Computer Programs
A computer program is a set of instructions that a computer follows to accomplish its task. Without a program, a computer is just a dumb chunk of metal and plastic. With a program the computer can help us browse the web, send and receive email, Skype our relatives abroad, format and print beautiful documents, and balance our household budget.
A program is written by a human computer programmer, using a human-readable programming language like C or Java. This version of the program written in some human-readable language is called source code. Although the source code can be read by humans, the computer can not execute source code. Source code needs to be translated into a computer-readable-executable version called machine code, the only language that the computer understands.
Here is an example of source code, written in the C programming language.
#include
int main(void)
{
printf(“Hello, world!\n”);
return 0;
}
And here is the equivalent machine code that the computer can execute. The first column is machine code, and the last two columns are English version of machine code
.section .rodata
.LC0:
48656C6C .string “Hello, world!”
6F2C2077
6F726C64
2100
.text
main:
8D4C2404 leal 4(%esp), %ecx
83E4F0 andl $-16, %esp
FF71FC pushl -4(%ecx)
55 pushl %ebp
89E5 movl %esp, %ebp
51 pushl %ecx
83EC04 subl $4, %esp
C7042400 movl $.LC0, (%esp)
000000
E8FCFFFF call puts
FF
B8000000 movl $0, %eax
00
83C404 addl $4, %esp
59 popl %ecx
5D popl %ebp
8D61FC leal -4(%ecx), %esp
C3 ret
The machine code is given in hexadecimal for convenience to the human reader, but in the computer, it is really binary, consisting entirely of zeroes and ones. For example, the hexadecimal instruction 89E5 (movl %esp,%ebp) is really the binary instruction 1000 1001 1110 0101 in the computer. For this reason, machine code is also called binary code.
Counting in Manual elections
The Omnibus Election Law tells us that counting of our votes has to be done in public, in full view of everyone. Section 206 states that,
“Counting to be public and without interruption. As soon as the voting is finished, the board of election inspectors (BEI) shall publicly count in the polling place the votes cast and ascertain the results. The board of election inspectors shall not adjourn or postpone or delay the count until it has been fully completed, unless otherwise ordered by the Commission (on Elections or COMELEC).”
As citizens, it is our right to know how our votes are counted. This right is an inalienable right, guarranteed by Section 7 of our Constitution,
“The right of the people to information on matters of public concern shall be recognized.”
Election is a matter of public concern, and we have a collective right to know how the votes on our ballots are counted. Thus the need for open and public counting.
Automated Election: Paper-Based Computerized Elections
The computerized election that COMELEC has chosen for May 10, 2010 makes use of substance 24 or thicker paper ballots of size 8.5″x30″. This ballot can hold the names of 300 national and local candidates’ names on one side and 300 party-list names on the reverse side. The voter marks the oval next to the candidate’s name of his choice using any one of the following marking styles: dot, check mark, cross mark, or full shade. When the voter has finished marking his choices, he feeds his ballot himself into the Precinct Count Optical Scan (PCOS) computer, which scans his ballot, saves the scanned image of the ballot as a TIFF file in the non-volatile static memory of the PCOS, together with its interpretation of the ballot. The PCOS decides which marks on the ballot are valid vote marks, based on guidelines specified by COMELEC, but ultimately based on its inherent capability to “see” the marks as defined by its scan resolution and scan depth.
Scan resolution defines how many dots the scanner can see per linear inch. Normal scanners can see 300 dots per inch, horizontally and vertically. Scan depth refers to how many shades of color can be associated with each dot. Normal scanners can see 24-bits of color per dot, corresponding to more than 16 millions shades of color. On the other hand, the scanner of the Smartmatic PCOS computer that COMELEC has selected has a scan resolution of 200 dots per inch, with depth of 4-bits and so can only see 16 shades of a single color – black. This is 16 only, not 16 million. The Smartmatic PCOS scanner is absolutely the most primitive scanner one can buy today, or not buy, because they are not even offered for sale in normal computer stores.
