Green Campus Computing is an idea of saving energy and/or being environmentally friendly without compromising the technology. As technology arises, we cannot deny the fact that it also requires, higher capacity, graphics, power and etc. One of the things to solve is to make a way in order to save and/or conserve energy.
Here are links about green campus computing:
1. http://www.uoguelph.ca/atguelph/07-02-14/newscomputing.shtml
This site talks about awareness campaign that will give idea on the users on how to be environmentally friendly with the technologies. Here are some of the things that they will implement which is very applicable to our school. A good start to help the students, faculty and staff on how save energy and ensure clean computer components:
* Awareness campaign. Focus groups will look at awareness of energy use and conservation in computing and potential barriers to green computing. The campaign will offer ideas to students, faculty and staff on basic computing practices, from reminders about turning off monitors to use of power-saving features and settings.
* Energy conservation strategies. A survey in January of information technology managers across campus yielded information about current power-management practices among computer users. That information will be used to develop standard practices and power-consumption settings designed to save energy. Those procedures, involving University IT staff and Physical Resources, are expected to be ready for implementation by spring.
2. http://chronicle.com/free/2009/01/10296n.htm
Relocate a college's server computers next to a solar-power generator. Replace AC power with DC power. Cool the servers only where they get the hottest. Put the servers in the ocean and power them with waves.
- Instead of an AC power, replace it with DC power. The university or school may buy a solar-powered generator to produce an energy for the use of the computers. In this idea, we can lessen the electricity but still efficient and sustainable.
3. http://thejournal.com/articles/2009/06/30/new-version-of-print-management-software-aims-to-help-cut-costs.aspx
"The idea is to find, in any project, the closest, most perfect balance of social,financial, and environmental components."
-- Linda Petee, Delta College
Netop has released PrintLimit Pro 9.4, an update to the company's print management software that's geared toward more efficient printing and helping school environments save on three heavily used commodities: paper, ink, and time.
The key features aimed at saving money and time are load balancing, which allows network users with heavy print traffic to spread a print load over a large group of member printers, and "Find-Me" printing, which allows for intelligent routing of print jobs to release stations at large sites. Additional new functions of version 9.4 include:
* Centralized monitoring and reporting of toner levels for all printers on network;
* Support for 64-bit Linux installations;
* 10 new reports covering printer usage and environmental impact; and
* Improved scalability, allowing for support of tens of thousands of user clients, even on standard 32-bit server hardware.
This is a good technology which we can adopt in our school making a centralize printer for the whole university to lessen costs and expenses on inks cartridges and papers.
Lines I got from this url: http://www.campustechnology.com/Articles/2009/05/01/Green-Campus-P2.aspx
>>But unlike many schools of comparable size with various, uncoordinated, environmentally conscious programs in place, Delta's green plans are part of an overall strategy to take the institution green-- including a strategic mission to take Delta as close to carbon neutrality as possible. And if Delta can make such missions reality, what's to stop any other American college or university from achieving the same goals?
"The idea is to find, in any project, the closest, most perfect balance of social,financial, and environmental components."
-- Linda Petee, Delta College
**I included this to challenge us to uniquely and creatively make our ideas in adopting a "green campus computing" in such a way that will be more applicable and efficient to the students.
Singapore_Pics
Monday, July 13, 2009
Thursday, July 9, 2009
COMMDAP
COMPUTER MANUFACTURERS, DISTRIBUTORS AND DEALERS ASSOCIATION OF THE PHILIPPINES
Last July 02, 2009, COMMDAP was held at Apo View Hotel, Davao City. We went there in the morning and luckily witnessed the opening of the program. I am one of the students who entered first and saw all the different technologies displayed. But, we haven't given much time to watch all the display because we attended the first seminar at 10:30am.
First Session was all about Windows 2008 Server with Mr. Lee L. Gorospe as the speaker. He was a nice speaker and make us all very attentive during the session. He tackled about:
1. Active Directory Roles
Active Directory provides the means to manage the identities and relationships that make up your organization’s network. Integrated with Windows Server 2008, the next generation of Active Directory gives you out-of-the-box functionality needed to centrally configure and administer system, user, and application settings. With Active Directory, you can simplify user and computer management, enable single sign-on (SSO) access to your network resources, and help enhance the privacy and security of stored information and communications.
2. Active Directory Rights Management Service
is an information protection technology that works with AD RMS-enabled applications to help safeguard digital information from unauthorized use. Content owners can define who can open, modify, print, forward, or take other actions with the information.
Used to:
- Restrict access to an organization's intellectual property
-Limit the actions users can perform on content
-Limit the risk of content being exposed outside the organization
3. Read only Domain Controllers
A Read-Only Domain Controller (RODC) is a new type of domain controller in Windows Server 2008. Its main purpose is to improve security in office branches. In this post, I summarize the functionality of RODC.
In office branches, it is often not easy to provide sufficient physical security for servers. It is not a big deal to manipulate a Windows system if you can get physical access to it. Since Domain controllers store security sensitive data, they are particularly endangered. RODCs can help with this problem in four ways:
RODC essentials
* Read-only feature: An intruder on the RODC can’t manipulate the Active Directory database.
* DNS protection: If the RODC server hosts a DNS server, the intruder won’t be able to tamper with the DNS data.
* Password protection: A malicious user won’t be able to access passwords using a brute-force-attack. This applies only if password caching is disabled on the RODC.
* Administrator Role Separation: You can delegate a local Administrator role to a domain user.
Read-only Domain Controller
* An RODC holds all Active Directory objects and attributes.
* RODCs only support unidirectional replication of Active Directory changes (i.e., from the forest to the RODC).
* If an application needs write access to Active Directory objects, the RODC will send an LDAP referral response that redirects the application to a writable domain controller.
Automatic analysis of event logs
Let GFI EventsManager do the dirty work. Have event logs monitored automatically and get warned about critical events!
Advertisement
DNS Protection
* A DNS server running on an RODC doesn’t support dynamic updates.
* If a client wants to update its DNS record, the RODC will send a referral for a writeable DNS server.
* The client can then update against this DNS server.
* This single record will then be replicated from the writable DNS server to the RODC DNS server.
Password Protection
* By default, an RODC doesn’t store user or computer credentials. (The only exception is the computer account of the RODC itself and a special krbtgt account.)
* However, an RODC can cache passwords.
* If a password isn’t cached, the RODC will forward the authentication request to a writeable DC.
* The Password Replication Policy determines the user groups for which passwords caching will be allowed (more about this in my next post).
Administrator Role Separation:
* A domain user having the Administrator role on an RODC doesn’t have to be a domain admin.
* A domain user having the Administrator role can do maintenance work on the RODC such as installing software.
* If an intruder gains access to the credentials of this local administrator account, he will not be able to make changes on other domain controllers.
4. Hyper-V
Product Details
Windows Server 2008 Hyper-V, the next-generation hypervisor-based server virtualization technology, is available as an integral feature of Windows Server 2008 and enables you to implement server virtualization with ease. Hyper-V allows you to make the best use of your server hardware investments by consolidating multiple server roles as separate virtual machines (VMs) running on a single physical machine.
