Timely Topics for IT Professionals
About ACM TechNews
ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either HP or ACM.
To send comments, please write to firstname.lastname@example.org.
Volume 5, Issue 495: Wednesday, May 14, 2003
- "Draft of Bill on Mass E-Mail Is Called Weak"
Washington Post (05/13/03) P. E1; Krim, Jonathan
A draft of a federal anti-spam bill sponsored by Reps. W.J. Tauzin (R-La.) and F. James Sensenbrenner Jr. (R-Wis.) is causing consternation among consumer groups and anti-spam advocates, who argue that all the measure will do is replace fraudulent spammers with legitimate vendors. "This is yet another bill...attempting to get rid of the porn and the scams, but really clearing the way for legitimate companies to spam," declares Coalition Against Unsolicited Commercial Email (CAUCE) co-founder John Mozena. Sources say that Tauzin and Sensenbrenner worked closely with representatives of the Direct Marketing Association, top ISPs, the Consumers Union, and other marketing, retailing, and Internet service groups to hash out the legislation, which would ban consumers from suing mass emailers (while granting that privilege to Internet providers), allow companies to send email to anyone who has done business with those firms within the last three years, and circumvent state laws that take a tougher stance on spam. If passed into law, senders of commercial email would have to include an opt-out policy in their messages, along with legitimate electronic and physical return addresses. Spammers would also be prohibited from culling email addresses using widely available software. Paula Selis of the Washington State attorney general's office finds fault with the bill on several counts. For one, fraudulent spammer practices such as deceptive subject lines, which are unlawful in Washington state, are not outlawed by Tauzin and Sensenbrenner's bill. In addition, Selis thinks that a good portion of the bill's wording is opaque and open to multiple interpretations, which could give spammers a loophole.
Click Here to View Full Article
- "Taking Aim at Denial-of-Service Attacks"
CNet (05/13/03); Lemos, Robert
Carnegie Mellon University graduate students Abraham Yaar and XiaoFeng Wang presented two proposals at the IEEE Symposium on Security and Privacy on Monday that could act as effective deterrents against denial-of-service attacks by tweaking network software. Yaar's proposal seeks to defeat attacks in which the victim's Web server is waylaid by a swamp of valid data sent from counterfeit Internet addresses. The method takes advantage of the path-identifier number that resides in the mostly unused 16-bit Internet Protocol (IP) identification field; the number could serve as a "fingerprint" that the victim could use to trace the network path the information followed, and thus determine whether the traffic from certain segments of the Internet should be intercepted by the ISP. Yaar added that 60 percent of a server's capacity is still apportioned to legitimate traffic even when the attack traffic outweighs the legitimate traffic by 170 times. Wang's proposal targets denial-of-service assaults intended to freeze the victim's server by clogging it up with hundreds or thousands of connections. His solution, which could also act as a defense against spammers, is to tie up the servers' communications from other computers with problems that must be solved if communications are to take place. Furthermore, an auction-like transaction would be added to better the odds of legitimate traffic getting through. Steve Bellovin of AT&T Labs sees advantages and disadvantages to each of these proposals: Yaar's proposal could be circumvented by fragmentation, while attackers may be able to thwart Wang's method by acquiring more computers, which is not a difficult task.
- "Nanotech Gets Down to Business"
Wired News (05/14/03); Di Justo, Patrick
Venture capitalists, big-money firms, and the U.S. government are all putting resources into nanotechnology, as evidenced by this year's NanoBusiness Conference in New York. Participants are excited by actual deployments of nanotechnology and reports by the National Science Foundation that nanotechnology could be a $1 trillion per year business. Meanwhile, a number of nanotechnology-related products are slipping into the market without fanfare, including a carbon nanotube-based MRI display from SI Diamond Technology and a light-emitting polymer display in Kodak's EasyShare LS633 camera, which is also soon to be ubiquitous in laptops. Despite the enthusiasm large venture capital firms have for nanotechnology, many of the most important process patents in the field have already been secured by large firms, according to Steve Maebius, intellectual property lawyer for Foley and Lardner. In addition, university researchers are keeping their work secret instead of publishing it in peer-review journals until they secure patents. Together, these factors mean small nanotech startups risk duplicating research or producing products that require licensing cooperation from larger firms, says Maebius. Still, Emmanuel Barros says his small company, NanoMatrix, is pushing forward without the help of wary venture capitalists, instead working directly with clients willing to fund product development; Barros said he attended the NanoBusiness Conference last year only to receive unrealistic offers from venture capitalists. Instead of smaller nanotech efforts, many venture capitalists are putting their money into the nanotech divisions of large organizations, which usually have the resources to track other efforts and avoid duplication.
