Timely Topics for IT Professionals
About ACM TechNews
ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either Compaq or ACM.
To send comments, please write to email@example.com.
Volume 4, Issue 359: Monday, June 10, 2002
- "Old Code in Windows Is Security Threat"
CNet (06/09/02); Lemos, Robert
Last week, a Finnish researcher reported a security flaw in Microsoft's Internet Explorer that revolves around Gopher, a hyperlinking protocol that predates the Web and could leave PC users vulnerable to attacks. Microsoft's director of security assurance Steve Lipner recently announced that the company will accelerate its plans to retire old code in its Windows operating system and other software under its trustworthy computing initiative, which critics say has yet to show any significant progress. Since the effort began, Microsoft has disclosed over 30 security holes; these unanticipated vulnerabilities are forcing the company to retire more code than originally planned. "The problem is that you are dealing with 50 million lines of code and everything depends on everything else," says Peter Neumann of SRI International, who believes the key to software security lies in solid, modular design. Marc Maiffret of eEYE Digital Security says the fault does not lie with old code, but rather with programmers who fail to sufficiently evaluate it prior to use. Lipner says the upcoming Windows XP update, Server Pack 1, will deactivate the Gopher function by default, but remained mum on other Windows features destined for retirement. Lipner also did not reveal the percentage of Windows XP code that is considered old or new. He said that Microsoft's security initiative involves the construction of a threat model used to identify security holes that would leave the code open to the most severe attacks.
- "2 Tinkerers Say They've Found A Cheap Way To Broadband"
New York Times (06/10/02) P. C1; Markoff, John
California software engineers Layne Holt and John Furrier are taking aim at cable and phone companies by using the 802.11b, or Wi-Fi, standard to make consumer broadband access available widely and cheaply. Their company, Etherlinx, has built a cheap repeater antenna that can be mounted on the outside of a customer's home via software-designed radio technology; by communicating with a central antenna, the device can convert the signals to Wi-Fi for home reception. By replacing the Wi-Fi support software with a code of his own devising, Holt has extended the hardware's transmission range to up to 20 miles, and he and Furrier believe the device can be mass-produced for less than $150 per unit. A small for-pay trial in Oakland has been testing the Etherlinx technology for a year, while a trial in Campbell, Calif., started in May. Government officials hungry for last-mile solutions and corporate executives who believe that broadband will spur growth in the computer industry have expressed interest in the technology. Furrier says the failure to attract venture capital from Silicon Valley encouraged Etherlinx to adopt a go-to-market approach--so far, about a dozen clients are buying Internet service from the company. "What we've hit on is a low-cost design point and used our fast design to get to market first," he boasts. The communications and computer industry has not remained idle, however: a second-generation standard is being developed, 802.16, that will boost transmission range.
(Access to this site is free; however, first-time visitors must register.)
- "India-U.S. Business Group Seeks Broader Base"
SiliconValley.com (06/10/02); Schoenberger, Karl
Silicon Valley's South Asian networking group, The Indus Entrepreneurs (TiE), is looking to expand its reach overseas and across ethnic and gender barriers. Since its founding in 1994, TiE has linked together venture capitalists, business minds, and software talent in a freewheeling manner unique to Silicon Valley. So far, TiE has succeeded in establishing 19 chapters across America, as well as 14 international chapters in India and other locations with significant South Asian populations, such as Sydney, Singapore, London, and Dubai. Kanwal Rekhi, founding member and venture capitalist, TiE wants to link up with other minority groups, such as ethnic Chinese, in Silicon Valley and elsewhere. He discounts cultural barriers, saying that business is a common interest that has helped TiE grow even its ranks of Pakistani members in the face of taut politics between Pakistan and India. In fact, TiE delegates met with Pakistani leader Gen. Pervez Musharraf and obtained his blessing to set up new TiE chapters in that country. There are approximately 8,000 TiE members worldwide, with 2,500 located in Silicon Valley. Although some question whether TiE can successfully cross ethnic borders, Rekhi believes that the group's ethnically neutral "innovation ecosystem" approach can work anywhere.
