ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either HP or ACM.
To send comments, please write to firstname.lastname@example.org.
Volume 5, Issue 472: Friday, March 21, 2003
- "Will War Swap Privacy for Security?"
IDG News Service (03/20/03); Gross, Grant
A pair of Washington, D.C., conferences on technology and homeland security held on Thursday focused on how to strike a balance between security and privacy, an issue being reinforced by the U.S.-led war against Iraq. Paul Rosenzweig of the Heritage Foundation think tank told attendees at a Congressional Internet Caucus luncheon that banning technologies such as the Defense Department's Total Information Awareness program is a mistake, asserting that misuse of power can be held in check by oversight and the leverage of congressional and court "mechanisms." George Washington University computer science professor Lance Hoffman doubted that new legislation can keep up with technological development, using the failure of proposed laws to curb online file-trading as an example. At the second conference, a panel discussion hosted by WebMethods, five national experts voiced their views on technology's ability to ensure safety and the way it could impact civil liberties. Former Virginia governor and National Advisory Commission on Terrorism Chairman James Gilmore advised tech executives that anti-terrorism systems should be designed with privacy and other civil liberties in mind. The highest level of technology-based security would force citizens to "give up everything by way of individuality, privacy, anonymity...and even then you would not have total security," he warned. Former CIA director James Woolsey argued that current proposed security measures are far less intrusive compared to those employed by previous administrations, such as the internment of Japanese Americans during the Second World War. He added that as the war with Iraq continues, compromises between security and civil liberties are probable, but insisted that legislators and citizens must consider civil liberties when deciding to deploy new technology for security purposes.
- "W3C Unveils Its Patent Plans"
CNet (03/19/03); Bowman, Lisa M.
For over three years, the World Wide Web Consortium (W3C) has been struggling to develop a patent policy that satisfies both open source proponents who want royalty-free standards and proprietary software companies who demand payment for the use of their technologies. A compromise has been struck in the latest draft of the W3C Patent Policy Working Group's Royalty-Free Patent Policy, which dictates that patented technology can be incorporated into standards development provided that it is royalty-free in the majority of cases. "With this final draft, the Working Group believes it has found a common, workable path that will encourage the widespread adoption of W3C standards across a wide range of business models, from proprietary to open source," notes Working Group Chairman Daniel Weitzner. Among the provisions contained in the latest version is one that allows technology to be included in Web standards when it does not adhere to specific inclusion standards, in which case the consortium's Patent Advisory Group will study ways to resolve the situation. Another provision included in the latest draft requires patent holders who want to exclude patented technology from a standard to notify the W3C of the patent within 90 days after the first draft of a working paper on the standard is issued. The W3C's patent policy draft will be open for public comment in six weeks, and the consortium hopes that its director will approve a final plan in May.
- "Where Girls and Tech Make a Match"
Washington Post (03/20/03) P. E1; McCarthy, Ellen
Women account for half of the current workforce, yet only 20 percent of technology professionals; in addition, College Board records indicate that the number of female students who took the Advanced Placement exams in computer science fell from 17 percent in 1997 to 14 percent in 2002. Believing that academic efforts are failing to attract more students, several Washington, D.C., organizations want to bring more women into the fold through initiatives such as last week's meeting of the Washington branch of Women in Technology, a networking event designed to introduce girls to female tech professionals. Speakers at the conference were honest and did not candy-coat the struggle they faced to become successful. One speaker, TranTech CEO TiTi McNeill, stressed that hard work can help girls overcome any impediment. Other women-centric initiatives in the D.C. area include the nonprofit Empower Girls, where girls from age 8 and up can participate in highly social computer clubs that aim to disband the geeky, antisocial image most girls associate with tech careers. Meanwhile, the Goddard Space Flight Center's Summer Institute in Science, Engineering, and Research program, currently in its fifth year, pairs up female eighth-graders with mentors for a free five-day session in which participants are exposed to careers in tech fields. Technettes is a Falls Church, Md.-based after-school club organized by Phyllis Gottdiener that emphasizes technology, and whose members outline their own goals and mentor each other. Gottdiener says younger participants are being inspired by their mentors to take advanced computer courses and consider college tech programs.
