In recent months, I've had the opportunity to work with some individuals involved in the creation of the digital election system in Brazil. The system has been under development for over 15 years. These are extremely serious companies and individuals who are experts in cryptography, cybersecurity, hardware security, and, above all, the logistical process to make it happen on the scale of Brazil. All companies involved in the creation and production of the technology possess the most relevant international certifications in their fields.
Among all the problems our country faces the digital election is not one of them. In reality, it is a profound source of pride that something so complex is developed by Brazilians, bringing together the public and private sectors in an integrated and productive manner.
As a Software Engineer with decades of experience working with PKI/cryptography/infosec, I believe that online voting is a fundamentally bad idea. It stems from a fundamental misunderstanding of the requirements of an election.
The requirement is not "accurately count the votes". It is: "Allow people to vote, and have their votes counted, in a demonstrably fair way, so that an average person can have high confidence the outcome is fair, given the adversarial nature of the system and varying levels of education / honesty among all present".
A election only means something because of the consent of a large number of average people to abdicate their freedom to someone else based on what they feel was a fair process.
In Ireland, observers from multiple parties observe the votes as they are counted and publish their own numbers realtime (see tallymen).
In this context it's very hard to argue the vote was rigged...
> I believe that online voting is a fundamentally bad idea
I (I worked in the Brazilian electronic voting system in 2002) agree. That's why the voting machines can't connect to the internet and voting is completely offline (totalization is entirely based on signed files in flash cards transferred via sneakernet under strict chain-of-custody protocols).
Another aspect of the election that's very important in Brazil is secrecy of the vote - to the point that, if a voting machine records only votes to a single candidate (effectively disclosing the option of all its voters) it's either discarded or merged with another machine in the same polling place.
> As a Software Engineer with decades of experience working with PKI/cryptography/infosec, I believe that online voting is a fundamentally bad idea. It stems from a fundamental misunderstanding of the requirements of an election.
Voting machines in Brazil are not online, there are no plans for online voting as far as I know.
> A election only means something because of the consent of a large number of average people to abdicate their freedom to someone else based on what they feel was a fair process.
Even though paper voting is not perfect and has its own issues it offers several distinct advantages over electronic voting (whether online or offline):
(1) Paper voting and counting is inherently manual process. Therefore, election fraud (ballot tempering, stuffing, etc) is also manual and is hard to scale up.
(2) Because paper ballot fraud at scale involves many people it is harder to hide and easier to uncover and prove.
(3) Because of its simplicity, election observers can go deeper in the paper counting process and in some cases (e.g. Ireland) participate in counting and publish their own numbers providing additional independent confirmation.
(4) Chain of custody of physical objects (paper ballots) is easier to understand for an average people and easier to track for an average election observer.
(5) The last and the most important -- it is easier to audit and explain to skeptical and bitter supporters of the loosing party that it was a fair fight and their loss is legitimate. Without this last point everything else is meaningless no matter how objectively better it is.
I'm not sure your argument makes any sense.... So you're saying it's not about the absolute mathematical results of the poll, but more about the feelings of the general population?
Just because those companies have certifications it doesn’t mean they can’t make a mistake.
In addition to that, the source code is closed and not generally auditable by third parties.
I was a student under Diego Aranha (a cryptography researcher from Brazil, now based in Denmark) many years ago when he got the chance to participate in the public test/audit of the voting system software.
At the time they did find issues with the code that would allow you to de-anonimize the votes cast in a voting machine [1].
EDIT: If anyone wants to take a look at the vulnerabilities found at the time, check the paper [2]. In fairness the paper is from 2013, so a lot may have changed.
> In addition to that, the source code is closed and not generally auditable by third parties.
That's not correct. While you can't get it from GitHub, there is a process to audit it and any Brazilian citizen (or resident, I'm not sure) over 21 can request and be part of it. The process extends for many months starting the year prior to the election. Input from the multiple audits and tests are valuable in guiding the evolution of the software and hardware.
The vast majority of computer professionals I have discussed this topic with are very clear: there will never, ever be a safe way to digitise elections. Your engineers may be proud of valiant efforts, but all computer systems are hackable in principle despite the best intentions of everyone involved. This problem is manageable even for big, important stuff like banks, because there are ways of resolving things when the systems inevitably get hacked from time to time. But elections are just too big and too important (not to mention highly targetable) to introduce layers of technical complexity in which there may lurk vulnerabilities.