Technical Resources
Consolidating servers and enabling a high-performance virtual environment is the key to many high availability to mission-critical applications. Businesses are under pressure to ease management and reduce costs while retaining and enhancing competitive advantages, such as flexibility, reliability, scalability, and security. Discover the many benefits of the virtualization capabilities in Windows Server 2008 and access the technical resources and links to get your team started.
Community Resources
Whether you're considering which product and technologies to use, or need support for solutions you’ve implemented, find the right venue to learn from others like you. Community resources provide powerful options to learn from other IT professionals and developers who have implemented a wide range of
Hyper-V solutions. Learn and participate with your peers, as well as the Virtualization development team.
5. Network Access Protection
NAP client
The NAP client consists of three layers: the System Health Agents (SHA), the NAP Agent, and the Enforcement Clients (EC). There are also APIs allowing third-party vendors to integrate their own SHAs and ECs in Microsoft’s NAP infrastructure.
System Health Agent (SHA)
The SHA checks if certain system health requirements are fulfilled. The SHA that comes with Vista and Windows Server 2008 can verify whether the following conditions are met: Windows Firewall is on; antivirus and antispyware software are installed, enabled, and updated; Microsoft Update Services is enabled, and the most recent security updates are installed. If the system is not in the required state, the SHA can then start a process to remedy the situation. For example, it can enable Windows Firewall or contact a remediation server to update the antivirus signatures.
NAP Agent
Sometimes this component is also called Quarantine Agent. It maintains the health state information and facilitates the communication between the SHAs and the ECs.
Enforcement Client (EC)
Sometimes you will also find this as the Quarantine Enforcement Client (QEC). Each NAP enforcement method has its own EC. So there is a DHCP EC and an IPsec EC, for example. Usually, they are integrated with the corresponding service client. So the DHCP EC is a part of the DHCP client. Its main function is to communicate with the server side NAP infrastructure, thereby, enforcing the quarantine of the client if the health requirements are not met. It is the only client component that interacts with the NAP infrastructure on the server side.
Let’s look at the server side of the NAP infrastructure.
Enforcement Server (ES)
This can also be referred to as the Quarantine Enforcement Server (QES). The NAP ES communicates with its corresponding NAP EC. Each enforcement method has its own ES and is integrated in the corresponding service. For example, the DHCP ES is a part of the DHCP Server. Essentially, the ES has the same functions as the EC. It is the interface between the server side NAP infrastructure and the client side, and ensures that noncompliant clients are quarantined. For example, the DHCP ES would make sure that a DHCP server issues the network mask 255.255.255.255 to noncompliant clients. This way they can’t access other computers in the network.
NAP Server
A NAP server is just another name for a NAP-enabled server component. So a DHCP server supporting NAP is a NAP server, for example. Don’t confuse it with a NAP Health Policy Server.
NAP Health Policy Server (NPS)
The NPS consists of the NPS Service, the NAP Administration Server and the System Health Validator (SHV) components.
System Health Validator (SHV)
Each SHV has a corresponding SHA on the client side. It is here where you define the health requirements for your whole network. Windows Server 2008 comes with just one SHV allowing you to choose among the health requirements mentioned above (Windows Firewall enabled, antivirus software updated etc). Third-party vendors can integrate their own SHVs here.
NAP Administration Server
The NAP Administration Server is kind of a distributor and integrator for NAP information. Information that comes from the NPS service is distributed to the different SHVs. Each SHV only receives the information which is relevant for it. The information that comes from the different SHVs is integrated in one message and passed on to the NPS Service.
NPS Service
The NPS Service communicates with the NAP Server using the RADIUS protocol. It is kind of an interface between the NAP server and the NAP Administration Server.
6. Server Core
One of the most exciting new features of Windows Server 2008 is its ability to install as a Server Core machine.
A Server Core installation provides a minimal environment for running specific server roles, which reduces the maintenance and management requirements and the attack surface for those server roles. A server running a Server Core installation supports the following server roles:
* Active Directory Domain Services (AD DS)
* Active Directory Lightweight Directory Services (AD LDS)
* DHCP Server
* DNS Server
* File Services
* Print Services
* Streaming Media Services
* Internet Information Services (IIS)
* Windows Virtualization
In Windows Server 2008, Server Core installation does not include the traditional full graphical user interface (GUI).
What’s new in the Server Core installation option?
The Server Core installation option of Windows Server 2008 requires initial configuration at a command prompt. A Server Core installation does not include the traditional full graphical user interface. Once you have configured the server, you can manage it locally at a command prompt or remotely using a Terminal Server connection. You can also manage the server remotely using the Microsoft Management Console (MMC) or command-line tools that support remote use.
Benefits of a Server Core installation
The Server Core installation option of Windows Server 2008 provides the following benefits:
* Reduced maintenance - Because the Server Core installation option installs only what is required to have a manageable server for the AD DS, AD LDS, DHCP Server, DNS Server, File Services, Print Services, and Streaming Media Services roles, less maintenance is required than on a full installation of Windows Server 2008.
* Reduced attack surface - Because Server Core installations are minimal, there are fewer applications running on the server, which decreases the attack surface.
* Reduced management - Because fewer applications and services are installed on a server running the Server Core installation, there is less to manage.
* Less disk space required - A Server Core installation requires only about 1 gigabyte (GB) of disk space to install and approximately 2 GB for operations after the installation.
* Lower risk of bugs - Reducing the amount of code can help reduce the amount of bugs.
Issues with Server Core installation and upgrading from previous versions
Since Server Core is a special installation of Windows Server 2008, the following limitations are present:
* There is no way to upgrade from a previous version of the Windows Server operating system to a Server Core installation. Only a clean installation is supported.
* There is no way to upgrade from a full installation of Windows Server 2008 to a Server Core installation. Only a clean installation is supported.
* There is no way to upgrade from a Server Core installation to a full installation of Windows Server 2008. If you need the Windows® user interface or a server role that is not supported in a Server Core installation, you will need to install a full installation of Windows Server 2008.
Server Core versions
Server Core comes in Standard, Enterprise and Datacenter editions for i386 and x64 platforms. Most companies will probably go for the Standard edition because most of the differences found in the Enterprise and Datacenter editions of Windows Server 2008 won't be present in Server Core. The Enterprise Server Core will, however, allow you to utilize more processor and memory support, as well as clustering. Datacenter adds the whole Datacenter hardware program and 99.999 percent reliability.
Next, we have the ERIC DMS..
ERIC DMS - Dealer Management System
The ERIC Dealer Management System (DMS) is an end-t-o-end software solution for automotive sales, parts and service businesses. ERIC DMS covers the full range of dealer activities-from marketing to sales and services.
Aside from core business operations, DMS includes a full ERP (Enterprise Resource Planning) and completely automates and integrates back office operations all the way to financial reporting.
With ERIC DMS, you can have full visibility over all operations.
Achieve total control over your car dealership business today!