For more information on ACM's Committee on Women and Computing,
- "Cyberspace an Invisible Front in War on Terrorism"
NewsFactor Network (03/20/03); Keefe, Bob
Despite a tremendous multi-year push by both the public and private sectors to improve their computer security at a cost of billions of dollars, security experts and government officials admit that cyberattack preparation is basically impossible, and the vulnerability of the Web remains unchanged. As with terrorist attacks, responding to such assaults is "mainly about just watching and waiting and sharing information," explains David Wray of the Department of Homeland Security's Information Analysis and Infrastructure Protection directorate. The National Strategy to Secure Cyberspace, which mainly urges computer users to be more attentive when it comes to updating anti-hacker software, cannot forestall cyberattacks, according to critics. Anxiety about cyberattacks is mounting as tension builds in Iraq and other regions, and the Homeland Security Department started more detailed monitoring of Internet traffic for signs of hacking when it elevated the national threat level to "high" last week. Despite government and industry efforts to beef up cybersecurity, computer attacks have risen in frequency, sophistication, and viciousness, the rapidly spreading Slammer worm being a recent example. Hackers are now capable of launching a global distributed denial of service attack on the Internet using a single insecure computer with a Web connection. Furthermore, the vulnerability of critical U.S. infrastructure such as electrical grids and financial institutions is growing as such utilities and services become increasingly dependent on Web-connected computer systems. One of the few reassurances is the fact that terrorist-friendly nations currently lack the capability to launch major cyber-assaults, but the proliferation of computers in the next few years could make them more threatening.
- "Biology, Robotics and More Inside Intel's Labs"
EE Times (03/20/03); Merritt, Rick
Intel is working to find new growth fields by carrying out research in robotics, biotechnology, and ubiquitous computing. The company's research division is participating in the Robotic Engineering Task Force (RETF), a joint effort between government, industry, and academia to develop standard robotic interfaces and software protocols. Intel's contribution to this effort is a hardware platform based on the Xscale processor that could erect an inexpensive foundation for both government and university robotics products, according to Intel robotics research program manager Jim Butler. Intel plans to disseminate its work as open source code when it is finished in the next few years. Meanwhile, Intel's Andrew Berlin showcased the lab's latest 3D microfluidic devices at an open house event in Santa Clara, Calif., on March 19; such products could help isolate individual molecules out of hundreds of thousands in a blood sample in order to identify specific diseases or monitor the effectiveness of drug treatments. "We are looking at the intersection of biology, medicine and nanotechnology," Berlin declares. Intel research director David Tennenhouse says the advent of 802.11 networks, XML-based Web services, and diverse portable devices is bringing ubiquitous computing closer and closer to reality, and has spurred the Intel lab to work on low-cost sensor networks that can track and relay real-time environmental data. Such data, in combination with advancements in machine learning, will help
computers automate critical decision-making.
- "War Worms Inch Across Internet"
Wired News (03/21/03); Delio, Michelle
At least three email attachments related to the current Iraqi war are circulating on the Internet, and computer security firms report a rash of Web site defacements as well. Messages are both for and against the war, and the most prolific war-related virus so far, Ganda, targets the war's opponents and proponents. Subject lines promise satellite views of Iraq, or screensavers that either are pro-American or critical of President Bush. Hidden in the virus code, however, is a condemnation of the Swedish school system, which the virus author says has "discriminated" against him for eight years. Anti-virus software firms rate all the email viruses low threats, but many of the victims are those already emotionally distraught by the war. New York resident Regina Scalone claims to be a fairly savvy computer user, but admits to readily opening a virus email attachment out of concern for her cousin who is stationed in the Persian Gulf. Such tactics are called "social engineering." The Ganda worm freezes victims' computers and disables anti-virus software. Computer security experts say computer users should keep their anti-virus software updated and quickly apply released software patches. However, a recent Microsoft Windows 2000 patch prevents computers from rebooting because it is incompatible with 12 previous Windows patches. Jeff Kinsel, who administers computer systems for a New York publishing company, expresses frustration at the mistake. "We get slammed when we don't apply the patches, and slammed when we do. Some days I just hate my job," he says.
