ACM TechNews (HTML) Read the TechNews Online at: http://technews.acm.org
ACM TechNews
June 29, 2007

Learn about ACM's 2,200 online courses and 1,100 online books
MemberNet
CareerNews
Unsubscribe

Welcome to the June 29, 2007 edition of ACM TechNews, providing timely information for IT professionals three times a week.


HEADLINES AT A GLANCE:

 

Immigration Bill's Defeat Will Prompt 'Plan B' From H-1B Proponents
Computerworld (06/28/07) Thibodeau, Patrick

The defeat of the U.S. Senate's comprehensive immigration reform legislation is a setback for the technology industry, but lobbying groups are expected to continue to push for a higher H-1B visa cap. The H-1B cap for the federal government's next fiscal year was filled on the first day the U.S. Citizenship and Immigration Services accepted applications. Several opportunities to raise the H-1B visa limit still exist. One option is the Securing Knowledge, Innovation and Leadership Act, or SKIL bill, which would raise the cap from the current 65,000 to 115,000 and provide market-based requirements for future increases. The SKIL bill was reintroduced to the House and Senate in April after failing to win approval last year, but because it is an individual piece of legislation, amendments related to immigration reform could be easily attached and kill the bill. A second option is to increase the cap through an amendment to a spending bill. A third option is to add a H-1B expansion amendment to one of several bills Congress is considering as part of the Democratic majority's Innovation Agenda, such as a bill to improve science and engineering training programs. Software & Information Industry Association President Ken Wasch says the Senate's action on immigration reform means focus on H-1B reform will shift to the House. "Our companies have a huge problem," Wasch says. "And if the immigration problem is not solved, we create an enormous incentive for our companies to do more development work where talent is being developed."
Click Here to View Full Article
to the top


The Newest AI Computing Tool: People
University of Southern California (06/28/07) Mankin, Eric

University of Southern California Information Sciences Institute computer scientist Kristina Lerman believes that people can be used as a new source of artificial intelligence computing power to solve difficult IT problems such as information classification, reliability, and meaning. Lerman says that human intelligence on social Web sites, blog networks, video and photo sharing sites, and other social exchange gatherings online involve hundreds of thousands of observations and interactions, which can be used to extract metadata about the transactions. The metadata would contain information on who is interacting, what they are talking about, how conclusions are reached, and how information spreads, all of which can help researchers answer questions about document accuracy, quality, categorization, and embedded terminology. Lerman says one benefit would be the automatic determination of the semantics of content for metadata tags. She says tags are crucial to returning accurate search engine results. The complexity of natural language has made it difficult to assign tags, and attempts to manually build intricate connections that signal different word meanings have proved frustrating. Lerman found that by extracting the tags on photo-sharing sites, and by using a mathematical technique called the "expectation-maximization algorithm," it was possible to accurately separate pictures of different objects with similar descriptions. Lerman has gone beyond tagging and is now using metadata to obtain more accurate information about the content of documents in social networking sites. Lerman says, "The innovations introduced by social media have lead to a new paradigm for interacting with information, what we call 'social information processing.'"
Click Here to View Full Article
to the top


Cyber Security Report Released
Computing Research Association (06/28/07)

Cybersecurity is the focus of "Toward a Safer and More Secure Cyberspace," a new report from the National Research Council of the National Academy of Sciences. The report identifies three broad areas of concern about security, with the first being that a lack of security will enable enemies to launch a cyberattack, in conjunction with a physical attack, to cause an enormous loss of life and billions of dollars in other damages. Secondly, the reports draw attention to the potential for billions of dollars in losses due to fraud and extortion if businesses are unable to shore up their cyberspace systems and networks. Finally, the report warns that a lack of cybersecurity may curb the use of technology in the years to come and lead users to discount the positive impact that IT can have on national competitiveness, in addition to national and homeland security. The report also includes a potential Cyber Security Bill of Rights that offers a set of 10 provisions. The points include availability of system and network resources to legitimate users; easy and convenient recovery from successful attacks; and control over and knowledge of one's own computing environment.
Click Here to View Full Article
to the top


