Association for Computing Machinery
Timely Topics for IT Professionals

About ACM TechNews

ACM TechNews is published every week on Monday, Wednesday, and Friday.


ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either Gateway Inc. or ACM.

To send comments, please write to technews@hq.acm.org.

Volume 3, Issue 261: Friday, October 5, 2001

  • "Senate Committee Tackles IT Infrastructure Protection"
    InfoWorld.com (10/04/01); Jones, Jennifer

    Private industry leaders and top government officials met to discuss national IT security before the Senate Governmental Affairs Committee on Thursday. Representatives from different sectors' security centers talked about how they could coordinate efforts in the wake of the Sept. 11 terrorist attacks. Kenneth Watson of the Partnership for Critical Infrastructure Security suggested that the current lack of organization is not a good thing, but the decentralized structure lends resiliency to the overall security network. Private industry groups from sectors such as finance, electric power, IT, and telecommunications said antitrust laws often discouraged companies from collaborating to share information with competitors. They also worried that the Freedom of Information Act would open up any information they shared with the government to the public. But National Infrastructure Protection Center Director Ronald Dick said the FBI's Infraguard program provided a safe way for companies to share information about cybercrime.
    Click Here to View Full Article

  • "IT Worker Shortage Continues"
    CyberAtlas (10/03/01); Pastore, Michael

    Research continues to show a shortage in IT workers, despite numerous layoffs and the highest unemployment rate in nearly four years. The Computing Technology Industry Association compiled surveys given to human resources managers and CIOs of large companies to find that IT worker shortages had tripled since 1999. However, HR managers and CIOs identified different skills as more important, with CIOs emphasizing "soft" skills such as communication as compared to the purely technical skills valued by HR managers. To support this study, Computerworld's 15th Annual Salary Survey showed that tech workers' paychecks had grown 6 percent last year compared to the 4 percent national average. However, managers have been forced to cut back on the number of reviews and bonuses given workers. Gartner also reported that new issues have come to the fore in corporate IT departments, with CRM, disaster recovery, Web services, and mobile technologies the most important areas. Enterprise resource planning, supply chain management, and B2B e-marketplaces all scored lower in Gartner's survey.
    Click Here to View Full Article

  • "White House Seeks to Remove Time Limit on Surveillance Part of Antiterrorism Bill"
    Wall Street Journal (10/05/01) P. A16; Bridis, Ted; Bravin, Jess

    Attorney General John Ashcroft and President Bush are urging the House of Representatives to reconsider sunset provisions placed on anti-terrorism legislation approved unanimously earlier in the week that requires all the increased wiretap surveillance measures that were approved to expire in two years, unless Congress decides to renew them. The Senate released its version of the bill on Wednesday night, which did not contain the time limits imposed by the House, setting the stage for a possible battle between the two bodies. Bush wants broader rights to track email sent by any person under investigation, as well as provisions that would make it easier to trace hackers. House members claim that they are wary lest the government use the laws to infringe on people's rights to privacy. Their version of the bill prevents federal judges from allowing emails obtained illegally to be entered as evidence.

  • "High-Tech Leaders Slam Encryption Back Door Bill"
    Newsbytes (10/04/01)

    The Computer & Communications Industry Association (CCIA) sent a letter to Sen. Judd Gregg (R-N.H.) protesting a bill he introduced that would require encryption product makers to install back doors that law enforcement officials could use. Gregg drafted the legislation in response to the possibility that encryption was used to mask Internet communications between the terrorists responsible for the Sept. 11 attacks. "We do not believe that new government restrictions on technology are the solution to preventing future terrorist attacks or protecting our national security," wrote CCIA President Ed Black. He added that federal control of technology and computer networks could stifle industry attempts "to promote a healthy, competitive, global economy as well as ensuring secure, authenticated, trusted communications and digital asset protection in the global business environment."
    http://www.newsbytes.com/news/01/170839.html

  • "The Microsoft Conundrum"
    New York Times (10/05/01) P. C2; Lohr, Steve

    Despite Judge Colleen Kollar-Kotelly's charge that the two sides in the Microsoft antitrust case settle before Nov. 2, several issues remain that could make that a remote possibility. The Justice Department says it wants to uphold previous injunctions against Microsoft, minus the breakup of the company. Microsoft, on the other hand, interprets the district appeals court ruling in late June to mean it is free from many of the accusations the previous judgment was founded upon. The appeals court ruling, which any settlement or final ruling must abide by, is ambiguous on the liability of Microsoft in illegally bundling its products. Two of the restrictions the Justice Department is seeking include forcing Microsoft to open its software code and sell a stripped-down version of Windows to vendors who want it. Currently, Microsoft exerts immense pressure on computer manufacturers to buy the products it wants to sell, such as Windows XP, which comes bundled with a host of Microsoft applications that could help it monopolize other software and Internet services segments.
    http://www.nytimes.com/2001/10/05/technology/05SOFT.html
    (Access to this site is free; however, first-time visitors will need to register.)

