“Anonymous IT” Explains How Bongbong Marcos Was Cheated

After Senator and vice presidential candidate Ferdinand “Bongbong” Marcos Jr.,  called on all IT experts to help shed the light about the ongoing suspected hocus pocus, several analysis have been submitted to his camp, while others were gone viral online.

There are analysis from mathematicians and statisticians, but analysis from IT experts always matters most since the problem started when a certain script was inserted into the server.

One of the most popular analysis, and probably the most viable comment is the one posted by former DILG secretary Rafael Alunan III on his Facebook wall.

Someone called himself “Anonymous IT Expert” shared his analysis so people will understand, not only about what happened during the transmission of votes, but also how the inserted piece of codes works.


A very interesting and informative message from an anonymous IT EXPERT.


Hello, we are an IT professional working outside the country in a large company.

The reports says, PCOS/VCM used MD5 hash Key. Hmmm. I can see some concerns here, using MD5 hashing? You can google it, you can easily decrypt it. Though you can easily decrypt it, it’s still impossible for you to grab and extract it, unless you have a direct access to the system. Firewalls, IDS, IPS, and all other security perimeters are in place. So if you are a hacker? Good luck to you my friend! The only one who can do it is someone who really knew their way around the system or some one that has an inside knowledge on how accessing the system.

Going back to the topic. What I can see here, it seems the transmission between the Server and the PCOS/VCM has been breached. The actual VCM, that has a unique MD5 hash key connecting to the Server has been replaced with an unknown VCM. This unknown VCM has a different data but has a file with the same filename used on the application database in the Server. Since this VCM is a different machine, a unique MD5 hash key algorithm will be used.

Here’s possibly what happened: Our good friend, who has an access to the server, did run the script to install the MD5 hash key similar to the unknown VCM into the server. Once the MD5 hash key has been installed, the old VCM will not be able to throw the data back to the server as the server is now using a different MD5 hash key. This time the old VCM has been replaced by this unknown VCM and this unknown VCM has now the right to throw it’s data to the server.

Easy right? During this change activity, disruption on the transmission most likely will occur. End nodes such application host, etc., will be prompted with an unknown error, the programmers will thought there’s a code issues with their Applications. But if you can see it, it’s just a simple migration of data connection between the two VCM connecting the Server.

So then, Mr. Comelec, you explained to the public the change being done was only a breakfix for “?” to “ñ”. How about those MD5 hash concerns?

If you are an IT Security/Network professional, you know what I’m talking about. We hope this info might help push the filling of the case against Comelec.

Thank you and God bless!”
Anonymous IT

Now it’s up to the people to believe who is telling the truth – the COMELEC and Smartmatic, or Bongbong Marcos? /Juvy Rosarito/