Timely Topics for IT Professionals
About ACM TechNews
ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either HP or ACM.
To send comments, please write to email@example.com.
Volume 5, Issue 537: Monday, August 25, 2003
- "The Aftermath of Cyberattacks"
New York Times (08/25/03) P. C4; Strom, David
Before the Blaster worm gained widespread notoriety, the Homeland Security Department issued a two-page note advising ISPs to shut off access to three server ports: Cox Communications, AT&T Broadband, and other ISPs heeded the warning and shut down those channels, though they affected legitimate Microsoft Exchange functions. Despite the early action, however, the self-propagating Blaster worm and email-reliant SoBig.F worm were successful enough to renew fears about cyberterrorism and the government's ability to stop it. Security professionals prevented PCs infected by SoBig.F from perhaps their most nefarious use on Friday afternoon, as the 20 servers that were to send worldwide commands to the drones were identified and cut off from the Internet. Former national cybersecurity adviser Howard Schmidt says the government probably did the best it could with the July warning because it has to balance disclosure; giving too much information could assist terrorists or other criminals, he says. The report did not mention a special file transfer port normally used for router configuration updates, but exploited by the Blaster worm to infect entire corporate networks. The vulnerability meant a single infected computer could unleash Blaster on an entire network without any active user participation. Internet Security Alliance President Dave McCurdy says Homeland Security is doing a good job of working with the private sector, but the agency lacks resources. A new national cybersecurity division is being formed from computer security elements of the FBI, General Services Administration, and the Department of Defense, but no leader for the group has been announced yet. For now, homeland security really has to start at home, with regular users working to update their Windows security and installing firewall hardware for broadband connections.
(Access to this site is free; however, first-time visitors must register.)
- "Net Analysis Gets Turbo Boost"
Wired News (08/21/03); Delio, Michelle
A team of Georgia Institute of Technology researchers has devised a technique to simulate computer networks that is faster than any other simulators currently in use, and plans to boost network security with the tools. "What we hope to provide is an enabling technology that will allow experts in computer security and defenses to study the behavior of worms, computer viruses, exploits and distributed denial-of-service attacks on a scale previously unattainable," explains Georgia Tech team leader Richard Fujimoto, who helped create a new synchronization algorithm designed to rapidly coordinate the operation of many processors. The simulator can model network traffic from more than 1 million Web browsers in close to real time, which is two to three orders of magnitude faster than other simulators. Security experts can also use the technology to run alternative scenarios of incidents after the fact, which could be used to develop more effective network safeguards and allow factors to be more precisely classified as either threatening or non-threatening in order to reduce false alarms. The Georgia Tech algorithm was tested on the Pittsburgh Supercomputing Center's Lemieux supercomputer, where the team discovered that the program ran very fast on approximately 1,500 processors, achieving a general simulation rate of 106 million packets a second. The Georgia Tech team will detail their work at the IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems in October.
- "Could Spam One Day End Up Crushed Under Its Own Weight?"
Wall Street Journal (08/25/03) P. B1; Berman, Dennis K.
Dennis K. Berman offers a ray of hope to people frustrated and demoralized by the spread of spam: Spamming could eventually burn itself out by becoming a victim of its own proliferation, he muses. Thousands of people are becoming spammers because operating costs are virtually nonexistent, an especially attractive lure in a down economy; another easy road to profit for spammers is to fool small businesses to pay for "electronic marketing campaigns." Author Robert L. Fitzpatrick is confident that an upturn in the economy will result in the disappearance of casual spammers as well as the gullible people and businesses they rely on. Berman adds that many spams are business propositions without a hope of success, which means eventual burnout. One of the biggest problems is that the spam model works, but Berman partly attributes its success to inexperienced Internet newcomers. He writes that the continued maturation of the Net population will dampen spam's power. Berman insists that spam could be hobbled even further through a broad educational campaign as well as "downright social coercion" to stop supporting spammers. He suggests that the companies losing money while they struggle to control spam could help sponsor an anti-spam public-service campaign. Berman recommends that everyone follow a strategy to curb spam by refusing to buy products through spam advertisements; never clicking on a Web link contained in spam; and never posting their email addresses on public Web pages.
