Study Finds Security Flaws on Web Sites of Major
Banks
New York Times (02/05/07) P. C3; Stone, Brad
Harvard University and Massachusetts Institute of Technology researchers
recently discovered that banks using images as a secondary security
protocol on customer accounts are providing little added protection to
those consumers. Supporters of the technology, known as
site-authentication images, indicate that if consumers do not see their
selected image on a Web site before entering their account password, they
will opt not to enter their information. Participants in the study saw a
maintenance or error message on the screen where their images were usually
located, though the message contained obvious spelling errors. However,
only two of 60 participants in the study opted not to enter their password
when their images were disabled. MIT computer scientist Stuart Schechter
says, "The premise is that site-authentication images increase security
because customers will not enter their passwords if they do not see the
correct image. From the study we learned that the premise is right less
than 10 percent of the time." The imaging technology had been adopted by
Bank of America, ING Direct, and Vanguard as a way to improve online
banking security after a 2005 Federal Financial Institutions Examination
Council study indicated that passwords alone were not enough protection
against identity thieves. Federal guidelines expect banks to develop a
secondary security system and have it implemented by January 2007, but the
Council has not enforced the regulations yet. Harvard research Rachna
Dhamija says the study showed that site-authentication technology is
fundamentally flawed and can give users a false sense of security.
Click Here to View Full Article
to the top
Q&A: Jeanette Wing Talks About Upcoming NSF Role
Computerworld (02/02/07) Anthes, Gary
Carnegie Mellon University computer science department head Jeanette Wing,
who was selected by the NSF to lead its new Information Science &
Engineering Directorate beginning in July, sat down with Computerworld to
discuss her vision of the project. While her background in security and
trustworthy computing made her an attractive candidate, Wing believes that
she was chosen for her background in computational thinking, which she
describes as the philosophy that "The ideas in computing, the abstractions
we bring from CS, will pervade all other disciplines--not just other
sciences and engineering--but also humanities, arts, social sciences,
entertainment, and everything." She envisions algorithms created in the
NSF project being applied in the future for uses that couldn't be predicted
today. Wing is also an active supporter of computer science education, and
believes that the public, specifically the youth, must be informed as to
the "deep intellectual challenges that remain in the field." As far as
gender inequality in computer science, Wing is more concerned with the
overall drop in undergraduate enrollment and sees the need to show that the
field is "not just geeky, nerdy types, and it's not just programming."
Click Here to View Full Article
to the top
Submissions Sought for 2007 Tapia Conference
HPC Wire (01/31/07)
The 2007 Richard Tapia Celebration of Diversity in Computing Conference is
calling for submissions of papers, panels, workshops, posters, and
birds-of-a-feather sessions for the three-day conference. The fourth Tapia
Conference, co-sponsored by ACM and the IEEE Computer Society, is titled
"Passion in Computing -- Diversity in Information" and will be held Oct.
17-20, 2007, in Orlando, Fla. The goal of the conference is to provide a
supportive networking forum for under-represented groups across a range of
computing and information technology. Papers are invited in the following
topics: information security, intelligent systems, human-centered
computing, and computational math and science, but papers concerning other
topics will also be considered. Extended abstracts should be no longer
than four pages, include results, figures, and references, and be submitted
electronically. Panel or workshop proposals concerning increasing
diversity in the field of computing must be submitted by Friday, March 30,
2007; panel proposals should be no longer than one page, and workshop
proposals should be no longer than two pages. All accepted posters will be
entered into the ACM Student Research Competition. Posters submitted must
have a single author and abstracts must be submitted by Friday, June 22,
2007. Birds-of-a-Feather submissions are limited to 200 words and one
page; the deadline is Sunday, May 20, 2007. Finally, Doctoral Consortium
Submissions, for one-day workshops held immediately prior to the
conference, are due on Sunday, May 20, 2007. More information can be
found at
www.richardtapia.org/participating.html.