- "Internet Traffic Cops Could Foil Web Attacks"
New Scientist (03/20/03); Fox, Barry; Marks, Paul
Intel engineers David Putzolu and Todd Anderson claim they have devised a technology that automatically blocks distributed denial of service (DDoS) attacks by tweaking the routers that channel Internet traffic along the shortest path to respond to alerts from compromised systems. DDoS attacks rely on Trojan programs that are implanted in vulnerable computers, and are triggered either by a specific signal or at a predetermined time to flood target systems with large volumes of messages. When the modified routers receive an alert that contains a copy of the malicious message, they block any matching messages headed their way, while the alert message is updated if the message changes to bypass such impediments. Intel says the router and the attacked computer must verify each other's identity via "digital certificates" so that legitimate messages are not blocked. Computer Security specialist Graham Cluley notes that DDoS attacks can be evaded by circumventing the risk of Trojan implantation. "Companies forbid staff from installing software from unknown discs," he points out. "But they don't tell them that clicking on an unknown download link effectively does the same thing."
- "Researchers Develop Ultrafast Internet Protocol"
Caltech researchers demonstrated an ultrafast Internet protocol that can send an entire DVD movie in less than five seconds by sending the data via 10 paths simultaneously. The Fast Active queue management Scalable Transmission Control Protocol (FAST) technology is a practical evolution of previous groundbreaking transmission experiments, except that it used standard packet sizes and operated over shared networks with background traffic. While ever-faster Internet transmissions are useful for theoretic purposes, they often are not practical for use on standard systems. The demonstration performed last year at the Supercomputing Conference involved participation from major physics research groups, including the European Organization for Nuclear Research. Caltech physics professor Harvey Newman said the FAST protocol was a major step forward for data-intensive scientific efforts, grid networks, and Internet technology. The current TCP protocol was developed in 1988 and is not scaling well for today's applications. The Caltech demonstration tested normal the TCP protocol alongside the FAST protocol. In transmissions between the Stanford Linear Accelerator Center (SLAC) in Sunnyvale, Calif., and the CERN facility in Geneva, regular TCP had an efficiency of 27 percent and an average throughput of 266 Mbps. The FAST protocol achieved 95 percent efficiency and 925 Mbps under the same condition, but 88 percent efficiency and 8,609 Mbps with 10 simultaneous data flows. The latter speed is equivalent to almost 6,000 times the speed of a standard ADSL modem.
- "Nanotechnology: Congress Thinks Big About Small Tech"
InternetNews.com (03/20/03); Mark, Roy
Legislation pending in the House and Senate would provide over $2 billion in the next three for nanotechnology research and development. U.S. Rep. Sherwood L. Boehlert (R-N.Y.) expects the House Science Committee to pass H.R. 766 by May. Committee Chairman Boehlert, who co-sponsored the bill along with Rep. Mike Honda (D-Calif.), expects the full House to shortly thereafter take up the bill. The bill calls for the National Science Foundation and several other government agencies to provide some $2.1 billion in grants over the next three years to research universities and other organizations for nanotechnology science. On Wednesday, the committee held a hearing in which researchers from academic institutions, government agencies, and private companies asked Congress to step up federal support for nanotechnology, which involves engineering materials at atomic and molecular levels to create electronics and other devices that are faster, smaller, and hold more information. Boehlert says, "We all understand that nanotechnology can be a key to future economic prosperity and might improve our lives." Richard Russell, associate director for technology at the White House Office of Science and Technology, says the administration also believes in the importance of federal support for nanotechnology research; Senate Commerce Committee Chairman John McCain (R-Ariz.) has put the Senate version of the legislation (S. 189) on the fast track. Cornell University's Dr. Carl Batt testified at the hearing that although social and ethical concerns related to nanotechnology should be considered, the media has overhyped the dangers.
