Association for Computing Machinery
Timely Topics for IT Professionals

ACM TechNews (HTML) Read the TechNews Online at: http://technews.acm.org
ACM TechNews
July 20, 2007

Learn about ACM's 2,200 online courses and 1,100 online books
MemberNet
CareerNews
Unsubscribe

Welcome to the July 20, 2007 edition of ACM TechNews, providing timely information for IT professionals three times a week.


HEADLINES AT A GLANCE:

 

Look, No Hands
BBC News (07/19/07) Symonds, Tom

This year's DARPA Urban Challenge, to be held in October, will draw autonomous vehicle entries from more than 50 teams, with 30 expected to start the race. The driverless cars will have to navigate, avoid other cars, circumvent traffic jams, stop at intersections, follow road markings, and yield when appropriate. The location of the final challenge, which will include a 60-mile race through a mock urban environment, has not been announced, but it is likely to be a U.S. military base. Currently the favorite is the car built by Stanford University's team, who won the 160-mile autonomous car race in the Nevada desert last year. Mike Montemerlo of the Stanford team believes the winning car will be the one able to get itself out of traffic jams, a considerable task for a computer, particularly because a significant amount of the traffic will also be computer guided. So far the teams have found that teaching the cars not to be too cautious has been the biggest challenge. The immediate object for the U.S. government is to create safe, autonomous military vehicles, but this research could also lead to autonomous cars for everyday purposes.
Click Here to View Full Article
to the top


Old Flaw Threatens Web 2.0
Dark Reading (07/12/07) Higgins, Kelly Jackson

A browser technology that is designed to prevent malicious servers from hijacking HTTP sessions has a vulnerability that poses a threat to Internet users and corporate intranets. The technology, called DNS pinning, is vulnerable because it attempts to bind a single IP address to a single domain name. However, this does not work because there are a number of things that can run inside a browser that do their own DNS lookups, including XML and Java plug-ins. This vulnerability can be exploited in a number of ways. For instance, attackers can lure a victim to a malicious Web site, which can be used to establish a VPN connection straight to the victim's corporate network. There is currently no way to patch this vulnerability. But organizations can still take several steps to address this problem, including adding stronger authentication for internal, Web-based sensitive content, using the same level of security testing and "hardening" as for public Web applications, and using SSL for accessing internal applications, according to a white paper written by NGS Software principal security consultant Daffy Stuttered. Meanwhile, security researchers are investigating how to mitigate the DNS pinning flaw. "There is a lot more research to be done in this area," says WhiteHat Security founder Jeremiah Grossman. "It's not going to stop anytime soon."
Click Here to View Full Article
to the top


Patent Law Overhaul Gets House Panel OK
CNet (07/18/07) Broache, Anne

A House of Representatives panel unanimously approved a controversial patent reform bill on Wednesday that contains many changes that high-tech firms argue are critical to correcting flaws in the U.S. patent system. Supporters of the Patent Reform Act of 2007 believe it will help lower litigation costs, eliminate bad patents, and restore balance to a system that, they argue, favors the rights of patent holders. "Our objective in passing this bill is to reform the patent system so that patents continue to encourage innovation," said the bill's chief sponsor Rep. Howard Berman (D-Calif.). "When it functions properly, the patent system should encourage and enable inventors to push the boundaries of knowledge and possibility." The bill changes the U.S patent system from a "first to invent" to a "first to file" system, as it is with all foreign patent systems, and also establishes a new framework for calculating damages in patent suits to examine the value of a patent used in a product, as is often the case with high-tech products, instead of the total value of the product. A new, non-judicial body would be formed to mediate patent disputes without resorting to time-consuming and costly litigation. Many technology groups applauded the bill's passage, as they have been advocating such changes for years, but the bill still faces some strong opposition. Pharmaceutical makers, universities, venture capitalists, and other patent-dependent manufacturers believe the bill weakens the rights of patent holders and damages their business models. One group, the Innovation Alliance, said the committee made "no real progress," and that the bill will "significantly erode the patent protections that have driven America's innovation leadership."
Click Here to View Full Article
to the top


Salary Premiums for Security Certifications Increasing, Study Shows
Computerworld (07/09/07) Vijayan, Jaikumar

