Welcome to the March 4, 2009 edition of ACM TechNews, providing timely information for IT professionals three times a week.
HEADLINES AT A GLANCE
Aussie Govt Considers Quantum Leap in Secure Comms
Computerworld Australia (03/03/09) Pauli, Darren
The Australian government is building a secure data communication system using quantum key distribution (QKD) technology, which uses lasers to detect any attempt to eavesdrop. The QKD system uses one-time keys to encode and decode data, but the random key is encoded at the quantum level in the sidebeam in the phase and amplitude, or brightness and color, of a highly tuned laser. QuintessenceLabs founder Vikram Sharma, one of the system's designers, says field trials with government agencies will be conducted over a fiber-optic network starting in the second half of this year. Sharma says the QKD network can be used for sensitive data, critical infrastructure, and secret commercial IP and financial information that requires ongoing protection. He says the QKD system uses as much off-the-shelf and open standard networking technology as possible to keep costs down and to make the system more robust. "The 21st century will see a number of advancements in quantum technologies, which will improve our lives in the much the same way that electricity and magnetism did in the previous century," Sharma says. "We are likely to see more quantum technology work its way into a number of practical applications over the next few years." Sharma designed the system with colleagues Ping Koy Lam, Thomas Symul, and Andrew Lance at the Australian National University.
Report: Diebold Voting System Has 'Delete' Button for Erasing Audit Logs
Wired News (03/03/09) Zetter, Kim
An investigation by California's secretary of state into why a product made by e-voting system vendor Premier Election Solutions (formerly Diebold Election Systems) lost about 200 ballots in Humboldt County during the U.S. presidential election revealed the presence of a "clear" button in some versions of the machine's Global Election Management System (GEMS) software that allows someone to permanently erase audit logs from the system. The secretary of state's report says the logs "contain--or should contain--records that would be essential to reconstruct operator actions during the vote tallying process." The proximity of the clear button to the "print" and "save as" buttons raises the risk of the logs being erased accidentally, and the system provides no warning to operators of the danger of clicking on the button. Premier/Diebold retained the button despite an apparent warning from a system developer, and though the button was removed from subsequent iterations of the software, the version with the button is still used in three California counties and other U.S. states. The report says that under the voting system standards "each of the errors and deficiencies in the GEMS version 1.18.19 software...standing alone would warrant a finding by an Independent Testing Authority (ITA) of 'Total Failure' (indicated by a score of 1.0) had the flaw been detected." The California report's findings bring up issues about the auditing logs on voting systems made by other vendors, and about what course of action states that use the Premier system will follow now that they are aware that their voting software fails to produce a sufficient audit trail to guarantee the integrity of an election.
Lack of Ability Does Not Explain Women's Decisions to Opt Out of Math-Intensive Science Careers
American Psychological Association (03/03/09) Willenz, Pam
Reasons for women's underrepresentation in math-heavy science careers other than a lack of mathematical ability were uncovered by a study conducted by Cornell University researchers. The study identifies a preference for less math-intensive science fields or the need for the flexibility to raise children as underlying factors, according to lead author Stephen J. Ceci. "Many women choose to have children, and the timing of childrearing coincides with the most demanding periods of their career, such as trying to get tenure or working exorbitant hours to get promoted," he says. Women currently constitute about 50 percent of medical school classes, but the study authors note that women who enter academic medicine have less chance than men of being promoted or serving in leadership positions. "Even though institutional barriers and discrimination exist, these influences still cannot explain why women are not entering or staying in [science, technology, engineering, and math] careers," Ceci says. "The evidence did not show that removal of these barriers would equalize the sexes in these fields, especially given that women's career preferences and lifestyle choices tilt them towards other careers such as medicine and biology over mathematics, computer science, physics, and engineering." Ceci says that if math skill was solely a function of gender, then about twice as many women would be in math-intensive careers than there are now. A number of studies indicated that although women are well represented in less math-intensive fields, they are still underrepresented in the top positions of these fields, with the researchers finding that they are either not on tenure track, drop off tenure track, or choose part-time posts until their children get older.
