Association for Computing Machinery
Timely Topics for IT Professionals

ACM TechNews (HTML) Read the TechNews Online at: http://technews.acm.org
ACM TechNews
August 1, 2007

Learn about ACM's 2,200 online courses and 1,100 online books
MemberNet
CareerNews
Unsubscribe

Welcome to the August 1, 2007 edition of ACM TechNews, providing timely information for IT professionals three times a week.


HEADLINES AT A GLANCE:

 

What the U.S. Is Doing Wrong With E-Voting
eWeek (07/30/07) Vaas, Lisa

On July 30, the office of California Secretary of State Debra Bowen released the results of an investigation demonstrating that three major e-voting systems are vulnerable to exploitation, once again highlighting the shoddy state of e-voting in the United States. The urgency to address this situation is growing as the 2008 election season approaches, and other countries have tackled the problem with better results; Australia's e-voting effort is arguably the most successful, having embraced an open-source strategy in which e-voting systems are Linux-based and e-voting specifications are established by independent election officials and posted online for anyone to evaluate. The U.S. e-voting infrastructure, in contrast, is a patchwork of disparate systems that use wireless communications and flawed off-the-shelf software that is not subject to testing. The United States is rated by experts such as Australian National University's Tom Worthington as having the developed world's most poorly designed e-voting systems, and the reasons for this are political and administrative in nature. E-voting systems must comply with a muddle of federal and state election laws, which "does present challenges to election technology providers because this is not a 'one-size-fits-all' marketplace where one machine or version of software can be used in any state," remarks Sequoia Voting Systems executive Michelle Shafer. She adds that the open-source disclosure of e-voting hardware/software code has the potential to put election-rigging tools in the hands of wrongdoers, while current legislative proposals that recommend the open-source approach see no difference between e-voting system manufacturers and third-party software producers. "Legally, manufacturers cannot provide source code for these third-party software programs or provide the names of the programmers involved in the creation of the third-party software," Shafer explains. For information about ACM's e-voting activities, visit http://www.acm.org/usacm
Click Here to View Full Article
to the top


Tech Design's New Philosophy
CNet (08/01/07) Olsen, Stefanie; Fried, Ina

Experts such as MIT Media Lab professor John Maeda contend that the future challenge of technology design is integrating design within the development process as a central element rather than as an afterthought; this philosophy is being embraced by developers and manufacturers of consumer electronics, home appliances, Web services, and other products, as well as by academic institutions that produce future designers, software engineers, and business leaders. Driving this trend is the increased incorporation of microprocessors into everyday devices, and consumers' simple demand that the products are functional, visually appealing, and natural to use. "There's much more of an emphasis now on thinking holistically about the design experience and how all these media connect," notes Pentagram Design designer Lisa Strausfield. Nielsen Norman Group partner Don Norman says three qualities are essential to good design--function, form, and brand image. Innovative design concepts being explored in an attempt to move away from long-established, oft-mimicked technologies such as the mouse and keyboard include multitouch interfaces, which facilitate person-device interaction by touch and eliminate the mouse/keyboard combination; Apple's iPhone is a prime example of a multitouch display product. Design experts anticipate a prevalence of gestural interfaces in home-networked systems, and expect the next few years to witness a substantial amount of design innovation focusing on mobile devices and applications as cell phones expand their capabilities and become even more essential components of daily life. Motorola executive Jim Wicks says software is driving some of the biggest cross-platform design breakthroughs, which means that the digital interface will assume more and more responsibility for operations previously enabled by shifts in the device's physical configuration. "We see a lot of advancement in software that will start to merge with advancement in the physical side of mobile devices, in everything from color to lighting and information display," he says.
Click Here to View Full Article
to the top


Upcoming SIGGRAPH Technology Conference Celebrates 51 California Artists & Filmmakers
Business Wire (07/31/07)

