Blogged by John Gideon and Brad Friedman

The results of California Secretary of State Debra Bowen's "top-to-bottom review" of electronic voting systems previously approved for use by her predecessor is still underway. But before any of the findings from her teams of security specialists, software analysts and voting systems experts have been made public, the unprecedented analysis has already revealed a disturbing anomaly which may have far-reaching implications for both state and federal voting systems laws across the country.

As The BRAD BLOG reported exclusively almost three weeks ago --- precisely zero media outlets bothered to file their own reports on this matter until last weekend --- all voting machine vendors certified in California had submitted their source code to Bowen for the review, except for ES&S, America's largest voting machine company.

After their refusal to submit the code as required for the test, Bowen demanded the source code used for the InkaVote Plus voting systems marketed by ES&S, and used exclusively in Los Angeles, be released to the state by the escrow firm which had been holding it as per state law.

Following Bowen's demand to the escrow company, Iron Mountain Intellectual Property Management, ES&S reluctantly agreed to give their own version of the source code to the state.

Oddly enough at the time, the voting machine company, in an arrogant letter to Bowen (posted here in full by The BRAD BLOG), demanded that she withdraw her request to receive the version of the source code already stored in escrow at Iron Mountain. The letter succeeded in keeping our already-raised eyebrows at full perk, as the demand that Bowen not review the code in escrow, but rather look only at the one ES&S was sending, raised several troubling questions. Among them, we wondered at the time if perhaps the version stored in escrow was not the version actually used on the county's voting systems during last year's election. If so, there could be enormous ramifications for the company, and for the idea of escrowed source code for voting systems in general.

Over the weekend, an article in the Los Angeles Daily News, the first organization to jump into this matter following our series of reports, filed a story on the matter which began to validate our suspicions. The paper reported that due to the late submission, the InkaVote Plus system would not be included in Bowen's "top-to-bottom review", presenting questions about which voting system would be allowed for use in 2008, in the country's most populous county. LA County is larger than many states in America.

It's as yet unclear whether Bowen will completely decertify the InkaVote Plus system for use, or whether she will take other steps.

Perhaps more disturbingly, however, the Daily News report includes comments from CA's Deputy SoS for Voting Systems, Lowell Finley, indicating that our concerns about differences in the submitted and escrowed source code may have been precisely on target.

We contacted Bowen's office for more details, and they shared with us the letter sent from Finley back to ES&S in response to the company's curious demands. The letter is posted in full at the end of this article. And if the issue Finley raises is indeed true, there may be a whole lotta trouble ahead...

Guest Blogged by John Gideon of VotersUnite.Org

As The BRAD BLOG reported yesterday, voting machine company ES&S has finally relented and agreed to join all of the other companies operating in the state by cooperating with the Secretary of State Debra Bowen's "Top-to-Bottom Review" of all electronic voting systems previously certified by her predecessor Bruce McPherson. After previously refusing to supply the state with source code for the company's InkaVote Plus system used exclusively in Los Angeles County, Bowen had demanded the release of the source code from escrow where it was stored by state law, as we also reported previously.

But has ES&S really relented? Or is something else up?

We asked yesterday why ES&S decided to send their source code, instead of allowing Bowen to pull it from the escrow facility at Iron Mountain, as she had previously demanded. And now, based on a letter from the company which The BRAD BLOG was able to obtain from one of our sources, as sent to Bowen's office when they agreed to supply the source code Monday, the smell of something fishy continues to permeate. The complete ES&S letter is posted in full at the bottom of this article.

On Monday, June 25, ES&S sent the letter to Lowell Finley, California's Deputy Sec. of State in charge of Voting Systems Technology and Policy, agreeing to supply the source code for InkaVote Plus is an amazing example of the company's arrogance even as it continues to beg a myriad of unanswered questions.

ES&S opens the letter repeating their desire for changes to the previously agreed upon Non-Disclosure Agreement (NDA) they have with the state. AS well, they believe the cost of Bowen's "top-to-bottom review" is too high, and they have concerns with some of the researchers who are doing the review. Nonetheless, they agree to cooperate.

