ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either HP or ACM.
To send comments, please write to firstname.lastname@example.org.
Volume 5, Issue 488: Monday, April 28, 2003
- "Judge: File-Swapping Tools Are Legal"
CNet (04/25/03); Borland, John; Bowman, Lisa
The music and movie industries lost an important suit against file-trading software firms Streamcast Networks and Grokster on April 25, when a federal judge in Los Angeles ruled the defendants were not liable for illegal use of their products. While maintaining that peer-to-peer file-sharing of copyrighted material is illegal, Judge Stephen Wilson said the software companies had little control or culpability concerning that activity. Wilson wrote, "Defendants distribute and support software, the users of which can and do choose to employ it for both lawful and unlawful ends. Grokster and Streamcast are not significantly different from companies that sell home video recorders or copy machines, both of which can be and are used to infringe copyrights." The software is different than that used by Napster since neither Grokster nor Streamcast, which created the Morpheus software, can track or stop file-trading activity. The ruling contradicts a previous ruling against Aimster, which held that the company was liable for illegal use of its product even without control or knowledge. Wilson cited the 1984 Supreme Court case over Sony's Betamax videocassette recorder--like that device, Wilson said Grokster and Morpheus software also had significant non-infringing utility. The ruling affects Grokster and Morpheus, but not Australia-based Sharman Networks, whose Kazaa software is one of the most frequently downloaded free software applications on the Internet. Both claimant and defendants had asked for a summary judgment in the case, but before Wilson had decided whether or not Sharman Networks can be tried in the United States. Experts and Wilson himself expect Congress to help settle the file-trading controversy more definitively. Although the court's decision is expected to be appealed, Electronic Frontier Foundation attorney Fred von Lohmann says the ruling "sends a very strong message to the technology community that the court understands the risk to innovation."
- "As Software Bugs Multiply, Questions Arise"
Associated Press (04/27/03); Svensson, Peter
Glitches are becoming more commonplace as software becomes embedded in more and more everyday appliances, but although most bugs are merely an annoyance, some can lead to fatal errors: A 1997 airplane disaster in Guam was partly attributed to a buggy ground-based altitude warning system, while software glitches are believed to be responsible for the crash of the $165 million Mars Polar Lander. A 2002 National Institute of Standards and Technology study concluded that flawed software divests the American economy of roughly $59.5 billion per year, over 50 percent of which is carried by users. Developers blame complexity, the rush to bring products to market, the lack of industry liability, and poor programming for most defective software. In order to combat glitchy software, experts such as Watts Humphrey of Carnegie Mellon University's Software Engineering Institute teach engineers to ignore aggressive deadlines and focus on details at the start of the programming phase in order to catch errors earlier. Meanwhile, the Sustainable Computing Consortium is working to build automated tools that will enable programmers to rate the reliability of their designs before they are released to the public. Former ACM President Barbara Simons and others argue that software makers should be made liable for defective products, thus spurring them to improve software. Microsoft counters that liability standards would raise the price of software and hinder innovation; Cem Kaner of the Florida Institute of Technology says that companies should only be legally responsible for bugs not revealed to customers, as well as limited damages.
Click Here to View Full Article
Barbara Simons is co-chair of ACM's U.S. Public Policy Committee, http://www.acm.org/usacm.