ACM's SIGGRAPH 2007 Computer Animation Festival and Art Gallery will have a local flavor. Thirty-five of the 51 filmmakers participating in the Computer Animation Festival are from California, including San Diego's Michael McCormick, who will be featured in his work "Paraworld," the fully 3D game cinematic and trailer for Sunflowers/SEK's Paraworld. And 26 of the 91 artists showcasing their artwork at the SIGGRAPH 2007 Art Gallery: Global Eyes will be from the state. Also, from Aug. 4-6, 2007, attendees of Global Eyes will be able to visit the California Institute for Telecommunications Information Technology (Cal-IT2) and the Center for Research in Computing and the Arts (CRCA) at the University of California, San Diego, where there will be Art Gallery performances and site-specific installations. The SIGGRAPH 2007 Computer Animation Festival and Art Gallery will take place during the 34th International Conference on Computer Graphics & Interactive Techniques, which takes place Aug. 5-9 at the San Diego Convention Center. For more information about ACM SIGGRAPH 2007, or to register, visit http://www.siggraph.org/s2007/
Click Here to View Full Article - Web Link May Require Free Registration
to the top


Upheaval at MERL: Mitsubishi Electric Breaks Up Famous Computer Science Lab
Xconomy (07/31/07) Roush, Wade

Mitsubishi Electric Company of Japan has disbanded and restructured the Mitsubishi Electric Research Laboratories (MERL) in Cambridge, Mass., says the lab's former researcher director Joseph Marks. The lab has been home to some of the world's foremost researchers in computer graphics, artificial intelligence, user interfaces, and speech recognition. MERL contributed several papers each year to ACM's SIGGRAPH conference, often directly competing with Microsoft for the most papers accepted. MERL research director Joseph Marks was fired in a dispute over the need for basic research and external collaboration at the company in October, and several layoffs and resignations among senior scientists followed Marks leaving the laboratories. In June, MERL underwent an official reorganization that eliminated the research lab as an independent entity, Marks says. MERL CEO Richard Waters confirms the restructuring, but says it was part of a necessary overhaul to MERL's scientific and engineering staff that included restructuring the two divisions of the lab--the research lab that focused on long-term research and the advanced technology development lab that had shorter-term goals. Waters says the reorganization will make MERL's research better match the needs of Mitsubishi Electric, and that Mitsubishi Electric management disagreed with the mix of research projects Marks authorized.
Click Here to View Full Article
to the top


Florida Voting Chief Aims to Block Hackers
Miami Herald (08/01/07) Caputo, Marc

Florida secretary of state Kurt Browning on Monday announced that Diebold electronic voting machines used in 25 Florida counties are vulnerable to attack and vote manipulation and has given the manufacturer until Aug. 17 to fix the problem. A study by Florida State University found that a hacker could use a preprogrammed computer card on Diebold's optical-scan voting machines to switch votes or to create a "ballot-stuffing attack" that multiplies votes for a particular candidate or issue. Diebold says it will fix the problem. A new Florida state law requires all counties to use voting machines that leave a paper trail by next year, and all but bans ATM-style touch-screen voting machines. Diebold's Mark Radke says the software upgrade is not a major enhancement and presents no risk to voters. However, Diebold made similar assurances in late 2005 after Leon Country election supervisor Ion Sancho allowed Finnish computer scientists Harri Hursti access to the voting system to see if it could be compromised. Hursti determined that someone could change the votes and leave a minimal trace. Hursti's findings were dismissed by then secretary of state David Mann and Diebold because they said the study was not conducted in a real-world election environment. Browning, who was appointed this year by Gov. Charlie Crist, says that in addition to requiring a software upgrade, he will ask elections supervisors to develop a uniform security policy to ensure a chain of custody for election equipment to track who handled election systems.
Click Here to View Full Article
to the top


Scan this Guy's E-Passport and Watch Your System Crash
Wired News (08/01/07) Zetter, Kim