- "Setting a Standard for Wireless Security"
IDG News Service (05/13/03); Gross, Grant
The Presence and Availability Management (PAM) Forum and the Parlay Group announced their intention to merge on May 13 so that they can develop wireless security standards together. The organizations issued a press release stating that their merger will help develop and define an architecture for standards and specifications to facilitate multi-network presence and availability (P&A) applications. The consolidation should clear up the confusion that wireless vendors and operators feel about standards and result in "a stronger evolution of development," according to Teltier Technologies CTO and PAM Forum technical chair Guda Venkatesh. The PAM Forum has focused on creating a standard composed of application programming interfaces (APIs) that enable wireless networks to share data securely, while the Parlay Group was founded to promote the construction of open APIs that allow the use of programs running across different networks. Venkatesh says that PAM Forum membership is usually shared among applications developers and vendors, while vendors and wireless operators make up the bulk of the Parlay Group's members. He adds that the Parlay Group and the Open Mobile Alliance (OPA) are also collaborating on wireless standards. The PAM Forum's role in the Parlay Group will be to align PAM standards to protocols such as Session Initiation Protocol for Instant Messaging and Presence Leveraging Extensions (SIMPLE) and OMA's Instant Messaging and Presence Services (IMPS). The PAM Forum will also be tasked with accommodating PAM data privacy management needs, notes Venkatesh.
- "Faster Computer Techniques for Google"
Stanford University, the same academic institution that hosted research leading to the popular Google search engine, has yielded three methods that could collectively boost the speed of Google's Web page rankings by up to a factor of five. The techniques, developed by graduate students Sepandar Kamvar and Taher Haveliwala, together with computer science professor Christopher Manning and numerical analyst Gene Golub, are presented in numerical linear algebra. The first technique consists of "extrapolation" methods that facilitate a fast, simple computation of Google's Computing PageRank algorithm, even though the methods make a few false assumptions about the Web's link architecture; the researchers have demonstrated that PageRank could be accelerated by 50 percent to 300 percent under certain conditions using extrapolation methods. The second technique, BlockRank, could realistically speed up PageRank computation by 300 percent. It is based on estimates that roughly 80 percent of the pages on any given Web site directs users to other pages on the same site, which allows the researchers to calculate numerous single-site PageRanks, connect the rankings, and enable the rankings to serve as a jumping-off point for the original PageRank algorithm. Evidence that PageRank computes rankings for certain pages faster than others forms the basis of the third technique, which is called Adaptive PageRank; the method boosts PageRank computation by as much as 50 percent by omitting superfluous computations associated with pages calculated early in the PageRank process. Kamvar says the biggest speed increases could be yielded by combining the three methods. However, PageRank would be need to be even faster to take personalized rankings into account. The research was backed by the National Science Foundation.
- "Xerox Runs This Up the (Telephone) Pole: MEMS for Magical 'Last Mile'"
Small Times (05/14/03); Karoub, Jeff
Xerox has developed a prototype "last-mile" technology that may make the dream of cheap, rapid on-demand video and Internet services for the home and enterprise a reality. The device, a microelectromechanical system (MEMS) switch incorporated into a 1-inch-square silicon chip that directs light, is designed to widen the scope of fiber-optic networks. The prototype is a product of a collaboration between Xerox, its Palo Alto Research Center subsidiary, Corning IntelliSense, and Coventor financed by a $14 million grant from the Advanced Technology Program. "The technology we have, you could put up a telephone pole," says Joel Kubby of Xerox's Wilson Center for Research and Technology. "It lowers the price of components and enables optical network to get closer to the end user." The developers integrated the switches and waveguides with semiconductor-processing gear, significantly reducing costs and space. Kubby believes the technology could be rolled out commercially within about two years, while its initial use will probably be for enterprise storage-area networks; Xerox, in conjunction with Corning and Kodak, is also setting up a pilot fabrication facility at the Infotonics Technology Center in New York. In-Stat/MDR MEMS analyst Marlene Bourne thinks two years is a realistic rollout time, taking field testing and customization into account.