And, perhaps more importantly, digitisation makes the system impossible for regular folks to properly understand and trust. People can understand ink and paper ballots: you gather them in boxes and you count them. If the result is very close, you count them again (more carefully and with more eyes on it). Until everyone is agreed on who won. That clarity is very important so people can accept the result. Lots of human eyes on every step of the process. People are rightly suspicious of results from systems that include some black box of technical complexity that 99% of people can’t begin to understand.
When electronic voting was introduced in my country - Bulgaria, immediately the results were quite different than previous elections - with as much as 10% diff.
It was largely attributed to the fact that incumbents did not know how to “hack” this new system (yet?) but were pretty adept at cost effectively manipulating paper ballots.
For example they would infiltrate remote areas with little to no observers and stuff the ballot boxes.
Once the new electronic voting system was introduced, suddenly they didn’t know what to do, so the votes ended up more representative, e.g. much closer to projected numbers than before.
Now the system is “electronic counting + paper ballot” So you still go to a voting place, there are still independent/multi party observers, there are still paper ballots available for recount, but you have cryptography on top of it to prevent traditional tempering.
The majority people everywhere is very clear: there will never, ever be a safe way to make elections with paper.
It’s funny how all of sudden the forward thinking, all-digital tech community turn itself in old school conservative when discussing digital elections without even considering the bigger issues with alternatives.
Electronic voting is a good idea here because it raises the "barrier to commit fraud".
Basically, back when we ran our elections on paper, there was a lot of fraud as it's pretty easy to pull off fraud schemes.
With electronic voting, the system is so complex that almost no one can pull off a fraud scheme with two major expectations: voter intimidation and voter impersonation.
Although even that last one is getting tougher as we now scan peoples' fingerprints. The poll worker can manually override the system but this will be recorded and they will be in hot waters of they override too much.
Yes, in theory non-electronic elections are more secure, but in practice it's more complicated as we are dealing with a country with a horrible history at implementing rule of law and we have a significant amount of local authoritarian leaders (e.g. drug lords) that would definitely make it near impossible to run paper elections fairly.
If Bolsonaro wasn't interested in rigging the elections, but rather to cast doubt on the result (as suggested in https://www.securityweek.com/brazilian-hacker-claims-bolsona...), then he might have (unintentionally) done a good service by trying to persuade a hacker to poke holes in this implementation of this "insane idea".
I suppose the goal of your message was to assert the security of the country's voting system.
I think it's naive to think that any digital system is secure. What we try to do is to make hacking not worthwhile by raising the difficulty level.
But when it comes to an entire country, especially the size and regional relevance of Brazil, the stakes are so high that it becomes too attractive to not hack.
I wouldn't be worried about Bolsonaro or Lula hacking it. I'd be worried about the US, China, Russia, Israel, North Korea. They all possess the ability to hack Brazilian elections. From distance, they don't even have to go there. And they all have a history of systematically interfering in other countries' internal matters.
secure x secure enough x better than before due to sheer scale needed
for instance it's in our constitution that after the identification that someone can vote, the vote MUST be anonymous. even on the paper time. unlike votes by mail where you have identification (we simply can't have here, for instance)
I'm skeptical on many things, but what you said is much harder to happen than just buying votes on poor neighbourhoods or influencing local militias on our second biggest city.
This is less far off from reality specially for legislative positions.
> They all possess the ability to hack Brazilian elections.
It's much easier to attack a democracy through disinfo campaigns and sponsoring coups. It was like that in the ousting of Dilma in 2016 (yesterday yet another court of law ruled she didn't commit an impeachable offense). Far-right ultra-nationalist propaganda has been used - with enormous success, I must add - to destabilize both countries like Brazil up to the whole EU (Brexit, anyone?).
In Brazil we are amidst a scandal that points to the president himself ordered higher highway patrol enforcement specifically in regions where the opposition candidate was expected to win more votes, in an attempt to limit participation in those specific demographics.
> What we try to do is to make hacking not worthwhile by raising the difficulty level.
I worked in the 2002 election (for Unisys, who made a lot of the voting machines) and the machine itself, its software, and all the handling protocols around it are designed to make hacking it a very high-effort/low-return affair. As I mentioned before, there are many ways to push an election they way of a candidate, but, in Brazil at least, none of those pass through the voting system.