Recent statistics show that a professional security certification will enable information technology security workers to earn higher salaries. For example, a Foote Partners study released the first week of July concludes that security professionals with security certifications earn up to 15 percent more than their non-certified colleagues. And from October to April, a group of 27 security certifications examined by the Foote study grew in value by an average of 1.7 percent. Foote Partners CEO David Foote says that demand for certified security professionals is growing following a recent downturn. And the demand is being driven not by compliance and government regulation, but by customers who are "demanding more security" from companies. The fallout from major data breaches such as the TJX breach has caused consternation among corporate executives, prompting many executives to make additional commitments to security. A Department of Defense mandate requiring certification from IT security professionals is also increasing demand for certified security professionals, says Foote.
Click Here to View Full Article
to the top


Robotic Insect Takes Off for the First Time
Technology Review (07/19/07) Ross, Rachel

Harvard University researchers have created a life-size robotic fly that could one day be used as spies or to detect harmful chemicals. The robotic fly weighs only 60 grams, has a wingspan of three centimeters, and has its movements modeled after those of a real fly. The U.S. Defense Advanced Research Projects Agency is funding the research on the robotic fly, which still has a significant amount of work left to be done, in the hope that it will lead to stealth surveillance robots. Recreating a fly's efficient movements in a robot about the same size was difficult because existing manufacturing processes do not make the sturdy, lightweight parts necessary. The research team developed its own fabrication process, using laser micro-machining to cut thin sheet of carbon fiber and polymers into two-dimensional patters. After more than seven years of working and improving parts, the robotic fly finally flew this spring. The robot still needs significant work, as it is currently held on a tether that keeps it moving in a straight, upward direction. The researchers are working on a flight controller so the robot can fly as instructed. The fly is also currently connected to a external power source, so an onboard power source needs to be developed. Leader of the robotic fly project Robert Wood said a scaled-down lithium-polymer batter would provide less than five minutes of flight time. Tiny sensors and software routines need to be developed and integrated as well so the fly can detect dangerous conditions and be able to avoid flying into obstacles.
Click Here to View Full Article
to the top


The Basics of Code
Computerworld (07/16/07) Vol. 41, No. 29, P. 36; Anthes, Gary

The mainstays of 21st-century computing--stored-program architecture, high-level programming languages, and portable code--were also worked out within computing's first decade, but progress has been slow ever since. "Perhaps the biggest disappointment in computer science has been the slow development of software engineering," says Princeton University computer science professor Bernard Chazelle. The development of object-oriented programming languages is one notable advancement, allowing users to develop software without programming languages, but Chazelle says "the pain of producing code has not been eased." Chazelle says in the 1970s an exploration of "automatic programming," which allowed the user to talk to the computer to tell it what to do and the computer would program itself, was promising, but it has since died out. "It's tempting to say it will improve greatly soon, but then it's tempting to say that a cure for the common cold will soon be found," he says.
Click Here to View Full Article
to the top


Professor Denning Tapped by NSF
Naval Postgraduate School (07/13/07) Honegger, Barbara

Naval Postgraduate School Department of Computer Science chairman Peter Denning has been named one of two winners of the first ever National Science Foundation Computer and Information Science and Engineering (CISE) Distinguished Education fellowships. As such, he will receive a two-year $250,000 grant to improve the quality of computer science education in undergraduate schools under the NSF's Pathways to Revitalized Undergraduate Computing Education program. "We need to inspire the best and the brightest to go into computing," said CISE Assistant Director Jeannette Wing in presenting the award. "The United States is the world leader in computer science and engineering, but other nations are quickly catching up as enrollment in traditional U.S. computer science programs is declining. ... These fellowships are part of a bold vision to challenge colleges, universities, businesses and other stakeholders committed to advancing the field of computing to transform undergraduate computer education on a national scale." Also receiving a CISE fellowship was Owen Astrachan of Duke University.
Click Here to View Full Article
to the top


New Technologies Enable More Moore
Electronic Design (07/19/07) Harris, Daniel

As semiconductors become increasingly harder to scale, the validity of Moore's law may be in jeopardy. However, some researchers are using carbon nanotubes (CNTs) to avoid such complications and may provide Moore's law with a fighting chance. Rensselaer Polytechnic Institute associate professor of physics and electrical engineering James Jiam-Qiang LU believes 3D wafer technology and the use of CNTs will help semiconductors continue to advance in accordance with Moore's law, shrinking in size by half while doubling processing power. The 3D wafer technology handles the interconnect problem as the speed of an integrated circuit (IC) becomes a function of the length of the interconnect. The concept is to use a base layer of silicon and stack other wafers, various circuit elements, on top. The layered wafers are then bonded using interconnects. Lu has also researched ways of growing CNTs vertically, making a "forest" configuration that could be used for 3D semiconductor interconnects and other structures. Lu had to work past CNTs natural tendency to grow sparsely when configured vertically, which leads to poor conductivity. Meanwhile, Stanford University assistant professor of electrical engineering and computer science Subhasish Mitra has built a NAND gate that is immune to the effects of misshapen CNTs. Using a NAND gate and simulators Mitra and his colleagues designed, the researchers developed an algorithm that creates other types of circuit elements, regardless of misalignments. The CNTs were put in a grid and if any tube appeared in an unwanted are of the grid, it was cut away or rendered useless. The researchers could then build algorithms that work for entire circuit functions.
Click Here to View Full Article
to the top