Yet, after informing Finley that they intend to finally send the required source code, they instruct him that they expect him to send a letter to Iron Mountain Intellectual Property Management Inc. to release the firm from the state's request for the escrowed source code. Now why would they need to do that?

"As ES&S is providing the InkaVote Plus voting system source code directly to your office, ES&S requests that you send a letter to Iron Mountain retracting your request for the InkaVote Plus voting system source code," writes ES&S' Steven M. Pearson in the letter.

"This will provide the required notification to Iron Mountain that you are no longer in need of the requested source code and allow Iron Mountain to close your request. In addition, this will avoid ES&S from having to issue contrary instructions to Iron Mountain to prohibit the release of the InkaVote Plus voting system source code."

So what the heck is that all about?...

Guest Blogged by John Gideon of VotersUnite.Org

The BRAD BLOG has learned this evening that source code and a check were sent to the state of California by ES&S. Readers may recall that as of last Thursday ES&S had not complied with Sec. of State Debra Bowen's demand for a copy of the source code used exclusively in Los Angeles County.

According to a Secretary of State spokesperson, they received a copy of the source code and a check to cover the expense for the state's "top-to-bottom" review. ES&S finally relented, and sent the code only after Bowen had demanded it be released from escrow as per state law.

Questions still remain and your intrepid correspondent will be following-up with the state.

Why did the code come from ES&S and not from Iron Mountain, Inc., the escrow agent? Is there something in the escrowed code that ES&S does not wish the state to see? How does the state know that the code they got from ES&S is the same code used to build the software running on the machines used in LA County?

Sarasota's Herald-Tribune highlights why it's imperative to get election results right on Election Night...

The Congressional challenge is due to problems with touch-screen DRE voting systems in the district which resulted in 18,000 lost votes, in a race certified as having been "won" by the Republican Vern Buchanan over the Democrat Christine Jennings by a 369 vote margin. Even the machine vendor (ES&S)'s own expert in court admitted that Jennings would have most likely won were it not for problems with their touch-screen DRE voting machines during the race.

A recent study of DRE voting systems found that two-thirds of voters didn't bother to check their review screens at the end of the voting process on such systems, and that even if they check them, they do not notice votes that have been flipped by the system. The study concludes that paper trail records, printed out after the review screen on DREs, would similarly not be noticed or checked for accuracy. Those findings confirm earlier results from an MIT/Caltech study which looked at similar issues.

The embarrassments caused by the District 13 race in Florida helped lead the Republican-controlled House and Senate in Florida to finally legislate a ban on DRE touch-screen voting machines altogether.

Supporters of Rush Holt's HR811 Election Reform bill in the U.S. House, however, have said that it's impossible to get a similar ban in the Democratically-controlled House and Senate, so they've refused to add such a ban to their sweeping bill. Those who have made the claim that a DRE ban could never win passage in the Democratically-controlled House and Senate have yet to offer any evidence for that claim, or even offer a single name of a supporter of the bill who would vote against it if it included such a ban.

The bill currently has 216 co-sponsors, although ComputerWorld today confirmed our report from earlier this week that Presidential Candidate Dennis Kucinich (D-OH) plans to withdraw his co-sponsorship of the bill.

The FL-13 election, meanwhile, was held back in November of 2006. The earliest timetable detailed in the Herald-Trib article, quoted above, would result in a decision on the matter by October of 2007. The Republican Vern Buchanan, who most likely lost the race by nearly everyone's (but his and Sean Hannity's) estimation, continues to vote with the GOP caucus in the House while the Democratic candidate, whom Sarasota voters had tried to send to the U.S. House, bides her time in Florida.

