The PCOS machines' Linux OS can be accessed through a serial port.

[edyeeh]

Guys anong say niyo dito.

This is a copy of the Final Report of the Joint Forensic Team submitted to the joint houses of Congress, indicating the findings of a forensic analysis of several PCOSmachines found in an Antipolo warehouse after the elections.Dated June 9, the report showed that the hash codes contrained in at least six of the machines did not match the official hash code published by the Comelec, suggesting that the machines are either unofficial or have been tampered with. (A hash code is a set of letters and numbers that is unique to a particular software program, serving as a means of identification similar to fingerprints or DNAto humans.)However, according to the same report, a Comelec representative "belatedly confirmed that the extracted hash code is the correct one."Further examination of the PCOS machines also reavealed no proof of the existence of digital certificates, contrary to claims by Smartmatic.The report said that Smartmatic technicians were unable to extract nor otherwise show the forensic team any digital signature supposedly contained in the machines.Another surprise finding was that the PCOS machines could supposedly be controlled via an ordinary laptop. Each machine featured a built-in serial connector which, supposedly according to Smartmatic, is just an output port for diagnostic purposes only. However, the forensic team claims to have been able to access the PCOS machines' Linux operating system through a laptop connected to the port."The Linux operating system of the PCOS machine was exposed to full access and control via the externally connected computer... One can readily issue Unix shell commands and take control of the PCOS machine," the report said.The report added that Smartmatic was unable to provide an explanation for the loophole. (TJ Dimacali)

from:

http://www.flickr.com/photos/gmanewstv/4732890972/

[Samhain13]

^ Where in the picture is the quoted text?

[loell]

ditto where is that particular text?

and I'm only seeing two "trapo" names, whatever that report is, it just lost its credibility.

[killer_d76]

In my own opinion.. Mas efficient ang PCOS when it comes to getting the result, mas talamak naman ang dayaan kung Manual Counting at witness tayong lahat dyan diba?!, mas madami pa ang nagbubuwis ng buhay (yung Nanay ko kasi is a Retired Public School Teacher.. salute to all of you!, kaya alam ko ang hirap nila when it comes to Manual Counting), pero bakit di din nila maipaliwanag kung saan galing yung CF Card na hawak nung isang Kongresista(?) na babae na di din sumipot nung i-te-test na yung CF Card na hawak nya?! at kung may issue man ng dayaan bakit yung random manual counting eh tama naman ang bilang when compared with machine counted votes?..

[Samhain13]

^ Oo, mahirap talaga ang manual counting. Bukod sa physical work, andiyan pa yung magbabrown-out at yung mga miron. Galing talaga ng mga guro natin, ang tiyaga.

Re: CF card. Nabibili yun. Kaya nga sana, pinatest nung ale yung hawak niyang CF card para malaman kung anong laman niya. Problema, ayaw naman niyang ipatest. Naaalala ko sa balita, nabuwisit nga si Locsin kasi may pagkakataon na sanang malaman kung may katotohanan ba yung sinasabing dayaan. Kaso yun nga, tumanggi naman yung ale. Ang naiwan tuloy na impresyon sa akin, "for show" lang yung CF card niya at nagrereklamo kasi hindi matanggap ang pagkatalo. Hehehe!

Hehehe. Isa pa. Ano kaya kung itong mga gumagawa ng report na ito ay may interes din sa pagiging contractor sa election? Ano kayang mga background nila? Nagbid kaya sila para sa 2010 nationals at natalo kaya pinupuntirya nila tong Smartmatic? Hehehe! Food for thought.

[edyeeh]

^ Where in the picture is the quoted text?

I think the picture was more of a supplementary material than the actual text.

I found it through:

http://might-e2010.com/

May full video.

Nung inaccess ng computer experts yung 60 PCOS machines na nakatago sa bahay ng isang Smartmatic technician as Antipolo, na diskubre nila na iba yung hash codes sa original na source code.

Siguro ung picture nagpapakita ng formalized report na binigay dun sa mga trapos

So tinuloy pa rin yung canvassing kahit may irregularities. Pagkakabasa sa news para sa dalawa glitches lang daw o minor flaws yun.

[edyeeh]

^ Oo, mahirap talaga ang manual counting. Bukod sa physical work, andiyan pa yung magbabrown-out at yung mga miron. Galing talaga ng mga guro natin, ang tiyaga.

