Association for Computing Machinery
Timely Topics for IT Professionals

ACM TechNews (HTML) Read the TechNews Online at: http://technews.acm.org

ACM TechNews
August 11, 2008

Learn about ACM's more than 3,000 online courses and 1,100 online books
MemberNet
CareerNews
Unsubscribe

Welcome to the August 11, 2008 edition of ACM TechNews, providing timely information for IT professionals three times a week.


HEADLINES AT A GLANCE:

 

Patch for Web Security Hole Has Some Leaks of Its Own
New York Times (08/09/08) P. B1; Markoff, John

A Russian physicist has demonstrated that the emergency patch for the flaw found in the Domain Name System (DNS) is itself vulnerable. In a blog posting, physicist Evgeniy Polyakov wrote that he managed to get the patched DNS software to return an incorrect address in just 10 hours using two standard desktop computers and a high-speed network link. Internet experts who have reviewed Polyakov's work say the approach appears to be effective. The vulnerability of the DNS has been a hot topic since security researcher Dan Kaminsky notified a number of Internet companies about the flaw earlier this year. Kaminsky recently said the DNS flaw also could affect other Web services, including email. Although the risk of such a flaw has been known for some time, last month security engineers repeatedly stated that it is only a matter of time before financial organizations and others are attacked through the flaw. Packet Clearing House research director Bill Woodcock says there will almost certainly be an escalating number of attacks. "We have already been seeing attacks in the wild for the past two weeks," Woodcock says. Experts say the root of the problem is that modern networks are relying on an addressing system that was invented in 1983 and was not meant for services such as electronic banking that require strict identity verification. "They are relying on infrastructure that was not intended to do what people assume it does," says University of Southern California Center for Computer Systems Security director Clifford Neuman. "What makes this so frustrating is that no one has been listening to what we have been saying for the past 17 years."
Click Here to View Full Article
to the top


ACM Electronic Voting Expert Named to Key Federal Advisory Committee
AScribe Newswire (08/07/08)

Computer scientist and founder of ACM's U.S. Public Policy Committee (USACM) Barbara Simons has been appointed to the Election Assistance Commission (EAC) Board of Advisors, which oversees voting and technology standards. Simons, an encryption and privacy expert who previously served as president of ACM, will hold a seat that is allocated for science and technology professionals. "With the increasing use of technology in the voting process, it is important for the EAC to have the benefit of strong scientific knowledge and advice," says USACM chair Eugene H. Spafford. "Dr. Simons brings valuable technical expertise to the Board of Advisors to help inform the commission's focus on the intersection between voting issues and computing technologies. Her extensive experience with USACM as well as her advisory roles in high-profile national voting groups qualifies her as an expert on voting systems, election technology, and election processes." Simons was a member of the National Workshop on Internet Voting, held at the request of President Clinton, and participated on the Security Peer Review report that resulted in the cancellation of the U.S. Department of Defense's Internet voting project due to security concerns. Simons also co-chaired the ACM study of statewide registered voter databases, and served on a subcommittee of the President's Export Council for Encryption. Simons is currently co-authoring a book on voting machines with University of Iowa computer scientist Douglas W. Jones.
Click Here to View Full Article
to the top


Computing Squared
AlphaGalileo (08/07/08)

For computing to become ubiquitous and useful, the emerging technology will have to adapt to the way humans live, communicate, and work, according to new research in the International Journal of Autonomous and Adaptive Communications Systems. The next-generation computer interfaces must be able to understand and emulate people, and recognize behavioral cues such as body language, facial expressions, and tone of voice. Maja Pantic of Imperial College London, Anton Nijholt of the University of Twente in the Netherlands, Alex Pentland of MIT's Media Lab, and Thomas Huanag of the University of Illinois at Urbana-Champaign assess the progress that has been made in the areas of human-centered computing and Human-Centered Intelligent Human-Computer Interaction (HCI-squared). A paradigm shift in computing is necessary to move toward HCI-squared, considering current machine analysis of human behavior is not context-sensitive and is unable to handle long timescales. "The focus of future research efforts in the field should be primarily on tackling the problem," the researchers conclude. "This problem should be treated as one complex problem rather than a number of detached problems in human sensing, context sensing and human behavior understanding."
Click Here to View Full Article
to the top


NSF Hosts the Second U.S.-China Computer Science Leadership Summit
National Science Foundation (08/06/08) Cruikshank, Dana W.