> He said he told the leader he could not hack into the electronic voting system because it wasn’t connected to the internet.
The lack of remote access is a major obstacle. But surely, Bolosonaro must have meant to apply a more creative "out of the box" solutions than "hack it HARDER, God damn it! Use sudo, or something". ;-)
Like: hack the company building the electronic voting system. Surely, they are connected to the Internets?!
> [Delgatti] said that after he explained why he could not hack into the electoral system, the Bolsonaro campaign asked him to tamper with a borrowed voting machine to make it appear, less than a month before the election’s first round, that the machine had been successfully hacked and results could be compromised. The fraudulent hack was to be shared with news media, Delgatti said, but it was canceled.
So: the plan was not to rig the elections, but to shed FUD on result (in case Bolsonaro lost).
Wow, lots of comments discrediting digital election.
Brazilian authorities run open testing from time to time and fixes (tangencial so far) vulnerabilities. So far, there were zero proof that any hacking or flaw in our voting system. This only became an “issue” because discredit the election became part of Bolsonaro’s coup attempt. (Which is, btw, the authoritarian wannabe playbook.)
Anyway, you should witness the mess it was before, when votes were in paper and counting by hand. Frauds was widespread. I mean, look and the US election system… it’s a kind of meme in Brazil due to how rudimentary and prone to fraud.
The testing is not open. Selected groups are invited, and it runs for a given length of time. To the point that obviously only so many flaws can be found, as the test environment is not realistic.
There are plenty of examples of flaws in the voting system. Most of them have been corrected, but not all.
Yes, fraud is widespread with paper voting. But it does not scale. One single flaw in an electronic voting system could scale to every single voting machine, thus impacting even presidential elections.
They're rampant all over the internet. It costs a multi-billionaire Russian oligarch $12k/year to pay one of these "trolls" and they produce thousands of comments per day, everywhere!
I would argue that an election system in which fraud is easy but obvious for everyone when present is more robust than a system in which fraud is hard but impossible for anyone to see.
Anything involving people can only be done safely if people can be trusted. While in Australia there is such trust in the local people involved, in Brazil that's just not the same story.
There's a lot of discussion about whether electronic voting _can_ be done reliably and safely, but I think the psychological factor is also very important here.
An election shouldn't only be objectively trustworthy, it should _feel_ trustworthy. And all the cryptographic fundaments in the world simply don't provide the same certainty that your vote has been received anonymously, will be counted, and can be emited only once as introducing a sealed envelope in a transparent box while a person strikes your name from a list of voters.
The counting process is supervised by representatives of all parties with competing interests, and if you're still not sure, you can observe it yourself here since it's open to the public.
I simply don't understand the need to replace this process with an electronic one, which _at best_ provides the same guarantees, but in a way that is not immediately evident to the voters.
Calling this guy a hacker is a joke... as is this whole story. He is a scammer who got famous for accessing phone numbers of authorities using tricks he learned while scamming bank clients.
Maybe it's my underlying German-ness but I don't understand why people would want an electronic voting system. Being confronted with the gazillions of possible failures in hardware and software, the idea seems at least risky to me. And for what gain? Can't we simply think of election day as something to celebrate democracy by putting a mark on a physical piece of paper? Call me old-fashioned, but I really enjoy visiting the election office.
Politically, I could perfectly imagine the German right to far-right to create an atmosphere of fear, uncertainty and doubt to bring faked results into action. Sure, you can do that on paper as well but I think it's way harder to cover up than "something digital".
I remember an example of some arcane software that was used "internally" by some local German office to just sum up the votes and generate some kind of result sheet for the local area.
It turned out, although it was air-gapped, it was susceptible to an attack against its update mechanism. Some white-hats showed it was possible to inject malicious code and change the results.
You never know. That's the essence of the problem.
In short, I think most Brazilians trust technology more than they trust their fellow Brazilians.
We have a long history of lack of rule of law and of local authorities getting away with some pretty despicable shit. So, the less they can interfere with elections, the better off we are.
And pulling off a major fraud scheme with our voting machines is petty damn difficult as their software is loaded and sealed months before the election and all political parties can send representatives to observe the processes and to reqd the source code.
I do however wish that the source code were fully open for anyone to read. But I'm afraid of how much this transparency will be abused by disinformation campaigns.