- "Whatever Happened to Internet2--And Why You Can't Touch It"
NewsFactor Network (03/20/03); Ryan, Vincent
Internet2 continues to grow and further innovative technologies that filter down to today's commercial Internet and promise to shape the future Internet as well. The network now includes 202 universities and a number of other corporate research laboratories and government facilities. Internet2 spokesperson Greg Wood says the network arose for the same purpose as that of NSF.net about 20 years ago. That network evolved into today's commercial Internet, but started as a testbed for leading-edge technologies. Wood says researchers in the mid 1990s soon realized increasing commercialization of the Internet meant they needed a new testing ground, and thus began the Internet2 effort. Today, the network links a number of high-speed fiber-optic backbones, such as the U.S.-based Abilene educational and research backbone, and regional connections such as I-Light in the Midwest. Abilene is set to be upgraded this year to 10 Gbps--four times the current bandwidth--with contributions from Qwest Communications and Juniper Networks. Some technologies that found their footing on Internet2 have already made their commercial debut, such as a multicasting application now sold by Cisco. Internet2 is also a testbed for IPv6, the next-generation Internet protocol experts say will be phased into popular use over the next five to seven years. Other researchers are working on a federated authorization system called Shibboleth that would greatly simplify the task of controlling network access for a large number of users in a way that preserves both privacy and security.
- "Leading Computer Science Professional Organizations to Present MobiSys '03"
The top mobile system researchers in the world will present their latest work at the First International Conference on Mobile Systems, Applications, and Services (MobiSys '03) in San Francisco on May 5-8. "MobiSys is a conference about [mobile] systems, not just their theory but also their implementation," declared Carnegie Mellon University professor and MobiSys General Chair Dan Siewiorek. Director of the Center for Embedded Networked Sensing Deborah Estrin commented that MobiSys fulfills a much-needed role as a conference wholly dedicated to mobile and wireless technology. The event's keynote address, "Design of Wireless Systems-on-a-Chip," will be presented by Berkeley Wireless Research Center co-scientific director Bob Brodersen, and focus on how the SoC design process can be controlled. Topics to be discussed at MobiSys '03 include location management, application support and mobility, security, sensor networks, mobile architectures, mobile network analysis, energy management, and systems methods for resolving mobility difficulties. Tutorial sessions at the conference will cover subjects such as wearable computing, 802.11 wireless network security, mobile networking, and programming wireless sensor/effector networks of TinyOS motes. "MobiSys organizers have done a great job attracting experts in key areas and identifying important system-level issues that need to be resolved for the Wireless Internet to reach its potential," remarked Polytechnic University's David Goodman. MobiSys '03 is co-sponsored by ACM SIGMOBILE, The USENIX Association, and ACM SIGOPS.
- "IETF Meets to Tackle Fundamental Problems"
Computer Business Review (03/19/03)
The basic problems plaguing the Internet Engineering Task Force (IETF) will be the focus of a "birds of a feather" (BOF) session on Friday that will concentrate on a recently published document that takes issue with the organization's opaque agenda, its susceptibility to special interests, poor mailing list management, sluggish progress, and its deference to a "ruling class" that holds too much sway over the standards process. The goal of the session is to better define the exact nature of the problems in the hopes that future solutions can be devised. The problem statement lays most of the blame for the IETF's failings on its inability to restructure its processes and management to accommodate the organization's expansion. The surge of new IETF members in the late 1990s, many of whom were unfamiliar with the organization's goals and processes, contributed heavily to the task force's current woes, while the document also faults "perfectionist" working groups that do not balance high standards with commonsense time-to-market expectations. The document partly attributes this to a dearth of discipline and clear goals, but also notes that trouble can crop up due to market pressures.
Click Here to View Full Article
(Access to this site is free; however, first-time visitors must register.)
- "Easing a Skills' Shortage"
Guardian Unlimited (UK) (03/13/03); Swain, Ann
Ann Swain, CEO of the UK-based Association of Technology Staffing Companies, predicts the United Kingdom will face a shortage of skilled IT professionals when the global economy rebounds. She believes the problem is complicated by the low number of women in the IT field, who currently make up only a fifth of the UK's IT workers. Moreover, less than 10 percent of the UK's senior programmers are female, compared to about a third in the United States. Another problem faced by the IT field is its image--women feel that IT jobs are too complex and inflexible, and that IT workers are geeks. But Swain says the IT field has expanded to include a wide variety of jobs beyond programming, and all jobs are ultimately people-focused. UK's secretary for the department of trade and industry Patricia Hewitt recently announced a government initiative for boosting the number of women in science, engineering, and technology (SET) jobs, geared toward female students. The industry also needs to be more accommodating to different needs, possibly through IT contract work, suggests Swain. She also urges the government to offer tax breaks to help potential IT contractors get the training they need to acquire up-to-date skills.