- "Rugged Computing: The Consumer Trajectory"
TechNewsWorld (08/22/03); Kroeker, Kirk L.
The ruggedization of electronics equipment is becoming essential as engineers, developers, and designers are being put into fieldwork situations that emphasize remoteness and rough environmental factors. Most rugged-computing devices are certified by Military Environmental Test Standards MIL-STD 810F, which requires that such devices are vibration-, dust-, water-, and temperature-resistant as well as unaffected by repeated impacts on hard surfaces. "The fact that combat efforts are now more coordinated than ever before electronically is invigorating the need for ruggedized electronics equipment," reports AMR Research analyst Louis Columbus. "The coordination of military campaigns requires real-time electronic communications, and the ruggedized componentry makes taking workstations to remote locations [a possibility]," he explains. Industry analyst Rob Enderle says that the cost of ruggedizing computing equipment is offset by the potential cost of recovering data or productivity lost because the equipment is not fully functional, and explains that ruggedization usually involves making the hard drive shock-proof while shielding the rest of the device from changing environmental conditions. Enderle muses that consumer laptops and personal digital assistants could become more robust by incorporating ruggedization technologies typical of current military applications: Integrating a potentiometer with the hard drive, for example, could protect the media, and Enderle claims that such technology will be featured in consumer laptops starting in 2004. Defense industry contractor CRI recently announced new SGI visualization and storage technologies ruggedized to work in hostile environments. The vulnerability to damage of most laptops will foster the spread of rugged computers, predicts Frost & Sullivan IT industry analyst Jarad Carleton.
- "Female MIT Grads Make Mark on Field"
Contra Costa Times (08/22/03); Hafner, Katie
Three female MIT graduates who were profiled in the New York Times 10 years ago as women who might make a significant impact on the computer industry still support the idea that women should have as large a role in technology as men, although they have diverged somewhat from their original career goals. Ellen Spertus, who teaches computer science at the all-girl Mills College in Oakland, Calif., incorporates courses she was taught at MIT into her own curriculum, but her teaching approach is less stringent; her philosophy is that education "can be simultaneously nurturing and rigorous." Only a handful of Mills students earn bachelor's degrees in computer science or advanced degrees in "interdisciplinary computer science" each year, so Spertus has organized a course directed toward nonmajors that is very popular. Computer chip designer Stephanie Winner wanted to be a role model for other women after noticing the scarcity of females in her field, but her ambitions were sidetracked by her need to balance her work and home life; she now works as a patent agent at a Silicon Valley law firm. Megan Smith spent her student years engineering sophisticated tech projects such as a solar-powered vehicle and a tactile joystick, and was attracted after graduation to Silicon Valley startups such as General Magic, where she developed a greater affinity for business. Although Smith says she regrets her migration away from technology to a certain degree, she has noticed a growing trend among female programmers to become program managers. Though the playing field is by no means level, Telle Whitney of the Institute for Women and Technology expects women's role in IT to expand over the next decade, partly due to new programs that companies such as Microsoft and IBM are developing to promote the education and professional development of female tech workers.
For information about ACM's Committee on Women in Computing, visit http://www.acm.org/women.
- "A Summer of High-Tech Discontent"
MSNBC (08/22/03); Bonne, Jon
The summer months have been a busy, often frustrating time for IT staff as wave after wave of computer worms--Sobig.E, Blaster, Welchia, and the latest and most virulent worm, Sobig.F--struck at networks, clogging them with email and slowing down productivity at thousands of companies. Much of this lost time was spent simply cleaning the computer systems of viruses and restoring full operational capability. It is difficult to determine the full scope of the epidemics: The Blaster worm is thought to have infected 500,000 machines, while estimates of the worm's financial cost range from $50 million to the billions. University networks have been particularly vulnerable because their users are not as stringent as federal agencies or large enterprises when it comes to implementing and maintaining virus safeguards; some even take offense at being told how to manage their own machines, says University of Wisconsin, Madison, CIO Annie Stunden. Smaller businesses, meanwhile, cannot always afford to keep abreast of the latest patches and antivirus updates, and only support a small number of mail accounts. Home users lost time updating their own safeguards, while Sobig flooded their inboxes with spam regardless of what measures they took. Net access providers reported the tide of junk email unleashed by Sobig devoured a lot of bandwidth, though AOL and Yahoo! claimed the infection had only a minor impact on their servers. However, Redwire Broadband CTO Jim Comeaux remarked, "It's not necessarily Internet bandwidth, it's human bandwidth that's been affected."
