Any further delay in the release of the source code for thorough examination by “interested groups” will surely frustrate the intent of the law to give all concerned the opportunity to review the source code and be assured of the integrity of the e-voting system. We believe that implementing this particular safeguard, even if not a sure-cure to fraud, is a big step toward ensuring the integrity of the automated election system, that internal safeguards are well plugged in while assuring the Filipino voters that the machines are secured, accurate, and reliable. Reviewing the source code will certainly not make the system impervious to external attacks and manipulation but rather make it more immune to manipulation as possible vulnerabilities are identified and fixed beforehand. In landmark cases in the U.S., more and more citizens’ groups are calling for e-voting systems to be periodically reviewed long before the elections to check if they are defective, obsolete, or otherwise unacceptable. We reiterate in strongest terms our call for the Comelec to comply with Sec. 12 of RA 9369 and release the source code of the PCOS-OMR and CCS computer programs NOW before it is too late.. As we sign this joint statement, of primordial concern to us are the rights of the voters and the integrity of the voting system. While our demand for the release of the source code is based on law, we believe that the review is critical on moral, political and economic grounds. Let us work together in making sure that the integrity of the machines and our votes will not be under grave threats. Signed: Name Organization Designation Alfredo E. Pascual University of the Philippines President Alumni Association (UPAA) Bishop Broderick S. Pabillo National Secretariat for Chairman Social Action (NASSA)- Catholic Bishops Conference Of the Philippines (CBCP) Bishop Deogracias S. Iniguez Public Affairs Committee Chairman CBCP Angelito S. Averia, Jr.. Philippine Computer Emergency Response Team (PhCERT) President ____________________ ____________________________ ____________ ____________________ ____________________________ ____________ _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