The iPhone's Potential
Technology Review (06/29/07) Greene, Kate

Many of the features in Apple's new iPhone will be under-appreciated, including the accelerometer, ambient light sensor, and infrared sensor, all of which are used to gather information from the environment and adjust the phone's functions. The iPhone can automatically change the screen from portrait to landscape, adjust the screen's brightness based on light levels in the environment, and disable the touch screen when the phone is being used for a call. Massachusetts Institute of Technology research scientist Nathan Eagle says that although these functions are useful and entertaining, they are rather unremarkable for the technology in the iPhone. "These are trivial uses for what has the potential to provide a whole slew of new features and functionality," Eagle says. Independent research projects at MIT, Intel, and other companies indicate that phones built with hardware such as accelerometers, light sensors, a GPS, and a microphone could provide clues about people's activities and behaviors. Such a phone could monitor exercise habits, track an elderly relative's activities, and let friends and family know if it is an appropriate time to call or instant message the phone's owner. At Intel Labs, researchers equipped first-year students at University of Washington with an accelerometer, barometer, a humidity sensor, a thermometer, a light sensor, a digital compass, and a microphone and were able to watch social networks form as subjects with the sensors interacted. Eagle says it would not be difficult to write consumer software that would deduce a person's basic activities, which could be used to update the status listed on an instant messenger program or a blog, for example.
Click Here to View Full Article
to the top


Branding Matters -- Even When Searching
Penn State Live (06/28/07) Hopkins, Margaret

Penn State College of Information Sciences and Technology researchers found that Web searchers overwhelmingly favor Yahoo and Google, even when the search-engine results are identical, indicating that brand names are important on the Internet. The researchers copied Google results pages for four different searches and assigned them to four different search engines--Google, MSN Live Search, Yahoo, and an in-house search engine created for the study. The researchers showed the pages to 32 study participants who were asked to evaluate the engines' performances. Participants believed Yahoo and Google provided better results than MSN Live Search and the in-house engine, even though the results pages were identical in content and presentation. "Given that there was no difference in the results, all of the search engines should have had the exact same score," says assistant professor and lead researcher Jim Jansen. "Some emotional branding is having an effect here." The researchers' intention was to understand why Web users tend to use a handful of search engines when there are about 4,000 search engines that use similar technologies and interfaces. The search engine created for the study, which had no brand-name recognition, scored the worst.
Click Here to View Full Article
to the top


Williams Professor Receives Grant from National Science Foundation for Work on Software Errors
iBerkshires.com (06/27/07)

The National Science Foundation has awarded a Faculty Early Career Development Program grant to Stephen Freund, an assistant professor of computer science at Williams College. The five-year, $400,000 CAREER award will enable Freund to continue his promising research into "Hybrid Atomicity Checking," which is a strategy for searching for bugs in software systems. Freund considers atomicity violation to be a particularly difficult bug to contend with because the errors occur when they are least expected and they are also tough to identify and repair during testing. Atomicity violations occur when different pieces of a software system access shared data or files in the wrong way and at the same time. Freund plans to develop automated tools to find atomicity errors by inspecting software source code and monitoring running programs. The automated tools will take a hybrid approach to checking, which offers more precision and ease-of-use than current applications. The approach is also a better way to deal with atomicity bugs in terms of cost.
Click Here to View Full Article
to the top


Solving the Web Security Challenge
CNet (06/28/07) Ricciuti, Mike; Evers, Joris

The gatekeepers of much of the world's most sensitive information are a handful of major corporations, and this carries troubling implications for Web security, especially since in many instances these companies are adapting standard desktop security methods to new Web applications. The security of online information is complicated by the ever-growing volume of data as well as the upsurge in hacker attacks, and factors such as these are triggering calls for independent oversight. SPI Dynamics researcher Billy Hoffman says there is plenty of information on security practices available, but what is missing is "an intermediary that says how these things apply to you as you build Web 2.0 or other applications." Industry-wide cooperation is one strategy to consider, but such an approach has been tried with other digital technologies, only to come up short and often lead to monopolization. Hoffman attests that standard bodies such as the World Wide Web Consortium should concentrate on devising unambiguous standards that establish solid baselines. Microsoft's Pete Boden classifies the majority of online security problems as input validation errors, and he thinks Microsoft has an advantage over rivals because it received a fast education on Web security thanks to its extensive software history and experiences with Trustworthy Computing, and thus was able to create tools to help developers address bugs and test code quality. Although Microsoft, Google, and Yahoo claim to have fortified servers against attacks, email worms, phishing assaults, and other intrusions are still common, which plays into the argument for more industry collaboration. Security specialists at the "Big Three" companies see a need for additional work at the most basic level of software development, beginning with an effort to teach security to future employees while they are still university students.
Click Here to View Full Article
to the top