Click Here to View Full Article
- "Video Devices Benefit the Deaf"
San Jose Mercury News (05/08/03); Fortt, John
The are strong indications that wireless Internet is taking off among the 20 million hearing-impaired Americans in the United States, rather than leaving them behind. Sales of T-Mobile's wireless service using Danger in Motion's SideKick text-messaging device, which allows hearing-impaired people to surf the Web and send instant messages, are soaring. One of the device's biggest selling points is its screen, which can show more detail than standard cellular telephones. The chief communications method for the deaf or hard-of-hearing, TTY, only became available for the Internet in 2002, notes Mike Ligas of Sprint's relay service. But even more useful is Web-based video relay, in which a hearing-impaired caller signs to an operator over a Web-linked video camera; the operator relays the message to the hearing person on the other end and translates that person's reply for the deaf caller. TTY-based relay still dominates the hearing-impaired market, partly because enabling oneself for Internet relay requires a sizeable investment in equipment and broadband Internet access, which is still not ubiquitous. IBM Worldwide Accessibility Center director Shon Saliga remarks, "Many companies have taken the view that there are niche markets...often relatively small, and the price of the product that is produced is often extremely high." He says the key is bring such technology to the mass market; closed captioning on TV is one such successful example. While hearing-impaired users wait for the emergence of voice-to-text technology, two-way paging, instant messaging, and other technologies are enabling them to participate in the communications revolution.
Click Here to View Full Article
- "Fizzer Worm Bubbles Over"
IDG News Service (05/12/03); Roberts, Paul
The "Fizzer" worm that first emerged on May 8 is a mass-mailing worm that propagates by multiple means and attacks machines that run Microsoft's Windows operating system, according to McAfee, which updated Fizzer's risk profile on Monday from "low" to "medium-on-watch." McAfee also reports that the worm can multiply over Kazaa and via open shared directories on computer networks. Network Associates' Vincent Gullotto says that Fizzer lurks in attachments to emails that boast enticing subject lines; McAfee and F-Secure provide examples of such come-ons, including "You might not appreciate this...," "Re: how are you?" and "I thought this was interesting..." McAfee warns that Fizzer can capture users' keystrokes on infected machines and place them in an encrypted file that could later be mined for passwords and other critical information by hackers. Gullotto notes that the worm leverages popular online communications channels rather than specific security holes, and adds that increasingly effective gateway and desktop antivirus systems may have prompted the creator(s) of Fizzer to make the worm capable of spreading using more than one technique. Fizzer can also link to Internet servers and receive orders from hackers by taking advantage of widespread Web applications such as AOL Instant Messenger and Internet Relay Chat clients, according to McAfee. Gullotto compares Fizzer to last September's W32/BugBear worm, which slowly became a high-priority security risk. F-Secure suggests that users whose computers have already been contaminated by Fizzer should erase the file "Iservc.exe" from the Windows directory.
- "The Games Robots Play"
Washington Post (05/13/03) P. C1; Gugliotta, Guy
Academic institutions contribute research to artificial intelligence that is put through its paces at RoboCup, an annual event in which robots compete in soccer games. The RoboCup American Open, hosted by Carnegie Mellon University, featured Aibo robot dogs from Sony that were reprogrammed and redesigned to move of their own volition rather than by remote control. These Aibos, which communicated with each other by radio, were split into teams and placed in an arena, where they played to score goals without any human assistance. Carnegie Mellon researchers programmed each Aibo on their team to take a leadership role if it is closest to the ball. There was also a separate competition for wheeled robots that were directed by an autonomous computer that watched the plays via an overhead camera. The purpose of RoboCup is to advance AI research, explains Carnegie Mellon computer scientist Manuela Veloso, who adds that the competing machines need to combine environmental perception, decision-making, and autonomous movement. She says the robots are put in a soccer game to add teamwork into the mix, and notes that "[The robots] divide the tasks, and they have to face a complex environment because they have an opponent." Some 290 international teams will compete in the RoboCup finals in Padua, Italy, this July, while the event's overall goal is to develop a soccer team of two-footed robots that can defeat human World Cup champions by 2050.
