ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of ACM.
To send comments, please write to email@example.com.
Volume 3, Issue 282: Friday, November 30, 2001
- "Court Upholds Ban on DVD-Cracking Code"
CNet (11/28/01); Hansen, Evan
A New York appeals court has sided with the movie industry in banning Web magazine 2600 and its publisher, Eric Corley, from posting links to the DeCSS code, which can be used to crack digital movie encryption. Although the court found that computer code was protected under free speech laws, it rejected the argument against the ban because DeCSS was not intended to communicate anything to people. The court argued that the material was "content-neutral" as opposed to expressive. "This sweeping decision upholds the [Digital Millennium Copyright Act] and rejects every argument that the defendants presented," says MPAA attorney Chuck Sims. Corley's supporters include the ACLU and the Electronic Frontier Foundation. Meanwhile, an appeals court in California recently upheld individual's rights to posting DeCSS code online because the judges said the code was protected under the First Amendment.
For further articles related to DeCSS, visit http://www.acm.org/usacm.
- "Servers Left Vulnerable by Early Patch Release"
Newsbytes (11/28/01); Bonisteel, Steven
Linux developer Red Hat accidentally released a software patch for the file-transfer server software Wu-Ftpd, a common BSD-based application used by many Web sites, ahead of schedule. Because it was not released in coordination with other security companies, the patch source-code could give hackers an easy understanding of the problem before administrators know about it. Although intruders would have to be registered users to exploit the vulnerability, experts warn that many Web sites allow public access through anonymous accounts. Security Focus director of engineering Oliver Friedrichs suggests that Wu-Ftpd administrators who lack a patched version of the software should disable anonymous access and make sure all other users are trustworthy. Some hacker groups are already sharing software that takes advantage of the Wu-Ftpd flaw, he says.
- "More Ginger Details May Be Coming"
CNet (11/29/01); Kanellos, Michael; Shim, Richard
For nearly a year, speculation has spread on what inventor Dean Kamen's "Ginger" is. It could be a vehicle that could help convey people or cargo over stairs and other uneven surfaces, according to several patents that Kamen has filed in the last three months. Last year, Kamen filed a patent application with the World Intellectual Property Organization (WIPO) that suggested that Ginger is a motorized device not unlike a scooter. Kamen has also disclosed that Ginger can be assembled in a mere 10 minutes, will cost less than $2,000, and will be released next year. One of his recent patent applications is for a "personal mobility vehicle," while another is for a device that can climb stairs; a third seeks protection for a process designed to control the fuel-air ratio of a burner of an external combustion engine. Earlier this week Diane Sawyer revealed that "Good Morning America" will unveil Ginger next week. Some speculate that the device could have medical applications, since Kamen's company, DEKA Research and Development, specializes in the medical field. Speaking at the Association for Computing Machinery's Beyond Cyberspace conference in March, Kamen said, "We have a promising project, but nothing of the earth-shattering nature that people are conjuring up."
For more information on ACM1: Beyond Cyberspace, visit http://www.acm.org/acm1/media/index.html.
- "Instant Messaging--Hackers Like It Too"
Total Telecom (11/29/01); Henderson, Peter
Security analysts warn that hackers could exploit instant messaging systems to launch faster attacks. Hacker Tony Lambiris, also known as Methodic, demonstrated such a vulnerability by launching a buffer overload attack on AOL's instant messaging system. "To have an email attack be successful, you need to send it, have the party download it, save the attachment, and run it," Lambiris notes. "With a messaging system, all you need to know is the person's user name." Hackers can use instant messaging systems to bore through corporate security, says Symantec's Carey Nachenberg. On the plus side, instant messaging allows makers to send out patches immediately, while corporations can beef up security by routing messages through proxy server computers. However, instant messaging's inevitable evolution will create more risks. Jupiter Media Metrix estimates that some 90 million home and business instant messaging users were active in September.