'Europa' Orbits Eclipse With 21 New Projects
InternetNews.com (06/27/07) Kerner, Sean Michael

The Eclipse Foundation today revealed 21 different projects comprised of more than 17 million lines of code for the Eclipse open source development environment. The new Eclipse Europa release train is the largest release from Eclipse so far. Eclipse's Ian Skerrett says a predictable release cycle is crucial to helping users and developers build their own Eclipse products. Skerrett says Europa participation was not focused on any specific Eclipse Foundation project, but that each project volunteered to participate in the release train. The core Eclipse architecture is structured so that everything is a modularized component that allows for plug-ins. Each component has well-defined APIs that allow developers to layer functionality on top of each other. Skerrett says some of the new Europa projects are groundbreaking. The Eclipse Modeling Framework supports Java generics, which allow for more sophisticated and flexible models, and the Eclipse Mylyn project presents a new task-focused user interface to the IDE, which allows the system to automatically find files or resources instead of searching manually. Netbeans, another open source IDE, is scheduled to release its newest version later this year.
Click Here to View Full Article
to the top


Virus 'Hybrids' Can Act as Nanoscale Memory Devices
New Scientist (06/26/07) Dume, Belle

Researchers in the United States and Italy have developed a new type of memory device that uses individual viruses placed on tiny specks of semiconducting material called quantum dots. The 'hybrid' material could help develop biocompatible electronics and an inexpensive and efficient way to make high-density memory chips. Certain types of biological material have been known to react to inorganic molecules and researchers have already been using this phenomenon to build nanoscale devices that could be used as biosensors. University of California at Riverside team leader Mihri Ozkan and his colleagues have taken the technology a step further by making a device that can also store digital information. Ozkan says finding the memory storage capability was unexpected because each nanoparticle does not have any memory characteristics on its own, only when connected as a hybrid. Ozkan and his colleagues started by depositing the plant virus cosahedral cowpea mosaic virus (CPMV), which is harmless to humans, on quantum dots made of cadmium selenide and zinc sulphide. Next, the hybrids were embedded into a polymer matrix and sandwiched between two conducting electrodes for testing. The researchers found that low voltage can be applied to operate each unit as a memory device with conductive property states that can switched between high and low, corresponding to a 1 and a 0. The states are non-volatile, which means data is stored even when the power is turned off. Ozkan says that, theoretically, these memory devices could be used for high-density storage because each individual hybrid could be a single storage unit, and millions of units would be able to fit into a space only a few square centimeters.
Click Here to View Full Article
to the top


Welcome to the World's Largest Supercomputing Grid
Computerworld (06/26/07) Strom, David

Critical mass was reached this year on TeraGrid, a federally sponsored computing initiative that eases corporations' access to the world's largest supercomputers and encompasses nine distinctive academic and federal institutions. The TeraGrid network currently boasts over 20 petabytes of storage capacity and upwards of 280 teraflops of computing power. "The point of TeraGrid is to pull together the capabilities and intellectual resources for problems that can't be handled at a single site," explains National Center for Supercomputing Applications (NSCA) deputy director Rob Pennington. "We make it easier for researchers to use these multiple computing sites with a very small increment in training and technical help." Grid Infrastructure Group director Dane Skow says the National Science Foundation is helping to nurture TeraGrid's growth, and he foresees the network allowing researchers to tackle scientific problems of unprecedented size and scope. TeraGrid can also directly benefit a variety of commercial fields and markets. One project in this vein involved a Rice University professor's effort to concoct millions of different chemical structures that could be employed as zeolites, whose use spans a broad spectrum of industrial processes. Private-sector companies can become corporate affiliates of participating TeraGrid institutions through NCSA's Private Sector Program and similar initiatives.
Click Here to View Full Article
to the top


H-P's Emerging Task: Deter Forgeries
Wall Street Journal (06/28/07) P. B3; Range, Jackie; Agarwal, Vibhuti

A Hewlett-Packard research and development lab in India is researching a way to mark paper documents with a bar code to prevent forgeries. Forgery is a big problem in India and one of the most common types of fraud. The project, called "Trusted Hardcopy," does not use holograms or water-marked paper and is capable of working on ordinary office equipment, mainly a computer, a scanner, printer, and software. The bar code acts like a digital signature and is intended to bring network-level security to paper documents. The bar code is used to authenticate the document and contains the information on the page. By including the information on the page in the bar code, any unauthorized changes to the document would be recognizable because the bar code would be unaltered. HP believes that government agencies, public offices, and companies will all be interested Trusted Hardcopy for official documents. Trusted Hardcopy is only one of several innovations being developed by HP designed to appeal to customers in emerging markets, primarily China and India. Another product is HP's "TVPrintCast," which sends data over television networks. Computing over television networks is potentially an extremely lucrative market in India, as televisions are far more prevalent than computers. In 2005, India had 500 million TV viewers but only 6.5 million Internet users. TVPrintCast would allow users, for example, to view a cooking program and simultaneously print out a copy of the recipe.
Click Here to View Full Article
to the top