Approximately 15 professors, deans, and other computer science professionals from China recently gathered with their U.S. counterparts in Arlington, Va., for the second U.S.-China Computer Science Leadership Summit. The one-day meeting gave participants an opportunity to discuss the challenges and opportunities facing computing scholars. The summit reflects the growing level of cooperation between the academic research communities in both countries. The DIMACS Center at Rutgers University organized the National Science Foundation-sponsored event. China is quickly becoming a world leader in information technology research, with many Chinese universities rivaling American universities in the development of new patents and other innovations. Some believe that China's advancements threaten the U.S. economy, while others argue that creating stronger bonds between researchers in both countries will be mutually beneficial. "Science and technology have always been a powerful force for social and economic progress and for international diplomacy," says National Science Foundation director Arden L. Bement. "At no time has that been more true than today." DIMCAS Center director Fred Roberts says that one topic that generated heavy discussion was the increasingly multidisciplinary nature of modern science and the growing connections between computer science and other disciplines such as biology and social science. Another area of interest was the role of computer science in solving some of humanities' biggest challenges, including energy shortages, climate change, health care, and natural disaster response.
Click Here to View Full Article
to the top


MIT Students Ordered to Halt Report on Hacking Subway System
Wall Street Journal (08/11/08) P. A4

A federal U.S. district judge in Massachusetts ordered three Massachusetts Institute of Technology students to cancel a presentation at a computer hackers' conference in which they were to announce security flaws they discovered in the automated fare system used in Boston's subway system. The temporary restraining order prevented Zack Anderson, R.J. Ryan, and Alessandro Chiesa from demonstrating how to use the vulnerabilities to get free rides. The Electronics Frontier Foundation (EFF), which is representing the students, plans to fight the order, says EFF's Jennifer Granick. The Massachusetts Bay Transpiration Authority's complaint says the students planned to show others how to use the hacks before giving the transit system time to fix the flaws. Granick says the students were simply trying to share their research and planned to omit key information that would make things easier for someone attempting to hack the payment system. The researchers say the presentation would have demonstrated how to generate fare cards, reverse engineer magnetic stripes on cards, and hack radio frequency identification. "It is extremely important to maintain the security and integrity of the Fare Media systems," says transit system's Gary Foster. "With an insecure, compromised system, even basic revenue controls, to name one example, become significantly challenging." Granick says ordering the students to not share their findings will have a negative impact of legitimate researchers who want to expose flaws to improve systems.
Click Here to View Full Article
to the top


Judge Rejects Student Visa Injunction Sought by H-1B Opponents
Computerworld (08/07/08) Thibodeau, Patrick

The lawsuit filed against the Department of Homeland Security for extending student visas appears unlikely to succeed after a U.S. district court judge in New Jersey denied a preliminary injunction to halt the move. Judge Faith Hochberg addressed whether the Programmers Guild, the Immigration Reform Law Institute, and other opponents of H-1B visas had legal standing to bring the lawsuit, adding that they were unable to show that the extension from one year to 29 months directly hurts U.S. technology workers. "Instead of alleging concrete injury, plaintiffs assert a generalized grievance with a particular government policy," Hochberg wrote. The groups, which can appeal the injunction, believe the Bush administration used the extension as a back door to increase visas. The Bush administration says it extended student visas to give guest students more time to secure a H-1B visa. New graduates have a difficult time obtaining a H-1B visa because the program's 85,000-visa cap is being reached in early April each year. H-1B opponents and the Bush administration have to file briefs as to "whether this case should be dismissed for lack of standing" by Nov. 14, 2008.
Click Here to View Full Article
to the top