No matter how brilliant is the computer program of the PCOS, it will make mistakes in deciding which of the voter’s marks are valid votes and which are not, precisely because it can only “see” 16 shades of black and white. The ability to see only 16 shades would have been okay, if only the PCOS machine were required to show to the voter how it interpreted the voter’s ballot. But COMELEC will configure the PCOS machine to NOT show the PCOS interpretation to the voter, because of time limitations. It takes the PCOS 30 seconds to interpret each 8.5″x30″ ballot, and to require the PCOS to show its interpretation to the voter will add another 30 seconds, for a total voting time of one minute per voter. Since there will be 1000 voters per computerized precinct, at one minute voting time per voter, total voting time will be about 17 hours, which is not acceptable to COMELEC.
So in May, 2010, the voter will never know how the PCOS read his ballot, and how the PCOS added up all the votes to produce the precinct election return. With computerized counting using Smartmatic’s PCOS, the principle of public counting provided for in the Omnibus Election Law will never be realized.
Source Code Review
The framers of Republic Act 9369, the Amended Automated Election System (AES) Law, realizing that the process of computerized counting of vote marks on paper ballots will be done in secret by the computer, provided an alternative that may be acceptable as a substitute to public counting — source code review. If the source code of the program running on the PCOS computer can be reviewed by the community, then we will know how our vote marks are interpreted, how votes are assigned to the selected candidates, how votes are tallied, what data are saved for back up later, how the precinct ER EML file is generated, how it is digitally signed by the BEI, how the transmission to the municipal canvassing computer and other destinations is carried out, what details are placed in the audit logs and whether these details are sufficient, etc. With source code review conducted by people we trust, the computerized counting of votes, although carried out in secret by the PCOS computer, will be revealed to us, and so we can accept computerized counting as if it were public counting.
RA-9369 Section 14 states the urgency of source code review of the election programs as follows. “Once an AES technology is selected for implementation, the Commission shall promptly make the source code of that technology available and open to any interested political party or groups which may conduct their own review thereof.”
The point in time when the source code review should be done is clearly stated here: “once an AES technology is selected”. It does not say that source code review will be done after COMELEC signs the contract with Smartmatic. It does not say that source code review will be done after COMELEC makes a PHP3.0 billion down payment. It says, “once an AES technology is selected” by the Special Bids and Awards Committee (SBAC).
THE Terms of Reference provided by COMELEC to the participating bidders in the 2010 elections further confirms this in Section 7.4. “The winning bidder shall authorize COMELEC to make the final source code of the PCOS and CCS and all of its components available and open to any interested party or groups which may conduct their own code review thereof”. It says the “winning bidder”. It does not say the “winning bidder after signing the contract and after being paid the down payment”. It says the “winning bidder” period.
Manner of Source Code Review
During the hearing of the case “Harry Roque vs. COMELEC-Smartmatic”, the Supreme Court gave us an idea of how a source code review should be conducted when Justice Antonio Carpio, pronounced, “the COMELEC has to supply the political parties the source code for review. They have to take them home so that they can study them”. Justice Carpio knows how difficult it is to do a source code review, and that the correct way to do this is to allow the political parties to take the source code home, so that their programmers can take the code apart to understand what it is doing, study the code as individuals and in programmer groups, discuss the code with the political leaders, discuss the code in their organizations and special interest groups, discuss the code as widely as possible. This is the only way that you can convince people that the selected technology will do the job right, so that people can accept the secret counting that the PCOS will do.
The Filipino can read source code. A great number of us can do so, as evidenced by an ever increasing number of enrollment in IT related courses, from 220,000 in 1999 to 270,000 in 2004. Even grade school students learn to program in school, using LOGO or Basic. High school students learn programming in Basic, C, or Java, and some even program their own websites.
