PCOS debacle: Is the software source code really important?

The source code is the format of a program in human-readable format (that is, as far as computer programs go). It most intuitively describes the logic followed by a computer that is running said program. Programs written in high-level languages like Visual Basic, Javascript, PERL, PHP, or database languages like Standard Query Language (SQL) and other scripting languages are the most readable of such program codes. These languages make use of intuitive syntax (command lines composed of statements, variables, and operators) that almost look like English sentences:

10 counter = counter + 1
PRINT “Hello”
If counter = 20 then END
GOTO 10
END

You can tell just by reading the above program how a computer running it would behave.

Unfortunately, computers run programs and store data in a way that is different from the way humans read source code. Programs are no more than circuits that manage vast arrays of on and off switches. The binary nature of the way each unit or bit of data underlies everything about how a computer works and remembers stuff requires source code to be converted to binary code to be machine-readable. This conversion process is called compilation. Source code in whatever language it is written needs to be compiled into a binary data structure for it to installed and run on a computer.

Binary data is also more compact than source code because the information redundancies (and other inefficiencies) inherent in human language are no longer present in binary code (i.e. removed during the compilation process). This makes binary code a more economical format to store and distribute software (say, as installation CDs or memory sticks or as “install packages” downloadable from the Web). Thus in commercial form, software code is virtually unreadable to ordinary humans.

binary_code

This is why the source code is important to someone who is buying and using software for a mission-critical exercise — such as conducting a national election. To be able understand how a computer system converts input data (say, data from ballots) into output (say, election results) the managers of a computer system need to know the logical flow of this conversion effected by said software. This can only be done when the source code of the software is made available to them.

In the absence of source code, the behaviour of a computer system and the soundness of its logic can be evaluated by competent test analysts. This is specially true for relatively simple systems such as the voting system in the Precinct Count Optical Scan (PCOS) machines to be used by the Philippines’ Commision on Elections (COMELEC). The trick lies in the formulation of a good representative set of test cases and running simulations using these test cases through the system and observing its behaviour to see if output is consistent with expected outcomes as defined in said test cases.

About benign0

benign0 is the Web master of GetRealPhilippines.com
This entry was posted in Politics, Tech Talk and tagged , , , , , , , , , , , . Bookmark the permalink.

9 Responses to PCOS debacle: Is the software source code really important?

  1. scalaberch says:

    If the PCOS’s only security features are hardware-based and the encryption methods, then there is no problem showing the source code on that. Also, implying that the PCOS has a “pirated” software, then their reasons for not showing the source code would be obviously:

    1) Comelec is afraid to getting messed up with the original owner of the code. (Just like you don’t want to say to Microsoft that you have a pirated version of Windows 8 and etc)
    2) The embedded programs used is modified, thus the modifications are also reflected in the source code. Good cover for your favorite electoral cheating.

    Seriously, COMELEC is in really deep sh*t now…

    • Johnny Derp says:

      Due to current events, the credibility of the 2010 elections will be investigated since they have admitted that there was no source code used in the 2010 elections.

      Aquino’s presidency will be put in hot water since his victory in the 2010 elections will be questioned.

      • scalaberch says:

        hopefully it would… unless, our favorite yellow media + comm group will have another smokescreen…

      • unconcerned says:

        By the time they actually start investigating the legitimacy of this PNoy’s elections, his term would’ve been finished already. Don’t even consider the verdict of the investigation. Would this be another case of a new president bashing his predecessor, i.e. Gloria > PNoy.

        Why am I not surprised at all of these nonsense again being presented to the layman.

  2. AJC says:

    Well if they’re going to check the source, then it should be done to all of the PCOS Machine. They’ve been saying that SLI check the source code and it took 6 months. But the questions is, which specific machine it was been applied. There are thousands of PCOS Machines that were distributed to different locations here in Philippines, but only 1 Source code was check. Im afraid that they can still get an access to other pcos machines remotely using a hidden embedded code.

    • OnesimusUnbound says:

      Ideally, and economically, all PCOS machines should have one software version and it use “configurable data” to instruct the PCOS machine to adapt to specific precinct.

      Nonetheless, your concern that the PCOS of one precinct is different from others is very much valid. To combat it, the integrity of the program can be tested using Secure Hash Algorithm (SHA) [1]. Think of SHA as means to check if the software has been changed. Hence changes in the compiled software, when hashed, is different from the one original.

      [1] http://en.wikipedia.org/wiki/Secure_Hash_Algorithm

    • scalaberch says:

      On production of these machines, they had to use ONLY ONE source code. It would make development easier for the development team on that since the machines are the same, thus the source must be the same.

  3. Libertas says:

    A source code review is fundamental in any system and standard practice.
    No financial or major system would be implemented without one let alone an electoral system.
    So the trickle of information, excuses and sheer incompetence from comelec not only proves the ineptitude of ‘wanna be ambassador’ brillantes and his band of IT illiterate dinosaurs, but does untold damage to the trust and confidence, especially important in a country where cheating is the norm.
    I wouldnt trust the system, or the yellow peril, as far as i could throw a PCOS machine.
    As usual the law and human rights are being trampled upon, but without major indignation and disbelief in the media.
    Prepare to be cheated. Filipinos should be used to it by now.

    • scalaberch says:

      Given the situation on how COMELEC handles this new technology? I can’t trust them too so far…😀

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s