A number of mainstream news outlets (for a pleasant change) followed up on our report yesterday (full version here, quick summary here) on the SQL Slammer Worm virus which hit Sarasota County's database network on the first day of Early Voting last year, wreaking havoc which disallowed voting for two hours in the now-contest FL-13 U.S. House election between Christine Jennings (D) and Vern Buchanan (R). No telling what got into the MSM'ers, but perhaps it's because we ran the story at Computerworld first instead of here at the "dreaded" and "unreliable" blog.

Either way, of the several outlets we found who picked up the story (with more on the way, we're told, and local TV news coverage which we haven't been able to find online), the Brandenton Herald's coverage led the pack in advancing the story which they said "caused a stir Wednesday".

Their report includes a quote from Jennings --- who was named the loser in the race by just 369 votes, despite 18,000 reported undervotes on the county's ES&S iVotronic touch-screen voting machines --- saying "I read the story on the Internet and I was surprised...I need to know more about it. It does bring up some security issues that I think need to be looked at."

Her campaign spokesperson, David Kochman adds, "It makes you wonder what else is there that they haven't done to take care of the machines and protect them."

But Kochman does help answer one very important question we asked in our piece yesterday, about whether or not the county had notified the plaintiff's attorneys about this incident via the discovery process...

Some guy named Brad Friedman has a breaking exclusive over at ComputerWorld on the contested FL-13 election between Christine Jennings (D) and Vern Buchanan (R).

As Friedman's brilliant reportage reveals, previously unreleased documents show that Sarasota County's database network was hit by a viral worm attack on the first day of Early Voting last year. The attack, by a variant of the SQL Slammer Worm, wrought havoc on the system, bringing it to its knees for about two hours on that first afternoon of voting, leaving voters at precincts unable to cast their votes.

Details about further damage which may have occurred during, or in the wake of, the successful hack remain unclear. Whether or not the ES&S iVotronic touch-screen voting machines --- which failed to record the selections of some 18,000 voters in the election decided by just 369 votes --- or the central tabulator used in that FL-13 race were directly affected is unknown for certain. The security specialist who filed the incident report, interviewed by Friedman, acknowledges that "it's a possibility," though he believes the damage was contained and didn't spread to the Elections Supervisor's network infrastructure.

Also unclear is whether or not the viral attack and the report which documented it were disclosed in the discovery process to the plaintiff's attorneys who are challenging the election in state court and in the U.S. House. It doesn't seem so.

See more in Friedman's compelling exclusive over there, which includes a PDF of the previously undisclosed incident report describing what happened as the worm slammed an unprotected county server (which had been five years behind in security patch updates), spread throughout the system, breached the firewall, rewrote administrative passwords, and brought voting to a halt in Sarasota on October 23, 2006, the first day of Early Voting. An interestingly timed attack to say the least.

As CW only links to a PDF version of the two-page incident report, we'll be kind enough to include a graphic version of both pages below.

The previously undisclosed two-page incident report, as filed by the Sarasota County network security team, housed in the county's Suncoast Technology Center, follows in full...

Doing twelve things at once today, so no time for analysis at this point. I'll just run CA Sec. of State Debra Bowen's just released statement on her promised, unprecedented, first-of-its-kind in the nation, "top to bottom review" of all of California's electronic voting systems.

The review will include "red team" hack testing for the first time ever. Done as standard operating procedure for similar security-sensitive, mission-critical commercial systems, this sort of penetration testing has never been performed on America's voting systems. Until now.

The one page summary [PDF] of the plan states:

• [University of California] will provide specialists from its campuses, as well as experts from public and private universities and private sector companies throughout the United States to create three teams of experts to conduct the reviews.
• Each system will undergo a thorough document and source code review, red team penetration testing, and a review to determine whether it’s accessible to all voters.
• The review teams will provide an independent technical evaluation of the voting systems that the Secretary of State will use to carry out her statutory duty with respect to voting systems in determining whether the systems comply with current state and federal law.

There are links within her statement below where you can find more details. For example, the State's review teams will include folks such as computer security expert "hacking" Harri Hursti, and blind technology expert Noel Runyan, who has been highly critical of unverifiable touch-screen DRE voting systems.