- "In the Hopper: New Privacy Laws"
Medill News Service (04/25/03); Wenzel, Elsa
A plethora of privacy legislation awaits Congress when it reconvenes next week, and Lee Tien of the Electronic Frontier Foundation thinks Internet privacy issues will again become a priority now that the war against Iraq is nearly over. Sens. Russ Feingold (D-Wis.), John Corzine (D-N.J.), and Ron Wyden's (D-Ore.) Data Mining and Moratorium Act would halt the Defense Department's Total Information Awareness (TIA) plan, a project that would allow federal law enforcement agencies to sweep a database of Americans' medical, Internet, credit card, and travel records for signs of terrorist activity. Although the bill would not ban computer searches of public information and of suspected criminals, Feingold declared in January that there is no solid evidence that data-mining measures will thwart terrorism. Meanwhile, the CAN-SPAM bill, now making its third go-round in Congress, would institute penalties for spammers. Sponsors Wyden and Sen. Conrad Burns (R-Mont.) are certain the bill will be approved by Congress, but John Mozena of the Coalition Against Unsolicited Commercial Email sees the bill as merely a spam regulation measure, not a tool for effectively stopping spam. A bill from Rep. Rush Holt (D-N.J.) seeks to curb spam sent to mobile devices such as cell phones, while Rep. Heather Wilson (R-N.M.) is developing an email opt-out list proposal. The Bush administration wants to extend the Patriot Act via the Domestic Security Enhancement Act, which would widen the scope of government surveillance powers and make them unrescindable. The proposal is being sharply criticized by civil rights and privacy organizations, while U.S. assistant attorney general Viet Dinh insists people should wait until the act is finalized before passing judgment.
- "Three E-Mail Providers Join Spam Fight"
Washington Post (04/28/03) P. A2; Krim, Jonathan
AOL, Microsoft, and Yahoo! have overcome their rivalry to team up in an anti-spam initiative that they hope will lay the foundation for a wider industry endeavor. "We're putting spammers on notice that the industry will collaborate to drive the bad guys out of business," declared Microsoft's Brian Arbogast. Nicholas J. Graham of AOL reported that this partnership was spurred by subscriber demands; the three providers collectively encompass over 200 million email account holders. Forty percent of all email traffic is currently thought to be spam, which costs the business community between $8 billion and $10 billion annually. The collaborators are pushing for the industry to study technical methods to digitally tag email to make identification easier for users and spam filters, and are partnering to detect spammer-vulnerable networks that allow senders of junk email to mask the messages' point of origin. Meanwhile, the providers said they plan to build evidence files that state and federal prosecutors can leverage against criminal emailers by sharing complaint data. Company executives invited spam-tracking organizations to help them concoct anti-spam tactics, but anti-spam activists see little difference between legitimate marketers and spammers. They advocate opt-in policies in which marketers are not allowed to send commercial email to addressees without their permission, but this goes against the opt-out policies that AOL, Microsoft, Yahoo!, and other email providers follow. Yahoo! VP Geoff Ralston said the collaboration will not develop or support a single anti-spam mandate, many of which are under consideration by Congress.
Click Here to View Full Article
- "Thread Designs Divide Chip Makers: Should They Be Skinny or Fat?"
SiliconValley.com (04/27/03); Takahashi, Dean
While Intel, Advanced Micro Devices, and IBM continue with fat-thread processors that handle huge amounts of work speedily, Sun Microsystems is developing a four-processor chip for release by 2005. Each processor performs slowly compared to those from other vendors, but the chip uses them in parallel, with each processor handling four threads apiece. The design should prove much faster for tasks that have many small parts, such as serving up Web pages, since it eliminates the processors' dependency on memory speed. Lagging memory speeds slow actual performance because fat-thread processors deal with chunks of data faster than memory can serve it up. In addition, multithreading could ease chip design burdens since vendors just reproduce a single processor many times on the chip, instead of designing increasingly complex fat-thread processors. Sun Sparc chip division executive vice president David Yen says other companies are struggling in a losing battle against memory latency, but analysts say Sun itself was late on the multithreading concept for servers and only started in earnest after buying up Afara Websystems in 2002, a startup firm developing multithreaded Sparc processors. Sun architects developed a new multithread architecture in 1999 called MAJC, but only deployed it for graphics processors, not general-purpose server chips. However, multithreading is easier on Sun-developed software platforms Java and Solaris than on Windows or Linux. Intel's Pentium 4 chip uses two processors while IBM is developing the multithreaded cell chip for Sony's PlayStation 3 game console.
