Welcome to the August 18, 2014 edition of ACM TechNews, providing timely information for IT professionals three times a week.
Updated versions of the ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).
HEADLINES AT A GLANCE
Google Introduces Kids to Coding Through Blockly Games Project
eWeek (08/17/14) Todd R. Weiss
Google has developed a collection of online Blockly Games designed to help engage children in their first efforts at programming. "As part of the generation of new programming environments that provide a more accessible introduction to coding, Blockly Games allows users to create and run programs by arranging blocks with a simple click, drag, and drop," says Google's Jennifer Vaden Barth. She says the Blockly Games website requires little or no typing, which makes it easier for young programmers to learn core coding principles in an intuitive way. "By minimizing the use of syntax, users are able to focus on the logic and concepts used by computer scientists, progressing at their own pace as they venture through mazes and more advanced arenas," Barth says. In addition, Blockly has been translated for use in several languages, including German, Vietnamese, and Russian. The Blockly Games website features a wide range of educational games that teach programming, including Puzzle, which introduces Blockly's shapes and shows how they snap together; Maze, which introduces loops and conditionals, and Bird, which dives more deeply into conditionals.
The Gyroscopes in Your Phone Could Let Apps Eavesdrop on Conversations
Wired News (08/14/14) Andy Greenburg
Researchers from Stanford University and Israel's Rafael defense research group plan to make a presentation at the Usenix security conference this week outlining a technique for turning a smartphone's gyroscope into an eavesdropping device capable of listening in on conversations. Smartphone gyroscopes have been linked to possible security concerns before: a 2011 Georgia Institute of Technology study found gyroscopes could identify computer keystrokes made nearby, and a paper from the same Stanford/Rafael team from earlier this year found gyroscopes could be used to "fingerprint" a given device. The research team's presentation outlines how gyroscopes are able to pick up the vibrations generated by human voices and that although the result is unintelligible to human ears, voice-recognition software can be created that can make sense of it. One such program developed by the researchers was able to identify spoken digits 65 percent of the time, identify speakers' genders with 85-percent accuracy, and distinguish between five speakers with up to 65-percent certainty. Stanford's Dan Boneh says although these results may not be impressive, further work could train voice-recognition software to be much better at distinguishing words. He says handset manufacturers need to do a better job of securing the gyroscope so malicious apps or websites are not able to easily harvest its data.
Visual Control of Big Data
MIT News (08/15/14) Larry Hardesty
Researchers at the Massachusetts Institute of Technology (MIT) have developed DBWipes, a data visualization tool that enables users to highlight abnormalities and possible patterns in the graphical display. The tool also automatically determines which data sources are responsible for which. The researchers also have designed a provenance-tracking system for large data sets. If a visualization system summarizes 100 million data entries into 100 points to render on the screen, then each of the 100 points will in some way summarize 1 million data points. The researchers say the provenance-tracking system provides a compact representation of the source of the summarized data so users can easily trace visualized data back to the source. In addition, the researchers have developed a new algorithm, called Scorpion, that tracks down the records responsible for particular aspects of a DBWipes visualization and then recalculates the visualization to either exclude or emphasize the data they contain. MIT professor Samuel Madden says Scorpion's development was partly motivated by a study conducted by a researcher at a Boston hospital, who noticed a subset of patients in one of the hospital's wards was incurring much higher treatment costs than the rest.
The Limits of Moore's Law Limits
EE Times (08/13/14) R. Colin Johnson
University of Michigan professor Igor Markov argues in an article in the latest issue of Nature that in order to understand the future shape of computing hardware, it is necessary to understand the nature of the limits placed on Moore's Law. Many engineers are worried the limits of Moore's Law are about to be reached as transistor density approaches the atomic scale, but Markov says there are many factors involved beyond size and there are ways to realize greater computing power beyond scaling. One major example of this is energy efficiency: Markov argues there are still numerous gains to be made in this area and new materials, such as carbon nanotube transistors, can help to realize major power savings that will in turn allow for greater computational power. There also is the possibility of exploring natural models such as the human brain, which Markov notes is fundamentally unlike existing computer systems in terms of both structure and operation. However, Markov recognizes there are some hard physical limits, but he says those limits--such as Planck's length and the Berkenstein limit--are loose enough that they might not affect computation as much as some suspect.