RFID expert Lukas Grunwald, who has served as an e-passport consultant to the German parliament, says security flaws in the electronic passport system could allow someone to steal and copy the fingerprint image stored in the biometric e-passport, or create a specially coded chip that will cause the scanners to crash when they try to read the e-passport. Grunwald says he successfully sabotaged two passport readers from different vendors by copying a passport chip and modifying the JPEG2000 image file that contains the passport photo. The modified image, which contained a buffer-overrun exploit, caused the readers to crash, indicating that they could be vulnerable to manipulation, like injecting code that forces the readers to approve an expired or forged passport. "If you're able to crash something you are most likely able to exploit it," Grunwald says, adding that there is no reason to believe that any other e-passport scanners made by other vendors are any more secure. The International Civil Aviation Organization, the United Nations organization that created the standards for e-passports, suggests that issuing countries add an optional layer of security known as Extended Access Control, which makes readers obtain a digital certificate from the issuing country before the passport can be read by the scanners. However, Grunwald says that tactic is also flawed because the chip does not contain an onboard clock to monitor the digital certificate's expiration. "It's a basic mistake," Grunwald says. Grunwald will give a presentation on the e-passport vulnerabilities he discovered at the annual DefCon hacker conference in Las Vegas.
Click Here to View Full Article
to the top


Securing Cell Phones
Technology Review (08/01/07) Greene, Kate

The recent hack of Apple's iPhone by researchers at a security company should serve as a warning to all mobile device manufacturers that there is a growing need for better mobile device security, experts say. Cell-phone viruses have existed for about a decade, buy many experts believe that threats to mobile devices could become far more significant and dangerous over the next few years because of mobile devices' growing computing power, popularity, and complexity. "I think a large part of this is that cell phones are becoming miniature computers," says University of California, Berkeley computer science professor David Wagner, "and as a consequence, they are starting to inherit some of the same problems that we face with PCs." While using available security tools such as anitivirus software is an option, cell phones have their own unique problems. Some security companies have introduced products for mobile phones, but these solutions have limited functionality to avoid draining the battery too much, says NEC's Anand Raghunathan. Problems associated with battery life and processing power can be avoided in some cases by running security software on the cell-phone carrier infrastructure, but Raghunathan believes the best solution for mobile device security is hardware-based security solutions, such as an extra processor and memory that are hardwired for specific tasks. Such a system would divide the phone into two environments, one the user has access to and includes the applications, while the other is designed to be impenetrable to viruses and malicious software that stores passwords and other critical information. If a virus were to be downloaded to a device with this system, it would be unable to access any information, and if the phone were lost or stolen the carrier could access the secure environment remotely and shut down the phone.
Click Here to View Full Article
to the top


Stanford Confabs Explore Multi-Core CPUs, Nets
EE Times (07/30/07) Merritt, Rick

In August, Stanford University will host the Hot Chips conference, where some of the industry's leading developers will display and discuss their multicore processors. IBM will present three papers on its Power 6, highlighting how it achieved power efficiency in the dual-core processor while still pushing the edge in clock speed, a notoriously difficult challenge according to Hot Chip program committee co-chair and University of California, Davis, professor Rajeevan Amirtharajah. Other papers include a description of the power management techniques in Intel's new 45nm Penryn processor family, a look at AMD's first CPU for notebook computers called Griffin, a description of Sun Microsystems' cache coherent version of its Niagara2 for multi-socket servers called Victoria Falls, and another paper from IBM exploring its work on its next-generation mainframe processor. The companion conference, Hot Interconnects, will explore research in the on- and off-chip networks that may someday be used by microprocessors discussed at Hot Chips. Pennsylvania State University researchers will discuss an on-chip router that improves chip performance by as much as 30 percent without raising power consumption and latency. A University of Maryland paper will describe detailed simulations of on-chip networks structured using a relatively new mesh-of-trees architecture that connects memory and processor units through a variety of arbitration schemes. Columbia University researchers will discuss their simulation of a hybrid electronic/photonic on-chip network, along with their research on reducing the latency associated with setting up photonic paths and exploring a new direct memory access model. The most radical idea at Hot Interconnects may be a new networking approach developed at Stanford called Ethane. Ethane tries to make networks more secure and easier to manage by authenticating and identifying every source of traffic on the net.
Click Here to View Full Article
to the top


Senate to Hold Hearing on Security of Voting Machines
Wired News (07/31/07) Zetter, Kim