Click Here to View Full Article
- "IT: More About People Than Technology"
NewsFactor Network (04/25/03); Martin, Mike
A study of IT at eight hospitals by University of Notre Dame researchers Rajiv Kohli and Sarv Devaraj finds that analyzing actual IT usage rather than technology investment is a better way to determine IT's repercussions on organizational performance. The researchers claim that hospitals can lower mortality rates and boost profitability through higher usage of a Decision Support System (DSS). Kohli says that hospitals can add more than $140 of revenue per patient if managers leverage 10 additional DSS reports each month. Kohli and Devaraj measured actual IT usage by taking into account the total number of user-executed reports, CPU time, and the number of records referred to in each report. Suzi Iacono of the National Science Foundation's Information and Intelligent Systems Division confirmed the Notre Dame study's findings. Furthermore, Carnegie Mellon University's Kathleen Carley says Kohli and Devaraj's conclusions "absolutely" support her theory that "The most critical networks in any organization are not necessarily the ones carrying Internet traffic, but the social networks among persons and groups that define an organization's process and knowledge flow." Carley also used DSS to evaluate organizational design factors that negatively impact performance throughout 13 hospitals. Kohli and Devaraj's research is detailed in the latest issue of Management Science.
- "E-Mail Coalition Floats New Anti-Spam Plan"
InternetNews.com (04/24/03); Goldman, Alex
A coalition of 28 online advertisers has developed "Project Lumos," a plan that will hold companies in their industry more accountable for the email that they send. The Network Advertising Initiative's Email Service Provider Coalition (NAI ESC) plans to change the architecture of email so that advertisers will not be able to hide their identities. Member companies agreed such a change was needed because spammers are able to get around exiting anti-spam policies by exploiting network vulnerabilities, while those that post legitimate unsubscribe addresses continue to be punished. What is more, NAI ESC says up to 15 percent of members' messages are erroneous blocked by spam filters. The registry-based anti-spam Project Lumos plan was announced Wednesday during the ISPCON conference in Baltimore. Technology author Hans Peter Brondmo describes the new anti-spam plan as an effort, based on email marketer's best practices and technological and legislative solutions, that protects ISPs, marketers, and email recipients. Brondmo says the Project Lumos is a blueprint, the beginning point in a discussion that should lead to the creation of a filtering system for email, a process that could take three years. The filtering system would feature a registry of sender identities based on PKI that tracks and rates their behavior. Other possible solutions considered by NAI ESC, such as IETF involvement and the use of Domain Name Servers, were rejected due to security or time considerations.
- "Gadgets Go Back to Basics"
BBC News (04/18/03)
Hewlett-Packard's U.K. research labs in Bristol will be the site of an international conference May 6 to May 8 highlighting new technologies and gadgets. Today's researchers are urging developers to create tools that are truly useful. University College London professor Peter Thomas says appliances should be simple, feature only a limited number of functions, and be networked with other appliances to offer a variety of actions. Among the technologies to be shown at the conference will be Samsung's Digiflower, which is programmed to sense when a person is coming home, bloom when they are nearby, and droop when they leave. Sweden's Umea University will profile Commuter, a system intended to facilitate commutes by providing a continuously self-updating travel pass. The RoomWizard, created by the Appliance Studio, is designed to help executives reserve meeting rooms more easily through a touch screen display affixed outside offices. Professor Robert Macredi of Brunel University's Computing department says the conference may help "new generations of information devices...benefit from knowledge developed in real situations, not just approved in laboratory conditions."
- "Grants Promoting Unfettered Innovation"
SiliconValley.com (04/28/03); Gillmor, Dan
Dan Gillmor hopes that the Andrew W. Mellon Foundation's $98,000 grant to the Open Source Applications (OSA) Foundation's Chandler Project in March portends a surge of philanthropic investments to ensure the openness and universal availability of tomorrow's information architecture. Such contributions will help mitigate the free market's failure to spur innovation in such areas as technology, intellectual property, and medicine; this failure is attributed to the political system's reluctance to ensure fair competition. The Chandler Project is an open-source personal information manager, email, and calendar program envisioned by OSA Foundation founder Mitch Kapor, and the Mellon Foundation's goal in funding it is to satisfy universities' requirements for electronic calendars that are beyond the scope of commercial products. Meanwhile, Mellon and the William and Flora Hewlett Foundation have teamed up to support MIT's project to publish all course materials on the Internet. The John D. and Catherine T. MacArthur Foundation initiated a 2002 effort to invest in projects "that contribute to a balance between the needs of creators and the public in intellectual-property laws, regulations and practices." Gillmor thinks foundations should take aim at reforming the U.S. patent system and its willingness to approve "absurd" patents; disseminating knowledge to the public of what freedoms are at risk if content providers such as movie studios are allowed to dictate copyright laws; and funding grass-roots organizations that promote privacy and offer products that do the same. Gillmor wants the philanthropic community to be especially keen on supporting projects and organizations dedicated to the open exchange of information, which inspires innovations that will benefit future generations.