TUM Researchers Develop Defense Software "TCP Stealth"
Technical University of Munich (Germany) (08/15/14) Stefanie Reiffert
A recent Heise Online report says intelligence agencies in the United States, Canada, the United Kingdom, Australia, and New Zealand are using the Hacienda port-scanning program to identify vulnerable servers across the world in order to control them and use them for their own purposes. However, Technical University of Munich (TUM) researchers have developed TCP Stealth, free software that can help prevent this type of identification and the subsequent capture of systems. TCP Stealth inhibits the identification of systems through Hacienda and similar cyberattack software. TCP Stealth works by creating a secret token that is related to the secret number known only to the client computer and the server. The token is transmitted invisibly while building the initial connection with the server. If the token is incorrect, the system does not answer and the service appears to be dead. The software also protects against a further variant of this type of attack, which occurs when an adversary interposes himself between the user and the server into an already existing connection. TCP Stealth prevents this by sending a verification code while building the initial connection.
Researchers Roll Out Free Software to Advance Computer Chip Design
NCSU News (08/12/14) Matt Shipman
Researchers at North Carolina State University (NCSU) have developed software to facilitate chip design, and are making it freely available in order to cultivate new research focused on pushing the envelope of computer technology. "State-of-the-art transistors are now 15 nanometers (nm) long, and you can fit a billion of those transistors on a single chip," notes NCSU researcher Rhett Davis. "That means we need software to design those chips--and ours is the first free software that enables that level of chip design. There are no confidentiality agreements to hold researchers back and no strings attached, since one of our goals is to bring more people into the chip design field." The FreePDK15 software provides chip designers with accurate rules and definitions for what optical lithography can and cannot do on the 15-nm scale. Optical lithography is the technology used to print transistor designs on a chip. "Basically, the software allows designers free rein to explore new ideas, while keeping them within the bounds of what is physically possible," Davis says.
Technology Simplifies Big Data for the Human Brain
ComputerWeekly.com (08/12/14) Caroline Baldwin
A project called Collective Experience of Empathic Data Systems (CEEDS) involving 16 partners in nine European countries hopes to present large datasets in a way that is easier for the brain to understand. CEEDS contains an eXperience Induction Machine that adjusts to users' reactions, including gestures, eye movements, and heart rate. CEEDs coordinator and University of London professor Jonathan Freeman says the system identifies if participants are getting tired or overloaded with information, and adapts the data accordingly to avoid brain overload. "It either simplifies the visualizations so as to reduce the cognitive load, thus keeping the user less stressed and more able to focus," he notes. "Or it will guide the person to areas of the data representation that are not as heavy in information." Users experience virtual reality so they can "step inside" the large datasets, and CEEDS could potentially be used to help students study more efficiently or journalists to cross-check sources faster. The CEEDs technology also could help with inspecting satellite imagery and oil prospecting. Museums in the Netherlands, Britain, and the United States are interested in using the technology for conducting end of World War II commemorations in 2015.
Rutgers Researchers Show That How Fast You Drive Might Reveal Exactly Where You Are Going
Rutgers Today (08/11/14) Carl Blesch
Motorists sometimes allow insurance companies to monitor their driving habits in exchange for discounts on their premiums, but researchers at Rutgers University say doing so may disclose where motorists are driving, even in the absence of a global positioning system device or other location-sensing technology. "We've shown that speed data and a starting point are all we need to roughly identify where you have driven," says Rutgers professor Janne Lindqvist. Dubbed elastic pathing, the approach predicts pathways by matching speed patterns to street layouts. Lindqvist and his colleagues tested the technique by examining data from six drivers in New Jersey traveling to 46 different destinations over 240 trips, as well as from 21 drivers in Seattle over 691 trips. The technique predicted the final destination within a little less than one-third of a mile from the actual endpoint for more than 20 percent of the trips. "In time, we expect improvements will be made to our initial approach," Lindqvist says. He also suggests insurance companies consider alternatives to collecting speedometer readings to ensure better privacy protection. Rutgers doctoral student Xianyi Gao will present the team's research at the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing in September.