Funny that Bolsonaro did the exact same thing with his claims about the voting process, but this was not the reaction from his minions. Suddenly you had people that can't do basic math claiming they know the election system is rigged because his leader said so.
So many corrupt hypocrites in this world.
It's sad to see how history repeats itself even in such a short time span. It's almost a carbon copy of Trump's election steal attempt.
You're not wrong. Although we can agree that this _sounds true_ because of who Bolsonaro has demonstrated he is, it doesn't mean that it's true until we see some evidence.
Indeed, mostly smoke so far. But there might be some leads, like:
> Delgatti said he met with Ministry of Defense technical experts to discuss the electronic voting system on five occasions. The first time, he said, was right after meeting with Bolsonaro, when he was driven from the presidential residence to the Ministry of Defense, entering through the back entrance.
MoD should be able to confirm or deny that the meeting took place. Possibly, from there evidence of wrong doing might surface. But then again, it might not.
Readit News
Among all the problems our country faces the digital election is not one of them. In reality, it is a profound source of pride that something so complex is developed by Brazilians, bringing together the public and private sectors in an integrated and productive manner.
The requirement is not "accurately count the votes". It is: "Allow people to vote, and have their votes counted, in a demonstrably fair way, so that an average person can have high confidence the outcome is fair, given the adversarial nature of the system and varying levels of education / honesty among all present".
A election only means something because of the consent of a large number of average people to abdicate their freedom to someone else based on what they feel was a fair process.
In Ireland, observers from multiple parties observe the votes as they are counted and publish their own numbers realtime (see tallymen).
In this context it's very hard to argue the vote was rigged...
I (I worked in the Brazilian electronic voting system in 2002) agree. That's why the voting machines can't connect to the internet and voting is completely offline (totalization is entirely based on signed files in flash cards transferred via sneakernet under strict chain-of-custody protocols).
Another aspect of the election that's very important in Brazil is secrecy of the vote - to the point that, if a voting machine records only votes to a single candidate (effectively disclosing the option of all its voters) it's either discarded or merged with another machine in the same polling place.
Same used to be the case in Brazil. In fact, the people counting the votes were members of the public, chosen prior to the elections.
I know quite a few who have been in vote countings. The stories they tell are not very reassuring.
Electronic voting was and is a major source of democratic stability in Brazil.
Edit: to those downvoting (fair game, it's your vote to cast!), care to explain your reasons?
Voting machines in Brazil are not online, there are no plans for online voting as far as I know.
Even though paper voting is not perfect and has its own issues it offers several distinct advantages over electronic voting (whether online or offline):
(1) Paper voting and counting is inherently manual process. Therefore, election fraud (ballot tempering, stuffing, etc) is also manual and is hard to scale up.
(2) Because paper ballot fraud at scale involves many people it is harder to hide and easier to uncover and prove.
(3) Because of its simplicity, election observers can go deeper in the paper counting process and in some cases (e.g. Ireland) participate in counting and publish their own numbers providing additional independent confirmation.
(4) Chain of custody of physical objects (paper ballots) is easier to understand for an average people and easier to track for an average election observer.
(5) The last and the most important -- it is easier to audit and explain to skeptical and bitter supporters of the loosing party that it was a fair fight and their loss is legitimate. Without this last point everything else is meaningless no matter how objectively better it is.
People invalidating valid paper votes on 80s were a thing, impossible to prove, unlike the auditing we have today.
It's not online also, it's offline with uploaded encrypted data through encrypted channels.
In addition to that, the source code is closed and not generally auditable by third parties.
I was a student under Diego Aranha (a cryptography researcher from Brazil, now based in Denmark) many years ago when he got the chance to participate in the public test/audit of the voting system software.
At the time they did find issues with the code that would allow you to de-anonimize the votes cast in a voting machine [1].
EDIT: If anyone wants to take a look at the vulnerabilities found at the time, check the paper [2]. In fairness the paper is from 2013, so a lot may have changed.
[1] In portuguese https://thehack.com.br/o-dia-que-o-tse-revelou-o-codigo-da-u... [2] https://www.researchgate.net/publication/313421477_Vulnerabi...