- "Study: Software Piracy Up for Second Straight Year"
The Business Software Alliance on Monday announced that for the first time in seven years software piracy around the world has increased for two straight years. BSA says its members lost $11 billion in sales to pirated software last year, and the music, movie, and video-game industries are also suffering from the mass availability of products on the Internet. BSA says that worldwide, 40 percent of new software installed by businesses last year was pirated; that figure was 37 percent in 2000. In the U.S., the software piracy rate increased from 24 percent to 25 percent, the world's lowest regional rate. Meanwhile, 67 percent of software is pirated in Eastern Europe, the world's highest rate, and 57 percent is pirated in Latin America. This year the group will increase congressional petitioning efforts for tougher laws against piracy. The alliance claims that most violations are committed by small and medium-sized businesses that look for cheap alternatives to run computer-based operations.
Click Here to View Full Article
- "Nearly 2-Decade-Old Effort Seeks to Teach Computer Common Sense"
Associated Press (06/09/02); Bergstein, Brian
The Cyc database lies at the heart of an ambitious effort to teach a computer common sense by feeding it millions of facts and general assumptions about life. The public has also been encouraged to download and add to Cyc through an effort initiated by Cycorp, the brainchild of founder and president Doug Lenat, who started creating Cyc in 1984. Earlier artificial intelligence efforts failed because computers rely on solid statements of fact and are unable to read the ambiguous nature of human speech. Lenat's team taught Cyc to make sure that any new information it received agreed with truths and generalities it already knew, and programmed it to be inquisitive in case it needed further clarification about concepts. Thus far, Cyc's practical applications include commercial (more relevant Internet search results for Lycos), military (an intelligence tool that could have significant impact in the counter-terrorism initiative), and corporate (disparate database unification and a security tool that can identify network vulnerabilities). There are some AI experts who think that pattern-based searches are more efficient than having computers follow predetermined rules, while inventor and futurist Ray Kurzweil thinks that true artificial intelligence will stem from a hybrid approach that combines both methods.
Click Here to View Full Article
- "No Need to Worry, Your Computer Isn't After You or Your Job"
Wall Street Journal (06/10/02) P. B1; Gomes, Lee
For almost three decades, experts such as Hubert Dreyfus and John Searle of the University of California at Berkeley's philosophy department have remained skeptical that computers will one day become super-smart and conscious. Such assumptions have been the basis of artificial intelligence efforts at MIT and other institutions, but Dreyfus and Searle's predictions appear to have won out: Projections that a conscious machine capable of common sense would be built by the beginning of the 21st century remain unrealized. Dreyfus claims the flaw in AI researchers' philosophy lies in envisioning intelligence in a mechanical way, using the computer as a model for the human brain. His argument seems to be borne out by current research efforts in the field of cognitive sciences, where the emphasis is on the study of actual brains in order to provide insight on consciousness and intelligence. Searle goes on to say that a computer can never actually achieve consciousness, which is a unique product of the brain. Because of the work of Dreyfus and Searle, fears that computers may soon supplant humans and human tasks remain in the realm of science fiction. Although Rodney Brooks, director of MIT's AI Lab, admits that "the ground has shifted a little towards" Dreyfus' theory, he says "his rationale was somewhat flaky." However, he continues to discount Searle's claims, saying that Searle "desperately wants there to be something 'special' about people and animals in an almost mystical way [although he will deny this]."
- "The Code of Life as a Paint Set"
Wired News (06/07/02); Anderson, Mark K.
In the Friday issue of Science, six chemists will disclose a "dip-pen" nanotechnology that enables DNA molecules to be painted onto a surface, a breakthrough that could have significant ramifications for developing a nanostructure assembly method and shrinking gene chips even further. "The idea is to miniaturize a 4,000-year-old technology, which is the technology of the quill pen and to do so using an atomic-force microscope," explains Northwestern University's Chad Mirkin, a report co-author. His team dipped the point of the AFM into a sample of DNA molecules and scrawled it onto a surface with 50-nanometer resolution. Duke University's Jie Liu praises the technique for its flexibility and control, and notes that he has used it to assemble nanoscale electronics. Mirkin's team is currently investigating how the dip-pen technology could be applied to nano-assembly, such as the binding of complementary DNA strands. Meanwhile, nanolithography methods such as Mirkin's could improve gene chip technology to the degree that millions of assorted DNA tests could be fitted onto a single chip. Nanoplex Technologies CEO Michael Natan also notes that molecular-scale structures with terrific resolution could be built via dip-pen nanolithography.
