Timely Topics for IT Professionals
About ACM TechNews
ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either Compaq or ACM.
To send comments, please write to firstname.lastname@example.org.
Volume 4, Issue 361: Friday, June 14, 2002
- "Bush Urges Tech Leaders to Help Keep the Peace"
SiliconValley.com (06/13/02); Hutcheson, Ron
President Bush told a forum of about 130 high-tech industry executives on Thursday that he expects them to contribute to the war on terrorism and the push for homeland security. "Our high-tech advantage will make it easier for us to keep the peace," he declared. He also urged attendees to dedicate themselves to good corporate citizenship and the promotion of volunteerism. Bush said the federal government has earmarked roughly $53 billion for its 2003 IT budget, and added that recipients of that money should deliver viable products. He also reiterated his dedication to broadband expansion, amendments to export controls that would ease the sale of high-tech equipment abroad, and the permanent extension of tax incentives for research and development. Bush added that he is aware of the rough financial straits that the tech industry is currently negotiating: "I understand the importance of productivity gains and what it means for average Americans," he claimed. The Center for Responsive Politics estimates that the high-tech industry donated about $40 million to federal candidates in 2000, while Bush received at least $1.2 million for his presidential campaign. Attendees at the White House forum included top executives from Symantec, AOL Time Warner, Hewlett-Packard, and AT&T.
- "Content, Tech Industries Debate Digital Copy Protection"
InfoWorld.com (06/13/02); Garretson, Cara
Representatives of content providers and technology companies, brought together on Wednesday for a panel discussion organized by the Cato Institute, strongly disagreed on how to curb digital piracy: Content firms believe that adding copy protection is the responsibility of the tech industry, and favor legislation that would make the installation of digital rights management (DRM) technology in all electronic devices a government-mandated requirement. Tech companies are opposed to this, not only because of the cost and effort involved, but also because it does not promise to stomp out all forms of digital piracy. Digital Media Association executive director Jonathan Potter notes that many movies are pirated while they are still in production, or recorded in theaters, and it is unlikely that DRM controls will be able to halt this kind of activity. Meanwhile, Sarah Deutsch of Verizon Communications believes that a lack of content has encouraged illegal, Web-based file sharing, and suggests that compulsory licensing is a viable solution. She says the government has authorized this measure when new technology and content owners have been at odds, giving rise to a "market failure." Vivendi Universal's Stewart Verdery claims the tech industry has inadequately responded to the issue of peer-to-peer file sharing. For example, tech executives did not reply to letters sent to them by content companies concerning Internet piracy until right before Sen. Fritz Hollings (D-S.C.) held a hearing on his proposed DRM legislation, which was formulated when content providers took their grievances to Congress.
Click Here to View Full Article
- "High-Tech Companies Act to Safeguard Operations in India"
USA Today (06/13/02) P. 3B; Swartz, Jon
Although tensions between India and Pakistan have eased slightly, the threat of a conflict or terrorist act has caused many software companies with operations in the region to scramble to protect India's $7.8 billion software-export business, which has risen 700% in the last five years. U.S. companies such as Hewlett-Packard, Oracle, and Sun Microsystems have spent nearly $5 billion on Indian-manufactured software in the last 12 months ending March 31, says India's National Association of Software and Service Companies. Infosys Technologies has 2,400 employees in India with work visas who can transfer immediately to the U.S., and iGate only needs one day to transfer employees between its four Indian sites. Infosys is also showing clients its disaster plans in order to ease their fears, and some other companies have also begun investing in operations such as satellite links and redundant data lines outside of India in order to reduce the risk of business interruption. Furthermore, Tata Consultancy Services established a development center in Uruguay this year, and Megasoft maintains backup sites in the U.S. However, most small- to medium-sized enterprises are unable to afford these logistical maneuvers, so they must sit tight and ride out the storm.