Click Here to View Full Article
to the top
Israeli Researchers Promise a More Beautiful You
Israel21c (02/04/07) Kloosterman, Karen
Computer scientists at Tel Aviv University (TAU) have developed a computer
program that can make an image of a person's face more attractive. The
program is based upon a survey of 300 men and women who were asked to rank
pictures of other people's faces on an attractiveness scale of one to
seven. These results were correlated with exact measurements and ratios of
facial features to produce an algorithm that can add desired elements of
beauty to the image of a face. The program works in just minutes, and in a
test conducted using large sample of volunteers 79 percent said the
program, Beauty Function, made the face more attractive. TAU co-researcher
Daniel Cohen-Or says, "Beauty is not in the eye of the beholder. Beauty is
merely a function of mathematical distances or ratios. And interestingly,
it is usually the average distances to features which appears to most
people to be the most beautiful." Its creators believe that Beauty
Function could become popular among plastic surgeons, or even become a
"must-have" option for cameras, "just like the red-eye function is today,"
said co-researcher Tommer Leyvand.
Click Here to View Full Article
to the top
Soft Robot Project Gets Rolling
Discovery Channel (02/01/07) Staedter, Tracy
Biologists and engineers at Tufts University are working to create robots
consisting of completely pliable parts. They envision "a robot that you
could pick up and crumple into a ball in your hand, let it go, and watch it
walk away," says co-director of the Biomimetic Technologies for Soft-bodied
Robots project Barry Trimmer. Inspiration for the project comes from
animals such as caterpillars and silkworms, whose lack of a skeletal
structure allows a much greater range of motion than an animal with a
skeletal structure. These animals require little neural power to execute
such motions, so "the idea is to build a robotic control system that mimics
the nervous system and muscle power of the caterpillar," Trimmer says.
These robots could enter hazardous areas, help doctors explore inside a
patient's body, or enter industrial pipelines. Trimmer is using genetic
engineering and nanotechnology to make materials with toughness equal to
spider silk. Clemson University professor Ian Walker says that several
groups are working on similar projects, but that a lack of metal could mean
a lack of strength. He says, "Other groups, including our own in
developing 'trunk and tentacle' robots, have aimed at producing completely
soft robots, but have had to settle for having at least some rigid parts.
It will be interesting to see if they can get enough strength from the
materials and components they plan to use."
Click Here to View Full Article
to the top
The Future of Engineering Education: More Questions Than
Answers
EDN (02/01/07) Santarini, Michael
In her DesignCon 2007 keynote address, IEEE 2007 President Leah Jamieson
posed many questions concerning the education of young engineers given the
rapidly changing global and technological landscapes. "What is the
university's role in thinking about what engineering careers are going to
look like in the future, and what are our responsibilities in providing our
students with the opportunities to have careers that are going to not only
prepare them for the day they graduate but probably more importantly for
the 40 years after that?" Jamieson asked. "We have to ask ourselves, will
graduates have the attributes and skills that they need for careers over
the next 40 years?" Curriculum changes are being motivated by the need for
multidisciplinary skill sets as the overall interest in engineering is
lacking. Jamieson cited a survey that shows an 18 percent drop since 1991
in the number of high school students interested in engineering. A big
worry is that the half-life of an engineering education is between two and
seven years, and if it drops below four years, university students will be
graduating with half of what they have learned being obsolete. In order to
stay relevant, some experts are suggesting that engineering students not
receive accreditation until they complete a broader curriculum, or even the
equivalent of a master's degree curriculum in engineering.