- "Making Mountains Out of Molecules"
CNet (03/19/03); Kanellos, Michael
Phaedon Avouris, who manages IBM Research's nanoscale science and technology group, coordinates his team's efforts into designing chips, storage devices, and other systems using molecular strands, and contends that the hype surrounding nanotechnology and the riches it promises for investors often obscures the field's current level of progress. "The usual trend is that a student in a lab makes an interesting observation, and before you know it they are forming a company to exploit it, but technologically they don't realize what is involved," he explains. Avouris believes that at least three more years of basic research must pass before the practical applications of nanomaterials are determined, while manufacturing issues could take up to 15 years to resolve. The unique thing about nanoscale materials is that their properties are determined by quantum physics, which leads to a qualitative difference between nanomaterials and bulk and micrometer-scale materials of the same substance. Although Avouris doubts that carbon nanotubes will ever displace silicon, he thinks that the technology will find its niche, and cites NASA's investment in nanotube research as an example. He predicts that the mass production of nanotubes will be a major research focus over the next three to five years, and adds that research into silicon carbide and boron nitride illustrates that manufacturers do not have to rely on metal catalysts, which yield materials riddled with metal particles. Avouris notes that the United States leads the rest of the world in funding nanotech research, but observes that Japan and Europe's own efforts are gaining ground.
- "New ICANN Head Promises Greater Openness"
ZDNet Australia (03/20/03); Pearce, James
New ICANN President Paul Twomey says the organization's three main objectives include being "open and consultative" with stakeholders, and believes that ICANN should now look beyond OECD nations and to the global Internet community. He criticized the former online voting system; ICANN will now lean more on the At-Large Advisory Committee, which is intended to communicate with users and Internet organizations on how ICANN interacts with them. ICANN's other objectives include fulfilling the obligations in a memorandum of understanding with the U.S. Department of Commerce, and extending ICANN's outreach to global Internet communities, according to Twomey, who denies reports that he thinks governments should take control of the domain name system. One of ICANN's biggest challenges is the interoperability of internationalized domain names, especially those that use non-Roman characters, and the organization is also concerned about IPv6's introduction, which will include new sponsored top level domains such as .health. He says, "It's important to implement [these] in such a way it maintains the stability of the Internet."
- "Will Open Source Force a Sea Change in IT?"
ZDNet (03/17/03); Berlind, David
Open source, combined with the advent of service-oriented architecture, could seriously impact solutions providers that rely on operating system licensing fees for most of their revenue. As a result, software companies will have to re-orient themselves around other revenue sources, such as services, hardware, and patents. It is becoming increasingly customary for companies such as BEA and Sun Microsystems to offer free software and then sell support services for it. IBM, an enthusiastic open source supporter, makes more than $1 billion a year from its patent portfolio, according to rumors. IBM customers also have the option of either purchasing any kind of hardware and integrating it themselves, or turning to IBM Global Services to handle infrastructure integration. Microsoft, which has long opposed open source, is also making an effort to diversify its revenue base into the services space via financial services such as MSN MoneyControl and gaming services such as XBox Live. When it comes to hardware, IT managers must consider the providers that have the best chances of long-term economic survival, and IBM, Hewlett-Packard, Dell, and Intel are among the advantaged. Intel's success seems assured regardless of what path industry takes--whether it be the licensed software strategy or the services approach--and regardless of what applications server and associated OSes are chosen.