Click Here to View Full Article
- "So Many Countries, So Many Laws"
Wall Street Journal (04/28/03) P. R8; Newman, Matthew
E-commerce was supposed to support border-free online trade, but an international e-commerce architecture that shields the rights of retailers or shoppers and deters digital piracy has not been established, despite years of negotiations. As a result, e-tailers are canceling or refusing international service so that they will not run afoul of other countries' libel, liability, defamation, or copyright statutes. The lack of a unified legal e-commerce framework is attributed to the unsettled issue of jurisdiction: Disputes that originate with an international online transaction can get complicated if both countries argue that their laws should apply. Although treaties developed or under development by entities such as the World Intellectual Property Organization (WIPO) and the European Union are designed to create a single standard for protection of digital copyrights, their adoption is being hindered by a lessening of market globalization's momentum, while Philippe Kern of the Independent Music Companies Association characterizes the enforcement of such treaties as "insufficient." New Zealand district judge David Harvey adds, "Countries are very wary of ceding sovereignty simply because of the Internet." Furthermore, U.S. businesses have protested such measures because they often include international laws that are at odds with domestic statutes. The Hague Conference on Private International Law has been developing an e-commerce treaty that would ensure that one country's court rulings would be recognized and enforced in other nations; a 1992 draft intended to standardize online defamation, libel, and copyright. The debate is currently focused on business-to-business commercial contracts.
- "Companies Work to Link Wi-Fi, Cellphones"
USA Today (04/28/03) P. 1B; Kessler, Michelle
As Wi-Fi technology's popularity surges, companies are developing ways to integrate Wi-Fi networks with Web-enabled cell phones and wireless Internet devices. The goal is to create devices that take advantage of Wi-Fi's easy Internet access when users are within the limited range of Wi-Fi networks, while also providing access to wireless Internet networks that offer a much broader range but slower access. Cisco Systems today is expected to announce the first Wi-Fi phone, although it is not expected to include cell phone technology. However, Nokia is working on a laptop adapter for its phones that supports both Wi-Fi and cell phone Internet access; a similar card is already available overseas. Major stumbling blocks to such combinations include service and billing issues; problems arise when users switch from often locally-operated Wi-Fi networks to a phone company's cell phone network. Still, truly integrated devices should be available within a year.
- "Medical Electronics Will Drive Next Decade, Says ARM Chairman"
EE Times (04/23/03); Merritt, Rick
At the Embedded Systems Conference held April 23 in San Francisco, ARM Holdings Chairman Robin Saxby said the electronics arena will be led by medical devices within 10 years. He said the devices will be handheld as well as implanted within bodies, and that electronic health monitoring systems will affect the industry in the same way cell phones have already. Saxby discussed more than a dozen new devices being shipped, including a micro-probe patch gauging insulin levels in the blood and sending results to a portable handheld monitor. He also talked about a $2,295 household defibrillator from Royal Philips in case of heart attacks, 70 percent of which occur at home, and a device that predicts a woman's ovulation times. He also said work is being done on implantable synthetic retinas and cochleas for human eyes. Saxby says some of the new medical devices rely on RF and low-power processor systems originally designed for PDAs and mobile phones. But while medical devices hold long-term promise; broadband home networks, digital TV, and other consumer-oriented products are likely to have more impact in the near future. He notes that the U.S. health-care sector spends more than $25 billion yearly on computers and networks and that American medicine and biotechnology firms have a slightly bigger market capitalization than the telecoms firms.