• Schedule prospects for test drives and follow up on appointments
• Monitor and increase sales
• Delight customers with gentle reminders for appointments
• Manage vehicle inventory
• Deliver impeccable service
• Control parts & consumables cost
• Monitor and correctly implement warranty for parts & service
• Report your financial bottom line
ERIC Dealership Management System (DMS) A complete, end-to-end solution for vehicle dealers, distributors, and service providers
ERIC DMS is composed of three core modules to manage dealer Operations. These modules are:
* Customer Relationship Management (CRM)
* Vehicle Sales and Administration (VSA)
* Service Management (SVM)
* Customer Relationship Management
* Vehicle Sales and Administration
* Service Management
* Parts Inventory
* Order Entry and Billing
* Accounts Receivable
* Accounts Payable
* General Ledger
* Purchasing
* Time Card
The Last session I attended was the HP Thin Client which I was very interested. It makes me, "whoah" seeing a new small workstation 1/4 of the real System unit with equal or more capacity than the bigger one. It was really an amazing tech so far I've ever seen.
HP Thin Client...
What is a thin client?
Thin clients are computing devices that function as an access device on a network. These solid-state devices connect over a network to a server where the bulk of the processing takes place. Thin clients have no hard drive, allowing for more secure storage of data and applications on the server. In fact, keystrokes, mouse events and screen images are all that is sent between the client and server. This makes the device much more secure than a standard desktop or notebook computer.
With no hard drive, fan or other moving parts, thin clients have a much longer lifespan than standard computers and use significantly less power. Lower maintenance costs are another benefit as software application updates, virus scanning and patches can be executed on the server. Deployment costs are also reduced as thin clients can be remotely configured and do not need to be set up individually. Break-fix simply requires replacing the thin client.
Why should I consider a thin client solution?
You need to learn more about the HP thin client solution if your business is faced with issues such as:
• Desktop replacement costs
• Network security
• Data access to mobile or remote workers
• Supporting application software on diverse hardware, or
• Ensuring your data remains accessible and secure
Thin clients are ideal solution for today's healthcare, industrial, retail, financial and education industries offering a number of benefits to your business.
Enhanced security
Unlike a traditional desktop or notebook computer, no applications or data are stored locally on the thin client. This makes them easy to replace if lost, stolen or damaged. Thin clients are an ideal choice for businesses that are facing increased regulatory compliance laws such as HIPAA or Sarbanes-Oxley.
Easier manageability
Thin clients are managed at the server, located within the data center. The client hardware has fewer points of failure and lacks a hard drive for storage providing protection from viruses and malware. Thin clients connect to servers via web browsers or remote desktop software. Depending on the functionality the user needs, client desktops can be very simple single-application kiosks or a flexible and familiar Windows environment.
Thin clients can be set up out of the box in less than 10 minutes allowing easy deployment to new users or remote locations. HP thin clients can be remotely configured and managed via management software included at no extra charge.
High reliability
With thin client access devices, business continuity is a given in the event of a natural disaster, as the data and applications are not resident on the client device. Because of their solid state design, thin clients have an extended product life of up to 5 years and can be cost effectively replaced if needed.
Thin clients are ideal for environments unsuited for traditional desktop computers like dusty, remote or space-constrained environments. They can be mounted invisibly behind a flat panel monitor, under the desk or just about anywhere with the optional VESA (Video Electronics Standards Association)-compatible HP Quick Release.
Increased energy efficiency
Thin clients offer significant savings in power usage over traditional desktops. This is realized not only in energy costs but reduced air-conditioning costs in some cases. With their long lifecycle thin clients allow companies to achieve energy savings targets and reduce the need for replacement equipment.
Lower total cost of ownership
The increased security, reliability and ease of management contribute to a lower total cost of ownership for your client computing devices. With a longer useful lifespan, thin clients contribute to cost savings. According to a study by Gartner (TCO Comparison of PCs with Server-Based Computing, June 2006) thin client TCO annual savings have been measured as high as:
• 79% less downtime cost per user
• 16% capital cost savings
• 34% less in maintenance
• 19% less to operate
• 48% overall lower total cost
HP's Client Virtualization Solutions
HP offers a complete solution of thin client devices for essential, mainstream, flexible or specialized computing. HP can also provide all the related products and services for remote client computing or desktop virtualization including blade PCs, storage, networking and servers.
Reference:
http://www.microsoft.com/windowsserver2008/en/us/active-directory.aspx
http://technet.microsoft.com/en-us/library/cc771234(WS.10).aspx
http://4sysops.com/archives/windows-server-2008-read-only-domain-controller-rodc/
http://www.microsoft.com/windowsserver2008/en/us/hyperv-main.aspx
http://4sysops.com/archives/windows-server-2008-nap-network-access-protection-infrastructure/
http://www.petri.co.il/understanding-windows-server-2008-core.htm
http://www.jupitersystems.com.ph/product.aspx?prod_id=1
http://www.hp.com/sbso/solutions/pc_expertise/article/thinclients_consider.html
Last July 02, 2009, COMMDAP was held at Apo View Hotel, Davao City. We went there in the morning and luckily witnessed the opening of the program. I am one of the students who entered first and saw all the different technologies displayed. But, we haven't given much time to watch all the display because we attended the first seminar at 10:30am.
First Session was all about Windows 2008 Server with Mr. Lee L. Gorospe as the speaker. He was a nice speaker and make us all very attentive during the session. He tackled about:
1. Active Directory Roles
Active Directory provides the means to manage the identities and relationships that make up your organization’s network. Integrated with Windows Server 2008, the next generation of Active Directory gives you out-of-the-box functionality needed to centrally configure and administer system, user, and application settings. With Active Directory, you can simplify user and computer management, enable single sign-on (SSO) access to your network resources, and help enhance the privacy and security of stored information and communications.
2. Active Directory Rights Management Service
is an information protection technology that works with AD RMS-enabled applications to help safeguard digital information from unauthorized use. Content owners can define who can open, modify, print, forward, or take other actions with the information.
Used to:
- Restrict access to an organization's intellectual property
-Limit the actions users can perform on content
-Limit the risk of content being exposed outside the organization
3. Read only Domain Controllers
A Read-Only Domain Controller (RODC) is a new type of domain controller in Windows Server 2008. Its main purpose is to improve security in office branches. In this post, I summarize the functionality of RODC.
In office branches, it is often not easy to provide sufficient physical security for servers. It is not a big deal to manipulate a Windows system if you can get physical access to it. Since Domain controllers store security sensitive data, they are particularly endangered. RODCs can help with this problem in four ways:
RODC essentials
* Read-only feature: An intruder on the RODC can’t manipulate the Active Directory database.
* DNS protection: If the RODC server hosts a DNS server, the intruder won’t be able to tamper with the DNS data.
* Password protection: A malicious user won’t be able to access passwords using a brute-force-attack. This applies only if password caching is disabled on the RODC.
* Administrator Role Separation: You can delegate a local Administrator role to a domain user.
Read-only Domain Controller
* An RODC holds all Active Directory objects and attributes.
* RODCs only support unidirectional replication of Active Directory changes (i.e., from the forest to the RODC).
* If an application needs write access to Active Directory objects, the RODC will send an LDAP referral response that redirects the application to a writable domain controller.
