ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of ACM.
To send comments, please write to firstname.lastname@example.org.
Volume 5, Issue 550: Friday, September 26, 2003
- "European Parliament Votes to Limit Scope of Software Patents"
IDG News Service (09/24/03); Meller, Paul
Members of the European Parliament (MEPs) on Sept. 24 voted overwhelmingly in favor of amendments to the European Commission's software patent directive. Changes that were approved in lude prohibitions on the patenting of algorithms and business methods--specifically, "Inventions involving computer programs which implement business, mathematical or other methods and do not produce any technical effect beyond the normal physical interactions between a program and the computer, network or other programmable apparatus in which it is run." MEP and U.K. Socialist Party member Arlene McCarthy, who authored some of the amendments, called the vote an effective rewriting of the proposed law, although she doubted that the revised text will be accepted by the European Commission and the European Union's 15 member state governments. "I tried to balance the various interests here with a text that doesn't undermine the obvious need for patent protection for real inventions, while averting a slide towards the more liberal patent regime in the U.S.," she explained. Another Parliament vote on the directive is coming up, and the law and the recently approved amendments will be debated by the EU state governments in November. McCarthy expressed concern that member states could jettison the directive in favor of amending the Munich Patent Convention, which is the legal foundation of the European Patent Office's current patent regime. The directive will not become law until Parliament and the member governments reach an accord on its wording. Following that, the member states will be required to incorporate the directive into their individual national laws in approximately 18 months.
- "Maryland: E-Voting Passes Muster"
Wired News (09/25/03); Zetter, Kim
A Sept. 24 report from Maryland election officials concluded that despite a "high risk of compromise," the state has enough confidence in Diebold Election Systems' touch-screen voting machines to go ahead with a deal to purchase the machines. The report, which was furnished by Science Applications International (SAIC), makes 23 recommendations for securing the machines, six of which have already been carried out, according to David Heller of Maryland's board of elections. Those six include encrypting votes that are transferred from machine to state servers and modifying Diebold software to maintain voter anonymity; assuming the 17 remaining recommendations are fulfilled, officials say the Diebold systems will be ready by the time the March 2004 primary rolls around. Security expert Avi Rubin, who reported on Diebold software vulnerabilities along with Johns Hopkins and Rice University researchers, says the state's decision to proceed with the Diebold purchase is an unwise move considering SAIC's risk assessment, and argues that the logical course of action is to postpone the deployment until SAIC declares the machines vulnerability-free. SAIC officials considered the warnings Rubin made in his report, but claim most problems can be rectified by severing voting system servers from the Internet. The SAIC auditors wrote, "Maryland's procedural controls and general voting environment reduce or eliminate many of the vulnerabilities identified in the Rubin report," but acknowledged that the Diebold system still fails to comply with the best practice standard or the State of Maryland Security Policy. The technology cannot be implemented before it is recertified by Ciber and Wylie Laboratories, which performed the machines' original certification; Rubin calls such an approach ill-advised, given that the certifiers failed to uncover any flaws the first time out. Pamela Woodside, CIO for the state's board of elections, reports that SAIC is reviewing the amended code to make sure that the software revisions patch the security vulnerabilities.
Click Here to View Full Article
For information regarding ACM's e-voting concerns and activities, visit http://www.acm.org/usacm/Issues/EVoting.htm.