The Senate Rules and Administration Committee has scheduled a hearing for September to discuss findings from Red Team security researchers on voting machine security. The announcement by Sen. Dianne Feinstein (D-Calif.) comes a week after the security researchers reported that their efforts to hack into the voting machines of three top vendors were successful. The findings should not have been a surprise to Feinstein, who introduced a bill in 2007 that would require voting machines to produce a paper trail. Feinstein's bill has not had as much momentum as a measure from Rep. Rush Holt (D-N.J.), although he had to reintroduce it this year. Holt's bill was going nowhere just two weeks ago, due to interest group differences over a paper trail mandate and voter accessibility, but a compromise appears to have been reached this week. Voting activists initially favored the use of touch-screen machines with add-on printers, as called for in Holt's bill, but they now say optical-scan machines that use a durable full-size paper ballot are needed.
Click Here to View Full Article
to the top


Japanese Revved Up for Car Software Standard
CNet (07/30/07) Lombardi, Candace

Japan plans to pursue a standard operating system for car electronics, and the initiative could make it easier for automakers, component manufacturers, and developers to roll out self-parking or self-driving systems for the various car models. Developers have made much more progress on self-parking systems so far. Toyota, Nissan, Honda, and Toshiba are among the major manufacturers that have agreed to participate in the development project of Japan's economy, trade, and industry ministry. The standard automotive operating system would enable driving systems such as fuel injection, brakes, power steering, power windows, and smart applications to communicate with each other and work together, regardless of the car model. Although the consortium has not settled on an automotive operating system, it plans to have a prototype available by 2009. The OSEK operating system is used by a number of automakers and component developers in Europe.
Click Here to View Full Article
to the top


The Real Transformers
New York Times Magazine (07/29/07) P. 28; Henig, Robin Marantz

Researchers such as former director of MIT's Computer Science and Artificial Intelligence Laboratory Rodney Brooks and MIT Personal Robotics Group director Cynthia Breazeal have pushed the envelope of robot technology in their desire to create artificial intelligence. Their focus has included sociable robots, which are programmed to learn the way people learn, by using a core of basic drives and abilities and enhancing them through the accumulation of physical and social experience. There are two defining characteristics of sociable robots: They must be sensitive and responsive to their environment (situated) and in possession of a physical body (embodied). Brooks set out to create a robot that learns about the world as human infants do, by starting with some elementary capabilities and adding to them via sensory input; his concentration was on simple tasks such as walking on two legs rather than more complex goals such as playing chess. Breazeal developed Kismet, a robot that communicated emotions through facial expressions and was programmed with the same motivations as a six-year-old child--the need for novelty, social interaction, and rest--along with the behaviors to satisfy those motivations (facial recognition, searching for brightly colored objects, etc.) and the facial behaviors to reflect its mood depending on the fulfillment of those drives. A more advanced robot Breazeal worked on, Leonardo, exhibited signs of learning about false beliefs through its ability to make inferences about monitored subjects' actions and intentions. New projects Breazeal is focusing on include a MIT grad student's work with humanoid robots that talk and are designed to function as weight-loss coaches, and a University of Massachusetts roboticist's effort to build toddler-size robots programmed to interact with museum visitors for the purpose of determining whether the machines' core social competencies are enough to put people at ease in interacting with them. MIT professor Sherry Turkle is concerned that increasingly sociable robots could actually discourage human-to-human relations because their interaction with people is easier and less flawed.
Click Here to View Full Article
to the top


What's Next for IT?
Wall Street Journal (07/30/07) P. R6; Donner, Francesca

Forecasts for the future role of the IT department were made by Accenture CIO Frank Modruson, Aetna CIO Meg McCarthy, and American Express CIO Steve Squeri. The three CIOs concurred with analysts' assessment that IT departments are becoming more strategy- and business-focused, with Squeri commenting that establishing alignment between IT and business through the cross-department transitioning of staff is crucial. "IT has to understand the needs of the business and the business must understand what is necessary from a technology perspective," stated Modruson, while McCarthy pointed to the importance of constructing a service-oriented architecture. Modruson explained that the CIO used to fix IT problems, but now is focused on driving the application of technology to improve business performance; McCarthy said the most formidable challenge for IT departments will be continuing the development of an adaptable architecture that supports seamless compatibility with other organizations, with the CIO's role being that of educator and collaborative visionary with business partners. "[As CIOs] we need to understand the business, the technologies that are evolving and work closely with our business partners to identify opportunities for the company and our customers to exploit these technologies to achieve market leadership and competitive advantage," she attested. A major challenge and priority cited by Squeri is the securing of the appropriate talent, especially in the face of an aging employee pool and a shortfall of youthful talent. Looking 10 years ahead, both Modruson and McCarthy predicted that CIOs will become even more strategy-oriented and operations increasingly industrialized and outsourced, with McCarthy also anticipating a dramatic shift in how customers will wish to get information and interact with the enterprise; Squeri projected that CIOs will have a deeper involvement with the company's overall business strategy, with technical architecture becoming a central focus of IT departments.
Click Here to View Full Article
to the top