Sifting the Data: $3 Million Award Will Build a Foundation for New Ways to Analyze Massive Data Sets Using Visual Analytics
Georgia Institute of Technology (08/06/08) Vogel, Abby

The Georgia Institute of Technology has received a five-year grant to lead and coordinate a new initiative that will work to develop foundational research in large-scale data analysis and visual analytics. The research team will investigate ways of improving the visual analytics of massive data sets through machine learning, numerical algorithms and optimization, computational statistics, and information visualization. Research leader Haesun Park says developing new and improved mathematical and computational methodologies will allow systems developers, intelligence analysts, biologists, and health care workers to deploy new methods of detecting and discovering both expected and unexpected trends in massive data sets. The $3 million joint National Science Foundation and Department of Homeland Security grant places Georgia Tech at the head of the Foundations of Data and Visual Analytics (FODAVA) research effort. Seven other FODAVA Partnership Awards will be announced this year, with each recipient working with Georgia Tech to advance the field. Over the next five years, Georgia Tech and other researchers will work to establish FODAVA as a distinct research field and build a community of top-qualified researchers that will collaborate on research workshops and conferences, industry engagement, and technology transfer.
Click Here to View Full Article
to the top


Web Privacy on the Radar in Congress
New York Times (08/11/08) P. C1; Clifford, Stephanie

Questions surrounding online data collection and Internet user privacy are starting to attract the attention of Congress. Currently, there is no broad privacy legislation governing advertising on the Internet, and how companies use personal information collected from Internet users' Web habits is largely unknown. Even some in the government admit that they do not have a thorough understanding of what companies are able to do with the amount of data available to them. "That is why Congress, at this point, is wanting to gather a lot more information, because no one knows," says Vanderbilt University professor Steven A. Hetcher. "That information is incredibly valuable; it's the new frontier of advertising." Many believe that companies should tell Internet users how their information is being tracked and used, but what area of the law covers this problem, and what regulation would look like, is still undecided. As advertisers become more sophisticated, and online privacy standards become increasingly varied, regulators and privacy advocates are becoming more concerned. Some companies have responded to concerns and criticisms, with Yahoo! and Google giving users the opportunity to opt out of targeted ads, but such a small change may not be enough. Rep. Edward J. Markey (D-Mass.) says some type of omnibus electronic privacy legislation is needed, regardless of the technologies or companies involved. The Federal Trade Commission has proposed creating standards for behavioral-advertising practices in which companies would provide a clear notice to consumers that lets them choose not to be tracked, notify consumers if the company changes how it uses data, and requires companies to deploy reasonable security measures.
Click Here to View Full Article
to the top


Ohio Official Sues E-Voting Vendor for Lost Votes
IDG News Service (08/08/08) Gross, Grant

Premier Election Solutions defended its electronic-voting machines after Ohio Secretary of State Jennifer Brunner sued the vendor for dropping votes during the state's primary election in March. Although Premier did not respond directly to the lawsuit, a spokesman for the company formerly known as Diebold Election Systems said it offers high-quality voting systems that have had tremendous success in the state. The lawsuit is a counterclaim to a suit filed by Premier in May seeking a judgment that the company did not violate any contracts or warranties. After Butler County discovered that 150 votes were dropped, a statewide investigation found that hundreds of votes were dropped in 11 other counties. Brunner is suing Premier for failing to fulfill its contracts, and for breach of warranty and fraud. Her office issued a report in December that says the state should abandon touch-screen e-voting machines because of the "critical security failures" of the products of Premier and two other vendors. Premier blamed the problems on human error or conflicts with antivirus software in its own report in May.
Click Here to View Full Article
to the top


Researchers Develop Next-Generation Antivirus System
University of Michigan News Service (08/05/08) Moore, Nicol Casal