Automatic analysis of event logs
Let GFI EventsManager do the dirty work. Have event logs monitored automatically and get warned about critical events!
Advertisement
DNS Protection
* A DNS server running on an RODC doesn’t support dynamic updates.
* If a client wants to update its DNS record, the RODC will send a referral for a writeable DNS server.
* The client can then update against this DNS server.
* This single record will then be replicated from the writable DNS server to the RODC DNS server.
Password Protection
* By default, an RODC doesn’t store user or computer credentials. (The only exception is the computer account of the RODC itself and a special krbtgt account.)
* However, an RODC can cache passwords.
* If a password isn’t cached, the RODC will forward the authentication request to a writeable DC.
* The Password Replication Policy determines the user groups for which passwords caching will be allowed (more about this in my next post).
Administrator Role Separation:
* A domain user having the Administrator role on an RODC doesn’t have to be a domain admin.
* A domain user having the Administrator role can do maintenance work on the RODC such as installing software.
* If an intruder gains access to the credentials of this local administrator account, he will not be able to make changes on other domain controllers.
4. Hyper-V
Product Details
Windows Server 2008 Hyper-V, the next-generation hypervisor-based server virtualization technology, is available as an integral feature of Windows Server 2008 and enables you to implement server virtualization with ease. Hyper-V allows you to make the best use of your server hardware investments by consolidating multiple server roles as separate virtual machines (VMs) running on a single physical machine.
Technical Resources
Consolidating servers and enabling a high-performance virtual environment is the key to many high availability to mission-critical applications. Businesses are under pressure to ease management and reduce costs while retaining and enhancing competitive advantages, such as flexibility, reliability, scalability, and security. Discover the many benefits of the virtualization capabilities in Windows Server 2008 and access the technical resources and links to get your team started.
Community Resources
Whether you're considering which product and technologies to use, or need support for solutions you’ve implemented, find the right venue to learn from others like you. Community resources provide powerful options to learn from other IT professionals and developers who have implemented a wide range of
Hyper-V solutions. Learn and participate with your peers, as well as the Virtualization development team.
5. Network Access Protection
NAP client
The NAP client consists of three layers: the System Health Agents (SHA), the NAP Agent, and the Enforcement Clients (EC). There are also APIs allowing third-party vendors to integrate their own SHAs and ECs in Microsoft’s NAP infrastructure.
System Health Agent (SHA)
The SHA checks if certain system health requirements are fulfilled. The SHA that comes with Vista and Windows Server 2008 can verify whether the following conditions are met: Windows Firewall is on; antivirus and antispyware software are installed, enabled, and updated; Microsoft Update Services is enabled, and the most recent security updates are installed. If the system is not in the required state, the SHA can then start a process to remedy the situation. For example, it can enable Windows Firewall or contact a remediation server to update the antivirus signatures.
NAP Agent
Sometimes this component is also called Quarantine Agent. It maintains the health state information and facilitates the communication between the SHAs and the ECs.
Enforcement Client (EC)
Sometimes you will also find this as the Quarantine Enforcement Client (QEC). Each NAP enforcement method has its own EC. So there is a DHCP EC and an IPsec EC, for example. Usually, they are integrated with the corresponding service client. So the DHCP EC is a part of the DHCP client. Its main function is to communicate with the server side NAP infrastructure, thereby, enforcing the quarantine of the client if the health requirements are not met. It is the only client component that interacts with the NAP infrastructure on the server side.
Let’s look at the server side of the NAP infrastructure.
Enforcement Server (ES)
This can also be referred to as the Quarantine Enforcement Server (QES). The NAP ES communicates with its corresponding NAP EC. Each enforcement method has its own ES and is integrated in the corresponding service. For example, the DHCP ES is a part of the DHCP Server. Essentially, the ES has the same functions as the EC. It is the interface between the server side NAP infrastructure and the client side, and ensures that noncompliant clients are quarantined. For example, the DHCP ES would make sure that a DHCP server issues the network mask 255.255.255.255 to noncompliant clients. This way they can’t access other computers in the network.
NAP Server
A NAP server is just another name for a NAP-enabled server component. So a DHCP server supporting NAP is a NAP server, for example. Don’t confuse it with a NAP Health Policy Server.
NAP Health Policy Server (NPS)
The NPS consists of the NPS Service, the NAP Administration Server and the System Health Validator (SHV) components.
System Health Validator (SHV)
Each SHV has a corresponding SHA on the client side. It is here where you define the health requirements for your whole network. Windows Server 2008 comes with just one SHV allowing you to choose among the health requirements mentioned above (Windows Firewall enabled, antivirus software updated etc). Third-party vendors can integrate their own SHVs here.
NAP Administration Server
The NAP Administration Server is kind of a distributor and integrator for NAP information. Information that comes from the NPS service is distributed to the different SHVs. Each SHV only receives the information which is relevant for it. The information that comes from the different SHVs is integrated in one message and passed on to the NPS Service.
NPS Service
The NPS Service communicates with the NAP Server using the RADIUS protocol. It is kind of an interface between the NAP server and the NAP Administration Server.
6. Server Core
One of the most exciting new features of Windows Server 2008 is its ability to install as a Server Core machine.
A Server Core installation provides a minimal environment for running specific server roles, which reduces the maintenance and management requirements and the attack surface for those server roles. A server running a Server Core installation supports the following server roles:
* Active Directory Domain Services (AD DS)
* Active Directory Lightweight Directory Services (AD LDS)
* DHCP Server
* DNS Server
* File Services
* Print Services
* Streaming Media Services
* Internet Information Services (IIS)
* Windows Virtualization
In Windows Server 2008, Server Core installation does not include the traditional full graphical user interface (GUI).
What’s new in the Server Core installation option?
The Server Core installation option of Windows Server 2008 requires initial configuration at a command prompt. A Server Core installation does not include the traditional full graphical user interface. Once you have configured the server, you can manage it locally at a command prompt or remotely using a Terminal Server connection. You can also manage the server remotely using the Microsoft Management Console (MMC) or command-line tools that support remote use.
Benefits of a Server Core installation
The Server Core installation option of Windows Server 2008 provides the following benefits:
* Reduced maintenance - Because the Server Core installation option installs only what is required to have a manageable server for the AD DS, AD LDS, DHCP Server, DNS Server, File Services, Print Services, and Streaming Media Services roles, less maintenance is required than on a full installation of Windows Server 2008.
* Reduced attack surface - Because Server Core installations are minimal, there are fewer applications running on the server, which decreases the attack surface.
* Reduced management - Because fewer applications and services are installed on a server running the Server Core installation, there is less to manage.
* Less disk space required - A Server Core installation requires only about 1 gigabyte (GB) of disk space to install and approximately 2 GB for operations after the installation.
* Lower risk of bugs - Reducing the amount of code can help reduce the amount of bugs.
Issues with Server Core installation and upgrading from previous versions
Since Server Core is a special installation of Windows Server 2008, the following limitations are present:
* There is no way to upgrade from a previous version of the Windows Server operating system to a Server Core installation. Only a clean installation is supported.