More on all of this, perhaps, later after I've had time to review the materials myself. But for now, see the statement below for some killer quotes from Bowen...

A statement has been released by Rosemary Rodgriguez, the U.S. Election Assistance Commission (EAC)'s newest, Democratic appointee in reply to yesterday's statement by writer and researcher Tova Andrea Wang, a Democracy Fellow at the Century Foundation.

The statement comes in the wake of our report yesterday detailing Wang's statement calling on the EAC to lift the gag-order that's been placed on her, so that she might respond publicly to the controversy concerning the EAC's alteration and withholding of the bi-partisan report she submitted concerning baseless allegations of an epidemic of "Voter Fraud" in America --- despite longstanding GOP claims to the contrary.

Rodgriquez is calling on her fellow commissioners to lift the gag-order on Wang so she can speak to media and others about the matter. The EAC chairmanship comprises two Democrats and two Republicans, each appointed by the President.

Wang had previously Guest Blogged for BRAD BLOG in an article titled "Where's the Voter Fraud?", written to coincide with the release of the EAC's altered version of her original report. She was unable to speak directly to their report at the time, due to the EAC's extraordinary restrictions on her.

Yesterday, Wang's statement pointed out that the EAC had refused to even respond to requests from her legal counsel on the matter. The controversy is just the latest in the continuing erosion of EAC credibility, suggesting a remarkable inability to carry out their Help America Vote (HAVA) mandate to oversee the nation's electoral system.

This latest embarrassment adds to an ever-growing list which has drawn increased Congressional scrutiny of late. It also serves to reveal still more evidence of the panel's partisan nature, compromised sense of ethics, nearly complete lack of transparency, and utter incompetence.

And following-up on a related BRAD BLOG report revealing EAC failures, the commission has still failed to notify either public or elections officials of the newly confirmed "severe" vulnerability recently discovered in ES&S iVotronic touch-screen voting systems. The "security hole" would allow for a vote-flipping virus to be introduced into a voting machine by a single person which could then, in turn, flip an entire county-wide election undetectably. At least one note computer scientist has described the problem as "roughly comparable" to the Diebold Virus Hack revealed at Princeton last summer and first reported here. "Which is to say it needs to be taken very seriously," warned the scientist.

Our report on that matter, early last week, included Email statements from the EAC flatly refusing to notify any of the 16 states that currently use the voting systems which are said by the scientist to feature the "serious security problem." To date, no other media outlet has picked up that report.

EAC Vice-Chair Rodriguez's brief statement calling on the EAC to end their censorship of Wang is posted [PDF] on the EAC website, but follows here below in full...

A commenter over at DU asked which states used the ES&S iVotronic touch-screen voting system found vulnerable to an undetectable countywide vote-flipping virus which can be implanted by a single person, as we reported this morning.

Based on our quick review of a county-by-county database of voting systems, sorted by state, as made available by Common Cause (EXCEL spreadsheet downloadable here) just prior to the November 2006 elections, it looks like the answer is 16 states in total.

Since the EAC refuses, as our report detailed, to do their job in notifying Elections Officials about this incredibly serious vulnerability, it looks like it's up to you to notify your state's Secretary of State and/or county Election Officials! Details on the vulnerability and mitigating steps that may be taken are detailed in this brief report at VotersUnite.org as written by a computer scientist and voting system expert well familiar with the newly discovered flaw. Please refer your voting officials to both our original article, and that scientific report for more details at the following URLs:

• http://www.bradblog.com/?p=4396
• http://www.votersunite.o.../ES&SInsecurity.asp

The states which use the ES&S iVotronic affected (with firmware versions either 8 or 9, with or without a so-called "Voter Verified Paper Audit Trail") are as follows:

• Arkansas
• Florida
• Indiana
• Iowa
• Kansas
• Kentucky
• Missouri
• New jersey
• North Carolina
• Ohio
• Pennsylvania
• South Carolina
• Tennessee
• Texas
• West Virginia
• Wisconsin

If we've missed any, or any of the states above do not use the system in at least one county, please let us know and we'll amend the list.

