ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either Compaq or ACM.
To send comments, please write to firstname.lastname@example.org.
Volume 4, Issue 302: Wednesday, January 23, 2002
- "H-1B Visas Jump in 2001"
CNet (01/22/02); Konrad, Rachel
A VisaNow.com survey indicates that the number of H-1B visa applications received by the U.S. Immigration and Naturalization Service (INS) increased 14.4 percent between Oct. 1, 2000 and Sept. 30, 2001, demonstrating that the economic recession has not stemmed demand for H-1Bs. This contradicts reports arguing that demand is shrinking because the INS did not reach the federal cap of 195,000 visas issued in fiscal 2001. "You need to look at the number of H-1Bs applied for, not approved, to determine demand," explains VisaNow.com's Mark D. Shevitz. Furthermore, the cap does not apply to a large portion of foreign professionals, such as researchers recruited to fill teaching positions at universities, federal research labs, and nonprofits. A rise in applications from those sectors may offer some relief for the technology industry, which has an insatiable appetite for foreign engineers, programmers, and software developers. However, anti-immigration lobbyists contend that Americans are losing jobs to H-1B workers, and they are not pleased with the results of the survey. Analysts say H-1B workers are attractive to companies because they work for less, ask for raises less often, and are less likely to question corporate policies. VisaNow.com President Robert C. Meltzer says that not enough U.S. graduates have the requisite tech skills to keep up with demand, so companies are turning to foreign workers to fill the void.
- "Bush Administration Urged to go High-Tech on Terrorism"
Newsbytes (01/18/02); Krebs, Brian
The Progressive Policy Institute issued several reports indicating that the next terrorist attack can only be thwarted if the Bush administration formulates a solid plan for putting the latest technology and information-sharing tools in the hands of law enforcement agencies. Since terrorists today are using modern technology to launch their attacks, it only stands to reason that law enforcement use modern technology to fight them, according to PPI President Robert D. Atkinson. Among the recommendations the reports outline is the creation of a federal CIO to oversee the adoption of state-of-the-art crime-fighting tools across the federal, state, and local levels; better access to data-sharing technology to government agencies on all levels so local agents can check criminal databases in other states; and the institution of biometric IDs for both citizens and foreign visitors. In fact, many of the initiatives detailed in the PPI reports are already under development by state and federal agencies. Many of the PPI's proposals have come under fire from civil liberties groups, who claim they intrude on personal privacy and are backed by companies that see them as a way to keep tabs on consumers. "At the end of the day, even if the system works really well and there aren't any obvious or glaring flaws, do we want this system that enables a 24-7 tracking of individuals?" asks Lee Tien of the Electronic Frontier Foundation.
- "'Telework' Is on the Rise, But It Isn't Just Done From Home Anymore"
Wall Street Journal (01/23/02) P. B1; Shellenbarger, Sue
Telecommuting and other forms of 'telework,' are on the rise. Telework refers to remote work from satellite offices, the home, or while on the road. Jala International's Jack Nilles, who coined the term "telecommuting" in 1974, says there are kinds of telework in operation now that he never imagined in the 1970s. For example, people can use wireless email at Starbucks, engage in videoconferencing at Kinko's and at home, and even work from telework centers in remote villages in India that are served by wireless computer connections. Employee demand for teleworking is growing accordingly. This is because working from home, in particular, provides a number of benefits, including more productivity, commitment, and job satisfaction. A recent forecast by the Institute for the Study of Distributed Work says the number of teleworkers will probably rise to 9.2 percent of the workforce, or 13.7 million people, within the next three years. Sept. 11 hastened the trend of telecommuting as more people moved away from metropolitan buildings; IDC's Raymond Boggs estimates that telework began increasing at a 3 percent annual rate after September.
