By Eliezer Rabadon | Manila Bulletin
Is NAMFREL, a supposedly non-partisan organization, supporting 1Sambayan an anti-Duterte coalition that aims to unify the opposition for the 2022 elections? Is COMELEC, the country’s election body, indirectly endorsing 1Sambayan by supporting Vote for Us, a non-government organization closely affiliated with NAMFREL? These questions came up because of the information we found when we tried to dig deeper into the alleged data breach in the 1Sama Ako app of the 1Sambayan coalition.
NAMFREL “is the pioneer in election monitoring. It started with the establishment of the operations registration committee in 1957. Since 1984, NAMFREL has been accredited by the Commission and Elections to conduct the Operation Quick Count (OQC). Namfrel was accredited in 21 electoral exercises.” (http://www.namfrel.com.ph/aboutus/history.php).
NAMFREL has introduced non-partisan national election monitoring to the Philippines after exposing the issues involved with the 1986 Snap Elections.
1SAMBAYAN is a broad coalition of democratic forces representing the broad spectrum of legitimate political persuasions in the Philippines. It aims to usher in a competent, trustworthy administration in the May 2022 national elections by fielding a single slate of national candidates: president, vice president, and 12 senators.
The movement began in September 2020, when economic recession and unemployment due to the COVID-19 pandemic had set in, the number of infections kept rising, and the incumbent administration had shown itself incapable of a sensible, effective response to the crisis. (https://1sambayan.org/about-us/)
The coalition has one purpose, to field unified candidates to beat whoever President Duterte would endorse or support in the 2022 elections.
VOTE FOR US is a Non-Governmental Organization. The Facebook page currently posts about inviting people to participate in the upcoming election. To date, the information about Vote For Us is limited to what they are posting on their Facebook page. (https://www.facebook.com/VoteForUsPH/)
So far, it looks like these three entities are independent, especially NAMFREL who’s expected to be a non-partisan organization. But read on and like us, you would be surprised with what we’ve found.
On June 12, MB Tech News Editor Art Samaniego Jr. published an article titled “One big vulnerability in 1Sambayan app” (https://mb.com.ph/2021/06/12/one-big-vulnerability-in-1sambayan-app/). The said article informed the public that a vulnerability to the 1Sama Ako Application had experienced a data breach resulting in publicly exposing more than 3,000 personally identifiable information.
As a web developer, I got curious and decided to dig deeper into 1Sama Ako Application API:
The reported vulnerable API uses the URL http://1sama.1sambayan.org/ with an IP address of 18.104.22.168 while the hostname of the IP address is namfrel-test-vm.teravibe.com. According to shodan.io https://www.shodan.io/host/22.214.171.124, the said IP address has three opened HTTP ports: 80, 443, 1234
When we checked port 443 https://1sama.1sambayan.org:443/, it redirected us to the currently offline API of 1Sama Ako App.
But when we checked port 1234 http://1sama.1sambayan.org:1234, it redirected us to the Vote For Us website, which seems to be currently under development.
This is becoming interesting, so I decided to dig deeper, now checking the Facebook Page of Vote For Us.
Due to the limited information about Vote For Us, we have checked the Facebook page posts.
When we check the Facebook post date June 9 at 10:10 AM and clicked the publicly viewable shares, we saw that the following Facebook pages shared the post:
When we checked the Facebook post dated June 2 at 10:09 AM, we found out that the following Facebook pages shared the post:
This series of activities lead us to ask the following questions:
3) Can we trust NAMFREL to be objective in the coming elections when it’s apparent that it supports a partisan group?
4) Why, when we visit http://1sama.1sambayan.org:1234/, are we redirected to the Vote For Us website?
I hope we get the answers to those questions for the sake of transparency. Just a disclaimer, I got all the information using publicly available data, and NO hack was conducted during the research of this article.