Anybody who was anticipating an ‘election audit’ from the Brazilian Ministry of Protection (DOD) report issued at the moment, as non-public teams have been doing not too long ago (right here and right here and right here), was sorely upset.
Opposite to what has been described and believed, the aim of this 60+ pages DOD technical report of the evaluation, performed from Aug. 2 to Aug. 19, 2022.
Nothing extra, nothing much less.
Whether or not there was electoral fraud, as feared by tens of millions of protesting Brazilians, stays at nighttime.
The report doesn’t embrace a post-election poll field analysis, a poll audit, or an intensive election audit.
But it surely states that the poll field could be tampered with as a result of it’s not exempt from malicious code to current safety issues.
It additionally evidenced that entry to the supply code and several other different requests have been denied.
The Brazilian DOD describes the target of the report as follows:
It’s not the aim of this doc to evaluate the extent of safety of the FSPA. Subsequently, the only goal of describing the findings that resulted from the inspection course of is to offer the election courtroom with recommendations for potential enhancements from an inspection company’s perspective independently and impartially.
And even this evaluation must be taken with a grain because the Superior Electoral Court docket TSE had outlined limits on system entry and supply code evaluation, as listed beneath:
- Solely static evaluation was allowed, i.e., it was inconceivable to execute the supply codes, which resulted in not understanding the execution order of the person components of the system and the operation of the system as an entire.
- Every unit had a replica of the supply code. The code was accessed via the computer systems of the TSE. The TSE allowed technicians to enter the inspection room with solely paper and pencil.
- No entry was granted to the TSE’s model management system, so it was not potential to match the compiled model with the model being inspected, nor was it potential to confirm that the supply codes matched.
- This implies there isn’t a assurance that the code within the poll packing containers is identical as that which was verified.
- Entry was not granted to software program libraries developed by third events and referenced within the supply code, limiting the understanding of the audited system; and
- The restrictions of testing within the evaluation surroundings made it troublesome to check a posh system with greater than 17 million traces of supply code.
In gentle of the above, “it was inconceivable to certify that the system was functioning correctly”, concluded the Protection Ministry, leaving the nation stranded in no man’s land.