How bad is the COMELEC data breach?

Back in March 27, 2016 hackers under the banner, Anonymous Philippines hacked into the website of the Commission on Elections defaced it to demonstrate how weak the poll body’s online security measures are. A few days later, another group of hackers LulzSec Pilipinas made available online the entire database of COMELEC – 338GB in size containing information of more than 55 million voters.

COMELEC Chair Andres Bautista said that no confidential information was leaked. COMELEC has downplayed the scale of the data breach to allay fears that it could compromise the results of the 2016 elections. While a valid concern and the election results were untainted, it brushed aside the other equally great risk for the millions of registered voters whose personal identifiable information has been compromised.

The newly established National Privacy Commission has just finished its investigation of the data breach and had made public the types of personal data that has been made available to anyone online including criminals:

“The voter database in the Precinct Finder application contained each voter’s complete name, date of birth, gender, civil status, address, precinct number, birthplace, disability, voter identification number, voter registration record number, reason for deletion/deactivation, registration date, and update time.”

“The voter database in the Precinct Finder application contained information on each voter’s verified name, date of birth, gender, civil status, post of registration, passport information, with number and expiry date, taxpayer identification number, e-mail address, mailing address, spouse’ name, the complete names of the voter’s mother and father, the voter’s addresses in the Philippines and abroad, post or country of registration, old registration information, Philippine representative’s complete name, citizenship, registration assistor, profession, sector, height and weight, identifying marks, biometrics description, voting history, mode of voting, and other textual reference information for the voter registration system.” the decision further reads, depicting how much personal data are now most likely in the hands of criminal elements as a result of the COMELEC data breach.

Here’s a rundown of the personal identifiable information that has been leaked:

  • voter’s verified name
  • date of birth
  • gender
  • civil status
  • post of registration
  • precinct number
  • birthplace
  • disability
  • voter identification number
  • voter registration record number
  • reason for deletion/deactivation
  • registration date and update time
  • passport information with number and expiry date
  • taxpayer identification number
  • e-mail address
  • mailing address
  • spouse’ name
  • complete names of the voter’s mother and father
  • voter’s addresses in the Philippines and abroad
  • post or country of registration
  • old registration information
  • Philippine representative’s complete name
  • citizenship
  • registration assistor
  • profession
  • sector
  • height and weight
  • identifying marks
  • biometrics description
  • voting history
  • mode of voting
  • other textual reference information for the voter registration system

To criminals who is into identity theft, use of forged documents and IDs, impersonation, blackmail and harassment, the COMELEC data leak is a gold mine.
If you’re a registered voter, you are vulnerable to hacking of your social media and other online accounts, identity theft which would compromise your bank accounts, utilities, academic or professional records, etc it could even be used to manipulate the next elections.

The NPC is just right in recommending the filing of criminal charges against COMELEC Chair Andres Bautista as he is liable for this catastrophic violation of Republic Act No 10173 or the Data Privacy Act of 2012.

I don’t know how else to say it, but this has really got me scared.

Cavite Number Coding Scheme

Cavite number coding scheme

It’s now official. Starting January 9, 2017 the Number Coding Scheme in the Province of Cavite will start its dry run. During the dry run period, only warning tickets will be given to violators. Strict implementation will begin on February 1, 2017 so full penalties and fines will be imposed.

It follows the same schedule in Metro Manila based on the license and conduction sticker ending in the following numbers:

  • 1 and 2: Monday
  • 3 and 4: Tuesday
  • 5 and 6: Wednesday
  • 7 and 8: Thursday
  • 9 and 0: Friday
  • The number coding scheme is in effect during the following time windows: 6AM to 9AM and 3PM to 7PM. It applies to all private cars, vans, motorcycles and trucks. The roads covered by the number scheme are as follows:

    Aguinaldo Highway – covering the stretch of Bacoor to Dasmarinas-Silang boundary
    Governor’s Drive – covering the stretch of Carmona to Trece Martires City-Tanza boundary
    Molino-Salawag-Paliparan Road – from Zapote, Bacoor, to Paliparan, Dasmarinas
    Molino Boulevard – covering Talaba 4, Niog 3, Ligas 2, Ligas 3, Bayanan, Mambog 4, Molino 2, Molino 3, San Nicolas 1, and San Nicolas 3 in Bacoor.
    Daang Hari Road – covering the stretch of Aguinaldo Highway, Imus to Molino, Bacoor

    Exemptions

    • All public utility vehicles – jeeps and buses
    • Ambulance, firetrucks, police patrol cars, military vehicles with permanent marking indicating the vehicles as such. Privately owned firetrucks and ambulances are also exempted.
    • Vehicles carrying person/s needing immediate medical attention
    • Government vehicles with government plates
    • Vehicles delivering perishable goods in commercial quantity, which include fresh vegetables, fruits and flowers; raw meat and fresh seafood; ice products; baked products with shelf life of 24 hours; medicine/vaccine expiring within 24 hours; and cooked food/catering
    • Vehicles used by medical practitioner in an emergency
    • Duly franchised school buses and company shuttle service vehicles
    • Vehicles on mission to carry relief goods to identified calamity or highly depressed areas.