RIT Event Gives Visually Impaired Kids a Light in the Darkness
Rochester Democrat & Chronicle (NY) (07/18/07) Loudon, Bennett J.

Rochester Institute of Technology hosted 14 visually-impaired students in grades seven through 11 for its Imagine IT workshop this week. Funded by a $100,000 grant from the National Science Foundation, the program is designed to give visually-impaired computer users a better sense of the career opportunities that are available to them. Stephanie Ludi, an assistant professor of software engineering at RIT who is blind, is behind the program. Ludi, 35, has also developed software for visually-impaired computer users, and she serves as a role model for the teenagers. The youngsters spent Monday and Tuesday working in teams to program a robot, assembled from a Lego kit, to travel through a small maze and stop. They built a computer and created a video game on Wednesday and Thursday. Julene Fitch, of Elkhart, Ind., attended the workshop with her son, Tommy White, 14, and says she now knows that his desire to design computer games is a realistic goal. "Computers and technology are the only things that's motivated Tommy do to anything," she says.
Click Here to View Full Article - Web Link to Publication Homepage
to the top


Turning Our Backs on Tech
Fortune (07/23/07) Vol. 156, No. 2, P. 68; Colvin, Geoff

Recent evidence suggests that America is on the brink of giving up on the worldwide battle for infotech supremacy, writes Geoff Colvin. The United States is lacking both quality technology leaders as well as student interest in IT careers, Colvin says. "As a nation we need scientists and engineers if we're going to be successful," says Microsoft Research chief Rick Rashid. "All the new businesses are built around that." The Society for Information Management (SIM) report, "Grooming the 2010 CIO," concluded that U.S. companies have far fewer quality CIOs than is needed, possibly less than half. Today's CIO needs strong business skills, relationship abilities, and leadership skills, but most do not have those skills because companies do not work on developing them in IT workers. A more significant problem is that kids are not interested in entering IT. Only seven years ago, undergraduate interest in computer science reached a 20-year high. Since then, however, the dot-com bust has given students the idea that IT is a volatile industry, and the image of IT workers has gone from hip, dot-com billionaires to drones in cubicles writing code all day. The fear of outsourcing also scares off potential computer science majors. To give IT a better image SIM has been holding sessions at colleges and universities across the nation with speakers from Microsoft and local businesses. At Boston's Northeaster University, for example, speakers included the IT chief for the Red Sox, and a senior IT executive from the Patriots. The greatest concern is that this trend may continue. "There's a danger that if you let some of these processes go on too long, they become irreversible," Rashid says.
Click Here to View Full Article
to the top


Zombie Nets
National Journal (07/14/07) Vol. 39, No. 28, P. 46; Munro, Neil

Christopher Painter of the Justice Department notes that countries with weak anti-cybercrime enforcement become hacker sanctuaries, which can thwart the trackdown of these criminals by U.S. authorities, according to former Pentagon principal assistant secretary of Defense for networks and information integration Linton Wells. Networks of compromised "zombie" computers, or "botnets," which can flood target systems with traffic, are being constructed and improved by malefactors as revenue-generating tools, say Painter and Arbor Networks' Jose Nazario. Profits can be realized by using botnets to send spam or shut down competing companies' online sales, while zombies can also be employed to gather information about computer owners' finances and then fleece banks and credit card firms. Botnets have also served as political weapons, most recently to shut down Estonian government Web sites in protest of the country's decision to relocate a World War II monument. But many of the people behind botnets are based in countries outside of U.S. jurisdiction--countries with little or no sanctions against cybercrime. Even miscreants in nations with strong anti-cybercrime laws can avoid apprehension by routing their online activities through systems in sanctuary states, say experts. "They assume they're not going to get caught, and looking at the odds, they're right," notes Nazario. This situation is spurring U.S. officials to lobby foreign governments to enforce computer security and comply with directives such as the Council of Europe Convention on Cybercrime, which offers model computer-security ordinances.
Click Here to View Full Article - Web Link May Require Paid Subscription
to the top


