I just saw the video from the linked site.
On the hash codes. At around 02:32 of the video, the speaker says: "the two softwares (sic) are entirely different." But consider these two little Python scripts:
Code:
# Created on 2010-06-29T09:24:00 +0800.
print "Hello, world."
Got "fea19870dd5e7b24c1f150c4af96aeb1" as its hash.
Code:
# Created on 2010-06-29T09:28:21 +0800.
print "Hello, world."
Got "803ce4b59fd6c87586fd0a13c409e9e2" as its hash.
The two scripts have obviously different hashes but they do the very same thing: printing "Hello, world." The only difference is the datetime string in the comment.
The video stated that the hashes kept by the BSP and the hashes retrieved from the Antipolo PCOS machines were different. Does that mean that the source codes are different? Yes. How different are the original and "updated/changed/supposedly-manipulated" source codes are? Dunno. The video (and presumably, the forensics team) didn't say. Were the forensics team able to "diff" the original and new source codes? Again, the video didn't say.
On the absence of Digital Signatures. At around 05:29, the speaker says: "we cannot attest to the credibility of the results." Did the forensics team conduct a manual audit of the machines that they tested? Dunno, the video didn't say.
On the console/serial port. Every computer (including our cellphones) has a port somewhere; otherwise, how can the manufacturer/technician program the thing if it didn't?
At around 06:00, the speaker gives a confusing explanation regarding console ports, saying: "[a console port is a device] which will sent (sic) out information on a one-way process. But in this [Smartmatic PCOS machine's] case, it is a two-way, input-output, port; which means if you connect a device such as a laptop into the machine then you are capable of transmitting information into that same machine, and the integrity, and the credibility of the information within that PCOS machine has been compromised."
But if one-way is to mean "output-only" (or "input-only"), then how will the host computer (the one that has a port) know when to send information to a client computer (the laptop connected to it)? If a host computer accepts instructions from a client computer, does it automatically mean that the host computer, or the information within it, is compromised? I don't think so; because to accept that, it would mean that all HTTP servers in- or outside of the Internet have all been compromised. Right?
At around 06:54, the speaker suggests that being able to access a host computer's operating system: "whatever has been embedded, written, recorded by that machine can be subject to alterations, changes, deletion, whatever you want to consider."
While technically true, were the forensic team able to access, change, or delete information in the PCOS machine(s) that they tested? Dunno. The video didn't say. Were the forensic team able to gain root access to the Linux Operating System of the machine(s)? Again, the video didn't say.
Overall, at around 07:52 on the speaker, quoting the forensics team, concludes: "...this [the system] has been compromised." Can we support this conclusion? Simple: insufficient data.
Therefore, as jsgotangco said, "If there is fraud, it needs proof. If no one shows proof, there is officially no fraud." So until there is proof, or at the very least, any compelling evidence...
Bookmarks