- "Japanese Supercomputer Finds a Home in Alaska"
New York Times (06/14/02) P. C5; Markoff, John
A Japanese-built SX-6 supercomputer called Rime has been transferred to the University of Alaska in Fairbanks, where it will spend the next 12 months being tested and converting software codes for the Arctic Region Supercomputing Center. The machine, which features eight processors, 64GB of memory, and a trillion bytes of disk storage, was brought to Alaska by Cray, which forged a joint marketing alliance with NEC last February to sell the company's products in the U.S. This is significant in that the partners were formerly on opposite sides of a prolonged government battle over the U.S. purchases of Japanese supercomputers. In 1996, Cray filed a complaint that Japanese firms were selling supercomputers below cost when the National Center for Atmospheric Research elected to purchase an NEC model rather than a Cray model. Rime is a streamlined version of the Earth Simulator, an NEC device that currently holds the title of world's fastest computer. The machine is a vector supercomputer that predates the U.S.'s massively parallel computers. Vector supercomputers can calculate long strings thanks to custom hardware, while massively parallel machines network hundreds of thousands of microprocessors.
(Access to this site is free; however, first-time visitors must register.)
- "Microsoft Warns of New Security Flaws"
Microsoft disclosed a trio of critical software vulnerabilities on Wednesday. The company has issued a patch for a hole that can cause system shutdowns or enable hackers to run malicious code on a computer; the flaw affects users of Windows XP, Windows Routing and Remote Access Server, Windows NT 4.0, NT 4.0 Terminal server edition, and Windows 2000. The other security flaws include an Internet Explorer vulnerability that could allow intruders to commandeer computers via an old Internet protocol, and a hole in Microsoft's instant messaging and chat programs that would permit hackers to run their code on victim machines. The Wednesday announcement brings the total number of security bulletins Microsoft has released this year to 30, demonstrating the company has made little actual progress toward its target of more secure software since making it a primary goal about six months ago. Nevertheless, David Gardner of Microsoft's Security Response Center claims that the initiative has had positive effects--for one thing, engineers are detecting these flaws before they are identified and revealed by outside researchers.
Click Here to View Full Article
- "Coding Flaw Might Assist Hackers"
Wall Street Journal (06/13/02) P. B4; Richmond, Riva
Computer-security specialists are exploring whether the Internet infrastructure could become a ripe target for hackers because of findings that faulty deployments of the Abstract Syntax Notation One (ASN.1) computer language makes Simple Network Management Protocol (SNMP) vulnerable to intrusions. At the core of the problem are certain versions of programming code used to read ASN.1, which fail when attempting to deal with very long or distorted messages, giving rise to system crashes or memory overflow that hackers could exploit. If such errors have widely proliferated, other protocols may be open to attacks that could shut down routers and switches, severely hampering online access. Such protocols are used by the telecom sector, and are also incorporated into nuclear-control systems, power-control systems, printer-job management, package tracking, secure communications, and online multimedia applications. Sourcefire founder Martin Roesch and other experts say that the problem is being investigated by tech firms, private researchers, and government agencies. The National Infrastructure Protection Board's Debbie Weierman notes that her agency has been collaborating with experts from the NSA, the Federal Computer Incident Response Center, CERT, private groups, and others since March to see how widespread the ASN.1 flaw is. Microsoft, Lucent, and Oracle are among the private-sector companies that have investigated or are investigating how their products may be affected by the ASN.1 problem. Meanwhile, TruSecure's Paul Robertson believes high-level hackers have devised malicious programs that exploit the flaw.
- "Scientists to Grow Microchips"
NewsFactor Network (06/12/02); Hill, Kimberly
University of Arizona researchers are investigating how cellular proteins could be used to fashion more flexibly designed microchips with denser circuitry. Their experiments involve long protein strings called microtubules, which assistant professor of biomedical engineering James Hoying says behave like extremely minuscule wires. Furthermore, the microtubule protein molecules can be polymerized more then once. When microtubules are grown on a microchip, the differing polarities of their ends will cause them to self-assemble into the appropriate connections. This self-assembly, combined with their uniformity in size and low process variation, enables microtubule structures to be utilized in circuits that consume up to 100 times less power than conventional circuitry, an important benefit to portable systems. Hoying notes that optics and surface chemistry are among the potential applications of microtubule technology that his team is exploring. University of Arizona professor Pierre Deymier says "I can envision, in the long term, the idea of using biomolecules as building blocks where more traditional materials are used in many applications now."