    Penalty
    Violators will be fined Php 300.00

    Will this number coding scheme solve the horrendous traffic situation in Cavite? Let’s wait and see…

    Source

    From ‘Free tuition in SCUs’ to ‘not available to all’

    Oblation - UP Diliman by Deondre Ng

    When news broke out that Php 8 billion pesos has been allotted to the Commission on Higher Education’s 2017 budget to allow for free tuition in State Colleges and Universities, the public broke out in celebration. At long last, the dream of a free higher education which the people specially the youth have long struggled for, was at hand.

    KABATAAN Partylist even hailed the move as a ‘game-changer‘:

    The Filipino youth celebrates and embraces this development, which potentially makes the Philippines at par with some of the great nations of the world – including Norway, Sweden, Finland, and Germany – when it comes to providing for free tuition in state schools.

    Part of the statement was warning, that now it seems, turned out to be prophetic:

    We must do everything in our power to have it implemented quickly and with a positive effect on students and the SUC community

    How so? It turns out that when Duterte affixed his signature to the 2017 budget, he vetoed some items and put others under “conditional implementation“:

    Yet, as with all new programs, there is a need to safeguard the proper implementation of the provision of free tuition fee. It is important to underscore that we must give priority to financially disadvantaged but academically able students.

    CHED was quick to dance the President’s tune and clarified what would the “conditional implementation” be actually like, according to CHED chair Patricia Licuanan:

    To bring the country closer to the reality of free college education, the commission will work overtime to ensure that the wisdom and specific intentions of lawmakers will be accurately reflected in the free tuition guidelines it is set to create.

    It will be guided by fairness, cost recovery and alignment of incentives. CHED will ensure that the wide-reaching implications of this major reform in Higher Education will be brought about effectively, and any negative consequences will be minimized.

    She may not have spelled it out, but it means that the Php 8 billion peso fund will no longer cover the tuition fee for all students in state Colleges and Universities, it will be used to further implement the ‘socialized tuition system’ and other scholarship programs in UP and other SCUs. No blanket free tuition for all.

    With this, celebrations for free higher education may have to be cut short as these recent developments need the further vigilance and scrutiny of the public specially the youth. Php 8 billion is no small fund. It must be used as intended, to provide for free tuition in state colleges and universities. More on this in the following days.

    Image by Deondre Ng

    Stephen Hawking: This is the most dangerous time for our planet

    the rural poor flock to cities, to shanty towns, driven by hope. And then often, finding that the Instagram nirvana is not available there, they seek it overseas, joining the ever greater numbers of economic migrants in search of a better life. These migrants in turn place new demands on the infrastructures and economies of the countries in which they arrive, undermining tolerance and further fuelling political populism.

    For me, the really concerning aspect of this is that now, more than at any time in our history, our species needs to work together. We face awesome environmental challenges: climate change, food production, overpopulation, the decimation of other species, epidemic disease, acidification of the oceans.

    Together, they are a reminder that we are at the most dangerous moment in the development of humanity. We now have the technology to destroy the planet on which we live, but have not yet developed the ability to escape it. Perhaps in a few hundred years, we will have established human colonies amid the stars, but right now we only have one planet, and we need to work together to protect it.

    Opinion piece on The Guardian

    New Nokia phones: Nokia 150 and Nokia 150 Dual Sim

    Nokia is back! The first new phones from the former number 1 mobile manufacturer now built by HMD, are out. These are not smart phones though, rather new feature phones that gives a glimpse of what HMD can do.

    Meet the Nokia 150 and Nokia 150 Dual Sim:



    Nokia 150 and 150 Dual SIM specs:
    2.4-inch QVGA TFT display (240 x 320 pixels)
    Expandable storage via microSD card, up to 32GB
    VGA rear camera w/ LED flash
    GPRS, EDGE
    Bluetooth 3.0
    FM radio
    MP3 player
    1020mAh removable Li-Ion battery (BL-5C)
    Nokia Series 30+
    118.0 x 50.2 x 13.5 mm
    81 g

    It has an MP3 player, built-in radio, Bluetooth and a VGA camera. The best part, it has a battery life of 22 hours!
    Priced at $26 USD or roughly Php1,300 before taxes, the new phones will be available early next year.

    Soon though, we’ll see the new smart phones from Nokia, I don’t know about you but I’m feeling a bit of excitement myself. Check out HMD’s website for more info about these new feature phones.