However, the COMELEC wants the political parties to do the source code review under conditions and terms agreed upon between COMELEC and Smartmatic, telling people that COMELEC has to respect the Intellectual Property Rights (IPR) of Smartmatic. The contract signed by COMELEC and Smartmatic specifies in Article 7.2, “The system software, hardware, and source code, including documentation will be open for inspection at any time in a controlled environment under guidelines formulated and agreed by both parties”. And in Article 9.5, “The PROVIDER (Smartmatic) and COMELEC shall promptly make the source code of the Project available and open to any interested political party or groups which may conduct their own review thereof … in accordance with the provisions of Article 7.2 above”.
As a computer programmer, I must violently disagree to a source code review under controlled environment, because that is not in the spirit of “an interested political party or group conducting their own review thereof”.
Richard Stallman is the founder of the Free Software Foundation, advocate of the freedom to study source code in order to make improvements to the program, and author of the software copyright called the General Public License (GPL). When I mentioned to him that the COMELEC wanted to protect the IPR of Smartmatic, he said, “IPR is just a vague way of talking about various different laws, so talking about it is just handwaving. If they (COMELEC and Smartmatic) claim that some law restricts this review, they have an obligation to say WHICH law they are talking about. Then you can look at that law and make arguments about what it really requires in this case”. So I now ask COMELEC, which Philippine law is violated if source code review is done in the manner specified by Justice Carpio? I tell COMELEC now that it may be violating the provision of RA-9369 Section 14 and its own Terms of Reference if it does not allow review as Justice Carpio specified.
COMELEC Advisory Council – Enemy of the People
In the document “Post-election Report on the Use of Automated Election System (AES) in the 2008 ARMM Elections”, the COMELEC Advisory Council (CAC) recommended to the Congressional Oversight Committee the following change in legislation, in RA-9369 to remove “source code review” and replace it with “review of the instructions/users’ manual”. So the CAC wants to remove from the AES Law the only measure that will make people believe in the correctness of the computer count. The fact that COMELEC did not do a source code review in the ARMM elections can be forgiven. But for the CAC to recommend a new law that prevents us from “our constitutional right to know” is treason. The present membership of the CAC, if they have any honor left in them, should all resign, and should be replaced by people in their respective agencies who will do a better job.
The recommendation to remove “source code review” from RA-9369 arises out of the CAC’s ignorance of computer technology, an area in which all of them are supposed to be experts. In the Report, the CAC mentioned that “source code” refers to “system software codes of computer programs that may be subjected to alterations causing widespread fraud at a grand scale”. First, the subject of source code review is the election application program, the SAES-1800 scanning and counting program, not the system software which is either Windows or Linux. The operating system software, if Linux, has been downloaded and reviewed by thousands of people, and so does not need to be reviewed. Second, the act of doing a source code review of the SAES program will not subject the SAES to “alterations causing widespread fraud at a grand scale”. To alter the program running on any computer, you need to have physical or network access to the computer, and the program must be alterable. Only Smartmatic and COMELEC will have physical possession of the PCOS machines before election, which they will keep under lock and key, so physical access is out of the story. The PCOS computer will connect to the Internet at the close of polls on election day, and for a few minutes only, in order to transmit its precinct election return to the canvassing computers, so network access is extremely difficult. The PCOS program must be alterable, but it is not, since it is burned in computer firmware. So how can any criminal computer cracker gain access to the PCOS machine for the purpose of altering the PCOS program? Unless, it is an inside job within Smartmatic or COMELEC.
Is Smartmatic Allowed to Supply the Source Code?
The owner of a software program (copyright holder) can license his program for use by other people. The license can be of two kinds: (1) a binary license is a permission to use the binary code or machine code on a computer. (2) a source license is a permission to use the binary code on a computer, together with a copy of the source code, which the licensee is allowed to read and study. The source license may further specify whether the source code may be modified by the licensee, and what mechanism the licensee must follow to implement his modifications. Is the Smartmatic PCOS program owned by Smartmatic, or Smartmatic just a licensee of another company?