Oops, You Hit 'Delete.' It's Time for a Software Sleuth
New York Times (03/01/09) P. BU3; Eisenberg, Anne
Polytechnic Institute of New York University professor Nasir Memon has developed software that can reassemble deleted image files. The software uses file-carving techniques that restore the contents of a file after its identifying information has been lost or deleted. Although the software cannot recover partial images in which part of the original file has been overwritten by new data, "it will recover photos if all of the parts are still present on the storage medium, however scattered," Memon says. University of New Orleans professor Golden G. Richard III says automated programs such as Memon's are unusual and a major step forward. "Most applications simply don't handle images that have been torn into pieces and scrambled that well," Richard says. "His technique takes those shreds and puts them back together." When a media card inside a camera starts to fill up, new photos are often stored in separate pieces wherever space is available. When the information detailing where these file fragments are stored is erased, recovering those slivers is difficult. Memon's software also could be used by law enforcement to recover deliberately deleted files. Marcus K. Rogers, head of Purdue University's Cyber Forensics Program, says his lab often is asked to recover deleted images from hard drives. "Quite often that's just where the smoking guns are found," he says.
What Will it Take to Increase Hispanics in STEM? Money, Of Course
Diverse Online (03/02/09) Branch-Brioso, Karen
The National Science Foundation (NSF) recently asked Hispanic-serving institutions at the Hispanic Association of Colleges and Universities' Capitol Forum for advice on how to increase the number of Latinos in science, technology, engineering, and math (STEM) fields. College administrators responded by saying that paying Hispanic students to do research was the only way to get and keep them interested in STEM fields. "Our students are working-class students," says Moshen Beheshti, chair of the computer science department at California State University, Dominguez Hills. "They cannot just come to school to do the research. They need to get paid." Hispanics make up 14 percent of the U.S. population but received only 7.5 percent of bachelor's degrees in engineering in 2005, according to the National Action Council for Minorities in Engineering. Hispanics also only earned 7.5 percent of bachelor's degrees in biological sciences, 6.8 percent in computer sciences, 6.5 percent in physics, and 5.8 percent in mathematics in 2005. In 2007, Congress approved legislation creating a NSF program aimed at improving the number of STEM degrees at Hispanic-serving institutions. The Education Trust's Margarita Benitez urged the NSF to examine Latino demographics by state, and to use that data to set a target percentage of Latino students who should be in STEM careers. University of Texas, El Paso's Robert Osegueda says the NSF program should reach out to K-12 students to promote STEM careers before they reach college.
IBM Tries to Tackle Nanotube Chip Cooling
Network World (03/02/09) Shah, Agam
IBM researchers are exploring ways to improve heat management in carbon nanotube transistors to prevent the devices from self destructing. IBM's Phaedon Avouris says the researchers have discovered ways of measuring the temperatures of carbon nanotubes, which was not previously possible. Carbon nanotubes need to be better understood before they can be used in electronic devices, and heat dissipation is one of their current limitations, Avouris says. Bunching carbon nanotubes together makes them too difficult to cool using only air, and excess heat hurts performance and could cause the nanotubes to self destruct. "The first step is we want to understand how electrons flow through this material, as it is completely different from the way electrons flow through silicon," he says. Carbon nanotubes have unusual heating and dissipation mechanisms that could influence the development of nanotechnology. The researchers explored efficient ways of transferring heat from the nanotubes to the substrate with the aid of another carbon material in between the two. Avouris says the researchers' findings are of fundamental scientific importance, and will be crucial to the development of thermal management systems capable of regulating the heat of future carbon nanotube-based devices.