Click Here to View Full Article
to the top
Encouraging Participation in Virtual Communities
Knowledge Jolt With Jack (02/03/07) Vinson, Jack
Interaction in online communities is the focus of the article "Encouraging
Participation in Virtual Communities," which appears in the February issue
of the Communications of the ACM. Written by Joon Koh at the Chonnam
National University, Young-Gul Kim at the Korea Advanced Institute of
Science and Technology, Brian Butler at the University of Pittsburgh, and
Gee-Woo Bock of Sungkyunkwan University, the article says that viewing and
writing are the two modes of interaction in virtual communities. However,
while readers participate in the community to obtain useful information,
those who contribute posts want to identify with the community and even
participate in offline meetings with other members. According to the
article, thriving online communities give participants a sense of identity
and encourage people to get involved in their activities. Vinson writes
that there may be another connection to the perceived usefulness of a
community and offline meetings, or maybe the researchers did not test
whether users felt they contributed to the usefulness of their community.
Offline interaction may provide more of an answer.
Click Here to View Full Article
to the top
UI Researchers Develop World's Fastest Transistor
Daily Illini (02/05/07) Scharman, Julian
Researchers at the University of Illinois, Urbana-Champaign, are excited
about the potential of their new Pseudomorphic Heterojunction Bipolar
Transistor (PHBT), which they believe could be manufactured for wide-scale
use in 10 years. Developed by Milton Feng, a professor of electrical and
computer engineering, and a team of graduate students in engineering, the
new PHBT surpasses the speediest transistor in the world by 300 GHz, making
it the fastest at 845 GHz. The Defense Advanced Research Projects Agency
sponsored the project, which took nearly a decade of research and three
years of development, at a cost of about $14 million. The superfast
transistor measures just 0.3 microns by 4 microns. The PHBT would offer a
substantial improvement in bandwidth capability for Internet users, and
would offer a number of other practical uses. Feng adds that a transistor
that gets closer to one terahertz (1000 GHz) would offer advantages for
security, medical, security imaging, and security identification.
Click Here to View Full Article
to the top
Cold and Calculated
The Engineer Online (01/29/07)
Conventional, passive cooling methods will soon be inadequate for
dissipating the heat generated by electronic chips if current projections
about increasing chip performance unfold as scripted. Cooling chips via
inexpensive miniature refrigerators installed within PCs is a concept being
pursued by British researchers at Newcastle University, which is leading a
three-year, government-funded project with industrial partners. "We will
have to find a way to get rid of heat on something as small as a chip by an
order of magnitude," notes Dr. Brian Agnew with Newcastle's school of
mechanical and systems engineering. Oxford University colleagues are
collaborating with Agnew's team on the project, hoping to tap their
experience in building cooling systems that boast long-term, service-free
operation. Another partner on the project, London South Bank, will
concentrate on addressing the system entropy challenge. The system will
require an evaporator minuscule enough to fit on a chip, as well as a
silent miniature pump that does not produce vibrations. "It will all be
extremely small, but we are not going down to nanotechnology as the
thermodynamics change when you get down to nano-systems because the
molecules behave differently," Agnew says. The system's condenser could be
mounted at the rear of the computer, while Agnew reports that one
possibility is the use of a "double-effect" system where two refrigerators
are piled on top of each other so that one system's condenser can serve as
the other system's evaporator. Though Agnew admits that any new cooling
system will add complexity to the PC, he says it is outweighed by the
performance benefits.
Click Here to View Full Article
to the top
Quantum Cryptography Offers Spy-Proof Code
IT World Canada (02/01/07) Arellano, Nestor E.
University of Calgary researchers are working with quantum physics to
develop a code that becomes scrambled if it is compromised. Today's code
relies on algorithms and is safe unless the device that produces the key is
lost or stolen, or if a global registry key is lost, but quantum
cryptography would encode data into light photon particles, the state of
which would be altered if the code was intercepted. Only authorized
recipients would have the keys needed to access the data, so if a third
party tries to intercept the code using a man-in-the-middle plot, the code
would clearly show it. The system also provides a higher degree of
randomness, as a result of key exchanges that can occur many times without
compromising data transmission speed. University of Calgary Centre for
Information Security and Cryptography physicist and principal researcher
Wolfgang Tittel is working on transmitting the code key using light photons
and the rest of the message via standard encryption methods. Once the key
has been sent, and the recipient confirms a secure connection, the message
can be sent. Tittel proposes a transmission rate of one million bits per
second over 100 kilometers. Analyst James Quinn says that the deploying
necessary fiber optics through desktops could be prohibitively expensive,
and that hackers could get around this technology if quantum computing
catches up with quantum cryptography. To these claims, Tittel responds
that existing fiber networks could handle the transmission, that fiber
optics could be selectively added for important personnel, and that quantum
computers would not change the fact that photons would show signs of
attempted interception. Tittel estimates that the technology is about 10
years from being ready for the market.