Re: CF card. Nabibili yun. Kaya nga sana, pinatest nung ale yung hawak niyang CF card para malaman kung anong laman niya. Problema, ayaw naman niyang ipatest. Naaalala ko sa balita, nabuwisit nga si Locsin kasi may pagkakataon na sanang malaman kung may katotohanan ba yung sinasabing dayaan. Kaso yun nga, tumanggi naman yung ale. Ang naiwan tuloy na impresyon sa akin, "for show" lang yung CF card niya at nagrereklamo kasi hindi matanggap ang pagkatalo. Hehehe!

Hehehe. Isa pa. Ano kaya kung itong mga gumagawa ng report na ito ay may interes din sa pagiging contractor sa election? Ano kayang mga background nila? Nagbid kaya sila para sa 2010 nationals at natalo kaya pinupuntirya nila tong Smartmatic? Hehehe! Food for thought.

Si something Susano ata yun.

Actually kasabihan na yan dito sa Pilipinas na dalawa lang ang kinalalabasan sa eleksyon, ang nanalo at nadaya. Naniniwala ako diyan dati pero nagbago isip ko nung 2004, na nagkaroon nga mismo ng dayaan.

[jsgotangco]

Simple logic lang yan. If there is fraud, it needs proof. If no one shows proof, there is officially no fraud. Walang, teka, walang baka.

[edyeeh]

I just got the whole report submitted to the House Committee

http://www.facebook.com/home.php?#!/...31043380262215

It's highly possible that the hackers can leave no trace so hard evidence can only be derived from circumstantial evidences.

[Samhain13]

I just saw the video from the linked site.

On the hash codes. At around 02:32 of the video, the speaker says: "the two softwares (sic) are entirely different." But consider these two little Python scripts:

Code:

# Created on 2010-06-29T09:24:00 +0800.
print "Hello, world."

Got "fea19870dd5e7b24c1f150c4af96aeb1" as its hash.

Code:

# Created on 2010-06-29T09:28:21 +0800.
print "Hello, world."

Got "803ce4b59fd6c87586fd0a13c409e9e2" as its hash.

The two scripts have obviously different hashes but they do the very same thing: printing "Hello, world." The only difference is the datetime string in the comment.

The video stated that the hashes kept by the BSP and the hashes retrieved from the Antipolo PCOS machines were different. Does that mean that the source codes are different? Yes. How different are the original and "updated/changed/supposedly-manipulated" source codes are? Dunno. The video (and presumably, the forensics team) didn't say. Were the forensics team able to "diff" the original and new source codes? Again, the video didn't say.

On the absence of Digital Signatures. At around 05:29, the speaker says: "we cannot attest to the credibility of the results." Did the forensics team conduct a manual audit of the machines that they tested? Dunno, the video didn't say.

On the console/serial port. Every computer (including our cellphones) has a port somewhere; otherwise, how can the manufacturer/technician program the thing if it didn't?

At around 06:00, the speaker gives a confusing explanation regarding console ports, saying: "[a console port is a device] which will sent (sic) out information on a one-way process. But in this [Smartmatic PCOS machine's] case, it is a two-way, input-output, port; which means if you connect a device such as a laptop into the machine then you are capable of transmitting information into that same machine, and the integrity, and the credibility of the information within that PCOS machine has been compromised."

But if one-way is to mean "output-only" (or "input-only"), then how will the host computer (the one that has a port) know when to send information to a client computer (the laptop connected to it)? If a host computer accepts instructions from a client computer, does it automatically mean that the host computer, or the information within it, is compromised? I don't think so; because to accept that, it would mean that all HTTP servers in- or outside of the Internet have all been compromised. Right?

At around 06:54, the speaker suggests that being able to access a host computer's operating system: "whatever has been embedded, written, recorded by that machine can be subject to alterations, changes, deletion, whatever you want to consider."

While technically true, were the forensic team able to access, change, or delete information in the PCOS machine(s) that they tested? Dunno. The video didn't say. Were the forensic team able to gain root access to the Linux Operating System of the machine(s)? Again, the video didn't say.

Overall, at around 07:52 on the speaker, quoting the forensics team, concludes: "...this [the system] has been compromised." Can we support this conclusion? Simple: insufficient data.

Therefore, as jsgotangco said, "If there is fraud, it needs proof. If no one shows proof, there is officially no fraud." So until there is proof, or at the very least, any compelling evidence...