A reading of the License Agreement presented by Smartmatic to COMELEC, which is a public document whose contents the people has the right to know, shows the following. The PCOS computer hardware and software/firmware are owned by Dominion Voting Systems of Canada. On April 4, 2009, Smartmatic licensed this technology from Dominion for a period of five years, “with the right to sublicense the right to use such software to the COMELEC”, but that “Dominion will retain sole liability to amend, change or develop all software or firmware or EMS”.
It is clear from this document that Smartmatic’s license is a binary license, and Smartmatic has never been authorized to get the source code from the very beginning, nor is it authorized to modify the source code in any way. When Smartmatic joined the COMELEC bidding to supply computer equipment, management, and training for Election 2010, it had full knowledge that it could not meet the provision of RA-9369 Section 14, which states “Once an AES technology is selected for implementation, the Commission shall promptly make the source code of that technology available and open to any interested political party or groups which may conduct their own review thereof”. Since COMELEC is a sublicensee of Smartmatic, which in turn is a licensee of Dominion, with only a binary license, COMELEC could not fulfill this sacred duty of source code review in an environment in which “political parties may conduct their own review”, because there is no source code to review.
Is Smartmatic liable under Philippine laws for its misrepresentations of facts? Is COMELEC, under advice from the CAC, fooling the People?
Pablo Manalastas, PhD, is a lecturer in computer science at Ateneo de Manila and University of the Philippines. He is a computer programmer, and he coached the Ateneo programming team that went to the two World Finals, 2005 Shanghai and 2006 San Antonio, of the prestigious ACM International Collegiate Programming Contest. He is a research fellow of the Center for People Empowerment in Governance.
Popularity: 3% [?]
Thanks for highlighting these issues. Aside from source code review, we must ensure that the source code that has been reviewed is the one that is installed into the system to prevent bait and switch.
The accuracy of the scanners in counting votes needs to be determined by running these through a series of tests under realistic conditions. That shouldn’t be too hard to set-up. Prepare ten thousand hand-filled ballots of varying quality of legibility, run them through the scanners and compare the results of the scan with the results that were expected. Test each and every scanner that will be deployed using these to weed out defective ones. Any scanner that does not meet the required level of accuracy should not be accepted.
Personally, having been in Information Technology for more than 20 years, i still prefer manual counting at a precinct level for these kind of exercises.
CVJ: We are proposing to the COMELEC’s Technical Evaluation Committee the standard method of confirming that the program approved by source code review is the one installed on the computers. In front of party reps, the developers can compile the approved source code into binary executables. Then the SHA256 hash of the executable is computed and printed and copies given to all party representatives and the BEI. There will be only one version for all 82,200 PCOS machines, so this hash value will be just one line of 64 hex digits, easy for the BEI and party reps to put in their notebooks. Then on election day, as part of initialization, the BEI will do the start-of-day power-on of the PCOS machine, and the PCOS computes the SHA256 hash value of the installed program. If the hash value of the installed program matches the hash value of the original approved program, then the program is unchanged. Otherwise, the BEI will ask for another replacement unit, because the one they have has already been compromised.
I agree with your approach.
Computers and Information Technology equipment are sophisticated
machines. They are as good as the purpose of human operators. If
the purpose is good. They will produce good results. We have to be
vigilant on the people operating it.
@pablo
how do you know about the size of the ballot? how do you know the voter cannot verify his vote? is this information somewhere online?
if you can share some links about what the plan actually looks like, that would be great.
