By Basele Stephen
The ongoing registration of voters by IEBC is the biggest joke of the Century to the world of Technology. It passes simply as a great joke out there to misuse the billions meant for the same. Here are a few concerns from me, an amateur in the field. IEBC has failed to put in place simple security measures to limit access to the system.
Physical Access Level management is limited. The simple password rules are ignored. The privacy/the security of the passwords too. For the laptops, both access password are actually handwritten on tapes that are stuck at the back of the laptop. In layman language, this means that, in case of theft, the thief, without even the basics in IT can actually register ‘fake or real’ voters in the system and there is no way to differentiate registration by authorized IEBC clerks and the thief.
I have also noted that the IEBC software runs on one of obsolete Microsoft OS. The OS became obsolete about three years ago and Microsoft had discontinued the support to the OS. They (Microsoft) has even announced on their website on the same. Apart from being obsolete, the OS is one of the most vulnerable OS ever developed. You may also have watched it in the news on double registration and persons sharing the same ID numbers.
My friend Bill Clinton Owiti and Washington Masai Chekata can confirm to you that the most basic thing one can do when designing a database, is first ensuring that you identify the unique cell, also referred to as the Primary Key (Pk). The unique identifier therefore ensures that there are no duplicates in the database. Any sane developer out there would have informed you that he/she would pick out National ID number as the unique identifier, populate a different database with data from immigration and only verify the same rather than conducting another registration(This might require a policy in place but still would have saved Kenyans the millions)
Finally, the mode of data transmission from the registration centers to the central servers is the most crude data transmission system I have come across in this age of Digitization. Whole appreciating the facts that a lot of the centers might have the Internet connectivity challenges, it is so backwardly to think of physical data transmission. There so no synchronization, the BVRs cannot write to the server. This is actually what happens : ‘After a week long registration, the VRA(the Head clerk during our times) would send one of the flash disks to the ICT person based at the constituency.
Several of these are put together and the constituency coordinator will carry them to the regional ICT who then imports the data into the system. Now, figure out the risks involved with physical transmission of data! IEBC and Chebukati should just spare us the mockery, this is not digital registration but Manual registration.