- "U.S. Commerce Department is Bullish on Nanotechnology"
Small Times Online (06/07/02); Brown, Doug
At a Thursday meeting, Phillip Bond, chief of staff to Secretary of Commerce Don Evans, announced that the commercialization of nanotechnology is a high priority. He noted that the White House's decision to significantly boost the budget of the National Nanotechnology Initiative has triggered an international competition. Bond particularly lauded nanotech's potential to inspire young people to pursue careers in science. Lawmakers in Congress are pushing for a three-year increase in the National Science Foundation's (NSF) budget; the NSF spends more on nanotech research than any other federal agency, and a boost in its budget would logically increase nanotech expenditures, but Bond said the Bush administration remains neutral on the NSF budget increase proposal. At the same meeting, assistant secretary for technology policy Bruce Mehlman said that his office is developing a study of international nanotech investments. John Sargent of Mehlman's office also explained that nanotech would be a prominent component of an advisory panel organized by the Commerce Department to study the ethical ramifications of new technologies. Meanwhile, National Institute of Standards and Technology director Arden Bement said that his organization is constructing a lab that aims to lead federal nanoscale measurement initiatives.
- "Living in a Wireless World"
ABCNews.com (06/07/02); Eng, Paul
Technologists and futurists anticipate a world where everyone has always-on wireless access to the Internet, a development they say will have profound effects on all aspects of everyday life. Already, technology innovations are converging to make this possible, especially the Wi-Fi wireless standard, emerging 3G rollouts that allow cell phones continuous connections to the Internet at the same speeds available on desktop computers, and handheld computers. Besides allowing workers to utilize their time better and access more critical business information, ubiquitous wireless Internet connections will change society by providing people with open access to a global "brain," according to John Petersen, president of the Arlington Institute think tank. He says the flood of information will place more importance on software tools such as filters and search engines. However, sociologist and Montclair State University professor Michael Zey worries that people might actually lose out in their personal lives because they use the enhanced communications abilities to escape more natural ways of communicating, such as conversing with strangers on public transport or in airports. Analysts also caution that there is more work ahead before wireless transforms society. Giga Information Group's Rob Enderle says, "There's still a lot of confusion and very little product."
Click Here to View Full Article
- "Researchers Demo Self-Assembling Nanowires"
EE Times Online (06/04/02); Johnson, R. Colin
Scientists at Denmark's Aarhus University have succeeded in creating a molecular template for making nanowires, a first crucial step in the development of self-assembling nanotechnology and nanocircuitry. Researchers want to try to find a way to make nanostructures build themselves when subjected to the appropriate conditions instead of being created through direct human manipulation. This "bottom-up" approach to building molecular electronic circuits would reverse the typical process today, where lithography techniques are used to build circuits from the top down, said Aarhus University's Flemming Besenbacher. In the Aarhus experiment, the laboratory team used an organic molecule shaped like a table, sitting atop a copper substrate. When cooled to super-low temperatures, the researchers applied force from a scanning-tunneling microscope in order to shape the template. Once constructed, the template molecule held in place 16 copper molecules in a two-atom wide strand that can be used to conduct electricity.
- "Lab Taps Universe to Test 'Data Mining'"
East Bay Business Times Online (05/31/02); Cole, Jim
Astronomers and scientists studying global warming are both using Sapphire, a data-mining technology developed by Chandrika Kamath at the Lawrence Livermore National Laboratory. The four-year-old program is still being refined, but is unique in its scalability, versatility, and precision, Kamath says. The Faint Images of Radio Sky at Twenty-cm (FIRST) group is using Sapphire to identify galaxies that are likely to be bent-double morphology galaxies. Instead of looking through each of 32,000 galaxy images themselves, the astronomers have used Sapphire to target 2,500 probable images. Kamath says Sapphire can be used in the same way to identify unsatisfied customers by examining CRM data, or used to fight credit card fraud. Other data mining technology, she asserts, requires predefined terms to work well and cannot handle the amount of data or data complexity that Sapphire can. She plans to license the technology in the future, but notes that it would have to come bundled with consulting services because the technology requires customization to use.
- "DoS Hole Has Some DNS Servers in a BIND"
A June 4 warning has been issued about a newly discovered vulnerability in versions of ISC BIND 9 that have not been upgraded to version 9.2.1, which is used for DNS servers. The Computer Emergency Response Team Coordination Center (CERT) issued the alert and says the vulnerability could have a wide impact considering BIND 9's ubiquitous presence on DNS servers, and the reliance of non-BIND servers on BIND servers, says CERT. All BIND users should upgrade to 9.2.1 without hesitation. CERT says that "an attacker can cause [BIND] shutdown by sending a specific DNS packet designed to trigger an internal consistency check." The shut-down is triggered when "Null" does not appear as a result of "rdataset parameter to the dns_message_findtype() function in message.c." MandrakeSoft, Red Hat, Hewlett-Packard, and Linux all say they are aware of the problem and working on it. This warning does not apply to BIND 4, BIND 8, or non-BIND server tools like IRIX. CERT offers further technical information at http://www.kb.cert.org/vuls/id/739123.
