attention, mayor erap! why dan brown chose manila

i was curious about the context, as in, why manila in particular as “gates of hell,” and no one who has ranted about it seems to know, or if knowing, cares to mention it.  so, having received two digital copies in two days, and finding myself home alone, i decided to go for it, i like bestsellers anyway, i like to know what the world is reading, and if i don’t like it, or it’s not my thing, i can always stop, and i do, occasionally.

so i sped through the book — brown’s prose is not for savoring, actually makes me cringe now and again, but he tells a good story.   and Inferno is a good enough story that i could only speed through so much because it’s not only a thriller, cliff-hanger, whatever (brown’s formula works), but also it’s good science fiction, and, heads up, manila, anti-vatican to boot.  population control  (malthus reborn) is brown’s advocacy this time.  so siempre contemptuous of the church’s stiff stand vs contraception, abortion, and euthanasia.  manila, philippines, isn’t that you?

the brief mention of manila comes toward the end of the book na, as part of a flashback telling partly why the character was turned on by the population-control talk of her lover, a “transhumanist” guru.  (post-humanist, more like.)  and, of course, manila, the cradle of christianity in asia, where the bishops have come out fighting, seeking the repeal of the recently passed reproductive health law that women’s orgs had long struggled for, with the support of 7 out of 10 filipinos…  manila, the cradle of christianity in asia, capital of the only country in the world na walang divorce law for the majority, and the rich buy annulments instead…  yes, it makes sense that brown zeroed in on manila, where more and more babies are born into poverty and squalor, no end in sight, and the church dares preach submission to god’s will, or is that, the oligarchy’s will.

of course government officials and bishops are upset, defensive, totoo kasi, hellish naman talaga ang life in the bowels of manila.  not surprisingly new manila mayor joseph estrada is the only one who dares agree with brown, sort of: “Manila is really going to hell. That’s true.”  and i guess only because it reflects, immediately, on the former mayor that he trounced in the last elections.

but you have to wonder what erap has planned for manila.  is it a go for the gold coast reclamation project?  still more “development” for the rich, never mind serious, nay, deadly, environmental concerns for the whole of metro manila?  that would be like throwing the gates of hell wide open, and nowhere to go but the pits.

it’s no way to redeem yourself, erap.

*

read Isko Moreno vs. the Manila Bay Sunset, and  Goodbye, beautiful sunset: Groups protest Manila Bay reclamation project, and Manila Bay: Sunset and the law.

 

Freedom of the editor

Should a paper present, in the national interest, only the shining aspects of the nation? Why concentrate on the ugly as the Philippine press seems to be doing? What sort of an image does the Philippines have abroad? Personally, I do not care how we look abroad; what is important is how we look to ourselves. Let us publish what’s wrong with us—perhaps, enough indignation may be aroused to right it. Expose the evils—to stop them. What do they thing? [sic, think?] We know what’s wrong with them. Never mind what they think. We must make democracy work here—or lose it. That’s what is vital. The freedom of an editor rests, ultimately, on the success of freedom.

~ Teodoro M. Locsin 10 April 1965

Why have all the digital signatures from the Election Returns been stripped?

By Joel Disini 21 May 2013 Facebook Notes

Something is not right with the way the Comelec is conducting the elections. If you go over to http://2013electionresults.comelec.gov.ph and check the ERs (Election Returns) from each precinct you will find that the digital signatures on each ER have been stripped. Digital signatures are absolutely necessary to ensure that the ERs are authentic and have not been tampered with.

Each PCOS machine (Precinct Count Optical Scan – which is the device used to scan the ballots, tabulate them, and transmit the results via GSM modem and/or onto a CF card ) is supposed to be equipped with a private key and a public key. The private key is embedded within the PCOS and is used to sign (and optionally encrypt) the election results generated by the PCOS. The public key should be published (preferably on a publicly accessible website, such as comelec.gov.ph), so that the public can verify the authenticity of any ERs generated by the PCOS machines. (Otherwise, how will Comelec know if the ERs they receive from the precincts have not been sent by a rogue PCOS? How else will the Municipal Centers who receive the CF cards containing ERs then determine that said ERs are authentic and that the CF cards have not been switched?)

For as long as the private key(s) are stored securely inside the PCOS and assuming (1) there is no way to hack into the PCOS to reveal the private key, and assuming that (2) no copies of the private keys have been kept by Comelec or Smartmatic or some other party, then it will be practically impossible for anyone to fabricate fake ERs and thus steal the election. Let me repeat that, as it bears repeating. For as long as the PCOS machines have been programmed properly and for as long as proper security measures were taken during the key generation/registration/embedding/signing process, then it will be impossible for anyone to steal the election.

Allow me to explain.

A 2048 key is mind-numbingly difficult to crack. It is estimated that a desktop computer will take 6400 trillion years to figure out the private key of a given public key. You can check out the math here http://www.digicert.com/TimeTravel/math.htm. Private and Public keys, on the other hand, while impossible to crack, can be generated quite easily by a desktop computer using free open-source software, such as OpenSSL.