That's not correct. While you can't get it from GitHub, there is a process to audit it and any Brazilian citizen (or resident, I'm not sure) over 21 can request and be part of it. The process extends for many months starting the year prior to the election. Input from the multiple audits and tests are valuable in guiding the evolution of the software and hardware.
In Portuguese: https://www.tse.jus.br/internet/temporarios/urna-seguranca/o...
And, perhaps more importantly, digitisation makes the system impossible for regular folks to properly understand and trust. People can understand ink and paper ballots: you gather them in boxes and you count them. If the result is very close, you count them again (more carefully and with more eyes on it). Until everyone is agreed on who won. That clarity is very important so people can accept the result. Lots of human eyes on every step of the process. People are rightly suspicious of results from systems that include some black box of technical complexity that 99% of people can’t begin to understand.
It was largely attributed to the fact that incumbents did not know how to “hack” this new system (yet?) but were pretty adept at cost effectively manipulating paper ballots.
For example they would infiltrate remote areas with little to no observers and stuff the ballot boxes.
Once the new electronic voting system was introduced, suddenly they didn’t know what to do, so the votes ended up more representative, e.g. much closer to projected numbers than before.
Now the system is “electronic counting + paper ballot” So you still go to a voting place, there are still independent/multi party observers, there are still paper ballots available for recount, but you have cryptography on top of it to prevent traditional tempering.
It’s funny how all of sudden the forward thinking, all-digital tech community turn itself in old school conservative when discussing digital elections without even considering the bigger issues with alternatives.
• Why Electronic Voting is a BAD Idea <https://www.youtube.com/watch?v=w3_0x6oaDmI>
• Why Electronic Voting Is Still A Bad Idea <https://www.youtube.com/watch?v=LkH2r-sNjQs>
Electronic voting is a good idea here because it raises the "barrier to commit fraud".
Basically, back when we ran our elections on paper, there was a lot of fraud as it's pretty easy to pull off fraud schemes.
With electronic voting, the system is so complex that almost no one can pull off a fraud scheme with two major expectations: voter intimidation and voter impersonation.
Although even that last one is getting tougher as we now scan peoples' fingerprints. The poll worker can manually override the system but this will be recorded and they will be in hot waters of they override too much.
Yes, in theory non-electronic elections are more secure, but in practice it's more complicated as we are dealing with a country with a horrible history at implementing rule of law and we have a significant amount of local authoritarian leaders (e.g. drug lords) that would definitely make it near impossible to run paper elections fairly.
I think it's naive to think that any digital system is secure. What we try to do is to make hacking not worthwhile by raising the difficulty level.
But when it comes to an entire country, especially the size and regional relevance of Brazil, the stakes are so high that it becomes too attractive to not hack.
I wouldn't be worried about Bolsonaro or Lula hacking it. I'd be worried about the US, China, Russia, Israel, North Korea. They all possess the ability to hack Brazilian elections. From distance, they don't even have to go there. And they all have a history of systematically interfering in other countries' internal matters.
for instance it's in our constitution that after the identification that someone can vote, the vote MUST be anonymous. even on the paper time. unlike votes by mail where you have identification (we simply can't have here, for instance)
I'm skeptical on many things, but what you said is much harder to happen than just buying votes on poor neighbourhoods or influencing local militias on our second biggest city.
This is less far off from reality specially for legislative positions.
Can you explain how you expect those countries to be able to achieve that, and why the experts in Brazil would be unable to counter those mechanisms?
It's much easier to attack a democracy through disinfo campaigns and sponsoring coups. It was like that in the ousting of Dilma in 2016 (yesterday yet another court of law ruled she didn't commit an impeachable offense). Far-right ultra-nationalist propaganda has been used - with enormous success, I must add - to destabilize both countries like Brazil up to the whole EU (Brexit, anyone?).
In Brazil we are amidst a scandal that points to the president himself ordered higher highway patrol enforcement specifically in regions where the opposition candidate was expected to win more votes, in an attempt to limit participation in those specific demographics.
> What we try to do is to make hacking not worthwhile by raising the difficulty level.
I worked in the 2002 election (for Unisys, who made a lot of the voting machines) and the machine itself, its software, and all the handling protocols around it are designed to make hacking it a very high-effort/low-return affair. As I mentioned before, there are many ways to push an election they way of a candidate, but, in Brazil at least, none of those pass through the voting system.
Such as?