- "Patent Office Seeks to Go Paperless by 2004"
Computerworld Online (06/03/02); Weiss, Todd R.
The U.S. Patent and Trademark Office expects to reduce processing times for applications by adopting electronic technologies. Electronic filing could save the office as much as $500 million in costs, said James Rogan, the agency's undersecretary for intellectual property. Currently, applications for patents take approximately two years to resolve. The agency intends to reduce processing time for patents to 18 months, and to 12 months for trademarks applications. Currently, the agency has a total backlog of 408,000 applications and expects another 340,000 to be filed this year. The application handling process will be streamlined by creating four examination tracks and using more outsourcing, so that the entire process will eventually be completed electronically, Rogan said. Such processes are expected to be in place by 2004. Currently, the department is discussing technologies and vendors the agency might utilize, according to Brigid Quinn, a Patent Office spokeswoman. Rogan said, "Electronic end-to-end processing of both patents and trademarks is the centerpiece of our business model."
Click Here to View Full Article
- "Fortress America"
Washington Technology (06/03/02) Vol. 17, No. 5, P. 14; Emery, Gail Repsher
Congress is currently working through several cybersecurity initiatives that would bolster information sharing, increase research budgets, and require risk assessments from agencies. Two of the bills contain measures that worry officials in the IT industry because they would require the National Institute of Standards and Technology (NIST) to create benchmark security standards. Groups such as the Business Software Alliance oppose setting down technical rules because it could impose limitations on fast-changing technology. The Federal Information Security Management Act would strengthen the Government Information Security Reform Act, which requires federal agencies to perform security assessments according to NIST standards if the controversial provision is included. The Cyber Security Information Act is intended to extend Information Sharing and Analysis Centers (ISACs) into even more areas of industry. ISACs, established in 1998 under a presidential directive, are points of contact where businesses can share information about cybersecurity threats with government. The legislation would also aim to increase the amount of shared data by protecting companies from public disclosure of their security weaknesses. The Cyber Security Research and Development Act, providing more than $800 million for pure research and about $300 million for information security education programs, has already passed in the House and awaits Senate debate.
- "Intel Rethinks Its InfiniBand Strategy"
Network World (06/03/02) Vol. 19, No. 22, P. 12; Mears, Jennifer
Intel has decided not to ship InfiniBand chips next year, but industry observers say this will have little impact on the InfiniBand market. Venture capital is abundant, and the Yankee Group projects that InfiniBand-enabled servers will account for 42 percent of all shipments by 2005, while International Data predicts 50 percent. Systems architect Nathan McQueen of the University of Washington in Seattle says Intel's pullback is offset by its investments in InfiniBand startups such as silicon manufacturer Mellanox Technologies and management software producer Lane 15. Intel also has a seat on the InfiniBand Trade Association steering committee, while initiatives such as the InfiniBand interoperability lab and its product development kits continue to support the technology. Intel made the decision to cancel shipments of Host Chapter Adapter (HCA) modules in order to concentrate more on core business such as server chipsets, says Intel's Allyson Klein. Another reason for the pullback could be that IBM, Mellanox, and other companies are further along in their HCA delivery efforts than Intel, analysts suggest. "[Intel] didn't stop supporting InfiniBand; they simply recognized that others were beating them to the punch with [faster] technologies," says analyst Steve Duplessie. InfiniBand, backed by most of the major computer firms, promises to greatly boost bus processing speeds between servers, network and storage devices.
- "Esther Dyson: Living the Networked Life"
Fortune (05/27/02) Vol. 145, No. 11, P. 168; Kirkpatrick, David
Technology author and former ICANN Chairwoman Esther Dyson is busy organizing the PC Forum conference, publishing the newsletter Release 1.0, managing investments in over 40 tech startups, and sitting on the board of U.K. advertising firm WPP. Dyson believes the Internet is a barrier-breaking communications medium that is often not maximized by companies that may deploy internal communications software, for instance, but may never train employees to communicate across divisional boundaries. Dyson envisions Web sites functioning interactively more and more, like doors for consumers rather than like today's online marketing billboards. To illustrate her point, Dyson spotlights both eBay and Amazon.com: two companies that have gained success through enabling customers to communicate and interact with other consumers. Dyson invests in companies that market communication tools compatible with her interactive vision for e-commerce; for instance, Parity, which sells a "commitment-management tool" that empowers customers to mark emails with guidelines as to what type of action is being requested. Another Dyson-backed firm, Tacit Knowledge Systems, sells software that can scan and tabulate all internal corporate email so that people can search company-wide by various categories, such as topically, in order to locate information or an appropriate contact name or particular question. Dyson predicts that Wi-Fi wireless Web will permeate online commerce 10 years from now.