Click Here to View Full Article
- "Aftermath of War"
San Francisco Chronicle (05/12/03) P. E1; Fost, Dan; Kirby, Carrie
The fight against terrorists and the recent war in Iraq demonstrate how the Internet today affects war, political expression, and the media. The ability of embedded reporters was greatly enhanced through the Internet and some, such as Kevin Sites of CNN, used blogs to send updates back from Iraq quickly. Institute for the Future director Paul Saffo says the Iraq war was more of a personal media war rather than a mass media war because of the degree of flexibility and interaction available online. Many people accessed foreign news sources through the Internet, such as the oft-hacked Al-Jazeera Web site, in order to learn about international opinions first-hand. Stanford University journalism professor Fred Turner says online bulletin boards and email lists helped organize synchronous worldwide war protests involving millions of participants in 500 cities in just six weeks. Eventually, some persons expect that the Internet will engender greater democracy and freedom for oppressed peoples, but experts warn that people with reactionary mindsets espouse their views online as well. The U.S. also faces a new, technologically savvy enemy in al Qaeda, which makes use of the Internet to coordinate attacks and organize--the U.S. Army War College quarterly published a paper quoting Sept. 11 hijacker Mohammed Atta's last email, which referred to targets in coded language: "We've obtained 19 confirmations for studies in the faculty of law, the faculty of urban planning, the faculty of fine arts, and the faculty of engineering." That same article warned that al Qaeda operatives could be testing American officials' monitoring capabilities and responses through fake communications.
Click Here to View Full Article
- "Invention International"
Technology Review (05/09/03); Buderi, Bob; Schwartz, Evan I.
Former U.S. Patent Office commissioner and founder of the International Intellectual Property Institute (IIPI) Bruce Lehman says he established IIPI as a resource that people in developing countries could use to learn how to leverage patent, trademark, and copyright laws for economic advantage. He notes that the institute has received financing from private-sector players such as IBM and Microsoft as well as public-sector entities such as the World Intellectual Property Organization, which funded projects such as the push to get the government of Jamaica to revise patent policy so that the industry could generate better revenues from sales of indigenous music. Lehman also reports that IIPI is devising a system similar to the Bayh-Dole law in South Africa, which typifies many developing nations in that the country boasts a sophisticated society within a larger, impoverished society. Lehman explains that a global patent system and international patent harmonization are highly desired, but reaching a political consensus on the issue is an especially daunting challenge. There is a debate about whether a global patent system should follow a first-to-invent or first-to-file model, and Lehman favors the latter because patent internationalization offers greater benefits than the U.S. patent model, which is first-to-invent. Lehman explains that a single patent examining authority needs to be established, first by privatizing patent searching and review. "If you detach the actual examination from government itself, then you can have one or two private entities that really become experts at patent examining, and then everybody in the world can hire them to do the examining," he says.
Click Here to View Full Article
- "Intel Prototype Transforms Notebook"
CNet (05/12/03); Spooner, John G.
Intel's Florence is a prototype notebook computer that can easily switch between a tablet PC and a portable entertainment or messaging console. Designer Nick Oakley says the hinged, double-jointed device was inspired by "a two-way restaurant door." Florence also incorporates elements from earlier Intel designs and current convertible tablet PC models, such as foldable screens with 180-degree rotation. The prototype, which will be publicly unveiled later this year, allows users to enter data via keyboard and stylus, and boasts universal serial bus and other I/O ports; the device can also play music and view messages. Probably the most useful mode for Florence will come from opening the display halfway and positioning the keyboard midway through its range, so that a user can type while the main parts of the device rest at the edge of a tray or table. Notebook shipments account for almost 24 percent of the worldwide PC market, and many experts and manufacturers are confident that that number will grow to 50 percent. PC makers are under pressure to come up with new, innovative designs to boost sales because of the economic slump as well as the popularity of lower-priced products among consumers and businesses. "What Intel and other PC vendors are trying to accomplish is to create new usage models for PCs...with designs that extend the capabilities of the PC--either at work or in the home," notes International Data analyst Alan Promisel.