  • "Agents Following Suspects' Lengthy Electronic Trail"
    Washington Post (10/04/01) P. A24; Fallis, David S.; Cha, Ariana Eunjung

    Federal law enforcement agents are sleuthing on the Internet, trying to find evidence on the Web about the recent terrorist attacks before the data is permanently erased. Because much of the data for anonymous accounts and in public forums is erased at the end of a certain period, FBI agents and the 50 other federal experts that have joined them to search online are working fast. So far, they have uncovered numerous email accounts used by the hijackers, information about tickets purchased online, and evidence of the men's research into crop-dusting and flight training. Investigators have found that the hijackers used sophisticated methods, including encryption and possibly steganography, to hide messages in otherwise innocuous images on the Internet. A motel manager in Florida said two of the men asked for 24-hour Internet access and left upset when he could not deliver, saying, "You don't understand. We are here on a mission." FBI analysts said that could be one clue that the hijackers were waiting for secret, timed messages to appear on the Internet, giving them important instructions about how to carry out the attack.
    http://www.washingtonpost.com/wp-dyn/articles/A2325-2001Oct3.html

  • "Linux Popularity Breeds More Worms"
    VNUNet (10/04/01); White, Aoife

    Linux systems are drawing more viruses now that they are entrenched in the corporate server market. Computer Associates Australia's Jakub Kaminski says Linux viruses such as Ramen have proliferated over the last year, but that a serious threat is posed by new work being done in Linux Trojans. Eventually, these worms could be used to perpetrate distributed denial-of-service attacks and take advantages of inherent weaknesses, such as the lack of buffer clean-up capability for programs written in C++. Kaminski also says virus writers could target hidden holes in Linux systems in an attempt to emulate the rapid spread of viruses such as Code Red and Nimda.
    http://www.vnunet.com/News/1125872

  • "Lawmaker's Bill Would Spur Tech Spending, Charity Donations"
    Newsbytes (10/03/01); MacMillan, Robert

    Rep. Fred Upton (R-Mich.) has introduced a bill allowing companies to reduce from five years to two years the period that high-tech equipment must be kept on their books. Upton says such a move should boost new equipment sales as well as donations of older equipment. Equipment quickly becomes outdated, he added. Upton's bill would also lessen the depreciation recovery period on spectrum licenses from 15 years to seven years. This would help businesses and consumers as well as the tech employment sector, he said. Upton believes the new bill is especially crucial now as the economy tries to recover.
    http://www.newsbytes.com/news/01/170789.html

  • "Tiny Storage Makes Big Impact"
    Investor's Business Daily (10/04/01) P. A6; Deagon, Brian

    Smaller storage devices are expanding the possibilities of many consumer electronics products, including PDAs, cell phones, digital cameras, and portable media players. There are many varying formats of the technology working on different platforms. IBM, for example, is capitalizing on its expertise in disk drive technology with its MicroDrive device, which is manufactured with up to 1 GB in storage space. An optical storage disk from DataPlay is just as small. DataPlay has backing from companies such as Intel, Toshiba, and Olympus, and has engendered interest from the music industry. Consumer electronics maker Sony is also pioneering a new format with its Memory Stick flash technology.

  • "Cybersecurity R&D 'Inadequate'"
    Federal Computer Week Online (10/02/01); Frank, Diane

    Rep. Sherwood Boehlert (R-N.Y.) said the United States needs to increase its cybersecurity research in order to prevent future terrorist attacks. Boehlert is chairman of the House Science Committee, which is looking into ways research can further strengthen defenses against both online and physical attacks. But Boehlert emphasized that cybersecurity should include measures that can help prevent physical attacks, such as advanced biometric identification. Congress and the Bush administration have begun making plans to increase the government's fiscal 2002 budget, with more money going towards R&D. In addition, President Bush has named a new head for the Office of Science and Technology Policy, John Marburger, who will also serve as an advisor to the president.
    http://www.fcw.com/fcw/articles/2001/1001/web-cyber-10-02-01.asp

  • "In Wake of Terrorism, It's Time for the Internet to Face the Real World"
    Wall Street Journal (10/04/01) P. B1; Mossberg, Walter S.