- "The Case for Reflective Middleware"
Communications of the ACM (06/02) Vol. 45, No. 6, P. 33; Kon, Fabio; Costa, Fabio; Blair, Gordon
The computational infrastructure will become even more dynamic than it is now with the advent of ubiquitous computing over the next five years, and current middleware technology does not have the support to handle this dynamic nature. One possible next-generation solution is reflective middleware that can be customized for various devices and boasts a high adaptability to environmental changes. Reflective middleware is deployed as a set of elements that can be configured and reconfigured by the application; the middleware interface is constant and capable of managing traditional middleware applications, while the internal configuration of the middleware can be inspected and, if necessary, reconfigured in response to environmental changes by the system and application code. Researchers at the University of Illinois and Lancaster University have developed reflective middleware systems--DynamicTAO and Open ORB, respectively--that support dynamic customization of component behavior and fine-grain resource management via meta-interfaces. Both efforts took markedly different approaches: DynamicTAO began with a modular but static deployment of a CORBA (Common Object Request Broker Architecture) ORB called TAO, while Open ORB was developed from scratch. DynamicTAO is reflective middleware whose concurrency, security, and monitoring components can be safely and dynamically reconfigured. The Open ORB platform outlines four meta-space models--interface, architecture, interception, and resources--that support various configurations.
- "Higher Ed Can't Meet Info Security Demand"
Washington Technology Online (06/10/02); Emery, Gail Repsher
Over 50% of students enrolled in Western Connecticut State University's management of information (MIS) systems degree program take the information security track, while 90% of all MIS students take one information security course at minimum, according to Marie Wright, associate professor of management information systems at the university. Two recent studies, the IT work-force study by the Information Technology Association of America and the annual Computer Crime and Security Survey, a joint of effort from the FBI and the Computer Security Institute, describe how information security skills are necessary for network administrators and designers. Colleges and universities are more important than ever before in continuing the development of the information security workforce, says SANS Institute research director Alan Paller. However, educators believe they are ill-equipped to handle the demand placed on them as many highly-trained IT professionals with advanced degrees are taking their expertise to the workplace instead of teaching in the classroom, explains Allan Berg, deputy director of the Commonwealth Information Security Center at James Madison University. In addition to looking for higher education qualifications, employers value on-the-job experience. Therefore, most students in the Western Connecticut program become interns during the course of their studies, notes Wright.
- "The Technology Innovation Squeeze"
E-Commerce Times (06/12/02); Robinson, Teri
Analysts believe the economic slump does not necessarily translate into a downturn in technical innovation, although companies are being more cautious, investing in technologies that are practical rather than fashionable. Aberdeen Group analyst Andre Arkhipov says most firms "are looking for near-term results" from technology such as increased efficiency. Another Aberdeen analyst, Kent Allen, says enterprises are funneling money that would otherwise have gone toward marketing into research and development, and adds that smaller, private companies are starting to lead innovation in the wake of the downturn. The private sector is expected to rekindle or increase interest in technologies such as smart cards and biometrics, while federal IT outsourcing will also help promote innovations that were relegated to the back burner during the slump. Security concerns in the wake of Sept. 11 are also driving demand for new technologies--smart cards and disaster recovery technology among them--according to Yankee Group program manager Andy Efstathiou. Advocates of artificial intelligence believe the technology's fortunes are about to change, thanks to demands for better data mining solutions and faster customer analytics. International Data (IDC) research director Stephen Minton says there is evidence that innovation closely follows an economic downturn, and predicts the technology sector could bounce back as early as 2003. Furthermore, the current economic situation has not led to a complete halt in innovation, as demonstrated by smaller, more powerful semiconductors from Intel and wireless breakthroughs from Proxim and Research In Motion.