The process of generating the keys and storing the private keys in the PCOS machines should be witnessed not just by Smartmatic and Comelec, but interested third parties such as the BEI (Board of Election Inspectors) and representatives of each political party. The people witnessing the process should ensure that all traces of the private key, once embedded in the PCOS, is erased. If a USB drive was used to copy the private key into the PCOS, then that too must be wiped clean. Ideally, some testing of the PCOS is done (by a qualified third party) to ensure that the PCOS is secure and cannot be tampered with. To be safe, the source code should also be reviewed, to make sure there is no back door inside that allows an insider to enter a predefined set of keystrokes (or scan a predefined document) that will trigger the back door (where the private key can be divulged, replaced, or the election results themselves can be edited).

Once the voting is over, the PCOS machines should generate the ERs, sign them (using their unique private keys), and then transmit them to the Comelec server, to the Transparency Server (monitored by the PPCRV, Rappler, etc), and to the Municipal Centers. When the servers receive the ERs from a PCOS, they should check their authenticity (by looking up the corresponding PCOS public keys and verifying that they match the digital signatures). If everything checks out, the comelec server should then publish the digitally signed election results on the comelec website.

 

In this manner, even if there are transmission delays, and horse-trading over the election results, it will not be possible to tamper with the results. Someone can of course generate new public key & private key pairs, and then generate fake ERs using the fake private keys. They would have to somehow tamper with the database of public keys used by the Comelec server, as well as the Database used by Transparency Server to pull off this stunt. Lastly, they would have to hack into the comelec website and replace the list of public keys with their own set of fake public keys. One way to avoid this (other than relying on the public to spot the hacker’s attempts) is to have the BEI and all the Political Parties sign the list of public keys. This way, it would be impossible for the list of public keys to be replaced without being detected. The only way to “beat” the system would then be to physically destroy the PCOS machines, or the comelec & Transparency Server.

So what can be done to prevent cheating in this current election?

1) Comelec must IMMEDIATELY publish the list of precincts and their corresponding PCOS public keys. There is no reason for the Comelec not to do this, other than to buy time to generate new public key/private key pairs for precincts that have yet to report their results.

2) They must publish the digital signatures that come with each ER. Again, there is no reason for the Comelec not to do this, unless some of the published ERs have already been tampered with.

3) The PCOS machines and their CF cards must be secured. If someone has already generated a new set of private keys, then we can detect the fraud by reviewing the source code for the PCOS machines, especially the part where the PCOS writes to the CF card & signs the results, determine where the private Key is stored within the PCOS, then write new code to access this location. Doing this will not be trivial, and it may take a lot of trial and error, but there are 78T PCOS machines, so we have enough machines to experiment on. The embedded private key can now be compared with the published public key and see if they match. If they do not match, then there is cause to believe that some fraud has taken place.

Any attempts to reset the PCOS machines and erase their CF cards should be deemed highly questionable.

4) Of course if unique private keys were never embedded into the PCOS machines, then Smartmatic needs to hauled into court, as there is absolutely no reason why they should stick us with machines using ancient technology. Their existing SAES voting machines already use 2048 public keys. And the cost to implement PKI (public key infrastructure) is minimal – as there is a lot of open source code available to generate keys, sign and encrypt documents, etc.

In fact, if Comelec deliberately asked Smartmatic to deliver PCOS machines without any PKI, Smartmatic should have immediately known that something foul was afoot. This would be the equivalent of asking a Private Security company to watch over a bank, and requiring them to use mobile Phones and walkie-talkies with known transmission problems, or to use CCTV cameras that fail to record, or to use bows and arrows instead of guns!

We shouldn’t wait any longer for someone to file an electoral complaint, or for someone to gather evidence of cheating before springing into action. We already have all the evidence we need – as all the digital security measures to prevent cheating have been turned off!

Joel Disini
CEO, DotPH

apologize

the killing of the taiwanese fisherman by the philippine coast guard and the president’s refusal to apologize brings to mind the august 23 2010 luneta bloodbath that claimed the lives of 8 hong kong chinese.  the president also refused to apologize then.  a year later, the  survivors and the families of the 8 who died came to manila to commemorate the deaths of their loved ones with a buddhist ritual at the scene of the crimes, and again, still, the president refused to meet with them.  i blogged about it then, and reading it now, remember how offended i was for the hong kong chinese, and now that the president is adamant, all over again, in his refusal to personally formally apologize to the taiwanese, i can’t help wondering if this is a personality problem of sorts.  a hang-up that has to do with the killing of his dad in ’83?  maybe no one apologized to the family for that?  okay, maybe it’s a stretch.  maybe it’s just that the taiwanese demand for a formal apology is part of a package that includes paying compensation to the family of the victim and bringing the perpetrators to justice.  the very same demands made by the hong kong chinese, a formal apology, reparations not just to the families of the victims who died but also to the victims who survived but are scarred for life, and appropriate punishment of the government authorities whose gross negligence caused the bloodbath.  certainly, acceding to the taiwanese would mean finally acceding to the hong kong chinese, or else.

read teddy locsin’s What is to be done with Taiwan, alex magno’s Assymetrical, and a luneta survivor’s horrifying tale posted by raissa robles.