Click Here to View Full Article
- "The Revenge of Geography"
Economist (03/15/03) Vol. 366, No. 8135, P. 19
The increasing interest that high-tech companies and researchers have for location-finding technology shows that the Internet did not signal the "death of distance." Researchers are looking to develop technologies that link the physical and virtual worlds, allowing mobile devices to access the region of cyberspace corresponding to the real space of the user. With location-based services, a mobile phone user would be able to locate the nearest gas station, stand outside a restaurant and access the reviews of previous customers, or find out about apartments for rents, crime rates, and local amenities while walking through an attractive neighborhood. Designers still have a long way to go in developing technologies that determine location, extract relevant information, and deliver it over a wireless connection. Still in its primitive stages, the human-machine-environment interface that location-finding technology demands can look to vehicle telematics systems for a roadmap--it took 20 years to develop the technology for cars. Ubiquitous wireless coverage and GPS-grade technology in the same headset will be needed to deliver location-based services. But just as important is common standards to open wireless networks operators so tightly control today.
- "The Sad and Increasingly Deplorable State of Internet Security"
Business Communications Review (02/03) Vol. 33, No. 2, P. 49; Piscitello, David; Kent, Stephen
Core Competence President David Piscitello and BBN Technologies' Dr. Stephen Kent write that the current state of Internet security is execrable, and warn that this situation is likely to worsen before it improves. The 2002 CSI/FBI Computer Crime and Security Survey concludes that "the threat from computer crime and other information security breaches continues unabated and...the financial toll is mounting," and indicates that hackers are becoming increasingly sophisticated and goal-oriented, while the cutting-edge security deployed by many companies polled in the survey has proven to be ineffective, despite rising security awareness. Piscitello and Kent trace bad Internet security to three root causes: Insecure architectures, which result from homogenous operating systems and applications that sacrifice security for ease of use, design criteria that favor open networking, and commonplace practices of either intentionally or unintentionally bypassing or disregarding security measures; poor software engineering that stems from a lack of programming skills and a shortage of quality assurance testing; and sloppy management by users and systems administrators attributed to poor discipline. The current user authentication standard of user identity/associated static password is also insufficient, and encryption and public key technology are much more secure options. The authors note that both users and vendors must "get religion" in order to improve Internet security, with the latter group devoting more time to reliable, secure designs and deployment than on time-to-market. They also recommend a de-emphasis on product features in favor of more security. Piscitello and Kent argue that users and system and network administrators must be more disciplined and keep better track of hardware, software, and associated configuration data, while ISPs need to improve configuration management as well as help subscribers in the event of distributed denial-of-service and other attacks by offering attack tracing and traffic filtering applications.
- "Recent Advances in Computer Vision"
Industrial Physicist (03/03) Vol. 9, No. 1, P. 18; Piccardi, Massimo; Jan, Tony
Computer vision technology is being developed to usher in sophisticated, human-centered applications for human-computer interfaces (HCIs), augmented perception, automatic media interpretation, and video surveillance. Computer vision is incorporated into HCIs on the premise that computers can respond more naturally to human gestures via camera; notable achievements in this sector include a computer that makes its screen scroll up or down by following users' eye movements, and a downloadable application that tracks the movements of the user's nose. Cameras could also act as peripherals in smart houses, triggering various functions--lighting, temperature control, and so on--in response to a human presence. Augmented perception tools are designed to enhance the normal sensory faculties of people, and one interesting development in this field is The vOICe from Philips Research laboratories. VOICe uses a camera to accompany people and produces sounds to alert them to the position and size of objects in their path--a very useful tool for visually-impaired users. Computer vision is also aiding security personnel through video surveillance systems programmed to categorize objects--cars, people, etc.--and track their trajectories in order to determine anomalous or suspicious behavior. One example is a system designed to single out suspicious pedestrian behavior in parking lots, which was developed at Sydney's University of Technology; the system first subtracts an estimated "background image" to distinguish moving objects from static objects, identifies people based on form factor, takes samples of each person's speed every 10 seconds to establish a behavioral pattern, and classifies that behavior with a neural network classifier. Computer vision utilized for automatic media interpretation helps users quickly comb through videos for specific scenes and shots: Carnegie Mellon University's Face Detention Project, for instance, can pinpoint images containing faces, while the MPEG-4 standard supports consistent visual quality in compressed digital video by assigning objects in a scene varying degrees of quality.