- "'Simple, Cheap Technology' Holds Huge Promise"
United Press International (05/09/03)
Researchers reported significant advancements in the field of microfluidics with the announcement of a silicone rubber device that can transport a consistent stream of fluid despite pressure fluctuation. Such a device, which has no moving parts, could form the basis of implantable drug delivery systems and liquid memory devices. "This is potentially a very simple and very cheap technology," declared University of California, San Diego, physicist Alex Groisman, whose mentor, Stephen Quake of the California Institute of Technology, unveiled a microfluidic device in 2002. The so-called flux stabilizer is configured as a series of lined-up curved chambers with bottlenecks at each end to speed and slow the flow of liquid. Dissolved in the fluid contained in the stabilizer would be minuscule portions of stringy chemicals that would untangle with each contraction, thickening the fluid and equalizing the flow output. Groisman said that the stabilizer, if incorporated into an implantable medicine delivery system, could release 90 percent of the drug without an unacceptable flow-rate reduction. This same control over flow rate was exploited to build a "flip flop" liquid memory system that stores data as fluid flow patterns. Data is written via pressure changes, and Groisman noted that fluidic memory could support as many as 10,000 bits per square millimeter.
Click Here to View Full Article
- "New Virtual Reality Array Allows Immersive Experience Without the Disorienting 3-D Goggles"
The University of Pennsylvania is using a new system called LiveActor to allow users to interact in a virtual reality setting without 3-D glasses. LiveActor works by combining an optical motion capture tool with a stereo projection system. Users' physical actions are monitored as they interact with the system's virtual characters. Ordinary virtual reality systems typically offer more restricted simulations since only a few sensors are placed on the body to track users' motions, says Norman I. Badler, University of Pennsylvania professor and director of the Center of Human Modeling and Simulation. LiveActor's "whole-body tracking" makes the virtual reality experience more life-like, he says, and requires users to wear a unique suit with some 30 sensors scattered across the body. The system is used on a stage about 10 feet by 20 feet in area. Images can be displayed on a variety of screens near the stage. In the past, virtual realty systems have been used for games, medical visualization, and architectural applications, but LiveActor can replicate almost any environment, keep a record of users' reactions, and train people to modify their behavior given particular scenarios.
Click Here to View Full Article
- "Moving Up the Stack"
Economist--Survey (05/10/03) Vol. 367, No. 8323, P. 6
Mainframes, PCs, minicomputers, and servers are transitioning to grid computing, in keeping with Gordon Bell's tenet that the prevalent IT platform changes every decade or so. The increasing complexity and heterogeneity of computing, as demonstrated by the fast growth of the IT services industry, is driving the move to the next platform, in which the network itself serves as the computer. This entails the commoditization of hardware into pools of virtualized resources--bandwidth, processing power, and storage capacity--that can be tapped on an as-needed basis. Seventy percent to 90 percent of firms' IT budgets is currently dedicated to system maintenance, because most systems are inefficient; servers consume nearly $50 million annually, yet less than 30 percent of companies' computer capacity is utilized. The price of electronic hookups will fall dramatically over the next 10 years, swelling the numbers of connected devices and potential applications, according to Sun Microsystems CTO Greg Papadopolous. Engineers try to hide complexity and "raise the level of abstraction" by adding a layer of code--one example of this practice is the development of a simplistic user interface to conceal the intricacy of PC operating systems. Grid computing startups and major vendors also developing the technology are following the same technological route, but with different schemes: Hewlett-Packard, IBM, and Sun's grid computing agendas are closely tied to time-honored products and business models, while Marc Andreessen of Opsware says, "We don't need to push our customers also to buy other stuff from us." HP's Shane Robinson believes that only the largest vendors will offer managed computing. Some estimates indicate that 1 billion Web-linked people and businesses will rely on 200 million IT workers within 10 years.
