The Diebold AccuVote TSx stands about 4 feet tall and weighs about 26 pounds. Its 15-inch screen is touch-sensitive at 35 million points and can display ballots in at least nine languages.

Voting is as easy as touching the screen with your finger. The programming won't let you invalidate your vote by choosing more than one candidate per race, and you'll be reminded of any races you skipped on your way through the ballot. If the power goes out, the machine can run on batteries for as long as four hours.

If all goes well, at the end of the day there's no need to count punchcards or paper ballots -- officials just plug memory cards into a central server, although there is a paper record of each vote. The hope is that both voting and tabulating the results will be faster, easier and more transparent for everyone involved.

The technology is no longer remarkable to anyone who's used an ATM, played video poker or checked out using a self-service lane at the supermarket.

But those everyday devices have everyday uses: getting cash, frittering it away, and buying milk. The AccuVote TSx records your vote -- your sacred American vote. For Congress. For county commission. To make or break a tax increase.

And that, perhaps, coupled with the fact that most Utah voters will use the machines for the first time this month, is why some critics are shouting that nothing less than the end of representative democracy is at hand.

"These machines do seem to terrify some people," said Sandy Hoffmann, elections coordinator for Utah County. "I don't see any need for that terror.

"I think it's the unknown, and change. I'm sure this is old stuff rehashing itself in a new technology."

The unknown is a factor, but "there is some realism" to the critics' worries, said Phil Windley, an associate professor of computer science at Brigham Young University and former chief information officer for the state of Utah.

"Elections systems have always been subject to human manipulation, fraud, etc.," he said. "I think there is a little bit of a 'brave new world' here -- people think, 'Computers, they've got to be better. They've got to be more accurate.' "

Computers may "take that ability for human manipulation and enhance it," Windley continued. "Humans do act in malicious ways, and we'd like to have a system that protects us as much as possible."

Utah County has 1,074 new electronic machines, which replace 1,275 punchcard voting booths. Officials hope that the ease of using the new machines, as well as the introduction of pre-election day voting, will mean the county needs fewer voting stations.

The machines cost about $3,000 each, a bill of a little over $3.2 million for Utah County alone. Federal funds picked up that tab as part of the Help America Vote Act (the response to Florida's 2000 electoral meltdown), but local governments don't get off scott-free.

Utah County has to remodel its storage area, for example, so that there's electricity to recharge the machines and climate control to keep them from being ruined. Bids on that project are due June 21. Counties also are responsible for replacing the machines in the future.

Money is being spent at the state level as well, for training materials, signs, instruction manuals and other literature, and an advertising campaign -- complete with a decorated PT Cruiser -- to introduce the machines, said Joe Demma, chief of staff for the lieutenant governor's office.

There's a campaign against the machines, too. It includes the nonprofit groups Black Box Voting of Renton, Wash., and Utah Count Votes of Park City, and they've been actively trying to initiate a backlash against what they see as an insecure voting system.

Reports outline two main areas in which electronic voting machines could be compromised.

First, the machines themselves could be tampered with in storage or while in transit to the polling place, or somehow the programming could be altered so that votes are reassigned or otherwise tampered with.

That's the concern voiced in a report from Black Box Voting prepared by Finnish computer expert Harry Hursti. He said it's easily possible for an attacker to change the applications and files, the machine's operating system or the "boot loader," which loads software so the operating system can start.

A separate report prepared for the Institute of Electrical and Electronics Engineers postulates that someone could produce a counterfeit voter access card and use it to insert foreign coding into a voting machine while pretending to vote. The code could simply be a virus that crashes the machine, making it more difficult to vote at certain polling stations. Or, it says, the new code could tamper with votes.

The second concern is possible "in the sci-fi sense," said Michael Shamos, a computer science professor at Carnegie-Mellon University who also certifies voting machines for Pennsylvania. "I could conceive of a system in which that was possible. It isn't with the TSx."

The other problem is very real, however, said Shamos, and it stems from the simple need to update software quickly on thousands of voting machines.

Other electronic voting machines do this safely, he said -- for instance, requiring a password to change software, and making a record of the change.

Diebold's machines use a "completely unsecured method" without those basic safeguards, he said, meaning the software could be changed too easily by anyone who could gain access to the machines and who had the right kind of memory card -- which, he acknowledged, is "a tall order."

"It's not a bug, it's not inadvertent," Shamos said. "It was built deliberately by Diebold for their convenience."

Pennsylvania dealt with the problem by having election workers load the approved version of the software onto the machines before polls opened for their primary.