- "Computer Program That Analyzed Shuttle Damage Was Misused, Engineer Says"
New York Times (08/25/03) P. A9; Schwartz, John
The engineer behind the computer program used to estimate damage to the shuttle Columbia's wing said that the analysis tool known as Crater was grossly misused, thus causing it to underestimate the potential damage from a piece of broken foam. While the spacecraft was in orbit, NASA asked Boeing to analyze potential damage from a large chunk of insulating foam that hit Columbia's wing during take-off. The team used Crater, a computer program created by longtime Boeing space engineer Allen J. Richardson, who retired in 1991. Richardson originally created the program to estimate meteoroid threats in the Apollo program and later tweaked it for the shuttle program. Richardson testified before the Columbia Accident Investigative Board that Crater was not at fault, but rather the program's users who fed it flagrantly wrong data. For example, instead of analyzing how a solid piece of foam would impact the leading-edge composite tiles, the team used previous test data that studied the impact of ice, which easily shatters. In its report to NASA, Boeing also sought to minimize the potential danger through favorable variables, according to Richardson. In looking at a second Boeing analysis, the potential for heat damage during re-entry was negated because of the same type of wrong assumptions that occurred in the Crater analysis. The investigative panel has criticized Crater as ineffectual, and one panelist told Richardson NASA needed a better methodology for damage analysis--to which Richardson replied, "No, you need smaller debris."
Click Here to View Full Article
(Access to this site is free; however, first-time visitors must register.)
- "Ground-breaking Research to Develop 'Conscious' Robot"
Researchers at the Universities of Bristol and Essex will soon initiate a three-year project that marries computer science and neuropsychology in an effort to devise a "conscious" robot that will advance intelligent machine technology and shed new light on the mechanics of human consciousness. The objective is to place the robot in a complicated environment where it will have to envision itself performing various actions before selecting the optimum action. At the same time, computers will examine and visualize the inner workings of the robot's "brain" so that researchers can determine if consciousness is occurring. The design and construction of the robot will take place at a new robotics research facility nearing completion at the University of Essex, while Professor Tom Troscianko of the University of Bristol psychology department will lead a team tasked with developing the vision component of the robot's brain. The artificial system must closely mirror the systems of humans and primates, because much knowledge about consciousness is derived from analysis of visual experience and visual conception. The Engineering and Physical Sciences Research Council's Adventure Fund, which supports high-risk research projects, has allocated approximately 500,000 pounds toward the project. "Whether we succeed in detecting consciousness or not, this project will certainly allow us to learn more about the operation of complex human-like visual systems, and will enable ourselves and others to build robots with better-developed artificial intelligence in the future," declares Machine Consciousness editor Owen Holland, who will oversee the project at the University of Essex.