- "The Grand Challenges for Computer Science"
Computing (09/24/03); Nash, Emma
The U.K. Computing Research Committee, in conjunction with the Council of Professors and Heads of Computing, has embarked on seven new projects in the hope that one or more will become 15-year, international Grand Challenges that significantly advance computer science. The In Vivo <-> In Silico (IVIS) project focuses on modeling real-life events so that scientists can carry out experiments with virtual organisms, and Microsoft researcher Sir Tony Hoare believes such work will have vital socioeconomic implications. The Memories for Life project aims to develop a method to securely and conveniently archive and search digital data such as email, audio recordings, digital images, and phone numbers, which will significantly grow in volume over the next 10 to 20 years. Insights on how the human brain functions is the focus of the Architecture of Brain and Mind initiative, while Dependable Systems Evolution seeks to set up a scientific foundation to construct systems whose integrity is justified, even when confronted with extreme threats. University of Cambridge professor and ACM Turing Award recipient Robin Milner says the goal of the Science for Global Ubiquitous Computing initiative is to lay down the theoretical groundwork for the Global Universal Computer, which scientists and academics believe will become the collective term for a massive global network of computers expected to emerge within two decades. The Scalable Ubiquitous Computing Systems project is an attempt to solve future problems stemming from growing computing complexity as a result of the Internet's proliferation, increasingly networked computers, and the application of organic models; Professor Jon Crowcroft of the University of Cambridge explains that a "build and learn" principle will serve as the foundation for new design principles. Finally, the University of York's Susan Stepney says the Journeys in Non-Classical Computing Project's goal is to build computer systems of advanced complexity, reliability, and adaptability using natural and biological systems as a template.
- "Patent Politics"
CNet (09/25/03); Festa, Paul
Microsoft and its industry rivals are siding together against Eolas, a single-man firm that won a patent claim against Microsoft for its ActiveX technology, which allows application plug-ins to run in Internet Explorer. The 1999 patent claim, which was affirmed last month in federal court, threatens open-source software and standards protocols such as those put out by the World Wide Web Consortium (W3C) as well, since those bodies ban the use of proprietary technology. The organizations expressed support for Microsoft recently at a W3C strategy event held at Macromedia's headquarters. Eolas founder and sole employee Mike Doyle says he is liberating browser users from the clutches of Microsoft, and will provide for more robust competition in the software arena. But companies that once might have supported Eolas' suit say it has come too late, now that Microsoft's Internet Explorer is so pervasive and so much software hooks into it. O'Reilly & Associates vice president Dale Dougherty, who spoke in court on behalf of Microsoft, said that Web patents such as Eolas' pose a larger threat to online companies than does Microsoft itself. Although Microsoft still has an appeal and could settle with Doyle, companies are already taking steps to ensure their products have a work-around: Adobe has written code that points PDF links to Adobe Acrobat instead of opening the file inside the browser, but experts say firms such as Macromedia are in more dire trouble. Computer security analyst Richard Smith says Macromedia's Flash plug-ins are among the most widely distributed embedded Web content, but Macromedia sees Java applets under threat as well. W3C representative Janet Daly says the Eolas case is another example of how patents slow technology adoption, obfuscating standards and software development.
- "Davis to Sign E-Waste Bill"
SiliconValley.com (09/25/03); Marimow, Ann E.
California Gov. Gray Davis will sign a bill on Sept. 25 requiring consumers to pay an additional $6 to $10 for every new computer monitor or television they purchase to fund the recycling of electronic waste. Californians Against Waste executive director Mark Murray says, "This measure will provide the public with a safe, reliable and convenient option for recycling their obsolete electronics," though the Computer TakeBack Campaign does not think the state's e-waste program should serve as a national model because a critical ingredient--manufacturer accountability--is missing. Ted Smith of the Silicon Valley Toxics Coalition, a TakeBack Campaign member, says his organization will retool the program to make electronics manufacturers more responsible for recycling. California Sen. Byron Sher (D), who has been pushing for e-waste recycling legislation for two years, co-authored with Hewlett-Packard a bill that would make recycling the responsibility of tech companies, but the deal fell apart when discussions between Sher and HP crumbled. HP firmly opposed the final draft of the legislation due to concerns that it would undermine California companies' competitiveness. The bill that Davis will sign only allows e-waste to be exported to countries that comply with specific international environmental standards for safe disposal. "California has led the technology revolution and we will lead the way to safely managing computers and other electronic devices at the end of their life," the governor declared on Sept. 24.