- "Chips Industry Maps Plans for Smaller, Faster Semiconductors"
San Francisco Chronicle Online (11/29/01); Yi, Matthew
Representatives from semiconductor associations around the world met to draw out a technology roadmap for the industry over the next 15 years. The meeting helped revise previous plans since it is now conceivable that manufacturers will be able to make smaller circuits faster than expected. The group now says it will reach 35-nanometer production by 2013 instead of 2014, and should be able to reach the 22-nanometer threshold by 2016. Most of today's semiconductors use 180-nanometer designs. Still, Texas Instruments' Robert Doering warned that a "brick wall" will be reached between 2005 and 2008 related to shrinking other parts of transistors, which he says may slow down the rate of chip design advancement. Although some critics warned of antitrust collusion by the world's leading semiconductor associations, Banc of America Securities analyst Mark FitzGerald dismissed the idea. He said such coordination on technology was necessary, considering the increasing costs of semiconductor research and development.
Click Here to View Full Article
- "New Uses Help Introduce Linux Operating System to Non-Geeks"
New York Times (11/29/01) P. F6; Biggs, John D.
Linux is gaining ground in computing devices other than workstations and servers used for business purposes. Advocates of the open-source operating system say Linux's arrival in systems such as home electronics, games, and handheld computers will help familiarize non-technical people with the software. Two companies currently make handheld systems with Linux pre-installed, including Sharp, which offers a high-end Linux handheld with Java capabilities, a color screen, and built-in keyboard. Compaq is also sponsoring an open-source developers' group called the Familiar Project that has created a Linux system for the iPaq that turns it into a fully functioning PC, complete with word processing, gaming, and programming capabilities. ExaDigm programmer Shane Nay believes that the route Linux will follow into the home will be circuitous, first being installed on game and entertainment hardware, and then showing up in handhelds.
(Access to this site is free; however, first-time visitors must register.)
- "PCs Cheaper, Faster, Duller"
Washington Post (11/30/01) P. E1; Musgrove, Mike
Price cuts and speedier processors have failed to boost PC sales. "[PC makers] need to provide consumers with new and compelling reasons to buy," says Odyssey analyst Sean Baenen. "Faster and cheaper is not enough." For example, the launch of Microsoft's Windows XP operating system only caused PC sales to pick up by a few percentage points. Consumers' interest in purchasing new PCs is at a four-year low, according to Odyssey research. Baenen believes that the price wars have siphoned off money that manufacturers could use for research and development. Furthermore, NPD Intelect analyst Stephen Baker notes that during tough economic times innovation is often put on the back burner. Several computer makers, including Sony, Apple, and Hewlett-Packard, expect DVD recording to be the next major feature to drive computer sales.
- "Nanotech, But Not in a Nanosecond"
Wired News (11/30/01); McGee, Patrick
Venture capitalists are eager to find the next major technological breakthrough, which makes them ripe for exploitation by nanotechnology boosters, according to R. Stanley Williams of Hewlett-Packard Laboratory. He contends that such proponents have very little actual understanding of the field and its current level of progress. "At this point, we have a lot of nanoscience, but there's very little nanotechnology," Williams says. Still, some companies are launching nanotech products: Carbon Nanotechnologies has developed a technique to mass-produce carbon nanotubes, highly durable structures that company founder Ken Smith says are 100 times stronger than steel and can conduct electricity and heat. However, Williams urges researchers and investors to follow common sense rather than hype, and not to expect the nanotech market to mature for 10 to 15 years. "My greatest fear about all of this nanotechnology going forward is that expectations will be raised too high too fast, and the consequence will be that the field will lose credibility, and we'll lose a lot of the momentum that we've been trying to get together for a long time," he warns.
- "Do Elections Need a Technological Upgrade?"
Medill News Service (11/26/01); Phillips, Ellie
The General Accounting Office has released a report detailing whether or not public confidence in the voting process can be restored through technology. The report notes that technological solutions must be properly maintained and integrated with people and processes if they are to yield accurate and secure results. Internet voting is one area of investigation, but the GAO report concludes that privacy and security concerns must be worked out, while the technology must demonstrate ease of use and provide access to all voters. Before technological problems can be addressed, U.S. Comptroller General David Walker says election staff must be trained and voting procedures at the polls must be standardized. Ironing out technological problems is a matter of money, according to Arkansas Secretary of State Sharon Priest. Improved voting systems will require "overwhelming federal funds," says Norman J. Ornstein of the American Enterprise Institute. Election fraud can be prevented by deploying a state-managed, county-to-county interactive voter registration database, says Kansas Secretary of State Ron Thornburg.