The Three Questions of Robustness
EDN (06/25/07) Leibson, Steve

Professor H.J. Siegel of Colorado State University's Electrical & Computer Engineering Department presented a technical workshop at WORLDCOMP '07 in Las Vegas that was notable in that he raised three questions for determining "robustness" and for objectively comparing that quality in systems, products, or services. Siegel's questions give the term robustness meaning and have implications with regard to its potential broad use in all system designs, writes Steve Leibson. Siegel uses multiprocessor systems in his tutorial titled "Robust Resource Allocation for Heterogeneous Parallel and Distributed Computing Systems" to answer the first question, "What behavior of the system makes it robust?" The question speaks to satisfying a specific set of throughput and latency constraints set forth by the customer. The second question, "What uncertainties is the system robust against?," addresses the uncertainties of boosting sensor inputs, and the potential impact on processing power, processing throughput, processing latency, and ultimately the constraints on these parameters. For the third question, "Quantitatively, exactly how robust is the system?," Siegel, who develops robust systems, uses the smallest number of incremental sensor inputs that would lead to latency or throughput violations to determine the merit.
Click Here to View Full Article
to the top


Security Issues and Programming
ZDNet (06/25/07) Murphy, Paul

Blogger Paul Murphy notes that it is a widely held belief that security is a function, rather than an application, of programming language. He makes the case that "C code compiled and run in a safe code environment is as safe as Java run in a virtual machine--and, by extension, a Java virtual machine is itself as vulnerable as any other C application." C's greater simplicity in comparison to Java should help shield C against attack, which dovetails with the concept of using virtualization to maintain the separation of user processes. "Thus you can think of the PC's BIOS, ring zero, kernel, and user modes as switchable virtual machines, note that this hardware design has determined a lot of the software evolution around it, and conclude that much of today's PC "security" problem is ultimately rooted in a mistake," Murphy explains. "A mistake, not because virtualization was the wrong answer, but because a better answer was known: The use of typing instead of address based authorizations." He concludes that it is erroneous to regard a language such as C as being more hazardous than Java, since it is the whole execution environment that matters in the final analysis. Most of the risk on Windows and Unix stems from hardware, and by extension compiler design, as opposed to language design.
Click Here to View Full Article
to the top


Handwritten Passwords
Technology Review (06/28/07) Naone, Erica

A new online authentication system called Dynahand could eliminate the need to remember multiple and lengthy passwords. Dynahand verifies user identity by asking the user to identify their own handwriting. University of Glasgow computer scientist and Dynahand researcher Karen Renaud says requiring users to remember passwords is ridiculous and places an unrealistic burden on people. Biometric authentication, using physical attributes such as fingerprints or retinal scans, has become an alternative to passwords, but requires additional hardware. Dynahand eliminates the need for extra hardware and passwords. Dynahand only requires users to submit a variety of handwriting samples. To log in, the user must identify his or her writing out of a series of samples. Multiple tests can be used depending on the desired level of security. The handwriting samples contain only digits because numerals are harder for an outside party to recognize than letters, and digits are displayed at random, so the handwriting is the only clue. The system uses an algorithm to analyze characteristics such as line width of all handwriting samples to be sure samples are distinct and do not confuse legitimate users. Renaud says a handwriting recognition system is particularly appealing to older users, who can find it difficult to remember multiple passwords, and dyslexic people, who sometimes chose weaker, shorter passwords intentionally because they have trouble remembering longer passwords. Renaud does not believe that Dynahand is secure enough to protect sensitive information such as bank accounts or health records, but that it would be appropriate for social sites where the user wants a private account but no real harm would result from a break in.
Click Here to View Full Article
to the top


Be Focused and Fearless, Wired Women Tell Colleagues
Computerworld Canada (06/18/07) Lau, Kathleen

