Tuesday, October 6, 2009

The War Over Source Code

The Supreme Court of the Philippines (SCoRP) has received a petition for mandamus to compel the Commission on Elections (Comelec) to reveal the source codes to be used by Smartmatic's Precinct Count Optical Scanning machines in 2010. What is strange (and possibly premature if not malicious) about the new suit is that Comelec already approved the request for source code of CenPeg...The Petitioners, represented by Atty. Koko Pimentel, are those same nice people's academics from CenPeg who recently tried and failed to stop the 2010 automated elections contract but were denied in a stunning 11-4 decision --Roque v. Comelec-- in which the High Court was unconvinced by dire warnings of a massive failure of computerized elections, or one so compromised from the inside that wholesale cheating operations would themselves be automated. Instead SCoRP upheld the validity of the contract with Smartmatic/TIM. The Y2K-Bug style of fearmongering from a decade ago apparently did not spook the Justices of the High Court, though I see they've mesmerized that smart young Justice Tony Carpio, whose Dissenting Opinion is notable in how utterly wrong it is!

This time the Petitioners want the SOURCE CODE and they want it NOW. Mainly as a sign from Comelec that it is indeed willing to be TRANSPARENT about this aspect of the automated election system. However, it ought not be ignored that the green light for an automated election was only given by SCoRP less than a month ago (no thanks to Petitioners themselves, albeit in a losing suit!) and therefore the Contract itself has been in suspended animation (at least as far as payments and certainty go). Moreover, it is a mistake to think that "the source code" consists only of the logical and mathematical operations involved in sensing, counting and tallying the ballots. There is also the simple but absolutely necessary matter, just for one example, of the LIST OF OFFICIAL CANDIDATES for each elective position. As a political party, party list org, or political candidate, I would certainly demand to see proof that the source code properly takes such data into account! At least as much as proof of the integrity of the logical and programmatical acrobatics of how a PCOS machine scans, stores, interprets and tallies submitted ballots and transmits its results.

What is strange (and possibly premature if not malicious) about the new suit is that Comelec already approved the request for source code of CenPeg:

Center for People Empowerment in Governance
Evita L. Jimenez, Executive Director
Bobby M. Tuazon, Policy Study Director, on his own behalf and
On behalf of Felix Muga II, PhD, Electoral Studies
Dr. Bienvenido Lumbrera, Chairperson, Board of Directors
Dr. Pablo Manalastas, IT Consultant
Atty. Victoria Avena, Legal Consultant

Subject: In the Matter of the Request for a Copy of the Source Code (COMELEC Resolution No.09-0366)

Reference is made to your letters dated August 25, 2009 and May 26, 2009, pertaining to your request for a copy of the Source Code. The Commission En Banc in its meeting held on June 16, 2009 resolved under Resolution No. 09-0366 to approve the recommendation of its Executive Director to grant the request for the source code of the PCOS and CCS. This resolution and approval is premised on the provisions under Sec. 14 of Republic Act No. 93691.

SCORP cannot but note above Letter on the Record and justifiably observe that the present petition is PREMATURE, since Comelec not only resolves to grant the request of CenPeg but also addresses why all of us have to wait patiently for "the source code" to actually be produced:

...the source code “for implementation” referred to does not currently exist for the following reasons:

1. The baseline source code of the provider has not been received. This should not come as a surprise to you since you are well aware that no payment has been made to the provider as of this date, in deference to the Supreme Court Petition filed to withhold payment from the Concerned Citizens Movement, which was supplemented in the oral presentation and Petition of the defunct Information Technology Foundation of the Philippines (as represented in the Supreme Court hearing July 29, 2009 by Gus Lagman of www.transparent.org & OES and by Professor Manalastas of CenPEG).

2. The customization of the baseline source code is currently targeted for completion in November 2009.

3. Under Sec. 11 of RA9369, the customized source code shall be reviewed by “an established international certification entity”, on which basis, among others, the Technical Evaluation Committee shall issue its certification. The current target for completion of the customized source code review by “an established international certification entity” is end February 2010.

Only thereafter will the AES technology “selected for implementation” be available and can be made “open to any interested political party or groups” for review under a controlled environment.