- "Brownian Motion and ICANN's Latest Status Report to the United States"
CircleID (04/23/03); Auerbach, Karl
The "Sixth Status Report Under ICANN/US Government Memorandum of Understanding," dated March 31, 2003, describes an ICANN that functions like Brownian motion, writes ICANN board member Karl Auerbach. Brownian motion is a concept pertaining to the increased collisions of molecules and atoms of particles suspended in warm fluid as heat is intensified, and collisions occur but no progress is ultimately made. Auerbach says ICANN's employees, non-employee board members, and members of its numerous committees are its many particles, and its nearly $8 million per year budget is the heat propelling them in motion, but the group has made little progress. Especially, ICANN should not be trumpeting the so-called progress cited in the report. For example, the report considers ICANN dropping a cumbersome requirement it instituted regarding the monitoring of the deployment of "anycast" to be progress, a claim that is very misleading, writes Auerbach. The claims about progress involving DNS security are also questionable. At the same time, the report fails to mention the Internet technology community's growing hostility toward ICANN and a variety of ICANN half-measures that soon will evolve into biased and prejudiced policies. Moreover, Auerbach says ICANN's board had no knowledge of the report (Auerbach read about it on Bret Fausett's ICANN blog), which highlights the body's problem in governing itself.
- "Robot Soccer Promises Fierce Competition"
Associated Press (04/25/03)
A forerunner to this summer's international RoboCup 2003 in Italy will be next week's first American Open of robot soccer in Pittsburgh, where autonomous machines designed by academic teams will compete without human assistance. The robots are programmed to seek the ball, prevent opponents from getting it, pass to teammates, and score using thousands of game rundowns and coordinating strategy by communicating with each other. Competitors are categorized into three divisions: Color-coded wheeled robots are assigned to the Small-Size Robot League, ambulatory Sony AIBO robots that can kick the ball are included in the Sony Legged Robot League, and teams that compete via simulated games displayed on large screens make up the Simulation League. Competing teams exchange information by interacting with each other during the game or when the source code is published by winning teams. "We have reached the point where we are seeking maximum speeds, creating strategies and coding to allow the robots to adapt during play," says Carnegie Mellon systems scientist Brett Browning, who notes that the goal of the first RoboCup competition in 1997 was to get robots to move on the field in the proper direction. That event featured teams from three countries--Japan, the United States, and Australia--while the most recent involved the participation of 29 nations. It is hoped that a robot team will be developed that can square off against--and defeat--a human world-champion soccer team by 2050.
- "Scientists Test Wider Use of IP"
Government Computer News (04/21/03) Vol. 22, No. 8, P. 30; Jackson, William
NASA is pioneering mobile static IP connections that could be used to connect devices both in space and on earth. The first demonstration of the Mobile IP protocol, developed together with Cisco, was in November, when NASA researchers set up a system in a Coast Guard icebreaker stationed in Lake Erie; the boat used a commercial satellite Internet link. Sea vessels and spacecraft have much in common in terms of difficulties connecting to the Internet, because they roam through different connections while maintaining the same IP address. Moreover, a mobile static IP address is of interest to the military, law enforcement, and other government agencies. The NASA/Cisco solution features Mobile Router, which encapsulates traffic within an outer layer of routing information; for the destination device, the solution would hide much of the complexity behind the Mobile Router and reduce overhead. However, adding encryption can be problematic for such complex connections, according to Verizon engineer David Steward. NASA space Internet technologies project manager Phillip Paulsen says the Mobile IP test used a hardware encryption device installed on the Coast Guard boat; the device is currently being tested by the National Security Agency and could become one of the first products to be certified with the High Assurance IP Encryption standard. The connection speed was limited only by the encryption device, which could not keep up with the router. The Coast Guard was so impressed with the demonstration that it is considering funding real deployment under the Integrated Deepwater System program.