* There is no way to upgrade from a full installation of Windows Server 2008 to a Server Core installation. Only a clean installation is supported.
* There is no way to upgrade from a Server Core installation to a full installation of Windows Server 2008. If you need the Windows® user interface or a server role that is not supported in a Server Core installation, you will need to install a full installation of Windows Server 2008.
Server Core versions
Server Core comes in Standard, Enterprise and Datacenter editions for i386 and x64 platforms. Most companies will probably go for the Standard edition because most of the differences found in the Enterprise and Datacenter editions of Windows Server 2008 won't be present in Server Core. The Enterprise Server Core will, however, allow you to utilize more processor and memory support, as well as clustering. Datacenter adds the whole Datacenter hardware program and 99.999 percent reliability.
Next, we have the ERIC DMS..
ERIC DMS - Dealer Management System
The ERIC Dealer Management System (DMS) is an end-t-o-end software solution for automotive sales, parts and service businesses. ERIC DMS covers the full range of dealer activities-from marketing to sales and services.
Aside from core business operations, DMS includes a full ERP (Enterprise Resource Planning) and completely automates and integrates back office operations all the way to financial reporting.
With ERIC DMS, you can have full visibility over all operations.
Achieve total control over your car dealership business today!
• Schedule prospects for test drives and follow up on appointments
• Monitor and increase sales
• Delight customers with gentle reminders for appointments
• Manage vehicle inventory
• Deliver impeccable service
• Control parts & consumables cost
• Monitor and correctly implement warranty for parts & service
• Report your financial bottom line
ERIC Dealership Management System (DMS) A complete, end-to-end solution for vehicle dealers, distributors, and service providers
ERIC DMS is composed of three core modules to manage dealer Operations. These modules are:
* Customer Relationship Management (CRM)
* Vehicle Sales and Administration (VSA)
* Service Management (SVM)
* Customer Relationship Management
* Vehicle Sales and Administration
* Service Management
* Parts Inventory
* Order Entry and Billing
* Accounts Receivable
* Accounts Payable
* General Ledger
* Purchasing
* Time Card
The Last session I attended was the HP Thin Client which I was very interested. It makes me, "whoah" seeing a new small workstation 1/4 of the real System unit with equal or more capacity than the bigger one. It was really an amazing tech so far I've ever seen.
HP Thin Client...
What is a thin client?
Thin clients are computing devices that function as an access device on a network. These solid-state devices connect over a network to a server where the bulk of the processing takes place. Thin clients have no hard drive, allowing for more secure storage of data and applications on the server. In fact, keystrokes, mouse events and screen images are all that is sent between the client and server. This makes the device much more secure than a standard desktop or notebook computer.
With no hard drive, fan or other moving parts, thin clients have a much longer lifespan than standard computers and use significantly less power. Lower maintenance costs are another benefit as software application updates, virus scanning and patches can be executed on the server. Deployment costs are also reduced as thin clients can be remotely configured and do not need to be set up individually. Break-fix simply requires replacing the thin client.
Why should I consider a thin client solution?
You need to learn more about the HP thin client solution if your business is faced with issues such as:
• Desktop replacement costs
• Network security
• Data access to mobile or remote workers
• Supporting application software on diverse hardware, or
• Ensuring your data remains accessible and secure
Thin clients are ideal solution for today's healthcare, industrial, retail, financial and education industries offering a number of benefits to your business.
Enhanced security
Unlike a traditional desktop or notebook computer, no applications or data are stored locally on the thin client. This makes them easy to replace if lost, stolen or damaged. Thin clients are an ideal choice for businesses that are facing increased regulatory compliance laws such as HIPAA or Sarbanes-Oxley.
Easier manageability
Thin clients are managed at the server, located within the data center. The client hardware has fewer points of failure and lacks a hard drive for storage providing protection from viruses and malware. Thin clients connect to servers via web browsers or remote desktop software. Depending on the functionality the user needs, client desktops can be very simple single-application kiosks or a flexible and familiar Windows environment.
Thin clients can be set up out of the box in less than 10 minutes allowing easy deployment to new users or remote locations. HP thin clients can be remotely configured and managed via management software included at no extra charge.
High reliability
With thin client access devices, business continuity is a given in the event of a natural disaster, as the data and applications are not resident on the client device. Because of their solid state design, thin clients have an extended product life of up to 5 years and can be cost effectively replaced if needed.
Thin clients are ideal for environments unsuited for traditional desktop computers like dusty, remote or space-constrained environments. They can be mounted invisibly behind a flat panel monitor, under the desk or just about anywhere with the optional VESA (Video Electronics Standards Association)-compatible HP Quick Release.
Increased energy efficiency
Thin clients offer significant savings in power usage over traditional desktops. This is realized not only in energy costs but reduced air-conditioning costs in some cases. With their long lifecycle thin clients allow companies to achieve energy savings targets and reduce the need for replacement equipment.
Lower total cost of ownership
The increased security, reliability and ease of management contribute to a lower total cost of ownership for your client computing devices. With a longer useful lifespan, thin clients contribute to cost savings. According to a study by Gartner (TCO Comparison of PCs with Server-Based Computing, June 2006) thin client TCO annual savings have been measured as high as:
• 79% less downtime cost per user
• 16% capital cost savings
• 34% less in maintenance
• 19% less to operate
• 48% overall lower total cost
HP's Client Virtualization Solutions
HP offers a complete solution of thin client devices for essential, mainstream, flexible or specialized computing. HP can also provide all the related products and services for remote client computing or desktop virtualization including blade PCs, storage, networking and servers.
Reference:
http://www.microsoft.com/windowsserver2008/en/us/active-directory.aspx
http://technet.microsoft.com/en-us/library/cc771234(WS.10).aspx
http://4sysops.com/archives/windows-server-2008-read-only-domain-controller-rodc/
http://www.microsoft.com/windowsserver2008/en/us/hyperv-main.aspx
http://4sysops.com/archives/windows-server-2008-nap-network-access-protection-infrastructure/
http://www.petri.co.il/understanding-windows-server-2008-core.htm
http://www.jupitersystems.com.ph/product.aspx?prod_id=1
http://www.hp.com/sbso/solutions/pc_expertise/article/thinclients_consider.html
Wednesday, July 8, 2009
Assignment 3 (MIS)
SITUATIONER
The conduct of elections in the Philippines for the past four decades has remained largely
unchanged. Philippine elections rely heavily on manual tallying and canvassing of votes thus making
them vulnerable to control and manipulation by traditional politicians and those with vested interests.
The cost of winning an elective post is highly expensive, and the absence of mechanisms to check
and limit sources of campaign funds become fertile grounds for corruption and divisiveness.
In recent years, initiatives to reform the electoral system included the enactment of the
following laws: Republic Act (RA) 8046, establishing a pilot program modernizing the registration
and vote counting process in the Autonomous Region in Muslim Mindanao, the Party List Law,
Fair Elections Act and the Absentee Voting Act. To address the inadequacies and limitations of the
electoral process, RA 8436 or the Election Automation Act of 1997, was passed authorizing the
Commission on Elections (COMELEC) to use automated election system for vote counting and
canvassing in the national and local polls. The law provided for the generation of a national
computerized voters list, establishment of a voters identification card system and the automation of
the vote counting.