- "Rise of the Machines"
Electronics News Australia (08/21/03); Crozier, Ry
In his book, "The Human Edge," Richard Samson argues that an electronics revolution is on the horizon, one in which machines will supplant humans in knowledge-based jobs. To avoid the mass displacement he sees as the inevitable result, Samson advises that society undergoes a "hyper-human" revolution whose goal "is to inject 'aliveness' into everything we do, and let electronic systems take over the dead, dull stuff." Under this philosophy, people should earn salaries for skills beyond those of machines, such as conscious perception and motor control, ethics, subjective decision-making, creativity, and conjecture. There are those who doubt that Samson's scenario will come to pass: Amtex general manager Jim Kuswadi opines that "products will become more uniform with strict quality controls because there isn't the reliance on human intervention in the systems." Many other visions of automation, such as the paperless office, have not panned out; in "The Myth of the Paperless Office," authors Abigail Sellen and Richard Harper note that many activities turned over to electronic systems nevertheless wind up on paper because people are accustomed to it. However, technology is influencing how people talk, as evidenced by the increasing use of acronyms and other tech terms in everyday language. The AMD Global Consumer Advisory Board reports that many prospective technology buyers are postponing product purchases because of a language barrier. Some who are more familiar with the terminology are also avoiding new technologies because they view them as overly complicated.
- "Tool Blazes Virtual Trails"
Technology Research News (08/20/03); Patch, Kimberley
A new virtual prototyping tool helps users keep their bearings when navigating the computer aided design (CAD) representation of ships, airplanes, or buildings. Developed at the University of North Carolina, the system uses algorithms and a graph map to keep users' avatars from floating through the free space of the virtual design. Instead, avatars walk along the floor and cannot pass through walls, allowing users to understand the virtual model better. The system is based on polygon models and requires preprocessing to link mapped graph nodes. After the global navigation mode is built, a local navigation mode lets users literally plot their own course in the virtual design, specifying where they want to go and how they want to get there. University of North Carolina researcher Brian Salomon says preprocessing the graph map for a 12-million polygon power plant model took over 12 hours, but that the actual graph takes surprisingly little storage. Salomon notes that industry partners include Boeing, Newport News Shipbuilding, and large architectural firms. The system can be used with current CAD products.
Click Here to View Full Article
- "Darpa Head Expresses Skepticism About Quantum Computing"
EE Times (08/20/03); Wilson, Ron
Robert Leheny, director of the Defense Advanced Research Projects Agency's (DARPA) Microsystems Technology Office, delivered a keynote speech at the Hot Chips conference in Palo Alto, Calif., that detailed the potential of--and potential barriers to--future microelectronics technologies. Though Leheny noted that quantum computing is thought to be very promising, he cautioned that it suffers from the same scaling problems as analog computing. He added that nanoscale systems are often touted for their self-assembling properties, but argued that self-assembly is, to a certain degree, also a component of integrated circuits. "And you can bet that as we get closer to the physical limits of IC processing, we will see chemical processes for self-assembly playing a greater role," Leheny declared. In the field of optics, Leheny observed that vertical-cavity, surface-emitting lasers can be manufactured in volume on a system-level chip because their fabrication costs are close to those of light-emitting diodes, and this could pave the way for new interconnect technology uses such as the development of dWDM on a chip. The DARPA director said that tunable microelectromechanical systems (MEMS) RF filters could come about thanks to the vibration and electrical tunability MEMS structures display in response to radio frequencies. Furthermore, Leheny stated that minuscule compound lenses on an IC could yield high-resolution images through synthetic aperture methods. He predicted that the computing power residing on a single die will one day be comparable to that of the biggest "gymnasium-sized machines" currently available, if Moore's Law continues to follow its projected curve; however, he said materials such as InP and SiGe exhibit greater tolerance for higher frequencies than native silicon.
- "Open Source Does Not Mean Open Doors"
Computerworld New Zealand (08/19/03); Bell, Stephen
Open source software is often more secure than proprietary software as evidenced by the Apache Web server and other anecdotal proofs, said advocate Peter Harrison at the IT Security 2003 conference in New Zealand. The Interbase database management product's source code, for instance, was made open before Borland planned to spin off the support group as a separate company. In just six months, a vulnerability was found and fixed that had gone undetected for five years, said Harrison, who is a member of the NZ Open Source Society and a developer for Auckland-based Nothing But Net. Harrison also said the Apache Web server experienced few attacks despite having a more than 60 percent market share, discounting Microsoft's assertion that its popularity makes it an easier target for hackers. Open source software has a rapid development and fix cycle compared to proprietary systems, and also benefits from more user feedback. These factors help open source software evolve stronger security. Internal Affairs and Customs officials and security industry experts also discussed identification technology at the conference, and noted that facial recognition is the biometric most likely to be used in border security; they said iris scanning is too invasive and fingerprinting can be circumvented too easily. However, in accordance with New Zealand's Privacy Act, measures need to be taken to ensure that entry and exit records are not used for other purposes, including timekeeping, without people's express consent.