- "Asian Enterprises Turn to Linux"
ZDNet UK (01/22/02); Tham, Irene
More and more firms in Asia are turning to Linux-based operating systems to run their server applications. According to a report by Gartner Asia-Pacific, 15 percent of firms in the region (with the exception of Japan) used Linux in 2001's fourth quarter, compared to between 5 percent and 7 percent in the same quarter in 2000, says Gartner Asia-Pacific analyst Phil Sargeant. More than 50 percent of participants said cost was the main reason for using Linux, he says. Thailand and Korea had the highest rate of Linux usage, with more than 25 percent of firms in both countries using the operating system. In India and Hong Kong, 24 percent and 21 percent of companies used Linux, respectively. In China, only 8 percent of firms used Linux servers, but its adoption is expected to increase rapidly. Still, the Windows NT and 2000 server operating systems were the most widely used in Asian countries in last year's fourth quarter, Gartner says. However, a new pricing structure to be launched July 31 by Microsoft will require customers to buy upgrades for an annual fee, raising software costs for smaller companies, analysts note.
- "Industry Says Ho-Hum to Netscape Lawsuit"
CNet (01/23/02); Konrad, Rachel; Fried, Ian; Shim, Richard
The lawsuit filed against Microsoft by Netscape Communications has elicited a less than shocked reaction from high-tech lobbyists, some of whom have been expecting such a development ever since U.S. District Judge Thomas Penfield Jackson ruled that Microsoft was monopolistic and anti-competitive. Netscape alleges in its lawsuit that Microsoft effectively shut out its browser from business channels using such practices. Red Hat's Melissa London says the suit "should surprise no one," while frequent Microsoft basher Sun Microsystems declined to comment on the case. Computer & Communications Industry Association CEO Ed Black hopes that the suit will benefit other companies that have also suffered because of Microsoft's dealings. ProComp President Mike Pettit believes that Netscape's compensation could run into the billions of dollars. However, open source advocate Eric Raymond, author of "The Cathedral and the Bazaar," is against the lawsuit and the antitrust law itself, on the grounds that it gives government too much power. "I don't think the government has any business meddling in this market or any other," he contends. He acknowledges that the lawsuit is likely to attract the support of many people in the open-source community.
- "Red Hat's Significance for AOL"
Los Angeles Times (01/21/02) P. C1; Piller, Charles
Recent media reports that Red Hat, a major distributor of the open-source Linux computer operating system, may be purchased by the media behemoth AOL Time Warner could indicate that AOL is implementing a new campaign in its ongoing rivalry with Microsoft. Should AOL take over Red Hat, it would obtain marketing and technical expertise for an operating system that vies with Microsoft's Windows software. Windows is currently being used by approximately 90 percent of PCs worldwide. Both Microsoft and AOL are locked in a head-to-head race as content developers and ISPs. Microsoft has also made heavy investments in cable companies, which the company wants to use to establish Windows as a major standard for interactive television set-top boxes. This is an important market for AOL, which is one of the largest cable television providers in the United States, and the company's entrance into the Linux market may represent a response to Microsoft's incursions into AOL's key markets. AOL certainly has the market muscle and financial resources to use Linux against Microsoft, according to analysts. SageCircle software analyst Chris Le Tocq believes AOL could market a Linux-enabled PC equipped with standard consumer tools that costs considerably less than a Windows PC; such machines could do particularly well in China, Latin America, and other markets where Windows does not yet have a dominant foothold.
- "Teaching Robot Dogs New Tricks"
Scientific American Online (01/21/02); Labrador, David
Sony is struggling to settle a controversial issue that cuts to the heart of the Digital Millennium Copyright Act (DMCA). In late October, Sony Entertainment Robots America informed the hacker known as AiboPet that posting programs that decrypt its Aibo robot dog's learning software constituted a violation of the DMCA. However, Sony reversed its decision when thousands of customers protested by issuing petitions and boycotting Sony products. Nevertheless, the DMCA ruling still stands, criminalizing any case of reverse-engineering that involves digital encryption. Central to the highly successful Aibo is Sony's campaign to bring robotics into the home by establishing relationships with their owners based on affection rather than practicality; the toy is designed to express emotional states and build personalities based on interaction, while future versions may incorporate voice and face recognition. In this way, Sony aims to make the concept of home robots more benign and acceptable by consumers. The only way owners are currently allowed to customize their Aibo legally is to purchase Master Studio software, which sells for $500. The strictures of the DMCA still make robot modification by users illegal, even though Sony, at least, is letting them do so because it is in the company's interest.