However, sectoral issues still hinder reform efforts in the electoral process. The following
have been identified as basic problems afflicting the electoral system: (a) outdated electoral
process; (b) failure to implement the electoral modernization law; (c) limited administrative and
regulatory capabilities of the COMELEC; (d) ineffective educational/information campaigns on
new laws and policies; (e) weak political party system; (f) unaccountable political financing; and
(g) defective party list system (Governance Assessment, 2003).
II. GOALS, STRATEGIES AND ACTION PLANS
To ensure a credible and transparent electoral process, the modernization of the electoral
system through computerization shall be supported to ensure the credibility of polls and correct the
deficiencies in the electoral system. Likewise, the Omnibus Election Code shall be further revised
and amended to respond to the needs of the present electoral system.
Measures to strengthen the party system and regulate the activities of political parties shall
be created. State financing of political parties shall also be considered through the passage of the
Campaign Finance Bill.
The COMELEC’s capacity to raise the level of political discourse and educate citizens
regarding their right to vote will be enhanced. This will be done through conduct of continuing
citizen and voter education through partnership with civil society groups and other government
Chapter 13
Automated Elections
Automated Elections
178
institutions. The electorate must be empowered with information that would help them vote
intelligently. The challenge is to develop the people’s appreciation of their vote as a means to
reform the government and receive better services from it. Part of this challenge is the need to
raise the awareness of the electorate on relevant issues and the corresponding platforms of the
candidates, if the country is to shift from the politics of personality to the politics of party
programs.
Automated election fraud
AUTOMATED ELECTION fraud like manual election fraud can be divided into two parts:
1. Retail cheating in the counting and preparation of precinct election returns.
2. Wholesale fraud in the transmission and canvassing at the municipal, district, city and provincial levels.
Fraud usually does not happen at the national level since there are fewer numbers to transmit and canvass, and there are many eyes focused on the process.
We will start by discussing how fraud can be done on the OMR (optical mark reading) counting machines.
Then we will discuss how fraud can take place in transmission and canvassing.
The Comelec claims that we will finally have clean and honest elections because the 2010 elections will be fully automated.
The old cheaters who are computer illiterate and not in Comelec or with the automated system vendors may indeed find that their old tricks will no longer work.
Misreading and manual tampering of ERs and COCs will no longer be possible.
Transparency
The beauty of the old system of writing names of candidates voted for, public reading of votes in front of watchers and citizens, tallying and manual preparation of election returns was that it was visible.
At times there could have been fraud. But it was visible. Maybe sometimes due to guns and goons, people would just keep quiet.
In the new OMR system voters will feed the ballot into the machine the next thing they will see is the printed election return.
Whether their votes were properly counted they will not know.
Transparency at the precinct level is gone.
Fraud can take place and the voters and watchers at the precinct will not know if fraud has taken place.
Comelec’s claims
Comelec claims that the AES (automated election system) cannot be hacked and that the source code will be open for inspection.
These are good for Comelec’s PR efforts, but they do not make automated elections safe from fraud. In fact, they are smoke screens that cover the real areas where fraud can take place.
The Random House Encyclopedia defines hacking as unauthorized access to a computer, either for fun or for malicious or fraudulent purposes.
Hackers generally use microcomputers and telephone lines to obtain access.
In computing, the term is used in a wider sense to mean using software for enjoyment or self-education, not necessarily involving unauthorized access.
Hacking is not the problem and, therefore, spending time and money to prevent hacking is not very useful.
If only outsiders would rob you in your home then having grilled windows, special locks, alarms, etc. will ensure your safety.
But if you live in the company of thieves, you can still be robbed. That is what the police refer to as an “inside job.”
The greatest danger of fraud in the 2010 computerized elections will come from insiders in Comelec and computer vendors, not from outsiders.
In a recent meeting of the Management Association of the Philippines Election Automation subcommittee, with former Customs and BIR Commissioner Guillermo Parayno, we asked him whether his agencies had ever been hacked.
His answer was no, any intrusions were always by insiders.
Source code inspection
The other point Comelec likes to stress is that the source code of the OMR counting machines will be available for inspection by computer experts.
Looking at the source code is practically useless.
OMR machines are used in schools for scoring tests and in survey companies for tabulating survey results.
Members of the administrative staff in schools and survey companies do not change the source code. They provide a scoring or tabulating table to modify how the OMR machine scores a test or tabulates a survey.
By changing this table, fraud is easily committed.
In order to cheat on the OMR counting machines, all that is needed is to download a new counting table that changes for whom a shaded circle is counted.
In areas where the candidates that want to cheat are weak, the table can be modified so that votes will be switched.
This does not have to be done on all machines.
If done on even just 10 percent of the OMR machines, a tight race may be reversed in favor of those who are cheating.
How would the counting tables be switched? Since the OMR machines are connected to the Internet, it is possible for an outside party, in connivance with Comelec or system vendor people, to enable an unseen computer to load the fraudulent table.
At the end of counting, the original table can be reloaded so that any tests would indicate that the machines are counting correctly and honestly.
It could also be possible for someone that seems to be authorized to quickly insert a USB memory stick that would load the fraudulent table.
Fraud at provincial level
While the Comelec has budgeted P8.2 billion for machines rental of OMR machines, it has only budgeted P200 million for transmission and P200 million for canvassing.
There is no provision for parallel transmission and canvassing. Therefore, there is no provision for audit.
In the old manual system, the hard copy of the precinct ERs were brought to the municipality to be read and entered in the statement of votes, which was visible to watchers. Watchers could compare the statement of votes with their own copies of the ER. Before the ER was read and added to the statement of votes, the authenticity of the ER was first verified.
This process took time and caused delays when lawyers argued, but at least citizens could see what was going on, hopefully make sure that votes were properly canvassed and at the very least be aware that frauds had taken place.
The Comelec AES has no safeguards against insider-initiated fraud. It assumes that the Comelec and the vendor officials, managers and staff are absolutely honest. It assumes that an automated system will not commit mistakes or fraud.
In the Comelec system, massive fraud can take place, but it will not be discovered until after the beneficiaries of fraud have been proclaimed.
Good luck with the election protests to the real winners who were defrauded!
How can fraud be done?
While RA 9369 provides for the printing of up to 30 copies of ERs and their posting at the precinct, the single transmission and canvassing system can move much faster.
Some vendors claim that national candidates could be proclaimed in less than 48 hours.
Unfortunately, the political parties and citizens arms cannot move that fast and would not be able to point to fraudulent manipulation before the rushed proclamation of the favored candidates, as what recently happened in Iran.
It is interesting that while it was said that the slow transmission and canvassing in the old manual system created many opportunities for fraud, in the new automated system, very fast transmission and canvassing in 2010 may lead to massive fraud, frustrating the true votes of our nation.
I would propose that legislation be passed to deliberately institute auditing steps at each level.
There is nothing wrong with the national count taking two weeks. There is a saying that haste makes waste. Let’s not have our new leaders elected by automated election fraud.