GabbyD: One COMELEC bid bulletin specifies a minimum font size of 10 points for candidates’ names on the ballot. You can put two columns of names on ballot that’s 8.5″ wide. If you print candidate’s name at 10 points or bigger plus an oval next to the name, you can fit 5 names to an inch of ballot length, times two columns means you can fit 10 names to an inch. We expect 300 candidates names for the 2010 national + local election, at 10 names per inch means 30 inches. The reverse side is for the more than 150 party-list names. Smartmatic actually specifies in one of its references on the web that the ballot should be 30 inches at most, because a longer size will be too unwieldy for the voter. Personally, I think 30 inches is already unwieldy.
are there smartmatic technical links to their system you can share?
if you could do that, that would be great!
i’m sure interested observers would like to know what the system is, and then read your critiques…
salamat!
read ur comments below. thanks.
as per your description, it needn’t be 30 inches long.
with 450 names*(1/5 inches per name) that makes 90 inches, one sided, one column
two sided, 2 columns means 22.5 inch long ballot.
Dr. Manalastas,
Thank you for this detailed technical brief presented in terms we laymen can understand.
I agree with cjv, considering the difficulties here. It would be better to have people watching people add up the paper manually, locally, than depend on potentially faulty scanners and control mechanisms that give appearance of sophistication but actually present huge vulnerabilities. For massive fraud to occur with a manual count, a lot of people have to be brought into the loop, and not all will remain silent. With this project, one sneaky guy in COMELEC can steal a nation and no one would know.
There are a lot of sneaky guys about, and a lot of people with money and the moral values of a stone.
I fear the Philippine Congress and COMELEC have dedicated too little time to a project that has huge impacts. Indeed, a massive election day foul-up puts the nation’s stability and security at risk.
A properly done automation project, taking three years rather than one, might provide a modernized, secure, efficient tallying mechanism. Even then, one would have to consider the costs versus the benefits.
Knowing all that you know, would you recommend pulling the plug?
I look at the calendar and it is almost too late to go manual.
Not good.
Thank you also for your work in keeping the Philippines at the front edge of technology development.
Joe
Hello Joe. It is not too late to go manual. In fact the law is set up so that manual is the default mode, and automation comes in under proper conditions. What may be too late is to automate the canvass, which is what makes the most sense at this time.
Joe America: Would I recommend pulling the plug? I think we can still make good the COMELEC plan, provided the safeguards that I enumerated below are put in place. There are very few of them: source code review, sha256 verifier that the approved programs are the ones installed on the PCOS and the CCS, truly secret keys that only the teachers hold (not Smartmatic or Comelec) for digital signing, secure transmission, and no root/otheruser access on the canvassing computers. Also proper training of BEI and BOC staff. If COMELEC works fast and does not delay, specially the source code review, which has to be done yesterday, then COMELEC might just be lucky and succeed.
COMELEC could not fulfill this sacred duty of source code review in an environment in which “political parties may conduct their own review”, because there is no source code to review.
That is a clincher.
A good rebuttal of all of Dr. Manalastas arguments can be found in this link: http://smoke.ph/?p=1483
I totally disagree with Dr. Manalastas’ points and totally with Rom Sedona’s observations.
Makes me wonder if Dr. Manalastas is part of the Roque / Lagman OES clique?
Atty Harry Roque has brought his case against COMELEC-Smartmatic to the Supreme Court. He wants COMELEC to do pilot testing in May 2010 in at least 12 cities and provinces, before going full computerization in subsequent elections after 2010. He is also questioning the 60-40 ownership of the TIM-Smartmatic Joint Venture, which truly smells foul.
Gus Lagman and company wants manual paper voting and manual counting, with computerized transmission and computerized canvassing using his OES programs.
We want the same things COMELEC wants, but with proper safeguards. That is why we want to help COMELEC by doing a source code review, which COMELEC did not do in ARMM 2008, and which they want to scrap, going by what the CAC has recommended. We also have been meeting with them, arguing our case. Just ask Dir Denis Villorente, Exec Director Tolentino, and Comelec Chairman Melo.
The only good thing that I can see in SMOKE’s rebuttal is his excellent use of curse words, as if those words are parts of his humanity and his goodness of heart.
