Tuesday, June 22, 2010

Secret “backdoor” allows complete control of PCOS machines used in May 10, 2010 Philippine polls

 by Rolando Verzola


Halalang Marangal (HALAL) calls the attention of the COMELEC and the public to an unpublicized finding of the IT experts’ forensic examination of the Antipolo machines, conducted a few days before the incoming president and vice-president were proclaimed on June 9.

We have learned that a secret “backdoor” was found in the PCOS machines which, if exploited, would enable an intruder to easily control the machine completely. This backdoor is a little-known port on the PCOS called “console”. Smartmatic had given government IT experts the impression that this port could only be used as output, for monitoring the status of the PCOS.

The forensic examination at the Senate, however, has determined that the console port could in fact also be used as input. Thus, with a simple connection using a special cable, the PCOS can be controlled from another computer, and the operator on the controlling computer gains “superuser” access to the operating system of the PCOS without need for username or password. A superuser, which is similar to the “Administrator” account in Windows, can do things like save, modify, erase or overwrite files, including programs. A knowledgeable insider with superuser privileges can do practically anything on a machine.

HALAL has further learned that the PCOS operating system permanently records an application log only, which is saved to an audit log file in the removable Compact Flash (CF) card. The operating system log is saved not to the CF card but to volatile memory, also called a RAM disk, whose contents are lost everytime the PCOS machine is turned off. Thus, intrusions through this secret backdoor leave no record for forensic examination. In addition, intruders can also overwrite a recent audit log file with an old copy, allowing them to hide their tracks from the application log as well.

PCOS machine
In the House committee on suffrage hearings, Smartmatic had admitted that the PCOS machine could be used to commit fraud during the elections, but had assured the committee that this will always leave a trace. But with the discovery of this secret backdoor, HALAL concludes that any trace of the intrusion can also be erased by the intruder.


What more has Smartmatic not told the Comelec and the public?

HALAL urges the COMELEC to investigate this security lapse and to determine the liability of Smartmatic for supplying us with a voting machine with a secret backdoor for controlling the machine, for withholding this information secret from government IT experts, and for exposing the 2010 elections to high-tech fraud.

HALAL also reiterates its proposal that all ballot images be unencrypted and put online, grouped by clustered precinct, so that candidates and voters may see for themselves if the PCOS machines counted their votes properly. This is the only way to determine if this backdoor was exploited by cheats or not.

Reference: Roberto Verzola, Secretary-general (0929-856-1930)


________


(Halalang Marangal Press Statement, June 19, 2010)

Source:

Secret “backdoor” allows complete control of PCOS machine. 19  June 2010. http://pcoswatch.wordpress.com/2010/06/20/secret-backdoor-allows-complete-control-of-pcos-machine/


*************

No comments:

total pageviews since july 2010