The BRAD BLOG and You - Doing the EAC's job for them. But without the $15 million budget (or the incomprehensible incompetence).

By Michael Richardson and Brad Friedman

While revelations surrounding the mysterious 18,000 "undervotes" in the November 2006 U.S. House election between Christine Jennings and Vern Buchanan in Florida's 13th Congressional district continue to inform the nation about the dangers of electronic voting machines, new information has recently come to light exposing a shocking lack of responsible oversight by those entrusted with overseeing the certification of electronic voting systems at the federal level.

An investigation into what may have gone wrong in that election has revealed a serious security vulnerability on some, and possibly all, versions of the iVotronic touch-screen voting system widely used across the country. The iVotronic is a Direct Recording Electronic (DRE) touch-screen voting machine manufactured by Elections Systems & Software, Inc. (ES&S), the nation's largest distributor of such systems.

The vulnerability is said to allow for a single malicious user to introduce a virus into the system which "could potentially steal all the votes in that county, without being detected," according to a noted computer scientist and voting system expert who has reviewed the findings.

And yet, despite their federal mandate to serve as a "clearinghouse" to the nation for such information, a series of email exchanges between an Election Integrity advocate and officials at the U.S. Elections Assistance Commission (EAC) has revealed that the federal oversight body is refusing to notify states of the alarming security issue.

The recent email conversation shows that even in light of the EAC's review of the warning from the computer scientist who characterized the "security hole" as severe, needing to be "taken very seriously," and among the most serious ever discovered in a voting system, the EAC is unwilling to take action.

Recent reports by the Government Accountability Office (GAO) have taken the EAC to task for a failure to meet their legislated mandate for informing the public and elections officials about such matters. However, a review of the email communications to and from the EAC's Jeannie Layson shows that the federal body is steadfast in their refusal to take action to alert either elections officials or the public about the security risk recently discovered by a team of eight noted computer scientists.

The EAC's current Chairwoman, Executive Director, Director of Voting System Certification, and other top officials at both the National Association of State Election Directors (NASED), and even the GAO, were included in the series of email communications, The BRAD BLOG has learned.

The vulnerability was initially discovered by a panel of scientists convened by the State of Florida to study the possible causes for the FL-13 election debacle. The team's discovery revealed that a design issue in the widely used iVotronic system could allow for a viral attack, by a single individual, which could then spread unnoticed throughout the electronic election infrastructure of an entire county.

A similar vulnerability was found in DRE touch-screen system made by Diebold last Summer by a team of computer scientists at Princeton University.

Attempts to seek information about EAC plans to notify other states and local jurisdictions that use the same vulnerable voting systems as the ones in FL-13 have been met with an astounding refusal, troubling denial, buck-passing, and a lack of accountability by the federal commission of Presidential-appointees. The agency has also come under fire in recent weeks for a number of questionably partisan decisions and other failures to perform as mandated by the Help America Vote Act (HAVA) of 2002.

Of late, the EAC has been forced to respond to a great deal of controversy, on a number of different operational matters and policies, as revealed by a series of articles on this site and in mainstream outlets such as the New York Times and USA Today. Several of those matters have drawn Congressional notice, questioning of EAC officials, and letters of inquiry. Thus, this latest revelation is likely to add to the rising concern of Congress members as new federal legislation introduced by Rep. Rush Holt (D-NJ), currently facing mark-up by a Congressional committee, would permanently fund the now-embattled EAC. Funding for the agency was originally mandated by HAVA only through 2005.

The new ES&S iVotronic vulnerability first emerged on February 23, 2007, when the Florida Dept. of State released a report detailing their findings from the investigation into what happened in Sarasota's still-contested Jennings/Buchanan race. That election was ultimately decided by just 369 votes. The state's official findings included a report [PDF] conducted by an eight-member computer science and technology team under the auspices of Florida State University (FSU). The report sought, unsuccessfully, to determine the cause of the unexplained "undervotes" reported by the iVotronic touch-screen voting systems used in Sarasota's portion of the FL-13 race on Election Day and in early voting.