Click Here to View Full Article
- "Congress Questions Database Protection Proposal"
IDG News Service (09/24/03); Gross, Grant
A draft bill designed to boost protection for the content of commercial databases has sparked debate in Congress as both supporters and opponents expressed their views at a Sept. 23 hearing. Proponents such as Keith Kupferschmid of the Software and Information Industry Association argued that the theft of database content by competitors is a critical problem, and new legislation is needed to shield databases against "free riders;" Kupferschmid cited a handful of recent court cases in which database owners lost lawsuits to rivals who used their data without authorization. The bill would allow commercial database owners to sue whomever sells their database content, provided that content is time-sensitive and its collection and maintenance requires a "substantial" investment. Rep. Lamar Smith (R-Texas), chairman of the House Judiciary Committee's Subcommittee on Courts, the Internet, and Intellectual Property, said the legislation could encourage database creators to continue rolling out new offerings, but U.S. Chamber of Commerce CEO Thomas Donohue countered that the database piracy problem is not widespread, given the small number of cases Kupferschmid raised. Donohue argued that databases are already adequately protected by "contract, intellectual property, copyright, state misappropriation, trespass and federal computer anti-hijacking statutes and numerous other protections that are on the books." National Academy of Engineering President William Wulf also opposed the measure, contending that it could dissuade universities and for-profit companies from sharing data in research projects. The ACLU claimed the bill could block the distribution of facts if those facts are part of commercial databases, and added its voice to those of Reps. Rick Boucher (D-Va.) and Janice Schakowsky (D-Ill.) in criticizing a provision involving the use of subpoenas to demand the identity of suspected database copiers.
- "Want PC Security? Diversify"
Wired News (09/25/03); Glasner, Joanna
Seven computer security company executives, writers, and academics presented a report at a Computer & Communications Industry Association (CCIA) meeting on Sept. 24 arguing that network instability has been worsened by Microsoft's monopolization of the PC sector with the overwhelming presence and usage of the Windows operating system. The authors added that as code used in Windows-integrated applications becomes more sophisticated, the risk of security flaws climbs. "It is essential that society become less dependent on a single operating system from a single vendor if our critical infrastructure is not to be disrupted in a single blow," they declared. CCIA public policy director Will Rodger compared the current PC security plight to agricultural conditions that led to the Irish potato famine and American cotton blight, in that both disasters could have been significantly lessened had farmers diversified their cultivation, in much the same way that networks would suffer less damage from viruses and worms if more people used different operating systems. The report's authors proffered several solutions to the operating-system monoculture problem, including government mandates that no OS account for more than 50 percent of the installed base in a critical industry, and a requirement that Microsoft support some of its most widely used applications on Linux and other rival platforms. Sean Sundhall of Microsoft claimed the report ignored the benefits of an operating-system monoculture, such as ease of patching. The Computer Technology Industry Association (CompTIA) accused the authors of "myopically looking to technology" as the root cause of network security problems, when in fact human error is usually the culprit. CompTIA policy counsel Mike Wendy added that computer security could be bolstered by educating home PC users about the problem and accelerating security training for IT professionals.
Click Here to View Full Article
- "Pentagon Spy Office to Close"
Associated Press (09/25/03)
A joint congressional panel has elected to shutter the Information Awareness Office of the Defense Advanced Research Projects Agency (DARPA), which was developing the controversial Terrorism Information Awareness (TIA) program. TIA was a data-mining project designed to sift through individuals' computerized transaction records to uncover patterns that may indicate terrorist activity, and critics such as Sen. Ron Wyden (D-Ore.) called the congressional decision a wise move. But although TIA itself may be dead, the software tools under development could still be used by other government agencies for the purpose of gathering intelligence from foreigners both inside and outside the United States, or from Americans stationed abroad. The House and Senate negotiators also prohibited DARPA from engaging in other TIA projects, including the identification of people at a distance through the use of radar or video images of their facial features or their walk. TIA initiatives that DARPA is still permitted to pursue include a project to accelerate bioterror attack detection, the development of software that can automatically translate foreign documents and broadcasts, and the creation of wargaming software that can model terrorist attacks and response strategies.
For information on ACM's actions regarding TIA issues, visit http://www.acm.org/usacm/Issues/TIA.htm.