- "GovNet: What Is It Good For?"
Wired News (01/21/02); Delio, Michelle
GovNet, proposed by President Bush's cybersecurity adviser, Richard Clarke, is getting little support from security experts and the intelligence community, who say that existing networks can adequately be used to fulfill its intended function--to allow agencies to communicate sensitive data with each other through a secure network independent of the Internet. Intelink, one of those networks, was first unveiled in 1994 to be used by federal intelligence agencies, but only after Sept. 11 did it gain credibility. Since the attacks, hundreds of users have accessed the network, which is run off dedicated Department of Defense servers, to share information about terrorism, and it is currently being revamped to provide even greater security. Siprnet, which is completely classified and encrypted, is another system already in place that can be used for the secure transmission of government data. As Richard Forno, the chief technology officer at Shadowlogic, puts it, Clarke "should take the GovNet money and fix the existing problems" by installing more secure software and operating systems, training IT staffs, and developing an efficient and secure government-wide IT infrastructure.
- "Programmers Could Thwart Hacker Attacks With Smarter Software"
Investor's Business Daily (01/22/02) P. A6; Tsuruoka, Doug
AT&T Labs researcher Avi Rubin believes that training smarter software programmers can foil hackers. He cites the buffer overflow security hole in AOL's Instant Messenger program as proof that better programmers are needed. "There's no excuse for buffer overflow problems," Rubin insists, adding that security experts have known about them for two decades. The AOL flaw, which was disclosed by students at Utah State University, could have enabled hackers to anonymously take over the vulnerable machines by bombarding them with email, he explains. To solve this problem, Rubin recommends that companies hire programmers whose background includes computer security. Such professionals would make it their business to avoid such buffer overflow vulnerabilities in the design phase, he says.
- "Sci-Tech: Tiny Chain Could Drive New Microchip Designs"
NewsFactor Network (01/21/02); Wrolstad, Jay
Sandia National Laboratories has developed a microchip element that could drive down the cost of systems-on-a-chip, according to technician Ed Vernon. The component is a microchain drive mechanism capable of turning numerous drive shafts, thus eliminating the need for closely packed, chip-based micro-electromechanical systems (MEMS) motors, he explains. The chain could run shutter components in optical devices such as micro cameras. Vernon notes that the machine could also have mechanical timing and decoding applications. The system has no need for back-and-forth movements, he explains; it can facilitate both continuous and intermittent drive translation. Each link in the microchain spans 50 microns from center to center, making it smaller than the diameter of a human hair, Vernon says. He says the free-floating device is not attached to the wafer of the microchip, a significant step forward in design.
- "How Small Can You Go?"
InformationWeek Online (01/14/02); Whiting, Rick
Researchers at the University of Colorado at Boulder are investigating how far down they can shrink nanotechnology before exceeding structural stability limits. They are using sophisticated simulation tools to focus on multilayer microelectrical-mechanical systems that can act as both electronic circuits and mechanical devices. Temperature changes and their effects on atomic behavior in these systems are being simulated using visualization software. Associate professor Martin Dunn says that faculty are also studying the stresses between layers of gold-silicon and aluminum-silicon films used to build nanoscale switches for optical networks. "We hope to get a clear understanding of what the operational failure modes are of these nanoscale structures," he explains. The goal of the research is to develop micromodeling methods for nanotechnology reliability testing. The university receives part of its funding from a $400,000 grant from Sandia National Laboratories and the National Science Foundation.