Teens Get Kick Out of Code Camp
Columbus Dispatch (OH) (07/25/07) Chordas, Nick

The Ohio Supercomputer Center is hosting the Game Programming and Motion Capture project as part of its Summer Institute, a two-week program for talented freshmen and sophomores in high school. During the game project, participants learn how to control video game characters by altering lines of code that define how the characters move. The game program was introduced last summer by Peter Carswell, a systems developer and engineer at the Ohio Supercomputer Center, and Brian Windsor, a graphics research specialist for the Advanced Computer Center for the Arts and Design at Ohio State University. The students learn the challenges and science behind making video games. "Creating a game is a multidiscipline," says Carswell. "Computer networking is an important part. There's also software design, character design, motion and then dynamics." Last year the students were challenged to make a two-player soccer simulator. This year, the students were asked to create a more complicated game for multiple players. Students who participate in the program not only get to develop their interest in video games, but also see that the act of programming can be interesting as well. "Sometimes it can be really funny when you mess up the programming and things go haywire," says 14-year-old participant Xiaojing Wu. "Even the mistakes are fun."
Click Here to View Full Article
to the top


Picture Your Password
Dark Reading (07/23/07) Higgins, Kelly Jackson

A new study from researchers in Ottawa suggests that it would be easy for people to use graphical-based passwords in the real world. However, the research on "click-based" graphical passwords presented last week at a usability and security conference hosted by Carnegie Mellon University also indicates that there are some security concerns about the technique and that people prefer to use text-based passwords. Sonia Chiasson, a Ph.D. student in computer science at Carleton University in Ottawa, Ontario, says users often chose the same areas of the graphical representations for clicking on images, which would make it easier for attackers to guess their passwords. She believes users did not like graphical-based passwords simply because they are not used to them. What is more, the study suggests that graphical-based passwords are easy to remember, but adds they may be difficult to recall if users have several. The researchers will not allow users to select predictable click spots in the next phase of the research, as they study how to improve graphical-based passwords.
Click Here to View Full Article
to the top


RMIT Gets Virtually Creative With Media School
RMIT (Royal Melbourne Institute of Technology) (07/25/07)

The Royal Melbourne Institute of Technology is studying the use of social collaboration, learning, and digital publishing technologies in distributed communities of students and teachers with hopes of offering "virtual mobility" between its campus in Australia and the RMIT International University Vietnam. The "Digital Publishing and Virtual Mobility in a Creative Knowledge Network" project will be headed by Dr. Fiona Peterson and the RMIT University's School of Creative Media. The 18-month project will focus on students in the Bachelor of Design (Multimedia Systems) and the Bachelor of Arts (Photography) programs in each country. In addition to RMIT, Hewlett-Packard will provide funding for the virtual mobility project. "Students are engaged in the co-production of knowledge relevant to creative industries through the experience of 'virtual mobility' between Vietnam and Melbourne," says Peterson. RMIT is using technology to support international learning in other ways, such as by having students from the two programs at both campuses respond to a design brief.
Click Here to View Full Article - Web Link to Publication Homepage
to the top


Supercomputer Makes Near-Instant Movies of California Quakes
LiveScience (07/30/07) Bryner, Jeanna