Cards on the Table: Low-Cost Tool Spots Software Security Flaws During Development Process
NCSU News (02/25/09) Shipman, Matt
North Carolina State University (NCSU) computer security experts have developed Protection Poker, a new risk management tool that helps software developers find security vulnerabilities in their programs early in the development process. Protection Poker asks software development managers to present ideas for new software features or applications to their team of programmers. Members of the software development team are then asked to vote on two questions: how valuable is the data that the feature will be using, and how easy will it be to attack the new feature? The development team uses a special deck of cards to vote, which allows them to rank the value and vulnerability of the new feature on a scale of one to 100. Everyone on the team reveals their cards simultaneously, and the members who voted the highest and lowest are asked to explain their votes. If one team member has voted significantly higher or lower than the rest of the team they may know something the others do not, or they may be missing a vital piece of information. The process is particularly effective during the planning stage, so potential problems can be identified before any coding takes place. Lead researcher and NCSU professor Laurie Williams says Protection Poker also is an effective training tool that helps team members share their security knowledge and development process. The research was presented at the recent Engineering Secure Software and Systems Conference in Leuven, Belgium.
This Internet Fix Is No Pipe Dream
InfoWorld (02/27/09) Grimes, Roger A.
The Internet's security problems could be corrected by exploiting existing standards and protocols for Web services, security, identity, and authentication, writes Roger A. Grimes. Such protocols include Web Services specifications and extensions, Security Assertion Markup Language, Simple Object Access Protocol, WS-Security, WS-Federation, WS-Trust, OpenID, and Security Token Service. "Essentially all these open standard protocols and specifications will allow huge, interconnected identity and authentication systems to be created between multiple, disparate parties," Grimes writes. "In relation to cloud services, these standards are often the way you will connect to them." In other words, "the specifications...allow the identity and authentication services necessary to connect to cloud services to be 'clouded' themselves," he says. Users will be able to receive one or more security tokens from one or more authentication providers and employ them as they desire, while each token can have one or more claims, which is any information characteristic associated with a specific identity. Grimes says these new specs and standards will facilitate the construction of massive identity metasystems in which large circles of trust can be organized through the linkage of many disparate identity/authentication systems. This would eliminate the boundaries created by every commercial Internet service's own isolated authentication system, he concludes.
Knowing When to Fold: Engineers Use 'Nano-Origami' to Build Tiny Electronic Devices
MIT News (02/24/09) Trafton, Anne
Massachusetts Institute of Technology researchers are developing nano-origami, a new technique that enables engineers to fold nanoscale materials into simple three-dimensional (3D) structures. Nano-origami could be used to build motors and capacitors and lead to better computer memory storage, faster microprocessors, and new nanophotonic devices. The MIT team used conventional lithography tools to create a nanoscale two-dimensional pattern in materials, and then folded the material into predetermined 3D shapes. The researchers have already demonstrated a 3D nanoscale capacitor. The capacitor currently has only a single fold, but as more folds are added, its ability to store energy will increase. Additional layers also would promote faster information flow, similar to how the folds in a human's brain may allow for faster communication between brain regions, says graduate student Nader Shaar. The researchers have developed several ways to induce folding, including depositing metal onto the surface where a fold should be, which causes the material to curl upward. Directing a beam of helium ions onto the desired fold imprints a pattern that causes the material to fold once it is removed from the surface. High-energy beams accumulate at the bottom, causing a downward fold, and low-energy beams accumulate at the top for downward folds. A third technique uses embedded gold wires and a current that interacts with an external magnetic field, creating a Lorentz force that lifts the material's face. The folded shapes can be fabricated in several materials, including silicon, silicon nitride, and a soft polymer called SU-8.
Slump in School Computer Lessons
BBC News (03/03/09)
Information and communication technology's (ICT's) popularity is rapidly falling in U.K. schools despite the subject's growing importance in everyday life, reports the United Kingdom's Office for Standards in Education, Children's Services and Skills (Ofsted). An Ofsted study found that 45 percent fewer girls were taking A-level ICT classes in 2007 than in 2004, and almost a third fewer boys. Ofsted says that teaching in some schools is lagging behind and many students are taking qualifications of "doubtful value." Ofsted adds that the proportion of girls studying computing after the age of 16 has fallen to an all-time low. The curriculum and assessment were inadequate in about one-fifth of the schools visited, and many students did not strive for valuable qualifications. The report says schools should evaluate how challenging the qualifications are. "ICT needs to be given high status, both by the government and in individual schools, in line with its importance to young people's future economic well being," says chief inspector of schools Christine Gilbert. The study found that in the weakest schools, connections between ICT and other subjects were not made, while in the best schools ICT resources were spread across all disciplines.
