THE AUTOMATED election system is so tightly secured that cracking it is virtually a “Mission: Impossible.”
At the Meet Inquirer Multimedia Forum on Friday, Smartmatic-TIM (Total Information Management) executives unequivocally declared their full readiness for the May 9 polls.
Allaying fears of automated cheating in the wake of a massive voter data leak last week, Smartmatic officials claimed that the firm’s uncrackable technology and equipment were all in place for the nationwide vote nine days from now.
In the words of Karen Jimeno, the firm’s voter education chief, penetrating Smartmatic’s system is “Mission: Impossible.”
“[The system] has so many security features, it’s like a ‘Mission: Impossible’ movie,” Jimeno said, referencing the blockbuster spy film series top-billed by American actor Tom Cruise.
She dispelled concerns of breaches in the voting system while recognizing that many Filipinos seemed to have “trust issues” over computerized polls.
Layers of Encryption
Elie Moreno, Smartmatic general manager for the Philippines, pointed out that the vote-counting machines (VCMs) had layers of encryption, ostensibly referring to multilevel user authorization, digital signatures or fingerprint, authentication access control features and encrypted files.
“We have 100 percent of the machines configured, turned over to the Commission of Elections (Comelec). It already has the logistics provider moving them to regional hubs, with 90 percent already deployed,” Moreno said.
“All the ballots have been printed and verified. So yes, [we’re ready]. We can have the elections now if you want,” Moreno said.
The numbers are staggering for the May polls: more than 50 million unique ballots for as many registered voters, 92,509 voting machines for as many precincts, 37,884 polling centers, and 1.1 million rolls of thermal paper for voting receipts and election returns.
But scale being its very business, Smartmatic, which describes itself in its website as “THE elections company” that is the world’s “undisputed leader of the electronic voting industry,” is downplaying the specter of cheating, hacking and other glitches that automation critics have been raising against its imported technology.
That hackers managed to break into the Comelec website and steal sensitive data of some 55 million voters does not mean Smartmatic’s system itself could be as easily compromised, the lawyer said.
“We do realize that there were many doubts cast because of the hacking incident and the lack of understanding of the public. The data leak … is completely independent from the election system,” Jimeno explained.
One key distinction: the Comelec site is online 24 hours and accessible through the web, while Smartmatic’s data network is not connected to the Internet and transmits data using a separate encrypted network.
“It’s a private network that is not shared by other networks that we use on our phones, in our homes,” Jimeno said.
“It’s like you’re driving on a highway and you see that the other lane doesn’t have much traffic. But you can’t move there because there’s a big wall in between,” she said.
SD cards
As importantly, Jimeno said the encryption or digital lock that protects the secure digital (SD) card, which stores precinct voting results and other data in every voting machine, is so sophisticated, it would take half a century to crack it.
“The encryption [of the SD card] is so high, experts say it will take 50 years to hack it,” Jimeno said.
Moreno explained that the encryption used for every SD card was twice as strong as that used in the banking system: if banks use a 128-bit encryption, the level of data protection used in most systems around the world, Smartmatic’s SD cards use 256-bit keys encryption.
The higher the bit size, the stronger the encryption, hence the more probable mathematical permutations to crack it, according to Moreno.
Voting machines also just go online—and only within Smartmatic’s dedicated network—for a few minutes to transmit results to Comelec servers. Only members of the board of election inspectors could initiate this process, and only after verification of their identities through a password and a high-tech key.
And so the room for a breach is even more miniscule, Jimeno said.
“It takes only a few minutes. Five minutes is already too long. So you (a hacker) have a three-minute window while [the results are] being transmitted, which it is said takes 50 years to crack,” she said.
Moreno asserted the integrity of the source code, saying it has undergone “several stages of audit,” including a review by a US-based independent international firm.
He said each voting machine was already tested, from receiving the ballot to printing out receipts.
“And everything was OK,” Moreno said.
A final test and sealing will be done at the precincts within the week before Election Day.
‘Trust issues’
“I think we’ve taken pains to ensure that there will be no cheating, and there will be a lot of transparency,” said Jimeno, appealing to the public to be discerning of suspicions and rumors they hear about or read online.
“As Filipinos, we have trust issues. But we have a supplier that underwent a competitive bidding process, a company with a track record of over a decade, with enough capitalization requirements, which has done business in five continents. It is (thus) surprising that it’s only in the Philippines that they’ve (Smartmatic officials) had to deal with a lot of controversies and issues,” Jimeno said.
She asserted that all the technology and equipment prepared for the elections had been vetted, reviewed and certified secure.
“That’s why I’m saying it’s a ‘Mission: Impossible’ [to compromise it]. You have to have a concerted effort where everything has to be manipulated from the start,” Jimeno said.
RELATED STORIES
Smartmatic fears election failure
RELATED VIDEOS