Bush Advisers Try to Fix Tech Policy
Chronicle of Higher Education (07/18/07) Fischman, Josh

The Bush administration will receive a report on the state of the national technology policy in the next few weeks, but the question will be whether the country is finally ready to solve its problems. The report from the President's Council of Advisors on Science and Technology does not point out anything that has not been said in earlier reports, according to council member Daniel A. Reed on his blog. The council reviewed the 14 federal agencies that provide $3.1 billion each year to support IT. "Almost all academic computing is covered by this umbrella," Reed, vice chancellor for information technology at the University of North Carolina at Chapel Hill, added this week during the Microsoft Research Faculty Summit in Redmond, Wash. However, the umbrella is leaky, and will soon be surpassed by international competition, Reed said. The report recommends some strategies for fixing the tech policy, including improving the visa system to make it easier for foreign students to remain in the country to find jobs, but the immigration reform effort recently faltered. Also, there needs to be bigger and riskier IT research projects, and the focus should be more on creating systems that interact with the physical world and making the Internet more reliable.
Click Here to View Full Article
to the top


Computer Scientist Plans Bach Over Broadband
University of Manchester (07/19/07) Waddington, Alex

Barry Cheetham of the University of Manchester's School of Computer Science is trying to combine his knowledge of communications, networks, and digital signal processing with his love for choral singing by trying to create Europe's first successful Internet choir. Cheetham is looking for funding for the project that will unite amateur and semi-professional singers across Europe for seamless and polished live performances. To make such clean performances possible, Cheetham knows that he will have to address the limitations of existing communications networks, as if there is too much delay the "real time" experience will be ruined. The voices will need to be processed and digitized quickly to create the high-quality sound required, and the voices will also need to be accurately blended to give the impression that all of the singers are in the same concert hall. Discovering how a choir made up of people in different locations can be controlled by a conductor, and how singers will be able to feel connected to other performers are also challenges involved in the project. "The geographical distances and the speed of electrical transmissions lead us to believe the low delay needed may be achievable within Europe but not further afield," Cheetham said. The type of super-fast, low delay broadband network necessary for the project is currently being used for some limited applications, and Cheetham hopes that his ambitious Virtual Choir study will help advance Internet communications. "This project has the potential to bring European people together and the possibility of doing this electronically to form a choir is exciting and worthwhile," Cheetham said.
Click Here to View Full Article
to the top


Evacuation Program Gets Federal Funding
Minnesota Daily (07/18/07) Gulbrandson, Kelly

University of Minnesota professor Shashi Shekhar has received a grant from the National Science Foundation to further his research on a project known as Capacity Constrained Route Planner, a program to help manage the evacuation of large crowds of people in the most efficient time. In 2005, the Department of Homeland Security wanted all U.S. metropolitan areas to be evacuation-ready. After partnering with the Minnesota Department of Transportation, the Department of Homeland Security called on Shekhar. After completing the Capacity Constrained Route Planner, evacuation time improved by 30 percent, Shekhar said. "With an evacuation of 100,000 people, it would take two to six hours," Shekhar said, in a scenario similar to a State Fair. Shekhar found that evacuation will go faster if people walk for the first mile. "Walking makes the evacuation time faster as the population increases," Shekhar said. Though the initial project was completed in 2005, Shekhar will continue to work on the evacuation planner to make it more accessible and easy to use for large companies, such as banks and others in the private sector. In addition to the National Science Foundation, Shekhar has applied for other grants from state agencies, and has received a grant from the Department of Homeland Security.
Click Here to View Full Article
to the top


Wanted: More IT Workers
eSchool News (07/17/07) Devaney, Laura

Business leaders are turning to schools to help meet their demand for IT workers by countering perceptions that few IT jobs are available. Gene Longo with Cisco Systems' Networking Academy program partially blames high school reform and the No Child Left Behind education law for encouraging the shortage of qualified IT professionals in the United States by stressing core skills such as reading, math, and science, while leaving students little room to consider IT courses or electives during their high school education. Another contributing factor were mass tech layoffs following the dot-com implosion and 9/11, but the Bureau of Labor Statistics forecasts that opportunities for computer software engineers will expand remarkably through 2014. According to Longo, there is a major shortage of advanced-level IT people, which he traces to companies' cessation of funds for employees to improve their skills through continuing education when the IT industry plummeted after the dot-com bust. Notifying educators and students about IT opportunities "can make a substantial difference in programs available to prepare IT workers and, ultimately, in the number of U.S. workers qualified to fill the positions," states International Society for Technology in Education CEO Don Knezek, who adds that internships, student clubs, and other creative efforts that focus on IT careers can be beneficial. Many U.S. states are backing initiatives to cultivate an IT workforce, an example being Kentucky's statewide Prescription for Innovation effort to broadband-enable all of its 120 counties by year's end.
Click Here to View Full Article
to the top


