Anyone who was expecting an ‘election audit’ from the Brazilian Ministry of Defense (DOD) report issued today, as private groups have been doing recently (here and here and here), was sorely disappointed.
Contrary to what has been described and believed, the purpose of this 60+ pages DOD technical report was not to investigate and analyze the elections but only to present the observations of the inspection of some electronic ballot boxes conducted from Aug. 2 to Aug. 19, 2022, at the Superior Electoral Court TSE.
Nothing more, nothing less.
Whether there was electoral fraud, as feared by millions of protesting Brazilians, remains in the dark.
The report does not include a post-election ballot box evaluation, a ballot audit, or a thorough election audit.
However, the report does state that the ballot box can be tampered with, as it is not free of malicious code that causes security problems.
It also evidenced that access to the source code and several other requests were denied by the TSE.
The Brazilian DOD describes the objective of the report as follows:
It is not the purpose of this document to assess the level of security of the FSPA. Therefore, the sole purpose of describing the findings that resulted from the inspection process is to provide the election court with suggestions for possible improvements from an inspection agency’s perspective independently and impartially.
And even this analysis should be taken with a grain of salt since the Superior Electoral Court TSE had defined limits on system access and source code analysis, as listed below:
- Only static analysis was allowed, i.e., it was impossible to execute the source codes, which resulted in not understanding the execution order of the individual parts of the system and the operation of the system as a whole.
- Each unit had a copy of the source code. The code was accessed through the computers of the TSE. The TSE allowed technicians to enter the inspection room with only paper and pencil.
- No access was granted to the TSE’s version control system, so it was not possible to compare the compiled version with the version being inspected, nor was it possible to verify that the source codes matched.
- This means there is no assurance that the code in the ballot boxes is the same as that which was verified.
- Access was not granted to software libraries developed by third parties and referenced in the source code, limiting the understanding of the audited system; and
- The limitations of testing in the analysis environment made it difficult to test a complex system with more than 17 million lines of source code.
In light of the above, “it was impossible to certify that the system was functioning properly”, concluded the Defense Ministry, leaving the country stranded in no man’s land.