- "Fabrics Smart Enough to Change Colors and Keep You Dry"
New York Times (06/13/02) P. E11; Austen, Ian
Conductive polymers could be the key to smart textiles, leading to innovations such as fabrics that can rearrange their molecules to change color, absorb perspiration, or become waterproof when triggered by an electrical signal. Smart textiles could also be used to enable parts of clothing to act as a microprocessor for a wearable computer. Such polymers are currently being used in plastics that protect electronics from radiation or dissipate static electricity. Prof. Richard V. Gregory of South Carolina's Clemson University, along with other researchers, has been able to produce fibers of pure polyaniline that display a strength similar to certain types of nylon. Meanwhile, fellow Clemson researcher Prof. Stephen H. Foulger is creating conductive fibers by combining conventional polymers with conductors such as nanoscale carbon tubes. Gregory thinks one of the earliest applications for conductive fibers will be color-shifting materials, such as camouflage nets and chameleon fabrics being developed with military funding; he also believes that versatile conductive fibers could be bundled into a single strand. The fibers could also be used to collect solar power. Weatherproof clothing would probably require a combination of smart textiles and sophisticated weaving methods. Gregory notes that the key to making conductive fibers commercial lies in finding a way to produce the polymer in bulk.
(Access to this site is free; however, first-time visitors must register.)
- "Upgrading Washington"
Boston Globe (06/10/02) P. C1; Kirsner, Scott
As the federal government looks for solutions that will make it more effective in combating terrorism, President Bush needs to implement better IT policy at the federal level, writes Scott Kirsner. Already, government leaders are tackling issues of collaboration and information sharing through the creation of a cabinet-level Department of Homeland Security. Technology, however, will be key to enabling this new information-sharing structure. Currently, the highest ranking government IT official, the Office of Management and Budget's Mark Forman, is three levels away from the president. In Corporate America, the CIO always reports either directly to the CEO or to someone just one level below. Having a CIO who reports directly to the president would allow the federal government to standardize technology, including important information-sharing tools such as common databases and data-mining systems. Such an officer would take into account the culture clash between competing agencies that must share information, set up a baseline technology level that agencies must comply with, and guarantee that their systems can communicate with one another. Kirsner says a federal CIO should insist on a "compulsory collaboration" infrastructure that would bring the government's best and brightest together to solve problems. Forrester Research analyst John McCarthy says that "government is five to 10 years behind corporate America" in their use of information technology."
- "Stalker Tech"
Salon.com (06/11/02); Dotinga, Randy
Students at the University of California, San Diego (UCSD) are being equipped with free wireless PDAs running location-tracking software. The collaborative project uses Jordana PDAs from Hewlett-Packard and a Wi-Fi network installed throughout the campus. By checking their PDAs or logging onto a special Web site, students can find out where their friends are based on the triangulation technology used for the global positioning system, but applied to a Wi-Fi network. The Web site features a map with zoom features and small moving dots, which represent the PDAs of participants. A 15-year-old UCSD student created the tracking software, which also includes privacy protection so that people on the system can track others only by consensus. The university plans to give 330 freshmen PDAs in the fall when a sixth mini-college is opened. The project's goal is to see if people will use the system to help them find each other more easily, particularly as the campus grows. Computer science professor William Griswold, who is overseeing the project, says, "What used to feel like a small town is starting to feel like a big city." He also says HP is interested to see what college students do with the PDAs, since what college-age students "do with these PDAs today is what 35-year-olds will be doing with them tomorrow."
- "Senators Weigh ICANN's Future"
Wired News (06/13/02); Glasner, Joanna
A Senate subcommittee hearing on ICANN on June 12 focused on whether ICANN has overstepped its mandate during four years of operation, and possible ways the scope of ICANN's authority could be limited. ICANN board member Karl Auerbach says that although everyone concurs that ICANN must be reformed, many are advocating competing types of reform. Auerbach would like to see ICANN be more accountable to the general public, and ICANN's mandate limited to the technical aspects of the DNS. ICANN should not be regulating e-commerce, says Auerbach. VeriSign's Roger Cochetti suggests that an outline be formed that defines what ICANN cannot do. Sen. Conrad Burns (R-Mont.) said that "for ICANN to function effectively in the future, it must narrow its function to administrative rather than regulatory matters." Subcommittee Chairman Ron Wyden (D-Ore.) said the Department of Commerce should take a more proactive role in ICANN reform.