The lack of remote access is a major obstacle. But surely, Bolosonaro must have meant to apply a more creative "out of the box" solutions than "hack it HARDER, God damn it! Use sudo, or something". ;-)
Like: hack the company building the electronic voting system. Surely, they are connected to the Internets?!
> According to Delgatti, Bolsonaro wanted to him to "expose the fragility" of the voting machines [...].
And: https://www.securityweek.com/brazilian-hacker-claims-bolsona...
> [Delgatti] said that after he explained why he could not hack into the electoral system, the Bolsonaro campaign asked him to tamper with a borrowed voting machine to make it appear, less than a month before the election’s first round, that the machine had been successfully hacked and results could be compromised. The fraudulent hack was to be shared with news media, Delgatti said, but it was canceled.
So: the plan was not to rig the elections, but to shed FUD on result (in case Bolsonaro lost).
Or the known-but-hidden connections to certain types of associates.
Or using the federal highway police to stop lot's of buses for "safety inspection" on the election day on a state that voted for the adversary.
:)
Brazilian authorities run open testing from time to time and fixes (tangencial so far) vulnerabilities. So far, there were zero proof that any hacking or flaw in our voting system. This only became an “issue” because discredit the election became part of Bolsonaro’s coup attempt. (Which is, btw, the authoritarian wannabe playbook.)
Anyway, you should witness the mess it was before, when votes were in paper and counting by hand. Frauds was widespread. I mean, look and the US election system… it’s a kind of meme in Brazil due to how rudimentary and prone to fraud.
There are plenty of examples of flaws in the voting system. Most of them have been corrected, but not all.
Yes, fraud is widespread with paper voting. But it does not scale. One single flaw in an electronic voting system could scale to every single voting machine, thus impacting even presidential elections.
They're rampant all over the internet. It costs a multi-billionaire Russian oligarch $12k/year to pay one of these "trolls" and they produce thousands of comments per day, everywhere!
It's cheap and long-lasting propaganda!
It can be done, safely and efficiently.
An election shouldn't only be objectively trustworthy, it should _feel_ trustworthy. And all the cryptographic fundaments in the world simply don't provide the same certainty that your vote has been received anonymously, will be counted, and can be emited only once as introducing a sealed envelope in a transparent box while a person strikes your name from a list of voters.
The counting process is supervised by representatives of all parties with competing interests, and if you're still not sure, you can observe it yourself here since it's open to the public.
I simply don't understand the need to replace this process with an electronic one, which _at best_ provides the same guarantees, but in a way that is not immediately evident to the voters.
They will need to do something different, like either gaining public momentum like what's happening right now, or trying something much more dramatic.
Or making the system rotten in a span of time that is measured in decades, not in days/months.
Wdyt?
And we need to go to a voting place to cast the votes - it's electronic, but not online.
It turned out, although it was air-gapped, it was susceptible to an attack against its update mechanism. Some white-hats showed it was possible to inject malicious code and change the results.
You never know. That's the essence of the problem.
We have a long history of lack of rule of law and of local authorities getting away with some pretty despicable shit. So, the less they can interfere with elections, the better off we are.
And pulling off a major fraud scheme with our voting machines is petty damn difficult as their software is loaded and sealed months before the election and all political parties can send representatives to observe the processes and to reqd the source code.
I do however wish that the source code were fully open for anyone to read. But I'm afraid of how much this transparency will be abused by disinformation campaigns.
All said then.
Maybe he has something to prove his claim, and he doesn’t want to reveal it still?
Otherwise yes, it’s a weird claim, also because people like “hackers” usually keeps the documentation of everything inside these conversations.
So many corrupt hypocrites in this world.
It's sad to see how history repeats itself even in such a short time span. It's almost a carbon copy of Trump's election steal attempt.
He went as far as saying in an interview he'd hire a white-hat hacker to prove the election can be easily rigged via the voting system.
And you'll get down voted for pointing out the obvious.
> Delgatti said he met with Ministry of Defense technical experts to discuss the electronic voting system on five occasions. The first time, he said, was right after meeting with Bolsonaro, when he was driven from the presidential residence to the Ministry of Defense, entering through the back entrance.
https://www.securityweek.com/brazilian-hacker-claims-bolsona...
MoD should be able to confirm or deny that the meeting took place. Possibly, from there evidence of wrong doing might surface. But then again, it might not.