Supercomputers at the San Diego Supercomputer Center (SDSC) are being used to produce animated movies of earthquakes with magnitudes of 3.5 or greater striking Southern California. SDSC will use the OnDemand supercomputer, a Dell cluster run by open-source Linux operation software with 256 processors, to analyze data collected from hundreds of sensors measuring ground motion in the region and create a computer model for rendering a simulation of an earthquake. Funded by the National Science Foundation, OnDemand offers a theoretical peak performance of 2.4 teraflops. SDSC plans to make simulations of earthquakes, which will be 3D animations digitally overlaid onto the topography of Southern California, available to the media and public information providers via email within 30 minutes of the first jolt, and the public will be able to watch the movies from home computers or on TV. "We're getting good performance that will let us cut the time to deliver earthquake movies from about 45 to 30 minutes or less, and every minute is important," says Jeroen Tromp, a computational seismologist at Caltech who is assisting SDSC. Meanwhile, the Southern California Earthquake Center in Los Angeles is also using SDSC supercomputers to simulate a 7.7 magnitude earthquake resulting from the rupture of the San Andreas Fault.
Click Here to View Full Article
to the top


Semantic Web Helps Protect Public Health
Computerworld (07/27/07) Latamore, Bert

Better safeguards against public health threats are being provided through new, Semantic Web-based methods for fast analysis of complex data sets from multiple sources and systems whose schema are disparate and often non-interoperable. This is the approach of a team led by Parsa Mirhaji, director of the Center for Biosecurity and Public Health Information Research at the University of Texas in Houston. Semantic Web technology assigns a formal meaning to each data element to enable the meaningful organization of complex data, so that both machines and people interpret the data in the same way. Mirhaji's team developed a complex analysis engine called Sapphire (Situational Awareness and Preparedness for Public Health Incidents using Reasoning Engines) through the employment of Semantic Web technology. Sapphire's first trial took place two summers ago when massive numbers of Hurricane Katrina refugees--many of whom were in poor health--were housed in Houston, raising the risk of disease outbreaks. Sapphire was able to identify several infections in time for health officials to curtail their proliferation beyond small initial populations. Mirhaji says Sapphire has become a valuable tool for analyzing various public health problems.
Click Here to View Full Article
to the top


Security: A Business Enabler, Not Disabler
Baseline (07/07)No. 74, P. 41; McCormick, John

Purdue University professor Eugene Spafford, recipient of the ACM's President's Award for his "extensive and continuing record of service to the computing community, including major companies and government agencies," says one of the biggest weaknesses in corporate computer centers are business processes, operating systems, and applications that are developed and implemented with convenience or cost, rather than security, in mind. He says it is "just plain wrong" to assume that patches and add-ons will ensure the security of such products, when in fact security must be designed into the products from the outset. Spafford explains that part of this effort involves "having informed, empowered individuals who have the appropriate training and background to be making decisions about what goes in, and that those decisions are based on an adequate understanding of risk." A lack of knowledge about specific risks and the value of components constitutes a major failing, and Spafford says CIOs must obtain a comprehensive perspective of resources in need of protection and their associated risks. Spafford recommends that managers ask questions concerning whether the proper applications/operations/business processes are running, who ultimately decides new acquisitions and the architecture as project momentum builds, and whether risk is properly integrated in those decisions. He also suggests that people should get in a mindset that views security as a enabler rather than a disabler. Spafford is also the chair of ACM's U.S. Public Policy Committee; http://www.acm.org/usacm
Click Here to View Full Article
to the top


To submit feedback about ACM TechNews, contact: technews@hq.acm.org

To unsubscribe from the ACM TechNews Early Alert Service: Please send a separate email to listserv@listserv.acm.org with the line

signoff technews

in the body of your message.

Please note that replying directly to this message does not automatically unsubscribe you from the TechNews list.

ACM may have a different email address on file for you, so if you're unable to "unsubscribe" yourself, please direct your request to: technews-request@ acm.org

We will remove your name from the TechNews list on your behalf.

For help with technical problems, including problems with leaving the list, please write to: technews-request@acm.org

to the top

News Abstracts © 2007 Information, Inc.


© 2007 ACM, Inc. All rights reserved. ACM Privacy Policy.

About ACM | Contact us | Boards & Committees | Press Room | Membership | Privacy Policy | Code of Ethics | System Availability | Copyright © 2014, ACM, Inc.