Smartmatic case
Avante has documented how Smartmatic was able to remotely change the ERs of three precincts in Wao in last year’s ARMM election.
Three precincts reported 0 votes because the number of votes exceeded the number of voters.
Smartmatic was able to remotely change the votes in the three precincts.
The Internet and the World Wide Web are powerful tools for doing good. They can also be used for evil.
Good or evil
My company uses the Internet and collaboration software to be able to access our customers’ computers and manipulate them as if we were onsite. The same could be done with the Comelec OMR machines and transmission and canvassing computers.
What could we do with such remote access and manipulation capabilities?
Someone could access OMR machines and change their vote counting tables temporarily to make some candidates get votes and others lose votes.
After counting, the proper tables could be restored so that the fraud would go undetected.
The same technology could be used to access municipal canvassing systems to change the COC prior to transmission. The best way to cheat would be to switch votes between candidates.
Something similar could be done on provincial canvassing computers.
Key safeguards
However, instead of altering the provincial COC, one could change the statement of votes of some municipalities. These changes would be reflected on the provincial COC.
How do we safeguard our vote?
In order to prevent automated election fraud, certain safeguards have to be instituted. These include:
1. The OMR machines should not have any network connection. The election results should be copied to USB memory sticks, which can subsequently be loaded to a separate PC that will transmit the results to the Comelec canvassing system at the municipality and to the dominant majority and minority parties, as well as to the citizens arms such as PPCRV and Namfrel.
2. The above parties should be provided with their own PCs to be able to produce their own COCs. If the Comelec COC does not match the COCs produced by other parties, a careful review should be done prior to transmission to the provincial level.
3. The verified municipal COC should then be transmitted to the multiple groups defined above. Again, the Comelec COC should be compared with the other COCs and the reason for discrepancies should be determined.
4. The verified Provincial COC should again be transmitted to multiple parties.
The Comelec and Congressional Canvass should again be compared to the parallel canvasses to assure that fraud is minimized as much as possible.
5. Each of the concerned groups should make their results available on their websites for the public to access.
If these proposed measures are followed, there will be true transparency and automated fraud will be minimized.
Opinion..
If I were to choose whether manual or automated election, I would rather choose automated because it will lessen the time of voting. With regards to the situation, many rumors that it will become worst if we will use the automated election because it will be manipulated by some of the people. But, security is more gained in automated election rather than manual.
Comparison between Manual and Automated Election..
Manual
1. manual testing no tool is available to test the application,you have to check the application manually by manually weither the application is working is working as per the client requirements or not.
2. Unsecured (due to bombings and thief)
3. Takes more time for results
Automated
1. Convenient
2. Gets a tally immediately
3. Fast Results
4. Secured
5. Transparent
The problem is..
1. Inaccurate
2. Disturbingly easy to hack
3. Automation testing tool is available to test the application weither the application is working is working as per the client requirements or not.
References:
http://www.neda.gov.ph/ads/mtpdp/mtpdp2004-2010/pdf/mtpdp%202004-2010%20neda_chapterx13_elections.pdf
http://business.inquirer.net/money/columns/view/20090706-214009/Automated-election-fraud
The conduct of elections in the Philippines for the past four decades has remained largely
unchanged. Philippine elections rely heavily on manual tallying and canvassing of votes thus making
them vulnerable to control and manipulation by traditional politicians and those with vested interests.
The cost of winning an elective post is highly expensive, and the absence of mechanisms to check
and limit sources of campaign funds become fertile grounds for corruption and divisiveness.
In recent years, initiatives to reform the electoral system included the enactment of the
following laws: Republic Act (RA) 8046, establishing a pilot program modernizing the registration
and vote counting process in the Autonomous Region in Muslim Mindanao, the Party List Law,
Fair Elections Act and the Absentee Voting Act. To address the inadequacies and limitations of the
electoral process, RA 8436 or the Election Automation Act of 1997, was passed authorizing the
Commission on Elections (COMELEC) to use automated election system for vote counting and
canvassing in the national and local polls. The law provided for the generation of a national
computerized voters list, establishment of a voters identification card system and the automation of
the vote counting.
However, sectoral issues still hinder reform efforts in the electoral process. The following
have been identified as basic problems afflicting the electoral system: (a) outdated electoral
process; (b) failure to implement the electoral modernization law; (c) limited administrative and
regulatory capabilities of the COMELEC; (d) ineffective educational/information campaigns on
new laws and policies; (e) weak political party system; (f) unaccountable political financing; and
(g) defective party list system (Governance Assessment, 2003).
II. GOALS, STRATEGIES AND ACTION PLANS
To ensure a credible and transparent electoral process, the modernization of the electoral
system through computerization shall be supported to ensure the credibility of polls and correct the
deficiencies in the electoral system. Likewise, the Omnibus Election Code shall be further revised
and amended to respond to the needs of the present electoral system.
Measures to strengthen the party system and regulate the activities of political parties shall
be created. State financing of political parties shall also be considered through the passage of the
Campaign Finance Bill.
The COMELEC’s capacity to raise the level of political discourse and educate citizens
regarding their right to vote will be enhanced. This will be done through conduct of continuing
citizen and voter education through partnership with civil society groups and other government
Chapter 13
Automated Elections
Automated Elections
178
institutions. The electorate must be empowered with information that would help them vote
intelligently. The challenge is to develop the people’s appreciation of their vote as a means to
reform the government and receive better services from it. Part of this challenge is the need to
raise the awareness of the electorate on relevant issues and the corresponding platforms of the
candidates, if the country is to shift from the politics of personality to the politics of party
programs.
Automated election fraud
AUTOMATED ELECTION fraud like manual election fraud can be divided into two parts:
1. Retail cheating in the counting and preparation of precinct election returns.
2. Wholesale fraud in the transmission and canvassing at the municipal, district, city and provincial levels.
Fraud usually does not happen at the national level since there are fewer numbers to transmit and canvass, and there are many eyes focused on the process.
We will start by discussing how fraud can be done on the OMR (optical mark reading) counting machines.
Then we will discuss how fraud can take place in transmission and canvassing.
The Comelec claims that we will finally have clean and honest elections because the 2010 elections will be fully automated.
The old cheaters who are computer illiterate and not in Comelec or with the automated system vendors may indeed find that their old tricks will no longer work.
Misreading and manual tampering of ERs and COCs will no longer be possible.
Transparency
The beauty of the old system of writing names of candidates voted for, public reading of votes in front of watchers and citizens, tallying and manual preparation of election returns was that it was visible.
At times there could have been fraud. But it was visible. Maybe sometimes due to guns and goons, people would just keep quiet.
In the new OMR system voters will feed the ballot into the machine the next thing they will see is the printed election return.
Whether their votes were properly counted they will not know.
Transparency at the precinct level is gone.
Fraud can take place and the voters and watchers at the precinct will not know if fraud has taken place.
Comelec’s claims
Comelec claims that the AES (automated election system) cannot be hacked and that the source code will be open for inspection.
These are good for Comelec’s PR efforts, but they do not make automated elections safe from fraud. In fact, they are smoke screens that cover the real areas where fraud can take place.