Although the reason thousands of votes turned up missing from those systems remained unknown, the study team did discover a serious security flaw in the iVotronic system that is used in Sarasota and many other jurisdictions across the country (and even the world, as France is set to use the same systems in their upcoming Presidential Election.)

Election integrity watchdog John Gideon, a frequent BRAD BLOG contributer and the Co-Director and Information Manager for VotersUnite.org, says that the security flaw may pertain to "every ES&S iVotronic voting machine used in the US and overseas." A total of eight separate versions of the system --- without and without so-called "voter verified paper audit trail" (VVPAT)" printers --- are currently approved as qualified at the federal level, he explained. Three of those are definitely affected and it is likely that the others are as well.

The details, the dangers, and the denials are all described below...

Guest Blogged By Michael Richardson

BOSTON - Diebold Election Systems, Inc., the controversial voting machine supplier, won't be supplying Massachusetts with its machines in 2008 and the company is not happy about it. So they are suing the state over the lost contract bid. But the solemn tone of Diebold's lawyer, William Weisberg, speaking in a hushed voice almost swallowed up by the stately, high-ceilinged courtroom of the Massachusetts Supreme Judicial Court this week, drew laughter from the jovial judge with a Cheshire cat grin and raised chuckles from the courtroom audience.

In a real upside-down, topsy-turvy presentation, Diebold was arguing on behalf of the state's taxpayers and kept talking about the "public interest" --- all while pitching to get its lucrative contract approved. In February, after a year-and-a half selection process, Secretary of State William Galvin picked rival company ES&S to supply the state with AutoMARK, accessible electronic voting equipment, as mandated by the Help America Vote Act.

As reported by the Boston Globe...

The hearing in the recently filed lawsuit was over Diebold's three emergency motions for a temporary injunction to stop delivery of the ES&S equipment, an expedited discovery order, and a confidentiality order. The judge later ruled, after the hearing, against all three motions although he allowed the lawsuit to proceed on a regular schedule.

While laughing, the judge wondered aloud about admissions made by Weisberg in the news paper that seemed to wholly contradict his failed court room strategy...

Over the weekend we reported on the newly unearthed "agreement" letter sent by voting machine company ES&S to Florida's chief of Voting System Certification, David Drury, dictating the company's demands for the narrow terms of testing for the source code and hardware of the touch-screen voting systems which failed so spectacularly in the state's 13th Congressional District election between Christine Jennings (D) and Vern Buchanan (R) last November.

In the still-contested election, an exceedingly high 18,000 "undervotes" were registered by the ES&S touch-screen DRE voting systems in Democratic-leaning Sarasota County only, in the race which was ultimately decided by 369 votes in favor of the Republican.

In our coverage, we asked a series of questions about the letter and whether the "independent" team of scientists convened by the state to review the source code had been apprised of ES&S's very strict litany of specific narrow conditions for testing (including their insistence that they be allowed to review, edit and/or comment on the final report before its release).

Yesterday, Alec Yasinsac, the "Lead Principal Investigator" of the scientific panel convened at Florida State University --- a noted Republican partisan --- released a response to some of questions [PDF] on behalf of the state-convened panel of scientists.

The bulk of that response follows, as well as a comment or two of our own in response...

The private voting machine company which manufactured the touch-screen hardware and software used during Sarasota, Florida's contested District 13 Congressional election between Christine Jennings (D) and Vern Buchanan (R) sent a letter in December of 2006 to David Drury, the chief of the state's Bureau of Voting Systems Certification, dictating the terms of the state-run audit convened to investigate the causes for massive undervote rate which seems to have tipped the election.

The extraordinary 3-page letter (posted in full at the end of this article) from Electronic Systems & Software, Inc. (ES&S) Vice President, Steven Pearson, is described as an "agreement" and instructs Drury on what may and may not be disclosed in the state's final audit report regarding the investigation.