- "Devious Viruses Set to Grow"
BBC News Online (11/28/01)
Harmful computer viruses using evasive tactics are expected to rise. According to Sophos, an anti-virus software company, the Nimda worm was the most extensive virus in 2001, although it was introduced only in September. The worm used a number of different techniques, says Sophos' Graham Cluley, who adds that future assaults are likely to be similarly multi-pronged. So far this year, Sophos has found 11,160 new viruses and worms; some 70,000 viruses are already known to exist, says Cluley. Next year will see viruses that carry their own mail programs and those that attack instant messaging programs, the firm warns. As a result, home users and businesses should be more alert about the new dangers, Sophos says. In addition, more home users are being affected by hacking attacks because of the greater use of "always on" high-speed Internet connections, the firm notes.
- "If Open Source Is So Great, Why Isn't Everyone Using It?"
NewsFactor Network (11/27/01); Lyman, Jay
Many computing fields are using open source software, but the technology is overshadowed by commercial software for many applications. Adoption depends on the user's needs and the applications, analysts say. For example, a firm needing support on Web servers might turn to Apache, says IDC analyst Dan Kusnetzky. By using that software, the firm is likely to get faster help than with a commercial source, he explains. Analysts believe open source software will continue to see strong growth in infrastructure, including Web-based applications, networking, and operating systems. However, open-source programs lag behind in packaged applications, says Forrester analyst Frank Gillett. Open source cannot yet handle purchase orders or counting sales, he adds. Kusnetzky says open source software is not likely to be applied to parallel, distributed, and mainframe computing because it is not ready to deal with larger databases.
- "The Web Never Forgets"
Los Angeles Times (11/27/01) P. A1; Colker, David
Despite attempts to erase sensitive data on the Web by government officials and academics, archived versions of the sites are still available on the Web. The resiliency and permanence of the Internet was once heralded as one of its greatest strengths, and a key tool in uncovering government secrets, according to Steven Aftergood of the Federation of American Scientists. Aftergood's group, which has a goal to keep government accountable, has removed 200 pages containing sensitive data since the Sept. 11 attacks, including photos of the security apparatus of a government agency, but copies still reside elsewhere on the Web. About 10 billion pages of Web data are stored in the Internet Archive alone, a nonprofit effort to record Web history. The data is replicated there by software agents that continuously mine the Internet for updated material. Internet Archive founder Brewster Kahle says site owners can still request that outside access to their site be blocked, however.
- "Thirty Nations Sign Global Cybercrime Treaty"
Newsbytes (11/26/01); Krebs, Brian
The United States, along with 29 other nations, last Friday signed the Council of Europe's "Convention on Cybercrime," designed to regulate definitions and penalties for computer-related crimes such as hacking, copyright violations, fraud, and child pornography. Provisions allowing broad powers to track Internet-based communications of suspected terrorists were also added following the Sept. 11 attacks. The European Union expects to ratify the treaty by June 30, 2003, and the U.S. Senate must approve it before it takes effect in the United States. Civil rights advocates are worried about a possible amendment that might be added to the agreement, which states that Internet postings of racist material is a criminal offense.
- "Despite Downturn, Study Cites Resiliency of Mass. Tech Sector"
Boston Globe (11/26/01) P. C1; Kerber, Ross
A report from the Massachusetts Software and Internet Council says that the state's tech sector is relatively healthy despite the general malaise affecting U.S. technology firms. Nearly two-thirds of the companies surveyed employ 25 or fewer people and more than 40 percent of Internet and software companies said they planned to increase staff by 20 percent in the coming year. Less than two percent of those companies said they planned on cutting employees. Massachusetts tech companies pulled in slightly more money than the year before as well and job growth was attributed to smaller companies. The results of the survey were gathered before the Sept. 11 attacks, so up-to-date figures could show a darker view. Still, the council president Joyce Plotkin says, "Things are much better than people thought. Fundamentally, there's no shortage of ideas for new products and companies." The council's survey found the state had 2,381 software firms and 891 Internet firms, which is down just 1 percent from a year ago. Total state employment in the sector was 159,193, off 3 percent from last year.