- "Messaging Convergence"
InfoWorld (04/18/03) Vol. 25, No. 16, P. 27; Moore, Cathleen
Industry players are rallying behind the open-source eXtensible Messaging and Presence Protocol (XMPP) messaging protocol in answer to the SIP for Instant Messaging and Presence Leveraging Extensions (SIMPLE) protocol advocated by Microsoft and IBM. Intel, Hewlett-Packard, Hitachi, Sony, and other firms support XMPP, an XML-based product from the Jabber Software Foundation. Proponents of XMPP say it is more suited to presence systems and that SIMPLE introduces too many complications. SIMPLE is derived from Session Initiation Protocol (SIP), a signaling protocol for data exchange such as in VoIP applications. The possibility for media and data convergence is what made Microsoft decide to back SIMPLE, according to product manager Ed Simnett. IBM also employs SIP and SIMPLE in its Lotus Sametime IM platform and Sun Microsystems recently released its Sun ONE Instant Messaging Server 6.0 with SIMPLE support. But because XMPP is based on XML, supporters of that standard say it is flexible enough to connect to a variety of other applications; moreover, it mitigates the influence of IT powerhouses such as Microsoft. XMPP is also further along in its Internet Engineering Task Force (IETF) ratification process than is SIMPLE. Rob Batchelder, president of strategy consulting firm Relevance, says the likely industry standard will include aspects of both protocols as well as some proprietary concepts and contributing work from the IETF.
Click Here to View Full Article
- "Honeypots: Sticking It to Hackers"
Network Magazine (04/03) Vol. 18, No. 4, P. 48; Spitzner, Lance
Honeynet Project founder Lance Spitzner writes that honeypots are unique because they can be applied to multiple problems, unlike most current security solutions; they can be deployed on a variety of platforms and are available commercially, as free open-source applications, and as homemade systems. Honeypots are removed from the production chain, so any interaction is most likely a sign of intrusion, while compromised honeypots can be taken offline without disrupting operations. Honeypots can significantly reduce noise and false positives, making data analysis and correlation easier for administrators, and they can capture much more information about intruders (their motives, their identity, the tools they use, and so on), allowing organizations to develop more effective response strategies. Honeypots fall into two basic categories: Production honeypots that emulate operating systems or services and are generally used by commercial organizations as a defensive or preventative measure; and research honeypots that research institutions employ to capture in-depth information about attackers and their methods so that countermeasures can be devised. Production honeypots, the less risky of the two, can block or slow down worms and other automated threats, or deceive human attackers by feeding them false data. Unlike production honeypots, research honeypots use genuine operating systems and services that are designed to be hacked. Honeynets are open-source research honeypots that organizations can deploy to gather data about internal threats, while homemade honeypots such as port-monitoring honeypots and jailed environments are another option. However, Spitzner cautions that honeypots are not a replacement for existing security technologies, but rather a complimentary tool.
Click Here to View Full Article
- "A Sensor Model Language"
Sensors (04/03) Vol. 20, No. 4, P. 30; Botts, Mike; McKee, Lance
The Open GIS Consortium (OGC), whose members include NASA, EPA, and the National Imaging and Mapping Agency, is building and testing a standard XML encoding framework that could facilitate the remote discovery, access, and use of real-time or stored information gathered by sensor systems and other Web-resident devices. XML-based text schemas could be used to publish formal descriptions of a sensor's location, service interfaces, and proficiencies. The Sensor Model Language (SensorML) the OGC is developing will enable anybody to make sensors or sensor data Web-accessible. It supplies a functional model that sustains the processing and geolocation of sensor readings, supports in situ and remote devices that run on both static and dynamic platforms, and upholds a large array of characteristics for defining the sensor's response properties and quality of measurement. Users could carry out more accurate searches for sensors and sensor data than they would with text-based search engines using SensorML, which would also support the development of software applications that automatically meld disparate data with a minimum of human involvement. In addition, increased sensor autonomy and intelligence could be pushed along by SensorML, leading to the proliferation of intelligence sensor webs that users in remote regions would be able to exploit without having to go through a central data processing center. Furthermore, such sensors would be capable of more precisely identifying interesting events and notifying other sensors or users of their presence and location. Other uses of SensorML and Sensor Web Technology include coincident search for relevant data, on-demand processing of data products, and visual fusion of different kinds of data.