Please check your facts before you make any wild accusations!
I think you were being kind to bagongbayani. He appointed himself debate referee and character judge of certain others. Is that proper?
Hi James. How are you?
From CAC’s Post-election Report on the Use of Automated Election System (AES) in the 2008 ARMM Elections:
“There was a report submitted by Avante to COMELEC regarding changing the data of election results remotely from Manila head office by Smartmatic-Sahi that if left unchecked can lead to widespread vote reduction and padding.”
What’s COMELEC reply to this report? Can we download the document?
i really want to know how you guys know what the smartmatic system will be. is there some info avaialble out there?
how can we know that the “vulnerabilities” are true?
GabbyD: If you want the marketing brochure of the Smartmatic PCOS-SAES-1800 machine, this is the document. You will not find true technical documentation. I asked Carlos Flores, Heider Garcia, and Chris Iskander of Smartmatic and Dominion for technical documentation, but everyone of them tell me to ask COMELEC, but COMELEC does not have them either, or is hiding them from us.
http://www.smartmatic.com/fileadmin/users/docs/SAES/SAES1800_technicalsheet_v2.0.pdf
This is the marketing brochure of the CCS-REIS v2.0. Again, it is a marketing brochure. This lack of any true technical documentation, and the consistent refusal to make them available, is another reason why we want to do a source code review.
http://www.smartmatic.com/fileadmin/users/docs/SAES/REIS_v2_0.pdf
This is the COMELEC Terms of Reference, a document given by COMELEC to the bidders, giving minimum specifications that the bidders machines have to meet, in order to be considered for the computerization project. It is very close to a technical documentation, but is not a technical documentation.
http://www.aes2010.net/index.php?option=com_docman&task=doc_download&gid=1&Itemid=70
And finally, this is the law that governs the COMELEC in its activities to computerize the 2010 elections.
http://www.chanrobles.com/republicactno9369.html
thanks!
Vulnerability: SOURCE CODE OF SAES-1800 OF THE PCOS MACHINE.
I want to know if my vote is really counted. How do I know that SAES-1800 really add 1 vote to the candidate I voted for the president and not to the other candidate?
How do we know that SAES-1800 is not tampered at the manufacturing site?
Prove us wrong by showing to us the source code and install a hash function so that we will know that the reviewed source code is the one embedded in the PCOS and is not changed by malicious individuals.
thats what i want to know lex. what is the smartmatic/automation system gonna be in reality? is there some official description out there somewhere?
That’s is what we are asking from the COMELEC also.
Actually, we are also asking for the IRR (Implementing Rules and Regulations) of RA 9369.
To know what the Smartmatic system will be, we had to do a lot of detective work. We attended the SBAC testing of May 27-28, the UNTV demo last Saturday, we read all the documents in the Smartmatic website, all the laws governing computerized elections, the COMELEC bid bulletins (you will find a lot of holes in those bulletins), the CAC report on the ARMM elections, and combined them with our knowledge of Linux systems, which is the operating system that is used by the PCOS and CCS computers. We discussed in meetings and in the mailing list of the Philippine Linux Users’ Group source code review and the system administration problems and possible security holes associated with Linux systems. We had to do all these because there is no single technical documentation on the Smartmatic PCOS & CCS out there, or the authorities do not want us to know. But it is our obligation to ourselves, and our right, to know.
This looks like a 2005 report on Smartmatic that may still have relevance.
http://www.vcrisis.com/index.php?content=letters/200508141135
Do you know the owner of the vcrisis site? His name is Alex Boyd, an exiled Venezuelan oppositionist. Check him out. These are all inuendos without an ounce iota of proof.
Sir Orlando, I didn’t know you are an esteemed member of the Board of Censors. Sir, did you even pass the Bar? Did you eventually successfully defended your economics dissertation or even start one? Or are you just a professional student? What a poser! LOL!!!
bagongbayani, not even Smartmatic officials have been able to prove my investigation wrong. It is so accurate in fact that it prompted them to exit the USA without having complied with requests of ownership structure issues by the CFIUS.