- "Broadband Internet Access Is Key to Nation's Progress, Tech Industry Says"
Associated Press (01/19/02); Bergstein, Brian
TechNet says the U.S. government should make universal broadband access a "national imperative." In a recent report, TechNet said the government owed it to the nation to make universal broadband access as important as landing on the moon in the 1960s, and challenged it to make this happen by 2010. The high-tech lobbying group is calling for 100 million homes to be wired for broadband by that time. Furthermore, the report recommends that the government ease up on telecommunications regulations and not impose new ones. However, TechNet is not calling for subsidies or tax credits for companies that would introduce the technology, only for poor and rural users who do not have the money to afford broadband. Not all experts are convinced that TechNet's plan is workable, worthwhile, or competition-friendly: Gartner Dataquest broadband analyst Kathy Hackler is skeptical that it could lead to better industry cooperation, while Forrester Research analyst Carl Howe says there is no proof that universal broadband access will spike productivity. Analysts say service problems and high prices are to blame for the reason why only 12 percent of consumers who could receive broadband have gotten it.
- "Exploding Chips Could Foil Laptop Thieves"
New Scientist Online (01/16/02); Graham-Rowe, Duncan
University of California, San Diego researcher Michael Sailor and colleagues have developed a way to make silicon chips explode via an electrical signal. Such technology could be used to destroy circuitry in stolen machines, according to the team. The detonator is the chemical gadolinium nitrate, which oxidizes silicon. The chemical would be induced to trigger an explosion by the signal. "We have shown that you can store this stuff and detonate it at will," explains Sailor. He says the technology could also be used to fuel microscopic machines etched onto silicon wafers. Furthermore, it could be applied to the detection of toxic materials in groundwater by burning samples on a disposable chip for chemical analysis.
- "MS Refocuses on Software Pirates"
Wired News (01/22/02); Delio, Michelle
At a recent press conference, Microsoft anti-piracy manager Diana Piquette accused software pirates of using their profits to support terrorist organizations and organized crime. Among incidences she cited were a Paraguayan counterfeiter who allegedly financed Middle Eastern terrorists, Northern Ireland paramilitary groups backed by counterfeit software sales, and Colombian drug cartels also linked to pirated software. Piquette said the evidence for these terrorist connections is in a 2001 study on global software piracy commissioned by Microsoft. Furthermore, pirates are displaying increasing sophistication by stealing higher-quality software, she claimed. In response, Microsoft has boosted its anti-piracy efforts, switching from manual Internet searches to a 24/7 automated scanning system, Piquette said. Microsoft and other software companies have been lobbying for tougher government-authorized piracy crackdowns, and there appears to have been some success in this area, according to Microsoft associate general counsel Nancy Anderson. The Justice Department has expanded federal cybercrime initiatives, including the organization of 10 teams of prosecutors tasked with prosecuting online criminal activity. Anderson added that the United States has been pressuring other nations to take a tougher stance on software piracy, and Russia and China have responded by cracking down on such activity.
- "Philanthropist Nurtures Tech Start-Ups by Women"
USA Today (01/22/02) P. 12B; Hopkins, Jim
Catherine Muther, a millionaire philanthropist, has been nurturing tech startups by women for a number of years. Muther became the head of marketing at Cisco Systems in 1989, and she became a millionaire when the company launched its initial public offering. Muther subsequently left Cisco Systems and put $2 million into a charitable foundation that created a non-profit business incubator for technology startups launched by women called the Women's Technology Cluster. The incubator, which is based in San Francisco, is currently home to 16 wireless, software, and other information technology companies. Muther provides these women with access to lawyers, venture capitalists, and other major players in entrepreneurship. So far, 12 companies that got their start in the incubator have left, placing Muther at the center of national efforts to boost female-run tech startups. Three of the 12 businesses have been sold, while five remain in business and employ over 100 people.
To learn about ACM's Committee on Women in Computing, visit http://www.acm.org/women.