Click Here to View Full Article
to the top
Gates and Brown: Tech Transforming Education
silicon.com (01/31/07) Carr, Sylvia
Teachers remain the key to learning, and they must be trained to use
technology and new technology must be developed for their specific needs,
Microsoft Chairman Bill Gates stressed during the Microsoft Government
Leaders Forum in Edinburgh. Gates noted that the same things that have
been said about technology's impact on education was previously said about
TVs, video tapes, and software, and it has not happened. Technology will
change education in that the Internet will be used to access lectures,
chatrooms will be used to hold classroom discussions, and testing and
accreditation will take place from anywhere in the world, he said.
Microsoft said it plans to continue to focus on integrating technology into
schools in the United Kingdom and 11 other countries through its Innovative
Schools program. The company offers "a clear roadmap to improve
operations, learning, and communication between the classroom and home
through the use of technology," said Damian Allen, executive director of
Children's Services at Knowsley Metropolitan Borough Council. The United
Kingdom will need to encourage innovation if it is to remain competitive as
the world becomes more globalized, added Chancellor of the Exchequer Gordon
Brown. "The answer is not turning back the clock � but to invest more in
science, technology, and creative industries," Brown said.
Click Here to View Full Article
to the top
Not Your Mother's Girl Scouts
Daily Texan (02/01/07) Garza, Kimberly
A new Girl Scouts program is helping introduce girls to technology in an
all-female environment, which has been shown to be more effective in
interesting young women in the field. Known as The EDGE, the program
exposes girl scouts to science, engineering, math, and technology. "We're
focused on empowering girls to become more comfortable to be able to take
those kinds of electives in school, to make the choices to go that career
route," says Girl Scouts technology specialist Savita Raj. "It's all
about getting girls comfortable with technology." Technology-oriented
classes do not appeal to most girls between eight and 17, especially when
the classes are coed, but the EDGE aims to relieve the intimidation and
discomfort that traditionally keeps young women from gaining an interest in
the field. University of Texas graduate student Carolyn Cunningham praises
the program for "changing attitudes and giving confidence to the girls."
The girl scouts have also held a Lego robotics camp and an architecture
camp. "It's a great way for the Girl Scouts to go," says workshop director
Terry Olguin. "They're enabling these girls, giving them the tools they
need for the future."
Click Here to View Full Article
to the top
IBM Research Projects Cover SOA, Web 2.0
InfoWorld (01/31/07) Krill, Paul
SOA, social networking, and Web 2.0 projects at various stages of
completion were showcased at the IBM Silicon Valley Lab this week. IBM's
Request Driven Provisioning system offers a framework to provide business
systems in an SOA combining automated systems with business processes that
eases end-to-end IT service delivery. "What we're doing is allowing a
business unit to define its requirements for a complete SOA system that
would have taken months to install and now it takes hours," says IBM's
Chiu. Another SOA innovation was a Web-based capacity planning tool that
allows customers to scale SOA-based workloads to comply with performance
and scalability requirements. Projects presented in the realm of social
networking, collaboration, and Web 2.0 included a portal-based system for
organizing customer responses, a social engineering system that lets users
collaborate to create automated processes on the Web, and a new internal
directory for corporate social networking sites. On-demand information
technologies included an enterprise search tool that helps decrease
financial and technology barriers to intranet and Web search, and a tool to
identify trends and patterns using analysis of customer information, both
structured and unstructured. Security innovations included an intelligent
analysis system for video surveillance, a tool that makes Internet
transactions anonymous, and an algorithm that prevents theft of biometric
data. Finally, projects in consumer technologies included an improved
retail experience using 3D virtual technology, and a system that uses
instant messaging to present the user with a visual layout of a phone
menu.