Would you like to set the record straight and provide here incontrovertible evidence that I have written are “innuendos without an ounce iota of proof”?
Alek Boyd first claimed that Smartmatic is owned by Hugo Chavez and his cronies. Now he claims that Chavez banned Smartmatic from doing business in Venezuela. This defies common logic! So which is which, Mr. Boyd? Which of these innuendos do you stand by? Or are you just against anything Smartmatic does? Or are just against anything Chavez does? I’m totally confused!
This one is recent and it happened here:
From CAC’s Post-election Report on the Use of Automated Election System (AES) in the 2008 ARMM Elections:
“There was a report submitted by Avante to COMELEC regarding changing the data of election results remotely from Manila head office by Smartmatic-Sahi that if left unchecked can lead to widespread vote reduction and padding.”
COMELEC CHAIRMAN MELO assured us that COMELEC will make the source code of the Automated Election System available for review once it is customized and gets certified sometime in February. Yes, we have no problem with promises. Lovers often do that. Groovy? We’ll see.
“A Stalled Right to Review the Election Source Code”
http://www.mndlaw.net/?p=477
There are people who find it difficult to argue against the merits of an argument will resort to cast doubt on the motive of the other side. OES calls for secret voting, transparent counting and electronic transmission. It has strengths and weaknesses. If it were chosen by the COMELEC then we have to analyze it, expose its vulnerabilities and propose possible solutions so that our automated election will be clean and honest. But the COMELEC has chosen the SMARTMATIC solution. So we have to study the CHOSEN system, expose its vulnerabilities and propose possible solutions. Those who defend it without knowing what are they defending for, are those who want it to fail.
SMOKE: When I wrote this post, I tried to be as intellectually honest as I possibly can. First, I identified myself in the article, so you do not have to ask who Pablo Manalastas is. If you are not satisfied with the identification, you can always Google me. You will be surprised by how much information you can get by Googling a person. You, on the other hand, are an absolute COWARD, hiding behind the SMOKE of anonymity, firing your SMOKING GUN at one who happens to have ideas different from yours, even if those ideas are based on sound arguments. Second, I supported all my arguments with verifiable facts. Just check the documents I mentioned here, and you will agree that I have faithfully cited them.
We believe in a fully computerized election where the voters secretly mark their choices on paper ballots, where the counting is done by PCOS computer run by programs that have been reviewed by the community, where the precinct election return is digitally signed by the BEI with their own secret keys unknown to Smartmatic or COMELEC or any political party, where transmission is via secure communications channels, and where the CCS/BOC canvassing computers are free from tampering by the root/admin user or by any user, and run by programs that have been reviewed by the community. For the past many weeks, this is all that our group at the “U.P. College of Law Policy Study Project on Election 2010″ (No relation to Atty Harry Roque, whom we happen to respect) has tried to accomplish, because we believe that these are the only conditions that will lead to a successful computerization of election 2010. The OES does not satisfy all of these conditions, so we can not accept the OES, unmodified. The COMELEC-Smartmatic solution can be fixed and can be made to work, if the conditions mentioned above are put into place. We are working hard to influence COMELEC. We talked/argued with Spokesman James Jimenez, Executive Director Tolentino, CAC member Renato Garcia (who, we believe, must despise and hate us and treat us worse than second class citizens), trying to bring these issues to their attention. But to them, the Smartmatic solution is perfect, and it is not possible to cheat when election is computerized. “Let us trust the computers”, they say. But I am an IT person, and I can not, in my conscience, trust the computers when I see so many holes that have to be plugged. There is only one government person who can see the holes in the system as we see them, and this is ASTI Director Denis Villorente, but Denis is only one person, and there are hundreds in COMELEC who are blind.