    The Internet played a decisive role in both carrying out the Sept. 11 terrorist attacks and in finding evidence and rallying national support after the tragedy. The resiliency of the Web after the attacks at a time when telecommunications and even some Internet infrastructure was damaged shows that it is no longer a fragile environment that needs special protection from the government. Advocates of this position protest loudly over the government's recent calls for more Internet surveillance that could prevent future attacks. But many lawmakers are simply urging for the same legal powers given them over existing communications infrastructure be applied to the Internet. More troubling than this slight government intrusion is the proliferation of unscrupulous marketing on the Internet. The Internet provides a unique tool for terrorists to exploit because it fosters anonymity, and therefore should not be especially shielded from the government's heightened vigilance, argues Walter S. Mossberg.

  • "Attacks Change Tech-Spending Plans"
    Reuters (10/03/01)

    Nineteen percent of 225 CIOs surveyed by Morgan Stanley investment bank say that the Sept. 11 terrorist attacks have forced their companies to reassess their major technology purchases. Some 33 percent of the respondents believe it is too soon to make any predictions on how their technology spending will be impacted by the tragedy; 31 percent plan to adhere to spending strategies decided on before the attacks. Almost 40 percent of those polled share a bleak view of the U.S. economy in general, compared to 10 percent who have an optimistic outlook and 50 percent who remain neutral. Many respondents expect the assaults will trigger increased spending in network security, backup software, and disaster-recovery services.
    http://news.cnet.com/news/0-1003-200-7400686.html

  • "Securing the Lines of a Wired Nation"
    New York Times (10/04/01) P. F1; Schwartz, John

    According to many experts, the Internet poses an inviting target for terrorists who want to disrupt operations in the United States. A report by the Dartmouth-based Institute for Security Technology Studies states that strikes by U.S. hackers in retaliation for the Sept. 11 terrorist attacks could set off a cyberwar. Internet networks are increasingly becoming the glue that holds the world's economy together, with everything from finance, government, energy, water, and transportation relying on it for proper operations. A knowledgeable hacker could open and close switches and valves, transfer money from one bank account to another, or make orders for weapons via the Web, and could even disrupt 911 service, air traffic control, rail systems, and power grids. Many believe that terrorists are most likely to attempt to use the breaches in the Internet to add confusion following a real-world attack. The availability of malicious software on the Internet, along with the information of how to detect weaknesses in Web security, has increased the amount of people with at least a rudimentary knowledge of how to hack into computer systems, with a 1997 report by a President Clinton commission estimating that by this year, 19 million people will have such skills. Though most measures for securing computer networks, such as updating anti-virus software, using effective passwords, and installing intrusion-detection systems, are relatively easy to pull off, many businesses, government agencies, and consumers still fail to do so.
    http://www.nytimes.com/2001/10/04/technology/circuits/04SECU.html
    (Access to this site is free; however, first-time visitors will need to register.)

  • "Companies Rethink Net Privacy After Attacks"
    CNet (10/02/01); Olsen, Stefanie

    Privacy experts say that companies are making sure their online privacy policies do not become entangled in the investigation into the Sept. 11 terrorist attacks, and some companies are rewriting their published privacy statements. Most such policies include provisions for sharing customer information with law enforcement agencies during criminal investigations or to do with suspected illegal activity, but apparently some companies that have been cooperating with authorities in the wake of the attacks are reviewing their actions for possible privacy violations because they are afraid they went too far in cooperating. As specified by the Electronic Communications Privacy Act, companies usually require a warrant or a court order before handing over the contents of email or electronic files, but Internet companies can provide consumer-identity information without a court order. Privacy Council CEO Larry Ponemon says some companies gave authorities their databases without authorization right after the attacks, and he adds that some consumers may soon get notifications and apologies. TRUSTe's David Steer says his organization has been fielding calls from concerned businesses wondering how to include clauses in their privacy policies that would allow exceptions for cases of national security.
    http://news.cnet.com/news/0-1005-200-7375378.html?tag=prntf

  • "Tech Firm Job Cuts: Boon or Bust?"
    E-Commerce Times (10/02/01); Saliba, Clare

    Analysts warn that the large number of layoffs among tech firms may seriously harm those companies in the long term, even though it may produce favorable short-term results on their balance sheets. Challenger, Gray, & Christmas, an executive placement firm, says the 90,000 dot-com layoffs counted so far this year have more than doubled the entire sum of last year's layoffs, despite the fact that September represented a 15-month low in the number of layoffs. Gartner research director Diane Tunick Morello says companies lose intellectual capital and vital connections within the company when cuts go too deep. Some of these connections relay horizontal communications within the organization network and are not easily discernable, she adds. Challenger CEO John A. Challenger says, "There's no question, in terms of their ability to do high quality work or broaden the services they hoped to or promised, that the layoffs have been devastating for most of these companies."
    http://www.ecommercetimes.com/perl/story/13852.html