Click Here to View Full Article
- "Robot Spy Can Survive Battlefield Damage"
New Scientist (08/20/03); Graham-Rowe, Duncan
Peter Bentley and Siavash Haroun Mahdavi of University College London have developed a self-healing snake-like robot as a possible military reconnaissance tool. The snakebot consists of modular vertebral units, each containing three independent longitudinal "muscles" fashioned from nitinol--a shape-memory alloy of nickel and titanium whose crystal structure contracts when subjected to an electric current, and resumes its original configuration when the current is removed; applying the current to specific nitinol wires causes the robot to move in a specific direction. The snakebot is also equipped with a shape-changing antenna to transmit audio and video. So that other vertebral segments can take over for those that are damaged, Bentley and Mahdavi employ a genetic algorithm. Each series of movements the robot makes is determined by a digital chromosome comprised of a primarily random binary digit correlating to a muscle wire. The genetic algorithm starts out with 20 chromosomes, and tests them to ascertain the two fittest chromosomes (those that best achieve the desired movement), which are retained while the remainder are shuffled or subjected to random mutation. The process is repeated over successive generations until a performance plateau is achieved, as signaled by a tapering off of improvement, according to Mahdavi. The development of the snakebot is being underwritten by BAE Systems, which aims to use it as an inexpensive battlefield surveillance device that can be deployed from helicopters.
Click Here to View Full Article
- "Is the Internet Dying?"
CircleID (08/20/03); Auerbach, Karl
Karl Auerbach writes how some evidence suggests the impending death of the Internet in its current form, citing the expanding amount of background packet radiation that the Internet must manage from viruses, spam, and bad code. Auerbach comments, "I am always amazed, and appalled, when I fire up a packet monitor and watch the continuous flow of useless junk that arrives at my demarcation routers' interfaces." Noting also that he receives DNS queries at IP addresses that have not hosted a computer or DNS server in years, and search engine searches for Web sites no longer in existence, Auerbach argues that such activity exhausts many resources--burning and wasting bits, routing cycles, and buffers. Whole blocks of IP addresses that previously hosted spammers can be contaminated, says Auerbach. "It will not take long before the cumulative weight of this garbage traffic starts to poison the Net," he notes. Auerbach contends that the deployment of IPv6 and improved security will not cease IP address space contamination, and he predicts a dramatic change on the Internet--perhaps a move away from the end-to-end principle online. Online communities may increasingly separate and barricade themselves to block background packet radiation and avoid poor regulatory structures such as ICANN, writes Auerbach. The author worries about the potential prevalence of gatekeepers, or censors, online.
- "New Spin for Electronics"
Computerworld (08/21/03); Anthes, Gary H.
Computing in the future may rely on an electron's spin in addition to its charge. Called giant magneto-resistance by IBM, the spintronic effect has enabled disk storage capacities to increase by a factor of 100 in the last five years. Researchers expect dramatic advances in the use of spintronics, short for "spin transport electronics," including magnetic random-access memory (MRAM); MRAM may hit the market by 2005 through partnerships such as that between IBM and Infineon, and promises speeds 50 times faster than DRAM and 10 times more density than static RAM. In addition, MRAM is nonvolatile and could be integrated with logic chips to reduce computer I/O bottlenecks. At the University of California, Center for Spintronics and Quantum Computation director David Awschalom is aiming for even more extreme spintronic applications, including harnessing the spin of an atom's nucleus. "The subatomic part of the atom would store information, and the electron would act as the bus to carry information in and out of the nuclear subsystem," he explains. Awschalom is specifically working on an optical-based information processor that mirrors other future visions of spintronics, in which electronics, photonics, and magnetism are integrated to produce much simpler circuits that use spin-polarized current; such devices could enable terahertz-speed communications switches or reconfigurable logic devices. IBM has already succeeded in injecting spin-polarized current into a semiconductor using the same magnetic tunnel junctions as in MRAM technology. Awschalom says spintronics development does not have any obvious roadblocks, though there are significant challenges.