    Facebook users in the Philippines can now report links as fake news

    Finally! With the rise of social media and the dominance of Facebook came the rise of hoax stories or fake news stories/articles which in turn was used as propaganda for hate, discrimination, abuses and manipulation of public opinion. In response, Facebook introduced a feature back in January 20, 2016 which allowed users to flag or report a news story as a hoax or fake. This feature back then was only available to users in the United States. Erich Owens, Software Engineer, and Udi Weinsberg, Research Scientist for Facebook explained in a post:

    We’re always looking to people on Facebook to tell us how we can improve this experience. We’ve heard from people that they want to see fewer stories that are hoaxes, or misleading news. Today’s update to News Feed reduces the distribution of posts that people have reported as hoaxes and adds an annotation to posts that have received many of these types of reports to warn others on Facebook.

    Now it’s available for users in the Philippines where the proliferation of fake news stories have become the weapon of choice for political operatives in influencing public opinion and the national discussion whether they are supportive of President Rodrigo Roa Duterte and his much criticized and controversial war on illegal drugs and recently, his ordering of the late dictator Ferdinand Marcos’ burial at the Libingan ng mga Bayani, a national shrine for its fallen heroes, or critical of his policies.

    Various personalities and groups have taken to Facebook to drum up support for Duterte or voice their criticisms which is important in a democracy. However, things have become out of hand as both supporters and critics have directly or indirectly used and produced fake news stories for their cause. In the end though, the level and quality of public discourse has suffered. As manipulation of information, statistics, photos even blatant fabrication of fake stories and lies has led to abuse and widening of divisions and disagreements, hatred and mass psychosis. It has become harder to tell what is true from what is a lie.

    To report a link on Facebook as fake news:

    1) Click on the “v” menu in the upper-right corner of the post. A menu pops up, choose “Report post”
    Fake news on Facebook

    2) Choose “I think it shouldn’t be on Facebook.”

    3) Now select “It’s a false news story.”

    4) Next options for unfriending, unfollowing or completely blocking your friend or page that posted the hoax or fake news. There’s even an option of messaging your friend to let him or her know that you think the link is hoax or fake.

    Good job! You just helped Facebook identify which content is a hoax or fake news. The links you report won’t be deleted but will be marked with a message warning people that many others on Facebook have reported it. Hopefully, this will help in cleaning up our news feeds and taking back the Internet.

    Looking for a new social bookmarking tool

    In my effort to get back my blogging mojo, I re-opened my Del.icoi.us account to see if the service is still alive so that I can start using it again to save the links that I find interesting and useful for later on. Seeing that the service has become a shell of its former glory back when social media primarily meant blogs and blogging and Facebook was just a rising star, it dawned on me that I need a new or a different bookmarking service. Googling for it reminded me of Google Bookmarks (duh!) being a Google fan, it would be easy to dump Del.icio.us and fall back to this one. But this list of social bookmarking sites drew my attention to Pinterest. Knowing it’s the most popular service in this niche and how it has replaced Del.icio.us in the “social bookmarks” plugins nowadays, it’s a better option than Google Bookmarks. I’ll give it a spin for a couple of weeks and see if it will grow on me or how it will fit in with my blogging routine.

    Oh and Del.icio.us is so like a zombie it can’t even export your bookmarks anymore.

    Android Malware: Gooligan – Is your phone infected?

    You may have heard or read about it online, a malware has been found to have infected more than 1 Million Android devices and that number goes up by as much as 13,000 devices per day. This was reported by tech security firm Check Point:

    Our research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.

    Gooligan is a new variant of the Android malware campaign found by our researchers in the SnapPea app last year.

    The malware has spread through 3rd-party Android app stores for a number of reasons: less stringent security measures compared to Google’s Play Store, free versions of paid apps are usually found in these 3rd-party app stores and majority of the apps are available for free.

    Gooligan malware is part of an online campaign to steal Google account tokens that can be used for other nefarious deeds aside from the obvious stealing of one’s Google account. Check out the infographic below to see the big picture:

    How gooligan campaign works
    Image by Check Point

    They have an online tool that lets you check whether or not your Google account has been compromised which means your device has been infected by the Gooligan malware or not. I checked out my primary Google account and was glad that it is still remains intact.

    They also have a list of apps that have been confirmed to carry the Gooligan malware. So check it out and your device’s list of installed apps to see if you’re phone has been infected or not. The most effective way to protect your phone is simple: do not download apps from 3rd-party app stores. Avoid side-loading apps or manually installing apps on your device specially if you’re unsure of where it came from. And even if you’re on the Google Play Store, do some research first before downloading an app.

    Google is already aware of this issue and have taken steps to combat this malware.