CloudAV, a new cloud computing approach to malicious software detection developed at the University of Michigan (UM), could eliminate the need to install and update antivirus software on personal computers. CloudAV moves antivirus functionality into the network cloud and off of personal computers, and analyzes suspicious files using multiple antivirus and behavioral detection programs simultaneously. "CloudAV virtualizes and parallelizes detection functionality with multiple antivirus engines, significantly increasing overall protection," says UM professor Farnam Jahanian. To develop CloudAV, the researchers evaluated 12 traditional antivirus programs against 7,220 malware samples. Traditional antivirus software checks documents and programs as they are accessed, and because of performance constraints and program incompatibilities, typically only one antivirus program is used at a time. However, CloudAV can support a variety of malicious software detectors running in parallel to analyze a single incoming file. Each detector acts as its own virtual machine, so technical incompatibilities and security issues are not a problem. CloudAV is accessible to any computer or mobile device operating on the network that runs a simple software agent, and each time a computer or device receives a new document or program, the item is automatically detected and sent to the antivirus cloud for analysis.
Click Here to View Full Article
to the top


Beyond 3G--Ultra-Fast Mobile Radio Networks of the Future
ICT Results (08/06/08)

European researchers are treading a path toward ultra-fast Internet access available from all mobile devices through projects such as WINNER II, a follow-up initiative to WINNER, which developed the initial concept of a new infrastructure based on the assessment of promising digital wireless technologies. WINNER II involved the development, optimization, and validation of that technology as an investigation into the possible deployment of the International Telecommunication Union's IMT-Advanced global standard for furnishing a coherent architecture for all kinds of digital wireless technologies. "The project has developed an entire system concept and a related reference design for a future air interface," says Werner Mohr with project coordinator Nokia Siemens Networks. "This can be used as input for the standardization process that is now starting." The 38 WINNER II partners have made contributions to the Long-Term Evolution intermediate standard, which will fill the void until IMT-Advanced is ready. The WINNER II team tested technologies that will enable communication of up to 100 Mbps by future mobile devices, and the projects' results will now be developed by the WINNER+ effort. Ultra-fast Internet access from mobile devices may not emerge in Europe until 2015, although it may be rolled out earlier in some countries depending on market needs and conditions in those countries, according to Mohr.
Click Here to View Full Article
to the top


Creating a Computer Game Is Child's Play
New Scientist (08/02/08)No. 2667, P. 26; Fleming, Nic

The Massachusetts Institute of Technology's Mitchel Resnick developed Scratch, a programming language that children around the world are using to create interactive stories, videos, music, animations, and games. Inspired by Lego bricks, Scratch allows users to drag and "snap together" graphical building blocks, which each represent a simple programming instruction, into sequences that build up into games and animations. Resnick says the idea behind Scratch is to fill a void in children's activities, namely creating the interactive media that they spend so much time playing with. Since its launch in May 2007, the Scratch software has been downloaded by more than 300,000 children, and nearly 180,000 projects have been uploaded onto the Scratch Web site for comment or use by visitors. Scratch has been used to create the Scratch News Network, an animated newscast where community developments are related by a cartoon cat used as the software's logo. "Children are creating whole new genres of projects that we had not even imagined," Resnick says. Scratch is being used in more than 100 countries, with the biggest communities located in the United States and Britain. Teachers are using the program to teach students programming basics, among other things.
Click Here to View Full Article - Web Link May Require Paid Subscription
to the top


Indiana University Department of Computer Science Study Shows Popular Web Sites at Risk for Phishers
Indiana University (07/30/08)

Indiana University School of Informatics researchers recently found that nearly 2.5 million Web pages on some of the Internet's most trusted and recognizable sites have 128,000 links that could be manipulated by phishers. Doctoral students Craig Shue and Andrew Kalafut, along with their advisor, professor Minaxi Gupta, developed a program that crawled tens of thousands of sites searching for and identifying open redirects, which are applications that take a parameter and redirect the user to the parameter value without any validation. These redirects serve a legitimate purpose, but they lack security controls and can be manipulated by phishers to send visitors to any site on the Internet. "We were surprised by the number of these open redirects on sites that people trust implicitly," Shue says. "When considering whether to click on links in email, users often look at whether the link goes to a trusted site. However, with redirects, phishers can manipulate the links to defraud these users." Shue presented the study's findings at the Usenix Workshop of Offensive technology.
Click Here to View Full Article
to the top