Click Here to View Full Article
- "Spam Wars"
Technology Review (08/03) Vol. 106, No. 6, P. 32; Schwartz, Evan I.
The Internet is plagued with over 13 billion spam emails each day, and Ferris Research estimates that spam will add up to $10 billion in lost U.S. productivity this year, while Microsoft Research analyst David Heckerman predicts that spam could account for 90 percent of all email in a short time. There are three combat tactics against spam: Spam blockers and filters, anti-spam legislation, and a dramatic reworking of basic email and Internet operations; the most effective strategy may be found in concurrently employing all of these solutions. Critical to any spam filter's effectiveness is its filtration and false-positive rates, which vary among popular filters such as Brightmail, heuristic filters such as SpamKiller, and Bayesian-model-based filters. However, some people note that more effective filters only encourage spammers to send even more spam, as well as tweak spam to appear more "friendly." EarthLink's Mark Petrovic argues that curbing spam will "require a cooperative solution to augment the basic way email works." Examples of this type of solution include IP address books listing companies determined to be spammers or associated with spamming (black lists), address books listing parties who are authorized to send email (white lists), a proposed email tax designed to cripple the medium's use to spammers, and special license codes distributed by email providers in return for royalties; key to deploying such measures is making future email traceable by fundamentally changing the Simple Mail Transport Protocol (SMTP). Thus far, legal recourse in both the United States and Europe has done little to dam the flood of spam: A pan-European law upholding opt-in licenses was passed, but most spammers operate in the United States, where the law has no jurisdiction. Meanwhile, recent U.S. opt-in anti-spam legislation has died in Congress, while other bills have stalled because legislators cannot agree on whether a federal spam ban would be effective, or even appropriate.
- "State of Speech Standards"
Speech Technology (08/03) Vol. 8, No. 4, P. 20; Larson, James A.
The World Wide Web Consortium (W3C), the Internet Engineering Task Force (IETF), and the European Telecommunications Standards Institute (ETSI) are developing standards for speech systems, which consist of a cell phone, telephone, or other user device; a document server where scripts and files are stored; an application server housing a voice browser to download and interpret documents; a speech server with technology modules tasked with the recognition and generation of speech; and a telephone connection device with a call control manager. The VoiceXML Forum submitted version 1.0 of the Voice Extensible Markup Language (VoiceXML), a dialog language for writing speech applications to the W3C, in March 2000, which was refined into VoiceXML 2.0 by the Voice Browser Working Group, which also distilled and polished the Speech Recognition Grammar Specification and Speech Synthesis Markup Language as distinct specifications. Most Voice Browser Working Group members have agreed to a royalty-free licensing scheme, though there currently are only a small number of non-royalty-free patents which may be key to VoiceXML 2.0. Last February, W3C founded a multimodal interaction working group which will soon post working drafts of Ink Markup Language, Extended MultiModal Annotation, and Multimodal Framework Note. Meanwhile, the IETF's Speech Services Control Working Group is developing protocols for managing remote speech recognition, speaker identification and confirmation, and speech synthesis; proposed standards thus far submitted by the working group include requirements for distributed control of ASR, SI/SV, and TTS Resources, and Protocol Evaluation. The American National Standards Institute's InterNational Committee for Information Technology Standards, in conjunction with the BioAPI Consortium, has proposed the Biometrics Application Programming Interface (BioAPI), which supports the enrollment, verification, and identification of users. ETSI's Aurora project has yielded a distributed speech recognition standard that boosts feature extraction on a client and enlists the server to handle the remainder of speech recognition; ETSI has also built a list of vocal commands in English, Spanish, Italian, German, and French.