What's a Girl to Do?
Government Technology (07/17/07) Massey, Liza Lowery

In some fields the gender gap has been shrinking, but four out of five top-paying "male-dominated" jobs are IT related, and women account for only 9 percent to 24 percent of the work force in those professions, according to CareerBuilder.com's Rachel Zupek. Zupek did note that IT project managers, considered to be a top-paying job, are not dominated by either gender, and the pay gap between men and women continues to shrink. Liza Lowery Massey, who served for nearly 20 years as an IT executive in the public sector and is currently an adjunct professor in the College of Business for the Executive MBA program at the University of Nevada, examines some myths about being a woman in a male-dominated field. The first myth is that women have to work twice as hard as men to make half as much progress. Massey writes that she did have to work hard, even twice as hard as others sometimes, to rise to a leadership position. Another myth is that for a woman to succeed in a male-dominated field, she needs to behave like a man. Massey believes this myth to be false, and says that successful people will observe and learn from others in the workplace regardless of gender. One of the biggest things women need to work on, according to Massey, is finding the balance between promoting one's self, ensuring their good work is recognized, and bragging. Women cannot expect to get noticed if they keep their head down, even if they do good work. Massey advises women to act confidently, even if unsure of what to do or if doing something for the first time. Also, always keep a sense of humor, especially about yourself. Know your strengths and weakness so you can capitalize on your strengths and hire others who are strong where you are weak to fill in the gaps. Finally, do not be afraid to take risks.
Click Here to View Full Article
to the top


Hard Target
InformationWeek (07/16/07)No. 1146, P. 40; Greenemeier, Larry

InformationWeek's 10th annual Global Information Security survey indicates that data theft is a growing concern reinforced by the complexity of security technology, although the argument can be presented, given the priority respondents still place on viruses, worms, spyware, malware, and spam, that there is not sufficient concern about data theft. Experts such as BT Counterpane's Bruce Schneier say security professionals are concentrating on the threats they are most familiar with when they should be focusing on emerging threats created to exploit the value of intellectual property and customer data, although there are indications in the survey that organizations are beginning to realize this. The chief reasons U.S. respondents feel an elevated sense of vulnerability are the growing sophistication of threats, more ways for corporate networks to be assaulted, the increased volume of attacks, and a rise in attackers' malicious intent; companies believe attackers' motivation is primarily to steal their assets rather than crash their networks. Other signals of the increased importance of data security include the fact that 43 percent of survey respondents gauge the value of their security measures on their ability to cut time spent on security-related issues, while 43 percent consider how well customer records are safeguarded, and 33 percent rate the measures according to lowered breach incidents. Both American and Chinese respondents list exploits of known operating system and application vulnerabilities as the leading attack strategies, but many more Chinese than U.S. respondents report suffering such attacks. Thirty-seven percent of respondents cite the creation and enhancement of user policy awareness as the leading tactical security priority for American companies this year, down from 42 percent last year. Fifty-one percent of the U.S. respondents who say their companies watchdog employee activities monitor email, 40 percent monitor Web activity, and 35 percent monitor phone use; instant messaging, the opening of email attachments, and the contents of outbound email messages are assigned lower priority.
Click Here to View Full Article
to the top


To submit feedback about ACM TechNews, contact: technews@hq.acm.org

To unsubscribe from the ACM TechNews Early Alert Service: Please send a separate email to listserv@listserv.acm.org with the line

signoff technews

in the body of your message.

Please note that replying directly to this message does not automatically unsubscribe you from the TechNews list.

ACM may have a different email address on file for you, so if you're unable to "unsubscribe" yourself, please direct your request to: technews-request@ acm.org

We will remove your name from the TechNews list on your behalf.

For help with technical problems, including problems with leaving the list, please write to: technews-request@acm.org

to the top

News Abstracts © 2007 Information, Inc.


© 2007 ACM, Inc. All rights reserved. ACM Privacy Policy.

About ACM | Contact us | Boards & Committees | Press Room | Membership | Privacy Policy | Code of Ethics | System Availability | Copyright © 2014, ACM, Inc.