Thinking Pinoy
RJ Nieto
The IT provider for 1Sambayan’s 1Sama app has, for its president, a member of the National Citizens' Movement for Free Elections (Namfrel) National Council.
On June 12, 2021, Manila Bulletin tech editor Art Samaniego Jr. showed that 1Sambayan’s app 1Sama has a critical vulnerability that, if exploited, will lead to leaks of private data of over 3,000 volunteers that 1Sambayan has been crowdsourcing. This includes the volunteers’ “Apple ID, address, birth date, email address, Facebook ID, full name, Google ID, mobile number, password, profile picture, username, and profession” .
On June 16, 2021, Samaniego reported that 1Sambayan downplayed the security vulnerability and claimed that they were hacked. Quoting 1Sambayan convenor Howard Calleja, “Napag-aralan namin over Saturday and Sunday that it was a professional hack. We have our safeguards but obviously, it was a professional hack.”
Calleja’s “Saturday and Sunday” refers to the weekend from June 12th to June 13th, i.e., right after the publication of Samaniego’s Jun 12, 2021 article.
Samaniego correctly pointed out that what he reported earlier was a security flaw that can be exploited, and not a hacking incident itself. Apparently, Atty. Calleja, who presumably has a decent command of the English language, doesn’t know the difference between a mere vulnerability and an actual hacking.
Things took a weirder turn of events after Samaniego and Manila Bulletin reporter Eliezer Rabadon discovered that the 1Sama app shares the same IT infrastructure as that of the #VoteforUsPH test website.
#VoteForUsPH is owned by the supposedly non-partisan election watchdog NAMFREL.
More specifically, both IT assets have an IP address with the hostname “namfrel-test-vm.teravibe.com” .
A day later, on June 17th, NAMFREL denied links with 1Sambayan, saying that it “does not support any specific political candidate or party as it remains non-partisan,” and “to say that organizations using the same third-party servers are related to each other solely because of such shared third-party server use, is wrong and misleading.”
That is, NAMFREL basically said that the presence of their Vote for Us test site and 1Sambayan’s 1Sama app on the same third-party server is purely coincidental.
But is it really coincidental that both used Teravibe.com?
Makati-based IT solutions firm Teravibe.com President and CEO is Fernando Contreras Jr., according to one of his interviews with ABS-CBN News and his profile in the Foundation for Media Alternatives website .
Aside from his involvement with Teravibe, NAMFREL’s website also lists Contreras as a member of its National Council , meaning Contreras is a top NAMFREL officer.
Fernando Contreras, a NAMFREL National Council member, is the President and CEO of 1Sambayan’s IT provider Teravibe.
SOURCES:
Manila Bulletin. One big vulnerability in 1Sambayan app. 12 June 2021. https://mb.com.ph/2021/06/12/one-big-vulnerability-in-1sambayan-app/
Manila Bulletin. 1SAMBAYAN Downplays App Security Vulnerability; Claims They Were Hacked. 16 June 2021. https://mb.com.ph/2021/06/16/1sambayan-downplays-app-security-vulnerability-claims-they-were-hacked-2/
Manila Bulletin. NAMFREL, 1Sambayan, Vote For Us, and COMELEC: What’s the connection? 15 June 2021. https://mb.com.ph/2021/06/15/namfrel-1sambayan-vote-for-us-and-comelec-whats-the-connection/
BusinessMirror. Namfrel scoffs at claims of ‘ties’ with opposition bloc 1Sambayan. 17 June 2021. https://businessmirror.com.ph/2021/06/17/namfrel-scoffs-at-claims-of-ties-with-opposition-bloc-1sambayan/
ABS-CBN News. Blockchain seen making inroads in energy sector. 29 August 2018. https://news.abs-cbn.com/video/business/08/29/18/blockchain-seen-making-inroads-in-energy-sector
Foundation for Media Alternatives. Trustees. https://fma.ph/trustees/ . Retrieved 17 June 2021.
NAMFREL. About us: Officers. https://www.namfrel.com.ph/aboutus/officers.php . Retrieved 17 June 2021.