The Random House Encyclopedia defines hacking as unauthorized access to a computer, either for fun or for malicious or fraudulent purposes.
Hackers generally use microcomputers and telephone lines to obtain access.
In computing, the term is used in a wider sense to mean using software for enjoyment or self-education, not necessarily involving unauthorized access.
Hacking is not the problem and, therefore, spending time and money to prevent hacking is not very useful.
If only outsiders would rob you in your home then having grilled windows, special locks, alarms, etc. will ensure your safety.
But if you live in the company of thieves, you can still be robbed. That is what the police refer to as an “inside job.”
The greatest danger of fraud in the 2010 computerized elections will come from insiders in Comelec and computer vendors, not from outsiders.
In a recent meeting of the Management Association of the Philippines Election Automation subcommittee, with former Customs and BIR Commissioner Guillermo Parayno, we asked him whether his agencies had ever been hacked.
His answer was no, any intrusions were always by insiders.
Source code inspection
The other point Comelec likes to stress is that the source code of the OMR counting machines will be available for inspection by computer experts.
Looking at the source code is practically useless.
OMR machines are used in schools for scoring tests and in survey companies for tabulating survey results.
Members of the administrative staff in schools and survey companies do not change the source code. They provide a scoring or tabulating table to modify how the OMR machine scores a test or tabulates a survey.
By changing this table, fraud is easily committed.
In order to cheat on the OMR counting machines, all that is needed is to download a new counting table that changes for whom a shaded circle is counted.
In areas where the candidates that want to cheat are weak, the table can be modified so that votes will be switched.
This does not have to be done on all machines.
If done on even just 10 percent of the OMR machines, a tight race may be reversed in favor of those who are cheating.
How would the counting tables be switched? Since the OMR machines are connected to the Internet, it is possible for an outside party, in connivance with Comelec or system vendor people, to enable an unseen computer to load the fraudulent table.
At the end of counting, the original table can be reloaded so that any tests would indicate that the machines are counting correctly and honestly.
It could also be possible for someone that seems to be authorized to quickly insert a USB memory stick that would load the fraudulent table.
Fraud at provincial level
While the Comelec has budgeted P8.2 billion for machines rental of OMR machines, it has only budgeted P200 million for transmission and P200 million for canvassing.
There is no provision for parallel transmission and canvassing. Therefore, there is no provision for audit.
In the old manual system, the hard copy of the precinct ERs were brought to the municipality to be read and entered in the statement of votes, which was visible to watchers. Watchers could compare the statement of votes with their own copies of the ER. Before the ER was read and added to the statement of votes, the authenticity of the ER was first verified.
This process took time and caused delays when lawyers argued, but at least citizens could see what was going on, hopefully make sure that votes were properly canvassed and at the very least be aware that frauds had taken place.
The Comelec AES has no safeguards against insider-initiated fraud. It assumes that the Comelec and the vendor officials, managers and staff are absolutely honest. It assumes that an automated system will not commit mistakes or fraud.
In the Comelec system, massive fraud can take place, but it will not be discovered until after the beneficiaries of fraud have been proclaimed.
Good luck with the election protests to the real winners who were defrauded!
How can fraud be done?
While RA 9369 provides for the printing of up to 30 copies of ERs and their posting at the precinct, the single transmission and canvassing system can move much faster.
Some vendors claim that national candidates could be proclaimed in less than 48 hours.
Unfortunately, the political parties and citizens arms cannot move that fast and would not be able to point to fraudulent manipulation before the rushed proclamation of the favored candidates, as what recently happened in Iran.
It is interesting that while it was said that the slow transmission and canvassing in the old manual system created many opportunities for fraud, in the new automated system, very fast transmission and canvassing in 2010 may lead to massive fraud, frustrating the true votes of our nation.
I would propose that legislation be passed to deliberately institute auditing steps at each level.
There is nothing wrong with the national count taking two weeks. There is a saying that haste makes waste. Let’s not have our new leaders elected by automated election fraud.
Smartmatic case
Avante has documented how Smartmatic was able to remotely change the ERs of three precincts in Wao in last year’s ARMM election.
Three precincts reported 0 votes because the number of votes exceeded the number of voters.
Smartmatic was able to remotely change the votes in the three precincts.
The Internet and the World Wide Web are powerful tools for doing good. They can also be used for evil.
Good or evil
My company uses the Internet and collaboration software to be able to access our customers’ computers and manipulate them as if we were onsite. The same could be done with the Comelec OMR machines and transmission and canvassing computers.
What could we do with such remote access and manipulation capabilities?
Someone could access OMR machines and change their vote counting tables temporarily to make some candidates get votes and others lose votes.
After counting, the proper tables could be restored so that the fraud would go undetected.
The same technology could be used to access municipal canvassing systems to change the COC prior to transmission. The best way to cheat would be to switch votes between candidates.
Something similar could be done on provincial canvassing computers.
Key safeguards
However, instead of altering the provincial COC, one could change the statement of votes of some municipalities. These changes would be reflected on the provincial COC.
How do we safeguard our vote?
In order to prevent automated election fraud, certain safeguards have to be instituted. These include:
1. The OMR machines should not have any network connection. The election results should be copied to USB memory sticks, which can subsequently be loaded to a separate PC that will transmit the results to the Comelec canvassing system at the municipality and to the dominant majority and minority parties, as well as to the citizens arms such as PPCRV and Namfrel.
2. The above parties should be provided with their own PCs to be able to produce their own COCs. If the Comelec COC does not match the COCs produced by other parties, a careful review should be done prior to transmission to the provincial level.
3. The verified municipal COC should then be transmitted to the multiple groups defined above. Again, the Comelec COC should be compared with the other COCs and the reason for discrepancies should be determined.
4. The verified Provincial COC should again be transmitted to multiple parties.
The Comelec and Congressional Canvass should again be compared to the parallel canvasses to assure that fraud is minimized as much as possible.
5. Each of the concerned groups should make their results available on their websites for the public to access.
If these proposed measures are followed, there will be true transparency and automated fraud will be minimized.
Opinion..
If I were to choose whether manual or automated election, I would rather choose automated because it will lessen the time of voting. With regards to the situation, many rumors that it will become worst if we will use the automated election because it will be manipulated by some of the people. But, security is more gained in automated election rather than manual.
Comparison between Manual and Automated Election..
Manual
1. manual testing no tool is available to test the application,you have to check the application manually by manually weither the application is working is working as per the client requirements or not.
2. Unsecured (due to bombings and thief)
3. Takes more time for results
Automated
1. Convenient
2. Gets a tally immediately
3. Fast Results
4. Secured
5. Transparent
The problem is..
1. Inaccurate
2. Disturbingly easy to hack
3. Automation testing tool is available to test the application weither the application is working is working as per the client requirements or not.
References:
http://www.neda.gov.ph/ads/mtpdp/mtpdp2004-2010/pdf/mtpdp%202004-2010%20neda_chapterx13_elections.pdf
http://business.inquirer.net/money/columns/view/20090706-214009/Automated-election-fraud
Subscribe to:
Posts (Atom)