  • "Return of the Dot-Goners"
    Computerworld (10/01/01) Vol. 35, No. 40, P. 28; Watson, Sharon

    Corporations are applying two practices that have survived the dot-com collapse: The awarding of high salaries to IT professionals and the employers' differentiation from other dot-coms and market rivals as an incentive for potential IT employees. "Brand benefits" include flexible scheduling and the technical/business career paths that dot-coms offer without the instability; such benefits serve to enhance the value of the IT professional. High salaries are a particularly lucrative selling point. Consultants and CIOs say that they are not planning salary cuts, despite the dot-com bust; some companies will lower raises, but consultants say these drops should not be too serious. "No one is thinking of double-digit increases, but the percentages arent dropping to the 4 percent raises seen by the non-IT population," notes Hewitt Associates' Georgine Young. Other employee rewards that employers offer include stock options and bonuses based on projects and performance. However, one of the downsides of this practice is that IT workers now consider money rather than intellectual challenge to be the deciding factor of whether they remain loyal to the company, says Dave Van De Voort of William M. Mercer.
    Click Here to View Full Article

  • "A Federal Call for IT"
    InfoWorld (10/01/01) Vol. 23, No. 40, P. 44; Jones, Jennifer

    The federal government is in a bind: Fewer and fewer young IT workers are coming in, while estimates say that as much as 50 percent of its current IT personnel will retire in five to six years. A study conducted by the National Academy of Public Administration (NAPA) concludes that the government is "suffering a steady and inexorable deterioration of its current IT leadership." More high-tech workers appreciate the higher salaries that private industry offers, and the tedious federal hiring process is a turn-off. To recruit and retain employees, the government must revamp its image. NAPA recommends that the government compensate workers based on their performance, and at levels that can compete with the private sector. The Office of Personnel Management (OPM) took a step in the right direction when it increased IT worker salaries last November. OPM director Janice Lachance advises federal agencies to sweeten the pot with recruitment bonuses and retention allowances. Other incentives the government can offer prospective employees include a wider range of responsibilities, more interesting careers, and projects that involve sophisticated technology.
    http://www.infoworld.com/articles/pe/xml/01/10/01/011001pegovt.xml

  • "ROI: A Little More Than Lip Service"
    InternetWeek (10/01/01) No. 880, P. 1; Lewis, David; Koller, Mike

    An InternetWeek survey indicates that managers may be dedicating few actual resources to demonstrate a return on investment (ROI) on their IT projects. Out of 1,000 managers polled, 82 percent are expecting profitable "e-business operations" this year, but just 34 percent claim to possess an ROI model. Jupiter Media Metrix says most companies adopt ROI metrics that yield varying results for each project, thus making it "nearly impossible to correctly choose which projects should be funded and which should be killed." Experts see some confusion among business people between ROI, total cost of ownership, and payback. Some complicated ROI metrics can be eliminated in favor of less complex metrics, such as economic value added (EVA), which Target elected to do rather than continue to depend on intricate ROI evaluations. An IT project's net operating profit is calculated; from that number is subtracted the project's net assets multiplied by the weighted average cost of capital. Another solution some experts recommend is assessment by impartial third parties. Some ROI calculations may not even be necessary, if the project's main goal is reducing costs.
    http://www.internetweek.com/newslead01/lead100101.htm

  • "Sometimes the Luddites Are Right"
    Futurist (10/01) Vol. 35, No. 5, P. 38; Brown, Arnold

    Society must take Luddites more seriously when it comes to information technologies, contends Weiner, Edrich, Brown Chairman Arnold Brown. Even Sun Microsystems chief scientist Bill Joy warned of "knowledge-based mass destruction" in a recent article in Wired magazine, adding that scientists should stop pursuing robotics and nanotechnology because no one knows what the consequences of advances in these areas will bring. Technophobes are warning people about everything from information overload, personal privacy, and the security of computer networks, to computer-related stress, and the intrusion of cell phones, portable computers, and other connected gadgets into every aspect of our lives. Indeed, high-tech companies are racing to connect all kinds of appliances throughout the home. What is more, some researchers envision embedding computer technology in clothing, and even in humans. Society should no longer embrace new technologies if there is no formal process in place to examine, analyze, and anticipate the latest advances, Brown writes. Ethicists should have more say than they currently do in assessing the impact of technology, much like the ethicists who are involved in the U.K.'s Human Fertilization and Embryology Authority. Perhaps a new and improved Congressional Office of Technology Assessment could lead the way, Brown suggests.