Click Here to View Full Article
- "Bar Association Hears Debate Over UCITA"
Computerworld (11/26/01) Vol. 35, No. 48, P. 8; Thibodeau, Patrick
American Bar Association backing for the proposed software law known as UCITA is so critical to advocates that supporters held a two-day forum in Chicago last week to win over the organization. Cem Kaner, an attorney and computer science professor at the Florida Institute of Technology in Melbourne, says the Uniform Computer Information Transactions Act will pass in many states with the backing of the ABA, or it could fail altogether without ABA support. The forum is seen as a last-ditch effort by supporters of UCITA, which is opposed by 32 attorneys general, including those representing states that have major high-tech industries. UCITA has been introduced in eight states this year, but opponents have been able to stall or block the act. Backed by companies such as Microsoft and America Online, UCITA is designed to provide a framework for licensing contracts, even though the contracts may have no specific provisions. However, opponents view the law as being so flawed and going too far that it would have a negative impact on consumers and the overall marketplace. The UCITA drafting committee of the National Conference of Commissioners on Uniform State Laws (NCCUSL) will have to amend UCITA, such as by not allowing vendors to remotely shut down software if they believe the license has been violated. The ABA will disclose whether it supports or opposes UCITA after the NCCUSL drafting committee makes some changes to the act over the next several weeks.
For information about ACM's UCITA activities, visit http://www.acm.org/usacm/IP.
- "No Recession for Cybersecurity"
Washington Technology (11/19/01) Vol. 16, No. 17, P. 34; Emery, Gail Repsher
Despite focusing on cybersecurity since the Sept. 11 attacks, the U.S. government has found it difficult to find qualified IT professionals. The State Department, for instance, has emphasized a program offering a 5 percent to 10 percent base salary bonus to workers who receive IT certificates. State Department deputy CIO Bruce Morrison says his agency is increasing cybersecurity overall, including increasing the firewall staff, who are now working nonstop. Contingency planning, security audits, and increased use of public key infrastructure and biometrics to limit access are now also vital aspects of the State Department's system protection. The National Security Agency, National Science Foundation, and Defense Department have all sponsored educational programs in IT security education, and as a result, both the SANS Institute and International Information Systems Security Certification Consortium have seen interest in their security programs increase dramatically.
- "A Failure to Communicate"
Darwin (11/01) Vol. 1, No. 14, P. 34; McKay, Niall
The Defense Advanced Research Projects Agency (DARPA), which funded the early Internet, sees pervasive or ubiquitous computing as a way to make communicating with computers easier, and has contributed $10 million to fund research into invisible computing at several universities across the country. Now DARPA plans to spend another $40 million on research that will bring about a whole new PC user interface. Although IBM, Xerox, and others have focused on user interfaces for decades, these companies did not have the benefit of mature voice recognition software, artificial intelligence, wireless networking, and other emerging technologies to deliver a better way to communicate with computers. Experts envision new systems that are able to collect data on their own, observe users, and use artificial intelligence in order to anticipate their needs. With the aid of microphones, video cameras, and speakers, the new systems would be able to listen, observe, and deliver information to users, who would no longer have to type commands. Researchers at Carnegie Mellon University, involved in Project Aura, want to give computer systems the power to create a digital aura of information that follows users around the office. Project Aura relies on sensors placed throughout the office that are able to identify the computer's user. Project Oxygen at MIT and the Portolano Project at the University of Washington are also high-profile research projects that involve pervasive or ubiquitous computing.
- "A Technology Corps"
Technology Review (11/01) Vol. 104, No. 9, P. 83; Hawley, Michael
Although an increasing number of technologists are taking their expertise to the field and serving as volunteers in developing nations, more needs to be done to get scientists out of their labs and in contact with different ecologies and cultures, so that they can begin to understand that there are different ways of thinking and doing things, writes Michael Hawley. Geekcorps, the MIT Media Laboratory, the U.S. Department of State's Global Technology Corps, the G8's Digital Opportunity Task Force, and venture groups from Softbank to the World Bank all offer technologists an opportunity to spend time in developing nations. However, in terms of the Peace Corps, technologists account for less than 4 percent of the volunteers. The lack of infrastructure and support in developing nations may discourage computer scientists and engineers from participating in the Peace Corps. An easy path to a high-tech job appears to be another reason. Still, visiting developing countries offers technologists new opportunities, including chances to meet potential business partners. Programs such as Geekcorps also focus on building the infrastructure that local businesses can use to bring Internet access to poor populations, for example. Experience overseas could give technologists and scientists new insights into how new tools ultimately will impact the world.