"We don't want to have to do that every election cycle," Shamos said, adding that there's pressure on Diebold now to add the security features other voting machines have.

"My belief is they'll do it because we're going to force them to do it," he said.

Diebold is working on that issue, said company spokesman David Bear -- but he also said the company considers the matter a "low risk" to security.

"We're working on a more redundant form of the system," Bear said, "which would probably be something like a hash key or some kind of an encryption so that if someone introduced something unintended it would be identified."

He said he respected many security experts who are talking about Diebold's machines, but added, "I don't know that they always have a respect for the election environment."

The image of a "nefarious cabal of people who are out to steal elections" is unrealistic, he said, especially if one expects them to manipulate the vote at a polling station full of voters and election workers.

"If you really want to impact an election, the best way is to walk in and knock down the machine," Bear quipped. "Keep people from voting at all."

He acknowledged that insider fraud does happen. But the idea that someone could insert foreign software on the machines is "based on a couple of unlikely scenarios," Bear said, such has having unfettered access to the machines as well as the software and technological tools. Someone would also have to be "willing to commit a felony."

Shamos has heard that reasoning from Diebold and finds it credulous: "Gee, why do banks have doors on the vault?" he asked. "Someone would have to commit a felony to take the money out. But we still have the doors on the vault."

Demma, of the lieutenant governor's office, also made the case that electronic voting machines are difficult to subvert.

Practically speaking, Demma said, a saboteur would have to get through physical security barriers such as security seals and locks, which would show the machine had been tampered with, and a matching memory card encoded by Diebold and the clerk's office would be needed.

"You'd have an easier time hacking into a punchcard system than getting into these puppies," he said. "There isn't a clerk or a poll worker or a ballot official who would give you that kind of access."

Even with a "perfect storm of corruption," he added, there's still the paper records of votes that are verified by the voter.

That paper record does a lot to increase vote security, said Douglas Jones, an associate professor of computer science at the University of Iowa. He also spent 10 years on the Iowa Board of Examiners for voting machines and systems.

"That creates an incredible opportunity to ensure honesty," Jones said. "If the hand count doesn't match the machine count, something's wrong. They're not supposed to be different at all."

Jones also said, however, that the vulnerabilities identified by electronic voting critics should be taken seriously -- but not because of someone embarking on a clandestine countermission befitting a television plot line from "Alias" or "24."

"People assume that the attacker is some evil outsider," Jones said. "Historically, the biggest problem with the elections in the United States has been corrupt political officials who are part of a political machine."

The amount of money at stake even in a simple county road contract could provide an incentive for someone to skew an election, he continued. If it was worth their while to bribe an official and hire a crooked programmer, the scheme might taint only five or 10 machines -- but that could be enough to tip a county election.

"Thank goodness most of the elected officials and the people who run for office are honest," Jones said.

After listening to Utah County's policies and procedures, Jones said officials have done an acceptable job -- for now.

"The model they've put in place is adequate for the short term," he said. "In the long term, like before November, it would be really good if every county in the country ... could lean on Diebold to install decent controls on the installation of firmware."

The electronic voting process

Many measures are taken to secure the electronic voting process from tampering and ensure a fair election.

The central component is a computer server where the ballots are encoded. The server is not connected to a network, it is password-protected and is locked in a room to which only two people have keys. The exact location of this room also is not widely known. During an election the server probably will be moved to a more open location so that independent observers can watch the process.

In the room with the server are memory cards. Those cards are encoded with the ballot information and passed on to poll managers for insertion into the voting machines on Election Day. They're transported in a sealed pouch that's supposed to be opened in the presence of at least two people. The cards are also tracked by serial number.

At the polls, the ballot clerk will have an encoder around his or her neck that will prep voter access cards. VACs -- similar to a hotel room card -- are inserted into a voting machine and call up the ballot for the voter to mark.

When voting is complete, the choices are stored electronically in two separate areas, and the voter is asked to examine a printout of his or her votes to verify accuracy. The VAC is then removed, returned to the poll worker, wiped clean and reused.

At the end of all voting, the memory cards are returned to the county courthouse and plugged into the server, which tabulates the results. The paper ballots are also retained as a way to check discrepancies.

Checking those discrepancies would be quite an undertaking, however. If officials have to use the paper records to check a race, the election would go from high-tech to very old school -- as in hand-counting slips of paper.

"That's our worst nightmare," said Utah County elections coordinator Sandy Hoffmann. "We don't want to have to think about it."

There is a machine available that can mechanically count the printouts, but it hasn't been certified for use in elections yet.