The audit, for which ES&S was dictating terms to the state of Florida, was of their own voting systems used in the disputed race where 18,000 undervotes were discovered in the FL-13 election. The race was ultimately certified by the state with a 369 vote margin in favor of the Republican Buchanan, and is currently being contested in state court, and in Congress under the Federal Contested Elections Act.

"David, below are ES&S source code review guidelines for the conduction of any review of source code to be performed by the Department of State and any agent acting on your behalf as a result of the under vote investigation from the Sarasota County mid-term election. It is our desire the methodology and focus of the review be performed in a manner that incorporates the items described below," the agreement begins, before including a long, bullet-pointed and very narrow litany of specific dictates concerning what may and may not be done and/or discussed by the state-convened panel of investigators in their final report...

Blogged by John Gideon, VotersUnite.Org

The country's largest supplier of voting machines, ES&S, is at it again. BRAD BLOG readers will remember last year's extraordinary string of ES&S failures and meltdowns week after week during the primary elections and then general election across the country. Last year the excuse for late delivery of materials and other related failures in scores of states and counties was that everyone wanted materials all at the same time and ES&S was just too busy. So what's their excuse this time?

According to John Washburn's excellent blog Washburn's World, election officials in Clark and Taylor Counties in Wisconsin are still awaiting delivery of Personal Electronic Ballots (PEB), memory cards, and paper ballots, and they have an election in just 12 days; April 3...

Melinda Henneberger at Huffington Post runs a news item today concerning an August 2006 letter from the voting machine company ES&S to Florida Elections officials warning about a defect in the iVotronic touch-screen voting machine which succeeded in losing the votes of some 18,000 voters in the razor-thin election between Christine Jennings (D) and Vern Buchanan (R) in Florida's 13th U.S. House Congressional district. Buchanan was provisionally seated, pending a Congressional challenge and state lawsuit filed by Jennings, after he was declared the "winner" by 369 votes.

The Sarasota, FL, Election Supervisor, Kathy Dent, decided against both having their machines patched to take care of the defect and posting a warning notice for voters as advised by ES&S. "No one in the State of Florida updated," their machines after receiving the letter, Dent told Henneberger. "That's because it was too close to the election. It was a state decision that it was too late to make changes."

Notably, as you'll see in the full letter as posted below, it was CC'd to David Drury, the Chief of Florida's Bureau of Voting Systems Certification. Drury, responsible for overseeing state certification of voting systems, in an extraordinary conflict of interest as we've noted several times previously, was part of the state team commissioned to audit the iVotronic systems used in the election. The commission was empaneled after the state was forced to relent and launch such an investigation in light of the controversy after their initial denials that there was any problem at all with the extraordinarily high undervote rate in the Sarasota-only section of the race.

The ES&S letter, as Henneberger noted, was only seen recently by Jennings's attorneys since "it was not provided to them by election officials as it should have been under discovery motions in the case," according to one of her attorneys.

Instead, the legal team came across the document only recently as posted "on a North Carolina-based website on election reform," according to Henneberger.

That website, as it turns out, is the NC Coalition for Verified Voting as founded by Election Integrity advocate Joyce McCloy. McCloy had attempted, both before and after the election, to get the attention of elections officials and the Jennings legal team. The letter, not linked by Henneberger, is posted here [PDF]. We've also posted the letter in full, as well, at the bottom of this article.

McCloy wrote The BRAD BLOG today expressing her frustration at trying to get anyone in Florida to take notice of the letter warning of "slow response times" to voters' attempts to select candidates on the ballot.

"I sent that memo (and my concerns) to anyone I could think of," McCloy explained in her email, "and this year to every election reform list serve that I could, posted it on political message boards. I asked and asked - has this bug been fixed?"

Apparently the answer is no; the bug was neither fixed, nor did Dent bother to warn voters in Sarasota about the problem as had been advised in the letter by ES&S.

As Henneberger reports today...