How to Get Gigapixel Photos From a Cheap Digicam
New Scientist (02/27/09) Simonite, Tom
Carnegie Mellon University researchers have developed the Gigapan, a robotic tripod that enables digital cameras to take gigapixel-size pictures. The Gigapan uses motors to capture a scene with a grid of hundreds or thousands of images with the camera set to full zoom. Photo-stitching software is used to combine the images into a single super-detailed image containing billions of pixels. The highly detailed image is called a gigapan. Gigapans require significant amounts of computing power to process, and can be too large for all but the most powerful desktop computers. The images are too detailed to be printed, but gigapan images can be uploaded to a site where users can zoom in for detailed examination. An early Gigapan testing project gave 25 scientists the opportunity to use Gigapan for scientific purposes. Hawaii health department botanist Richard Palmer is using Gigapan to help monitor vulnerable environments. Successive panoramas will be taken every few months to monitor and document the recovery of vegetation over time. Palmer also developed a way to take gigapan images using a macro lens, which can provide a way to document herbarium specimens in sub-millimeter detail, enabling gigapans to be distributed instead of actual specimens. Fort Hays State University geologist Ron Schott used the Gigapan to create three-dimensional (3D) realistic views of geological features. The 3D gigapans are created by combining two gigapans taken from slightly different positions. Schott is now working to create a detailed 3D model of a landscape using a stereo gigapan.
Can Virtual Teachers Plug the Educational Divide?
Newcastle University (02/23/09)
Newcastle University professor of educational technology Sugata Mitra believes that introducing more technology to the classroom is the key to eliminating inadequate learning opportunities worldwide. "There will always be areas in the world where, for whatever reason, good schools and good teachers will not exist," Mitra says. "This problem is not going to go away or get better without intervention, therefore we need to be looking for alternative forms of teaching to ensure children do not miss out on a good standard of education." Mitra's research began with an experiment that involved putting a computer with an Internet connection in an impoverished area in Dehli, India. In only a month, children with no prior knowledge of computers or English were computer literate. Mitra says the experiment shows that even without a teacher, creating an environment that stimulates curiosity enables children to teach themselves and share knowledge. He calls this process "minimally invasive education." Mitra has taken the technique further by using Skype to bring teachers to schools in remote, inaccessible, or undesirable locations. Through Skype, for example, Mitra can teach a class in India's Hyderabad region from his office in the United Kingdom. A life-size image of the teacher is projected onto a wall in the school, which has proven to be an effective teaching technique, and teachers can interact with students in real time.
Oak Ridge Explores Cybots
Government Computer News (02/19/09) Jackson, William
The Ubiquitous Network Transient Autonomous Mission Entities (UNTAME) program at Oak Ridge National Laboratory is working to develop technology that will lead to an army of software robots, dubbed cybots, which are intelligent enough to cooperate with one another to monitor and defend the largest computer networks. Joe Trien, from Oak Ridge's Computational Sciences and Engineering Division, says UNTAME is a prototype distributed, intelligent framework that supports existing commercial tools and security devices and enables traditional point-to-point solutions to collaborate and provide situational awareness and response capabilities in near real time. UNTAME is the result of a long-term project by the division's Cyber Security and Information Intelligence Research Group aimed at developing futuristic security technology for large and complex environments. UNTAME's cybots are different from traditional software agents in that they form a collective and are aware of other cybot's activities and conditions. Trien says a cybot is more intelligent than an agent, and when a cybot goes down, other cybots can continue the mission, while an agent would simply be lost. Cybot jobs could include network monitoring and discovery, intrusion detection, and data management. Trien says there are several challenges to taking the system to the next level and demonstrating the cybots on an operational network, including establishing operations with little network overhead for greater transparency, scrutinizing the code, and testing the cybots to ensure there are no unexpected behaviors.
Abstract News © Copyright 2009 INFORMATION, INC.
To submit feedback about ACM TechNews, contact: firstname.lastname@example.org
Change your Email Address for TechNews (log into myACM)