Mobile Phones Come Alive With the Sound of Music, Thanks to Nanogenerators
Queen Mary, University of London (08/12/14)
Everyday background noise could be used to charge mobile phones, according to scientists from Queen Mary University of London (QMUL) and Nokia. Building on previous research that found playing pop and rock music improves the performance of solar cells, a QMUL team worked with Nokia to develop an energy-harvesting prototype called a nanogenerator, using the key properties of zinc oxide. When squashed or stretched, the material creates a voltage by converting energy from motion into electrical energy, in the form of nanorods. The researchers note the energy harvesting can be very versatile when the nanorods are coated onto various surfaces in different locations. The team also developed a way to reduce costs so the nanogenerators can be produced at scale. The device is about the same size as a Nokia Lumina 925 smartphone and generates five volts, enough to charge a phone. "Being able to keep mobile devices working for longer, or do away with batteries completely by tapping into the stray energy that is all around us, is an exciting concept," says QMUL's Joe Briscoe.
Looking Through the Glass Ceiling: Challenges and Strategies for Women Pursuing STEM Careers
UC Magazine (08/11/14) Dawn Fuller
A new study by a University of Cincinnati (UC) doctoral student examines the effects of gender stereotypes in science, technology, engineering, and mathematics (STEM) fields. The study, which focused on 46 female graduate students working toward STEM careers, uncovered career strategies, barriers to achievement, and buffering strategies as emerging themes. "Gender stereotypes manifest in a variety of ways in a work environment, such as conflicting role expectations, a lack of authority, and a variety of small, interpersonal cues that signal the potential bias against women," says UC's Mary Jean Amon. "It is common for organizations to promote policies against blatant acts of discrimination and sexual harassment, but it is less common for them to recognize the unconscious acts of bias that frequently occur." As a result, the participants in the study revealed how they played distinct roles within different contexts, remaining vigilant to cues regarding gender-role expectations. The study found social support systems played a key role in helping women overcome challenges in these fields. Amon also suggests additional diversity training, self-development opportunities, and initiatives such as mentoring programs, flexible work hours, or maternity and paternity leave as ways to bolster support networks and the sense of work-and-life balance.
Researchers Aim to Thwart Targeted Cyberattacks
Northeastern University News (08/12/14) Angela Herring
Northeastern University researchers are studying a series of sophisticated attacks via email against the World Uyghur Congress (WUC), a Chinese nongovernmental organization. The researchers found the language and subject matter of malicious emails were specifically tailored to appear friendly, in which the sender was impersonating someone else to lure the recipient into opening an attachment. As part of the study, two volunteers from the WUC donated more than 1,000 suspicious emails that were also sent to more than 700 unique email addresses. The researchers used new software and other methods to discover that social engineering was important to the attackers' ability to gain access to victims' accounts, and the suspicious emails were sent from compromised accounts within the company or contained email addresses that differed from friendly addresses by a single character or two. They also found the malware delivery vectors were most often attached documents rather than ZIP files or EXE files. The malware delivered to the victims also was similar to that used in other recent targeted attacks, rather than representing zero-day malware. Northeastern professor Engin Kirda says understanding these types of attacks is important to developing software that can protect against them.
Stroustrup: Why the 35-Year-Old C++ Still Dominates 'Real' Dev
In an interview, C++ designer Bjarne Stroustrup says the programming language remains vital and relevant 35 years after he first designed it in 1979 because of its ability to handle complexity, making it the go-to solution for telecom, financial, and embedded applications and online systems such as Amazon and Google. Stroustrup says Google's Go language, which has been receiving a great deal of attention, can "do a few things elegantly," but loses "the edge in performance." Stroustrup says he used C++ for projects that "required a real programming language and real performance," by way of noting the language is more suitable for large-scale projects than small apps or hobbyists. Stroustrup says he is continuing to work to build the capabilities of C++ with the release of a new minor edition, C++ 14, this year. The update offers several improvements, including new templates and better memory initialization. Asked what role security should play in software development, Stroustrup says, "security is a systems issue." He also calls for greater professionalism among software programmers. "There are things in our society that mustn't break, and most of them depend on software," he says.
Abstract News © Copyright 2014 INFORMATION, INC.
To submit feedback about ACM TechNews, contact: firstname.lastname@example.org
Current ACM Members: Unsubscribe/Change your email subscription by logging in at myACM.