- "Deep Vision"
Science News (06/01/02) Vol. 161, No. 22, P. 344; Weiss, Peter
The Cave Autonomic Virtual Environment (CAVE), first developed by computer scientist Thomas A. DeFanti and colleagues at the University of Illinois in 1991, and related virtual reality technologies are breaking out of academia and into other sectors, such as business, the military, and the art world. A CAVE environment consists of a cubic room in which wall-sized screens display interactive computer-generated imagery that is rear-projected. Perspective shifts are realistically portrayed by special glasses that track the user's head movements. The technology opens up new methods of scientific data analysis, while engineers are able to design and test new products virtually and cut back some of their dependence on physical prototypes. Planetariums with CAVE-like 3D displays can serve as both an entertainment for audiences and a research tool for astrophysicists. Meanwhile, the University of Maryland in College Park uses a CAVE system in which users can study a simulation of a torpedo traveling in water in order to discover ways to dampen vibrations; the simulation is supplemented by sounds and haptics to give researchers a better sense of real-world effects. CAVE displays are evolving--the technology's developers have shrunk the environment into a workstation called the Immersadesk, while research is also being conducted in CAVE-like systems that incorporate computer monitors. And networking between CAVEs and CAVE-like systems is growing.
- "The Beltway Bandits"
Upside (05/02) Vol. 14, No. 4, P. 38; German, Kent
Whether the technology industry is lobbying for broadband deployment, intellectual property, or international trade in Washington, D.C., one thing is clear: The general consensus is that the government should let industry be responsible for its own regulation. "What we hope [the government] is going to do is get out of the way and create a marketplace that lets competition make the decisions, and let the technology industry go and figure out how to get it done," says TechNet's Connie Correll, whose organization hopes the Bush administration will establish a goal for broadband buildout. Most tech representatives are neutral on the mainly anti-regulatory Internet Freedom and Broadband Deployment Act of 2001--Intel's Douglas Comer explains that regulations often force local phone companies to share their equipment with rivals, which deters them from implementing the last mile of broadband deployment. TechNet favors Trade Promotion Authority, which translates into more sales from overseas markets, but the possibility that the legislation may be altered to regulate exports of high technology or institute Trade Adjustment Assistance for Firms is seen by many tech representatives as a threat to competition. The tech industry also wants cybersecurity and online privacy standards to be mainly industry-regulated, with the government taking a more collaborative position. Federal legislation for such standards, as well as Internet taxation, should replace state-level legislation. In the area of intellectual property, Sen. Fritz Hollings' (D-S.C.) Security Systems Standards and Certification Act would require electronics companies to install anti-copying technology in all their products. Although copyright holders such as Disney favor the legislation, opponents such as Intel Capital's Leslie Vadasz prefer that the owners themselves assume more responsibility for protecting their intellectual property.
- "Environmental Policy"
Internet World (05/02) Vol. 8, No. 5, P. 18; Smith, Howard; Fingar, Peter
In order to maintain productivity and competitive advantage, a company's business processes need to be continually upgraded, streamlined, and added to. Managing them effectively is beyond the capabilities of current software architectures and application development techniques, but they still have a use: They can be tapped through a Business Process Management System (BPMS), which integrates best-of-breed components with business processes. In essence, business processes can be shared through BPMS, which uses automation to stitch legacy integration and next-generation business process collaboration together. With BPMS, a company's processes can be managed in much the same way as a database management system maintains data assets. The advantages of BPMS include the incorporation of human activity and workflow across process-centric applications; the exchange of descriptions of end-to-end business processes across application environments; new uses for software programs; customization of business process descriptions; monitoring, optimization, and analysis of process operations; an integrated user interface via a portal that also integrates legacy systems; and the creation of new applications that interact and transform the entire process without the need for software engineering. The economic factor that drives BPMSes will guarantee their mainstream adoption. More and more Global 2000 organizations are tapping into business process management (BPM) as the business platform of choice.