- "Security Vs. Privacy"
InformationWeek (01/14/02) No. 871, P. 22; Rendleman, John; Swanson, Sandra; Maselli, Jennifer
The American Association of Motor Vehicle Administrators this week is expected to introduce a proposal to issue drivers' licenses with biometric identifiers. However, the plan faces considerable privacy and technical hurdles, especially with similar proposals of a national ID card leaving a sour taste in the mouths of privacy proponents. The databases would be open to DMVs in different states, federal agencies, law-enforcement officials, and even businesses, and privacy advocates argue that such a situation leaves confidential information vulnerable to abuse. "We don't see a very great distinction between a national ID card and a coalition of 50 states [issuing] drivers' licenses," says Lee Tien of the Electronic Frontier Foundation. "To the extent that the databases are highly integrated, there may be even more of a risk from human error or human malfeasance." The integration effort itself would also be a challenge, one that requires state records to be modernized and many state and federal systems to be connected. Convincing naysayers that the system is important and secure will be key to making the biometric driver's license proposal viable.
- "Software Liability Gaining Attention"
eWeek (01/14/02) Vol. 19, No. 2, P. 11; Fisher, Dennis
Until now, software security breaches such as Nimda or Code Red have had little impact on software vendors. Venders are protected by software user agreements, and few lawsuits have been filed. However, legal experts believe that consumers will starting suing vendors on a large scale. "So much of our economic structure depends on computers that it's unsustainable to hold software companies blameless," says Jeffrey Hunker, dean of the H. John Heinz III School of Public Policy and Management at Carnegie Mellon University. This spring CMU's Software Industry Center will host a conference to discuss users' legal options. Meanwhile, the National Academy of Sciences recommended in a report that the government penalize vendors whose software causes damage due to security flaws. Vendors are trying to protect themselves by endorsing UCITA, the Uniform Computer Information Transactions Act. The act protects vendors from prosecution or civil suits, and has already been passed in Maryland and Virginia.
Click Here to View Full Article
- "The Road to Secure Web Services"
InfoWorld (01/14/02) Vol. 24, No. 2, P. 52; Andress, Mandy
The emergence of Web services means that new security solutions will be needed for the next big thing in Internet-based applications and transactions. Although Web services take advantage of user IDs, passwords, access control lists, file permissions, message digests, and SSL encryption, the security solutions are not strong enough to provide the kind of secure infrastructure that is needed for Web services' critical architecture. Web services smoothly link systems and applications that communicate over a network and, as a result, need better methods to secure access to sensitive information. Better methods that cater to Web services may come in the form of Kerberos, an authenticating technology using cryptographic tokens to identify users that Microsoft is implementing in Passport. Liberty Alliance is developing a competing technology that offers less centralized authentication, while vendors such as Oblix and Netegrity are focusing on managing user credentials, which benefits interoperability among Web services platforms. Strong authentication can also come in the form of smart cards and biometrics. Nevertheless, a security infrastructure can not succeed without defined security policies and proper implementation, administration, and maintenance. New developments in XML Signature, XML Encryption, SAML (Security Assertion Markup Language), XKMS (XML Key Management Specification), and XACML (Extensible Access Control Markup Language) will help bolster the effort to secure Web services.
- "Patching Holes in Cyber-Space"
National Journal (01/05/02) Vol. 34, No. 1, P. 37; Munro, Neil
President Bush's cybersecurity advisor Richard Clarke is urging software companies to distribute software patches to customers and implement rapid closure of security holes. If such flaws cannot be rectified in a timely manner, an administration official warns that the government may apply greater pressure, even though the federal initiative currently maintains a hands-off policy. Executives worry that this may take the form of lawsuits on behalf of clients who suffer economic injury because of such vulnerabilities. But issuing software patches on the scale Clarke envisions is not an easy proposition. Some patches, whether deployed to clients by email or applied by the companies themselves, may give rise to even more problems, and permanently damage the customer/provider relationship, experts warn. Patch customization is one solution to this problem, but customers may be unwilling to disclose the intimate information required for such a service. Improved patch distribution is just one item on a list of computer security initiatives outlined by Clarke, who has also promised that the government will mend its own security practices. Federal officials are looking into software-design standards that could make it easier for companies to implement patches, and investigating automatic patching software that helps companies consolidate and manage their computers.