At the Toronto Chapter Wired Women Society, an association that helps women build IT careers, nine women at different stages of their IT careers spoke about the challenges and success they have experienced. The women provided a uniquely female perspective on topics including succession, career changes, balancing work and personal life, and the rapidly changing world of IT. Globe & Mail director of business development Andree Gosselin O'Meara shared her experiences starting in IT as a systems engineer and having to struggle against misconceptions surrounding women's skills and having to be vocal about equal pay. "Do push. It's important that women have their place," O'Meara said. Annemarie Edwards, the director of eSolutions at CPC Healthcare Communications, said she was attracted to the dot-com community by the idea of changing traditional business models, and that her interest has only grown with the development of Web 2.0. Edwards said that keeping up and interacting with evolving technology will be a "must-have skill," and that people should embrace technology. The other speakers included Manta Group partner Fariba Anderson, Sequentia Communications CEO Jennifer Evans, HP Canada district sales manager Leyland Brown, former corporate advisor with the Office of the President at Bell Canada Enterprises Lib Gibson, IBM Canada manager of corporate diversity and inclusion Rukhsana Syed, Yahoo Canada head of media Anjali Kapoor, and Wireless Payment Systems business and operations analyst Aleema Seadath. The overall message the speakers offered women was to be confident and persistent when pursuing a career in IT.
Click Here to View Full Article
to the top


Just the States: How Effective Are STEM Pipeline Programs?
Diverse: Issues in Higher Education (06/22/07) Majesky-Pullmann, Olivia

The National Science Foundation founded the Loius Stokes Alliance for Minority Participation (LSAMP) in 1991 to support and increase the number of minority students pursuing advanced degrees in science, technology, engineering, and math (STEM). In 1991, LSAMP gave grants to only six institutional alliances and supported fewer than 4,000 students. In 2006, LSAMP supported 35 alliances involving more than 450 institutions and thousands of minority students. Based on data from the National Science Foundation, in 1991 only 35,670 minority students were enrolled in STEM fields. By 2003, minority enrollment in STEM fields increased 470 percent to 205,000 students. From 2004-2005, roughly 24,642 LSAMP students earned degrees. LSAMP includes pre-college programs, student academic support, student professional development, mentoring, faculty development, curriculum reform, and graduate studies orientation. A study by the Urban Institute found that LSAMP students, on average, had a better GPA than their non-LSAMP minority, white, and Asian student counterparts. Slightly more than half of LSAMP graduates had a cumulative GPA of 3.25 or above, whereas only 27 percent of underrepresented minorities not involved in LSAMP, and 42 percent of Whites and Asians had similar GPAs. LSAMP participants were more likely to enroll in post-BA courses and earn graduate degrees.
Click Here to View Full Article
to the top


Social Scripting for the Web
Computer (06/07) Vol. 40, No. 6, P. 96; Lau, Tessa

How-to knowledge can be captured and shared with others through IBM's Koala Web application instruction repository, whose scripts are both human- and machine-readable, writes IBM Almaden Research Center research staff member Tessa Lau. Koala allows script contributions from anyone, and enables non-programmers to produce scripts automatically through the use of a programming-by-demonstration method. Lau says the system provides easy-to-understand, step-by-step instructions for online procedures, and parses each step to ascertain whether it can be automated or requires user consultation; the latter determination is made by looking for the word "you" in the instruction. The provision of a "Run" button lets the user implement the entire script without interruption, which facilitates the automation of routine online tasks. Koala can parse plain-text commands through a "sloppy programming" approach in which a relatively small terminology can be used to describe actions on Web pages, and the current Web page can limit the set of potential targets. By clicking a "Save" button, users can automatically store a generated script on the project's wiki to share with others, and Koala has a "Personal Database" feature that offers a way to create scripts that work across users. Lau notes that Koala can accommodate the "long tail" of business processes by letting small teams simply automate their own unique workflows.
Click Here to View Full Article - Web Link to Publication Homepage
to the top


To submit feedback about ACM TechNews, contact: [email protected]

To unsubscribe from the ACM TechNews Early Alert Service: Please send a separate email to [email protected] with the line

signoff technews

in the body of your message.

Please note that replying directly to this message does not automatically unsubscribe you from the TechNews list.

ACM may have a different email address on file for you, so if you're unable to "unsubscribe" yourself, please direct your request to: technews-request@ acm.org

We will remove your name from the TechNews list on your behalf.

For help with technical problems, including problems with leaving the list, please write to: [email protected]

to the top

News Abstracts © 2007 Information, Inc.


© 2007 ACM, Inc. All rights reserved. ACM Privacy Policy.