Should CenPEG be interested to become a technical resource person of the Commission, it is suggested that CenPEG apply with the Commission through the Advisory Council and/or the Technical Evaluation Committee.

I think it is helpful to look at Republic Act 9369 (The 2007 Automation Law shepherded through Congress by Sen. Dick Gordon and Rep. Teddy Boy Locsin) on this whole matter of SOURCE CODE.

First is the following terse entry in the Definition of Terms:

Section 2-12. Source code - human readable instructions that define what the computer equipment will do;

Second the more substantive matter covered in:


"SEC. 14. Examination and Testing of Equipment or Device of the AES and Opening of the Source Code for Review.
- The Commission shall allow the political parties and candidates or their representatives, citizens' arm or their representatives to examine and test.

"The equipment or device to be used in the voting and counting on the day of the electoral exercise, before voting starts. Test ballots and test forms shall be provided by the Commission.

"Immediately after the examination and testing of the equipment or device, the parties and candidates or their representatives, citizens' arms or their representatives, may submit a written comment to the election officer who shall immediately transmit it to the Commission for appropriate action.

"The election officer shall keep minutes of the testing, a copy of which shall be submitted to the Commission together with the minutes of voting."

"Once an AES technology is selected for implementation, the Commission shall promptly make the source code of that technology available and open to any interested political party or groups which may conduct their own review thereof."

Finally, there is in the law crafted by Mssrs. Gordon and Locsin the following provision for quality and security assurance of the deliverable hardware and software system, including but not limited to the source code review aspect being targeted in the CenPeg suit before SCoRP:

"SEC. 10. The Technical Evaluation Committee. - The Commission, in collaboration with the chairman of the Advisory Council, shall establish an independent technical evaluation committee, herein known as the Committee, composed of a representative each from the Commission, the Commission on Information and Communications Technology and the Department of Science and Technology who shall act as Chairman of the Committee.

"The Committee shall be immediately convened within ten (10) days after the effectivity of this Act."

"SEC. 11. Functions of the Technical Evaluation Committee. - The Committee shall certify, through an established international certification entity to be chosen by the Commission from the recommendations of the Advisory Council, not later than three months before the date of the electoral exercise, categorically stating that the AES, including its hardware and software components, is operating properly, securely, and accurately, in accordance with the provisions of this Act based, among others, on the following documented results:

1. The successful conduct of a field testing process followed by a mock election event in one or more cities/municipalities;

2. The successful completion of audit on the accuracy, functionality and security controls of the AES software;

3. The successful completion of a source code review;

4. A certification that the source code is kept in escrow with the Bangko Sentral ng Pilipinas;

5. A certification that the source code reviewed is one and the same as that used by the equipment; and

6. The development, provisioning, and operationalization of a continuity plan to cover risks to the AES at all points in the process such that a failure of elections, whether at voting, counting or consolidation, may be avoided.
We see at once that the matter of a source code review is a very particular aspect of the overall task and challenge of automated system implementation, management and logistics.

To see the full ramifications of this consider the following somewhat philosophical but highly technical question: When one is conducting a SOURCE CODE REVIEW of a large complex system like the contemplated 2010 automated election system for the Philippines, say of the PCOS machines or the accompanying central electional management and monitoring software, how does one know that one has ALL of the SOURCE CODE.

In my personal experience and considered opinion this can only be accomplished completely by requiring of the system supplier to provide not only the sources codes of each program module, but also the capability to literally BUILD the executable code from scratch; to store and cryptographically secure the same, ("escrow at the Central Bank" as RA 9436 specifies); securely transfer that operating software to each PCOS machine before Election Day.

3 comments:

Tangama said...

It is quite ironic that CenPeg continuously accuses Comelec of delaying tactics when in fact they are part of the group that is actually causing the delay. First, the Harry Roque et al case, already setback some of the salient but important aspects of the contract such as the scheduled payments to the winning bidder. Comelec in deference and respect to the Supreme Court, withheld payments to the contractor. Comelec did not have to do this because the SC did not issue a TRO on payment but out of respect and propriety, they withheld payment. Without payment, certain deliverables will also be delayed. It's still a business transaction, isn't it?