- "Evolving Web Could Turn Into the Everynet"
Investor's Business Daily (09/25/03) P. A8; Howell, Donna
The adoption of the Internet Protocol version 6 (IPv6) standard promises to ease networking by allowing any object to be set up as an online service, according to Wind River Systems' Joerg Bertholdt. This is just one of several developments that should help spread Internet connectivity to previously inaccessible areas; others include the advancement of broadband and wireless technology, the advent of technical specifications for voice over data networks, and standards for data management via a unified online language. IPv6 lets individual online addresses be established for practically anything, and the military is especially keen on using the protocol to enhance battlefield operations. Meanwhile, Bell Laboratories research director Rick Hull forecasts the coming of multiparty phone calls and videoconferences as well as location services as wireless technology grows more sophisticated and global positioning system technology is embedded in more mobile devices. He adds that Asia has a head start in terms of location services as well as new technologies that could revolutionize home networking. Gartner analyst Dorothy Lai predicts that Korean manufacturers will probably lead the charge in terms of developing and adopting new home technologies, partly because of a government initiative to make broadband available to everyone. Technologies under development include trash cans that automatically sort recyclable material, microwave ovens that can surmise how to prepare food, and toilet seats that run health diagnostics. Lai notes that a lot of these products cannot work without the presence of radio frequency identification (RFID) technology. Accenture scientist Glover Ferguson foresees a time when RFID tags could open up new services such as locating lost pets, though the technology's cost will have to fall dramatically before this can happen.
- "An Open Invitation to Election Fraud"
Salon.com (09/23/03); Manjoo, Farhad
Bev Harris, author of "Black Box Voting," has made it a priority to uncover the flaws of electronic voting systems, and she recently published several critical vulnerabilities in Diebold touch-screen machines that were verified by internal Diebold memos. She explains that just about anyone with access to a computer can enter the central vote-counting database via Microsoft Access, change the votes as they come in, and overwrite the audit trail to cover their tracks; Harris also notes that the voting machines are linked to the GEMS machine with a modem, allowing people to get in through the Internet. "Once you know the steps, a 10-year-old can rig an election," she proclaims. She adds that the Diebold memos indicate the company has known about the vulnerability for several years, and decided not to deploy security because the flaw was useful in certain situations. Harris says Diebold responded to her publication of the memos by ordering her to remove them because they constituted intellectual property--an action that confirmed their origin and Diebold's clear intent to break the law by not fixing the problem. The author argues that Diebold's copyright claim is insupportable because of the legal violations demonstrated in the memos as well as the public concern about e-voting security. Harris points out that the vulnerability affects optical-scan systems as well as touch-screen machines. She further says that all e-voting machines share a lack of auditability, and cites a 2001 study from Caltech and MIT concluding that touch-screen voting is less accurate than punch-card voting. Harris reports that voting equipment manufacturers, the Election Center, and a lobbyist recently conferred to address the problems of convincing the public that non-auditable machines are a good idea--a mystifying course of action, in her opinion.
Click Here to View Full Article
- "'Smart Sofa' Aimed at Couch Potatoes"
CNN (09/23/03); Legon, Jeordan
Researchers at Dublin's Trinity College are working on a "smart sofa" that can so far only deliver personalized greetings to users via microchip sensors that identify whoever sits down by weight; however, scientist Mads Haahr believes the device will one day be able to automatically adjust room lighting and temperature or turn on appliances such as stereos or TVs, according to an individual's preferences. "The greater context is that you can build functionality into computers that allow them to be part of everyday objects and help us in ways that we won't even notice," Haahr explains. He adds that the research team hopes the technology finds use in the care of the handicapped and elderly. For instance, the smart sofa could conceivably alert staff in assisted-living facilities when patients with Alzheimer's have wandered off. The smart sofa is an extension of the move toward ubiquitous computing, in which minuscule microprocessors are incorporated into numerous objects and linked into networks. Finding a killer app to connect such devices and enhance users' lives without being overly intrusive is a formidable challenge. Ubiquitous computing researchers aim to migrate technology out of PCs and into mobile devices. University of Colorado at Boulder computer science professor Mike Mozer, who has equipped his house with sensors to automatically adjust heating and lighting, says that consumers need to perceive value in ubiquitous computing in order to ensure its success.