Click Here to View Full Article
to the top
Schneier: In Touch With Security's Sensitive Side
Dark Reading (02/01/07) Higgins, Kelly Jackson
People's thoughts and feelings about security, as interpreted through
brain heuristics, will be the focus of security guru Bruce Schneier's talk
at next week's RSA Conference, whose theme is the exchange between security
and psychology. "If we in the [security] industry expect to build
products, we need to understand our customers," Schneier argues. He
characterizes security as both reality and a feeling, with the former based
on likelihood and risk and the latter based on psychological responses to
risk and "countermeasures" to security threats. Schneier says neuroscience
can help describe the frequent disconnect between perception of risk and
reality, which he traces to a lack of interplay between the sensory
processing of the amygdala and the analytical processing of the neocortex,
leading to situations in which emotion overrides logic. The security
expert draws a direct link between the failure of products and vendors'
lack of consideration for the psychological aspects of security in the
design of the user interface. "My belief is that making you aware of
[brain chemistry] goes a long way" toward making better security decisions,
Schneier concludes. "If you can understand you are just reacting from
fear, you have a better shot at ... understanding these human biases.
Hopefully you can short-circuit them and improve on them and make it so we
are not slaves to this."
Click Here to View Full Article
to the top
Looking at Human Impact of Net
University at Buffalo Reporter (02/01/07) Vol. 38, No. 21, Fryling, Kevin
University at Buffalo communications professor Michael Stefanone studies
the way people interact with computers, particularly in the areas of
ubiquitous computing, human-computer interaction, and social networking.
He says that as technology becomes more pervasive in our lives, he is
"trying to get at the cultural shift in how people are defining their
boundaries in terms of private, personal information and the potential cost
of broadcasting it." With the amount of information available on the
Internet today, he expects a lot of attention to be given to matters
concerning the mining of customer data, such as the potential decision by a
health care company to charge higher premiums for customers whose credit
card transactions reveal that they frequently eat fast food. Anything sent
over the Internet today should be subject to a "cost-benefit analysis," he
says, because of the ease with which a transmission could be intercepted or
made public. Stefanone recently worked on a Cornell project where he
observed NASA researchers at two separate universities using communication
tools to collaborate on complex projects. He says, "Things get
progressively less rich from an experience perspective ... when you can't
meet people face to face." However, he applauds such technology for
allowing people who would not normally have the capacity to address large
groups using the Internet.
Click Here to View Full Article
to the top
Goodbye Wires and Silicon, Hello Plastic Chips
New Scientist (01/27/07) Vol. 193, No. 2588, P. 24; Marks, Paul
A new line of flexible, lightweight plastic chips is on the horizon thanks
to the efforts of researchers such as Plastic Logic chief scientist Henning
Sirringhaus, who conceived a way of assembling polymer transistors.
Plastic Logic has adopted a method in which an ink-jet printer nozzle
applies a droplet of conducting polymer mixed with surfactant to a
substrate. As the polymer dries, the droplet becomes water-repellent as
the surfactant migrates to the surface of the droplet. The deposit of a
second polymer droplet that overlaps with the first causes repulsion and
alignment 60 nanometers away. Plastic chips could be embedded in virtually
any object, starting with a flexible monochrome display that Polymer Vision
is due to roll out in 2007. A major potential benefit of plastic
electronics is the eventual development of a technique to build polymerized
chips that extend over several square meters, which will facilitate the
construction of cheap, large displays and solar panels from plastic.
Plastic Logic has enough faith in its plastic transistor printing
technology to make a $100 million investment in a German plant that will
churn out flexible electronic paper for displaying the pages of e-books,
newspapers, and magazines.