Now this, another petition before the Supreme Court by the same group of people who cleverly disguised themselves as different and independent. I am beginning to suspect that this is part of the earth scorching tactics being deployed by the people behind the OES system. If this new petition is not handled properly by the Supreme Court, it will definitely cause another delay. Maybe this is part of the strategy by these obstructionist cabal to purposely cause delay in order to eventually kill the project.

The very insistence of Dr. Manalastas to have the source code available to his group NOW for review raises some very interesting suspicions. Does he want to get a peek at the source code to review its integrity or to copy its code technology and give it to the OES people? It is quite arrogant for Dr. Manalastas to demand NOW the source code from Comelec when it had already given its reasons for not having it available NOW.

Even if Comelec approved CenPeg's request to review the source code, CenPeg is still subject to the same ethical standards as that of the members of the Advisory Council and Technical Evaluation Committee, meaning they have to prove that they are non-partisan, independent and does not have any vested interest, business or otherwise.

Now if we can only prove that Dr. Manalastas and Gus Lagman are cut from the same grain, then we will know their true motivations! If they can't get in the action, then no one can...scorch the earth, tsk, tsk!

Paolo said...

You've been watching too many conspiracy theories from G2 chairborne commandos my friend.

First and foremost, on what grounds do you level your accusations against Dr. Manalastas et.al? Have you done any due diligence before casting any doubts?

Fact of the matter is, Section 12 of RA-9369 allows any interested party to do its own source code review independent of any review or testing that COMELEC itself might want to do. COMELEC decided this already in an en-banc resolution last June 2009, but till now adamantly refuses to actually implement it.

Read the complaint letter and the law first and digest it well before spewing garbage.

Tangama said...

Paolo, no need to read the complaint because it is, to use your term, garbage. Dr. Manalastas will have his turn and this is already confirmed by Comelec to be by February 2010 after it has been tested by an independent international certification body, Systest Labs and certified by the Technical Evaluation Committee. What Dr. Manalastas will not get is his demand to have the source code NOW and have it in a form of soft copy. Why? Let me tell you why.

First, Dr. Manalastas is treating this software as if it is like any open source software that is used for daily applications like business, entertainment, etc. The fact of the matter is that this software is of vital importance to the eventual success of the elections that it should be treated with the same safeguards as if it is a National Security issue.

So imagine for a moment that Comelec releases the source code in soft copy form to Dr. Manalastas and he distributes this to his group of code reviewers. Can he guarantee that there are no rogue reviewers among his`group who are only out to exploit the vulnerabilities to do damage that could eventually lead to the failure of the system and possibly the elections itself? What if one or more of his reviewers are only out to steal the code technology and sell it to the OES group? Will Dr. Manalastas bare the responsibilities of such ill fated actions?

Secondly, there is a portion of the software that is protected by intellectual property rights law. While the solution provider agreed to open up the source code and comply with the law, it did so under the impression that their proprietary rights will be protected too. This is why Comelec has to open it up for source code review under a controlled environmnet because it has to do a balancing act in being transparent while at the same time protecting the solution provider's rights under a seperate law.

Thirdly, you accuse me of not doing my due diligence on Dr. Manalastas. I did and here's why I am raising some suspicions on his motives. When OES was formed by Gus Lagman, Dr. Manalastas was part of his core group. When Cenpeg recently filed a joint statement demanding the source code from Comelec, the usual suspects were signatories too, the likes of Gus Lagman, Harry Roque, etc. How could you blame me for being suspicious given these facts? They're all part of the same circle!

Before advising me about reading the law, maybe you should be the one to do so and do so in its entirety. You guys seem to be hung up on one particular Section 12. What about the other sections that pertains to reviewers upholding to the same moral and ethical standards as those from the members of the Comelec Advisory Council and the Technical Evaluation Committee? In short, Comelec cannot just hand out this source code to any interested parties, these parties should prove that they are independent, non-partisan and without any vested interests.

You guys have taken the narrow view in interpreting the law. You tend to forget that a more important facet of implementing an automated elections is NATIONAL SECURITY and it should be protected as such.

My last advice to you, Paolo, is get down from your utopian view of the world and come to the real world, rookie!