    Read Check Point’s report on the Gooligan malware for more information. Be safe. Be smart.

    Andres Bonifacio: Sa Marahas Na Manga Anak Nang Bayan

    To commemorate the 153rd birth anniversary of Andres Bonifacio, Father of the Philippine Revolution of 1896, I share the full text of one of the manifestos, issued in his name to the Katipuneros after suffering a series of defeats from the Spanish advances in Silang, Zapote and Batangas sometime between February and March 1897:

    Sa Marahas Na Manga Anak Nang Bayan:
    Ang inyong ipinakilalang katapangan sa pakikihamok sa kaaway na mga Kastila buhat pa ng simulan itong panghihimagsik, ay siyang nagsasabing mataas na di ninyo ikinasisindak ang ugong ng paghahanda at pagsalakay dito ng hukbong akay ni Polavieja, na sa kaunting pan ahon ay nagpakilala na ng malabis na kaduagan at hamak na kaasalan ng alipin sa kanyang pagpapahirap at malimit na pagpatay sa makapal na kalahing hindi nagsisilaban. Yaong pagpapasunog nito sa mga bayan, yaong paglapatasngan at pagdungis sa capurihan ng mga babai na di na pinacundanganan ang canilang cahinaan, yaong pagkitil ng buhay ng mga matatandang hindi na macausad at sangol na sumususo pa, na cailan may hindi aasalin at gagawin ng sino pa mang lalaking may puri at may tapang, ay humihingi ng isang masiglang paghihiganti at matinding caparusahan.

    Sa inyong pamimiyapis mangyayaring abutin ang cayo’y tanghalin bangkay sa gitna ng parang ng pakikidigma; ngunit ito’y isang kapurihang inyong maipapamana sa ating Bayan, sa ating lahi, at sa ating angkan.
    Dapat naman ninyong mabatid, na ang kadahilanan ng ating paggugugol ng lalong mahalaga sa loob at sampu ng ingat na buhay, ay ng upang tamuhin at kamtan yaong linalayong Kalayaan ng ating Bayang tinubuan na siyang magbibigay ng buong caginhawaan at magbabangon ng ating kapurihan na ilinugmok ng kaalinpinan sa hukay ng kadustaang walang makatulad.

    Sasagi kaya sa iniyong loob ang panlolomo at aabutin ang panghihinayang na mamatay sa kadahilanang ito? Hindi, hindi! Sapagka’t nakikintal sa inyong gunita yaang libolibong kinitil na buhay ng mapanganyayang kamay ng Kastila, yaong daing, yaong himutoc at pananangis ng mga pinapangulila ng kanilang kalupitan, yaong mga kapatid nating nangapipiit sa kalagimlagim na bilanguan at nagtiis ng walang awang pagpapahirap, yaong walang tilang pag agos ng luha ng mga nawalay sa piling ng kanilang mga anac, asawa at matatandang magulang na itinapon sa iab’t ibang malalayong lupa at ang katampalasanang pagpatay sa ating pinakiibig na kababayan na si M. Jose Rizal, ay nagbukas sa ating puso ng isang sugat na kailan pa ma’y di mababahaw. Lahat ng ito ay sukat ng magpaningas sa lalong malamig na dugo at magbunsod sa atin sa pakikihamok sa hamak na Kastila na nag bibigay sa ating ng lahat ng kahirapan at kamatayan.

    Kaya mga kapatid, igayak ang loob sa pakikipaglaban at paasasahan ang pagtatagumpay, sapagka’t na sa atin ang tunay na katuiran at kabanalang gawa; ang Kastila, isyang kasuklamsuklan na lahing dito’y napasuot ang taning ipinaglalaban, ay ang maling katuirang panggagaga at panlulupig dito sa di nila bayan.

    Sa lahat ng ito, ng malubos ang kabanalan at kapurihan ng ating lahi, ng tanghalin ng Sandaigdigan ang kamahalan ng ating kalooban, ay huag nating tularan ang kalabang Kastila sa pagkahamak ng asal na ugaling gamit sa pakikidigma, huag tayong makipaghamok sa kaibigan lamang pumatay, kundi sa pagtatanggol ng Kalayaan ng ating Bayan, at abutin sa mahigpit na pagkakayakap nating mga anak ng Bayan, ay maihiyaw ng buong lakas na Mabuhay! Mabuhay! Ang Haring Bayang Katagalugan!

    Andres Bonfacio
    Maypagasa

    Source: Aguinaldo and the Revolution of 1896: A Documentary History, by Pedro S. de Achutegui, S.J. and Miguel A. Bernad, S. J., Ateneo de Manila, 1972. p. 328

    As part of 20 Speeches that Moved a Nation by Manuel L. Quezon III, 2002