- "Code Sharing is Key Part of Web Services"
Investor's Business Daily (06/13/02) P. A6; Coleman, Murray
Software makers need to cooperate and share code if they wish to successfully develop industry-wide use of Web services software. Unfortunately, right now they are too busy "jockeying for position," according to Sageza Group analyst Charles King. Competing products include Microsoft's Passport system and Sun Microsystems' Liberty Alliance offering. Meanwhile, IBM and Microsoft have formed a coalition of developers, the Web Services Interoperability Organization (WS-I), that aims to create Web services standards that all members can use. Such odd partnerships could be the result of the enormous potential extent of Web services programming, say analysts. Sun's Simon Phipps dismisses WS-I's exclusion of his company as a political maneuver designed to push Sun around, but critics have lashed out at Sun for not supporting open-source software, refusing to promote Web services, and keeping the Java language closed off from developers. IBM is proposing to increase the number of seats on the WS-I board, and an IBM official has announced his intentions to vote Sun onto the board, but Phipps expects Microsoft to balk. Feuds such as this are delaying the development of universal Web services standards.
- "Hung Up"
InformationWeek (06/10/02) No. 892, P. 32; Rendleman, John; Gareiss, Robin
Many telecom companies have yet to deliver on promised business innovations to their customers as a result of the sector's financial implosion. Many carriers have severely cut back on research and development to concentrate on projects that offer faster returns. For example, WorldCom COO Ron Beaumont says his company is investing heavily in voice-over-IP technology, while AT&T has reduced its capital budget by 50% over last year and is investing or planning to invest in VPN services, local networks, optical switching and transmission equipment, and overseas network development, among other things. Meanwhile, customers sometimes opt to develop new services in-house rather than wait for long-delayed or canceled telecom offerings--a case in point is Kaiser Permanente, which elected to create its own Gigabit Ethernet network to accommodate data-heavy medical imaging applications. Customers are also being more cautious when it comes to investing in new services--such services must clearly demonstrate improved performance and cost-effectiveness. Service providers and equipment manufacturers are currently working to set up metropolitan area and long-distance Ethernet and Sonet services, develop internal systems that boost efficiency, and build local-access and global networks; however, customers criticize these initiatives for proceeding at a slow pace and giving short shrift to other technologies, such as integrated voice and data communications and high-speed wireless data services. The turbulence in the telecom sector may dampen radical thinking and thus stifle technological progress, says Jeremy George of Yale University. RHK analyst Ron Kline does not expect the sector to recover until 2004 at least.
- "Attack of the Clones"
Forbes (06/10/02) Vol. 169, No. 13, P. 125; Goldman, Lea
With approximately 200 worms and malicious software currently residing on the Internet, the most recent--and perhaps the most dangerous--is the Klez email virus, which wreaks havoc with multiple strains. The virus exploits a security flaw in Microsoft Internet Explorer and sends contaminated email to all names in Microsoft Outlook's address book; opening one of these email messages spreads the infection to random hard drive files and attaches them to outbound messages--and this is the most basic strain of Klez. Each infected Klez email can use one of almost 30 possible headers, which contributes to its rapid spread. Another Klez strain can make virus scanners' jobs more difficult by sporting one of four attachment file types, while a third strain steals sensitive files on the hard drive and attaches them to outbound messages. A fourth strain makes it impossible for victims to determine its point of origin by falsifying the name of the sender of infected emails, a fifth strain launches denial-of-service attacks, and a sixth strain accompanies and helps spread the Elkern virus. The advent of broadband is likely to hasten the propagation of new viruses, while consumers are notoriously lax when it comes to deploying software patches and anti-virus scanner updates. Software products were riddled with 2,437 security holes last year, compared to 171 five years ago, according to CERT Coordination Center. Adding to the problem is the wide availability of hacking resources, such as published how-to guides and free code.
(Access to this site is free; however, first-time visitors must register.)