Click Here to View Full Article
- "The Really, Really Messy Wi-Fi Revolution"
Fortune (05/12/03) Vol. 147, No. 9, P. 86; Boyle, Matthew
Low-cost, wireless broadband Internet access (Wi-Fi) is being touted as a revolutionary technology that will transform the way people use computers, but the Wi-Fi market is currently fraught with anarchy as Wi-Fi providers large and small fight over securing venues where they can set up access points, or hot spots. Sometimes these providers purposefully establish hot spots in close proximity to hot spots offered by a competitor, in hopes of hijacking the rival's clients. Wi-Fi aggregators have also entered the fray, offering consumer and corporate access to well-entrenched Wi-Fi networks. The high-tech industry, currently in the grip of a recession, is hoping that Wi-Fi will re-ignite sales, but a universal business model has yet to emerge: Cometa Networks' strategy, for example, is to sell service providers wholesale Wi-Fi access, while T-Mobile directly bills subscribers and sets up costly T-1 pipes in its hot-spot venues. Furthermore, T-Mobile splits subscriber revenues with venues, while Cometa refuses to do so until its implementation costs are reimbursed. Meanwhile, the lack of a prevalent national Wi-Fi supplier is encouraging smaller players such as Surf & Sip to get into the act. Other factors hindering Wi-Fi's spread include unresolved security issues and a paucity of consumer awareness; one solution is to promote certified Wi-Fi Zones throughout the country, as the Wi-Fi Alliance is doing. Giga analyst Stan Schatt remarks that a lack of cooperation among providers is impeding the deployment of roaming capability, while most analysts expect major telecom providers such as T-Mobile to lead the Wi-Fi market. On the other hand, Intel Capital's Les Vadasz says, "I don't know [which Wi-Fi provider will be dominant], and frankly, in a way I don't care, as long as viable business models exist."
Click Here to View Full Article
- "Reality Bytes"
Discover (05/03) Vol. 24, No. 5; Johnson, Steven
"Mirror Worlds" author David Gelernter's prediction that increased computing power and complexity would help bring about the online equivalent of cities is coming closer to reality. For example, participants in Web-based multiplayer games are coalescing into virtual communities where objects that only exist online have real-world monetary value. However, the worlds these communities are built around represent an escape from reality rather than a reflection of it, which is what Gelernter says mirror worlds are supposed to be. "The mirror worlds approach to organizing information is based on reality, as opposed to an engineer's or a computer scientist's fantasy," he explains. A true mirror world would feature recognizable objects representing real-world counterparts, which in turn would store information relevant to those objects or agencies. Changes in this information would be recorded by the mirror world, which would use narrative information systems that enable users to study past developments as well as anticipate future trends. Although virtual-world games such as SimCity possess the basic toolkit for building true mirror worlds, the real challenge lies in making the information needed to flesh out those worlds widely available. Currently under development are games that seek to bridge the gap between virtual worlds and the real world, another step toward the creation of a mirror world. Gelernter says that with mirror worlds, information is "life-shaped." He says, for example, that information on New Haven should be "New Haven-shaped, not in 10,000 separate databases." He says, "The first city or community that really does it, the whole world is going to take notice."
- "Dawn of the Superworm"
PC World (05/03) Vol. 21, No. 5; Tynan, Daniel
The Slammer worm--also known as Sapphire or SQL Hell-- was launched on Jan. 25, causing Internet service disruptions, flight cancellations, and malfunctioning ATMs. But experts warn that the worm could have been experimental, similar to the Nimda and Code Red viruses, and that a deliberate "superworm" attack might be launched in the future by combining the most powerful aspects of different worms. Silicon Defense CEO Stuart Staniford says such a fusion could lead to a distributed denial-of-service attack that could overwhelm a specific server, producing multiple clones that lie dormant until activated. Slammer and most other worms typically target a defect in Microsoft SQL Server 2000, a database program running in hundred of thousands of servers. Meanwhile, Symantec estimates that 2,500 new flaws were found in well-known applications in 2002, an increase of 81.5 percent over the previous year. And in March, ISS announced that Sendmail, which manages the transmission of 50 percent to 75 percent of Internet email traffic, contains a 15-year old vulnerability. But despite such security issues, software vendors still tend to focus on new features rather than on building security, says security consultant Richard Forno. In an effort to boost Internet security, the Bush administration in February announced a set of guidelines for public and private collaboration in its National Strategy to Secure Cyberspace, which includes building an expanded federal Cyber Warning and Information Network.