Words TrustVote report with checkmark and words Bob Fitrakis with eagle in the background

Ohio’s decision to buy new voting machines will make the difference between hackable -- or less-hackable elections.

Let’s begin by stating the obvious: All computer voting machines can be hacked!

We remember when Ohioans witnessed their votes jumping from John Kerry to George Bush on voting machines in Youngstown during the 2004 election. Voters saw their Kerry selection disappear during the infamous “Franklin County fade” on electronic voting machines in that election as well. Ohio’s former voting machine company, Diebold admitted its system accidentally knocked 10,000 registered voters off the rolls.

Ohio’s previous Secretary of State Jennifer Brunner conducted the seminal Everest Study of Ohio’s voting machines in 2007 and found that all of them had security problems. The study concluded that: “Unfortunately, the findings in this study indicate that the computer-based voting systems in use in Ohio do not meet computer industry security standards and are susceptible to breaches of security that may jeopardize the integrity of the voting process.”

The Hart Intercivic machines owned by friends of Mitt Romney and used in Cincinnati for the 2008 presidential election, failed 12 of 12 security tests.

Back in July 2017, computer hackers at the Vegas Def Con Cybersecurity conference hacked all the 30 voting machines brought to the event. Whether it is the software or built-in machine firmware, all have well documented vulnerabilities.

And of course, we all accept that Russians probably hacked into our voting system in the 2016 election. But the greatest threat to hacking U.S. elections is not from Russians fooling around in the electronic voter registration rolls, but from private, for-profit companies that secretly program voting machines and election tabulators.

For over a decade the New York Times refused to conclude that voting machines could be hacked. But this February they published an excellent overview entitled: “The Myth of the Hacker-Proof Voting Machine.” Yet, between now and August, Ohio’s county boards of elections will be selecting new computerized voting machines.

Granted, most of Ohio’s voting equipment was purchased following the 2000 election and in the aftermath of the 2004 Buckeye state presidential debacle. The Columbus Dispatch noted that “Most voting equipment in Ohio was purchased in 2005-2006 largely with $115 million in one-time federal money through the Help America Vote Act.”

Ohio county commissioners and the Ohio Association of Election Officials recommended $175 million to cover 85% of the cost of purchasing voting machines, according to the Dispatch. Governor Kasich’s budget office recommended $100 million.

However, no state should be allowed to purchase a Direct Recording Electronic voting machine that doesn’t include paper.

Surprisingly, Ohio Secretary of State Jon Husted has suggested that every county board of elections should purchase machines that are paper-based. Husted’s $118 million figure is based on every county purchasing a paper-based system. Lawmakers could decide to go with that figure and require counties to cover any cost above that amount if they go with more expensive systems. Or lawmakers could fund whatever counties choose to pick; restrict what options counties can pick from; or find some whole new methodology.

A successful hack is least likely to occur on a high-speed digital scanning machine, such as an opti-scan voting machine.

The Free Press unequivocally endorses hand-counted paper ballots at the precinct level. In New York state, county voting official Virginia Martin uses hand counted paper ballots and speaks all over the country on how easy it is.   

If machines unfortunately must be purchased -- what Husted should demand is for the state to buy a model that digitally scans a paper ballot with built-in audit logs and electronically digitizes ballot images. That way the vote count can actually be audited later. He must also demand that every computer system uses transparent open source coding.