Click Here to View Full Article
- Web Link to Publication Homepage
to the top
Reconnecting the Connected Home
Electronic Design (01/18/07) Vol. 55, No. 2, P. 36; Hintze, Christine
Satisfying consumers' insatiable appetite for content will require the
cohabitation of wired and wireless technologies in tomorrow's networked
home, according to Texas Instruments' Michael Stich. How much the home is
networked will depend on the content consumers access via broadband
connections, and Stich projects that the success of home networking
technologies will be based on a variety of elements, including network
coverage and reliability, ease of installation, security, and cost. The
trick is to develop a chipset that is compatible with numerous networking
technologies. The most popular broadband access technology is DSL, though
in the United States DSL trails behind cable. Consumers must be
knowledgeable about networking if they are to take full advantage of the
enormous amount of bandwidth coming into the future networked home.
"Education is especially important when you have one point-to-point
connection, because you have to set things up so that you really know how
to get things from one point to another," says Analog Devices' Scot
Robertson. The user interface that enables control of the network home
must be simplified, says Arkados CEO Oleg Logvinov. "The delivery of the
platform not only has to be adaptable, but pervasive throughout the whole
house," Logvinov says. "We need something that not only allows delivery
between point A and point B, but measures what the consumption of the
content is and who the users are." The networked home of tomorrow will
probably entail a scheme whereby the entire house is wired while
room-to-room links remain wireless. IBM's Norman Liang says, "A lot of
people are just starting to get used to the idea of digital tech. Wireless
networking has only been around for about five years now. In order to
innovate, we have to humanize the problem."
Click Here to View Full Article
to the top
Cognitive Radios Solve a Host of Problems
Portable Design (01/07) Vol. 13, No. 1, P. 8; Donovan, John
Cognitive radio can configure handsets into a network of intelligent
agents that anticipate users' communication requirements via a combination
of machine learning, vision, and natural language processing. Cognitive
radios boast awareness of location, spectrum use, and owners' preferences
and respond to changing conditions by adjusting frequency, power level,
transmission mode, and modulation traits without the need for
preprogramming. The result is seamless and dependable communication while
keeping spectrum efficiency optimal. The underlying technology
infrastructure for cognitive radio (Wi-Fi, Bluetooth, GPS, speech
recognition) is already available in portable devices, and the trick lies
in stitching these various technologies together in such a way that new
applications of the hardware are facilitated. A cell phone makes the
transition from location-aware to RF-location adaptive through programming
that allows the device to change bands or transmission modes at certain
locations; the move to cognitive radio is complete once the phone learns to
draw connections between location, speed, and time of day so that it can
proactively adjust bands, transmission modes, power level, etc., to make
communication seamless. User awareness is key to the function of cognitive
radio, and there are two paths to experiential learning such devices can
follow: They can either learn through interaction with other cognitive
radios, or they can learn by observing their operators' use patterns.
Regulatory challenges need to be addressed in order for cognitive radio to
be implemented on the approval of the FCC and other agencies that
coordinate the allocation of spectrum. The military and public safety
organizations have the biggest need for cognitive radio.
Click Here to View Full Article
to the top
Storm Warning
Government Executive (01/07) Vol. 39, No. 1, P. 30; Pulliam, Daniel
The government-mandated testing of cybersecurity and attack response that
took place in 2006, called Cyber Storm, yielded poor results and there is
little reason to believe that results will be better for the upcoming test
in 2008. One reason is that the 110 government organizations,
international partners, and private sector associations that took part in
the first test were all volunteers who already believed in the importance
of cyber security, and all the first test did was test their skills. The
organizations that did not care about security were not involved and they
are the ones that concern security officials the most. The test
highlighted already-known weaknesses in the system--mainly a need for solid
contingency plans, a training program, and for security personnel to be
able to identify connections between incidents occurring across multiple
infrastructures. The next test is designed to promote better coordination
between public and private organizations.
Click Here to View Full Article
to the top