EU Reserves Spectrum for 'Talking' Cars
InformationWeek (08/06/08) Perez, Marin

The European Commission has agreed to set aside 30-MHz spectrum of the 5.9 GHz band for use in an initiative designed to reduce congestion and save lives by enabling vehicles to communicate with one another about hazardous conditions and other traffic impediments. By using the wireless spectrum, a vehicle would be able to "tell" nearby vehicles if, for example, a slippery patch is detected, or, warned by a traffic management center of a sudden road closure, could pass on the information to other affected cars. "Today's Commission decision is a decisive step towards meeting the European goal of reducing road accidents," says Viviane Reding, the European Union's telecommunications commissioner. "Getting critical messages through quickly and accurately is a must for road safety." Though technology already exists to make the endeavor possible, the initiative aims to develop a standard unionwide system.
Click Here to View Full Article
to the top


A Quant's Quest
Conde Nast Portfolio (07/30/08) Duncan, David Ewing

Former Columbia University computer scientist David E. Shaw, who made a fortune using complex algorithms on Wall Street, is close to completing Anton, a new supercomputer that he says will be the most powerful ever built. Shaw hopes Anton will help solve some of the most difficult problems in biology, such as how the molecules that comprise life function and interact at the most basic level. Shaw says that a clearer understanding of such complex interactions could lead to better and more efficacious drugs, develop computer models that can simulate what happens at the atomic level of life, and lead to new ideas for developing computers and other machines based on cells and molecules. Shaw retired from the day-to-day management of his derivatives firm several years ago to become chief scientist at his own computer laboratory, D.E. Shaw Research. Shaw has been mostly quiet about Anton, though it is known that the supercomputer uses the passively parallel computing technology Shaw helped develop at Columbia in the 1980s, and that the computer simultaneously runs 512 application-specific integrated circuits. Anton's processors are specifically designed to calculate the three-dimensional characteristics of molecules.
Click Here to View Full Article
to the top


Will Robots Care for You Later in Life?
Nikkei Weekly (07/28/08) Vol. 46, No. 2347, P. 17

Forty percent of the Japanese population will consist of senior citizens by 2055, and domestic robots are envisioned as important tools for caring for elderly people, especially those who live alone. The University of Tokyo's Information and Robot Technology (IRT) Research Initiative seeks to develop robots that can assist with housework and perform other menial chores. The 2005 Aichi Expo showcased innovative machines that come when called, avoid objects, and are capable of other jobs that could aid people with daily living. Robots outfitted with sensor counterparts to the five human senses can safely interact physically with people, distinguish between objects and carry food on trays, to name a few tasks. A research group led by University of Tokyo professor Isao Shimoyama has devised miniature tactile sensors capable of detecting pressure and friction from various objects and that fit into a robot's "skin." The technology gives the robot a precise sense of touch, and the IRT project team will create new control systems and infrastructure based on machines developed by Toyota, Mitsubishi Heavy Industries, and other companies. The strategy is to look for machine designs that match function, which makes it unlikely that every robot will be mobile or humanoid in form.
Click Here to View Full Article
to the top


To submit feedback about ACM TechNews, contact: technews@hq.acm.org

To be removed from future issues of TechNews, please submit your email address where you are receiving Technews alerts, at:
http://optout.acm.org/listserv_index.cfm?ln=technews

To re-subscribe in the future, enter your email address at:
http://signup.acm.org/listserv_index.cfm?ln=technews

As an alternative, log in at myacm.acm.org with your ACM Web Account username and password, and follow the "Listservs" link to unsubscribe or to change the email where we should send future issues.

to the top

News Abstracts © 2008 Information, Inc.


© 2008 ACM, Inc. All rights reserved. ACM Privacy Policy.

About ACM | Contact us | Boards & Committees | Press Room | Membership | Privacy Policy | Code of Ethics | System Availability | Copyright © 2014, ACM, Inc.