- "Researchers Develop a 'Smart' Payment Card That Can Easily Be Programmed to Restrict Spending"
Researchers at the University of Pennsylvania have developed technology that would turn credit cards into "smart" payment cards. The technology makes use of microchips built into credit cards, an on-card verification system, open application programming interfaces, and a commercial card-reader to enable consumers to determine, for example, how much they can spend each day or which establishments are off-limits for credit card use. "Banks and other card issuers have long been able to set general parameters, such as credit limit, but most have little interest in setting finer limits because the process is cumbersome and expensive to manage," says Penn computer scientist Carl A. Gunter. The Penn researchers created the open application programming interfaces that give the "smart" capability to credit cards. The technology would allow companies to better manage spending on corporate cards, and similarly, parents would be able to limit children's spending to certain establishments. Furthermore, credit card users gain an added level of security because they are able to program their credit cards. Gunter presented the technology at the recent European Conference on Object-Oriented Programming in Darmstadt, Germany.
Click Here to View Full Article
- "An Open-Source Search Engine Takes Shape"
TechNewsWorld (09/24/03); Hook, Brian R.
The Nutch open-source search engine uses a nonproprietary ranking formula to give users clear, unbiased query results, according to Nutch Organization President Doug Cutting, who believes that a transparent offering such as Nutch could benefit commercial search engines by restoring people's faith in the search-engine process. "If the quality of Nutch eventually gets to the point where it meets or exceeds that of Google, then Google could start using Nutch software," he adds. However, others think that Nutch's appeal is limited. Pixel Bridge senior technologist Brian Piccolo remarks that Yahoo! and Google are way ahead of Nutch in terms of mainstream market penetration, while Nutch cannot hope to match, much less rival, such competitors without major hardware and bandwidth investments. He predicts that the search engine's chief markets, at least for the near future, will be the technology and academic sectors. Piccolo is doubtful that Nutch will ultimately compete with Google. A much more likely outcome is the use of Nutch technology as the basis for a small group of commercial niche engines. Meanwhile, 10E20 President Chris Winfield notes that Nutch's primary advantage--the transparent ranking formula--could have unwanted results, such as spamming. Still, Winfield says, "Nutch will be an interesting one to watch. If Nutch can figure out a way to keep people honest and still be completely forthcoming with the formulas used for their results, that will be a site to behold."
- "Revenge of the Coders"
InfoWorld (09/22/03) Vol. 25, No. 37, P. 48; Biggs, Maggie
There is a movement among programmers away from sluggish, feature-heavy IDEs and toward flexible code editors as enterprises focus intensely on productivity. The rationale behind this transition is developers' desire to not be locked into a single environment, with the preferred solution allowing them to use the tools and strategies that maximize productivity, with the company benefiting from both efficient tools and satisfied coders. Programmers such as software developer Chris Rathman argue that most IDE editors have a profound lack of features, and there are many who feel that keyboard-driven code editors have an edge on mouse-driven IDEs. Many code-editing tools are open-source, which is especially appealing to enterprises that cannot afford to spend a lot of money to boost programmer productivity; modular, pluggable open-source tools also allow for easier customization and enable developers to directly tap into the collective know-how of other developers. The tools furnished by the code editor approach support multiple platforms and languages, as well as syntax highlighting, macro facilities, and other useful features. However, the instruments developers can use through a code-editing approach are just part of the equation; developers must also possess the skills needed to use the tools to their fullest. Though neophyte developers can train themselves on an IDE's extra features, junior-level programmers may have less difficulty learning programming basics through the use of a code editor. Sensible enterprises follow a strategy that exploits both IDE and modular code-editing benefits to build developmental schemes that yield solid results.
- "Ultra-Wideband: Multimedia Unplugged"
IEEE Spectrum (09/03); Stroh, Steve
Ultrawideband (UWB) technology has the potential to transform home media networking and facilitate the seamless interlinking of numerous devices, even though the FCC placed frequency limitations on UWB to quell concerns that it would interfere with the Global Positioning System and 802.11a local-area networks. UWB, which involves the transmission of very short pulses at low power, can support signals that are highly interference-resistant and that get through clearly in crowded and noisy radio environments. The weakness of the pulses prevents UWB systems from disrupting other wireless systems, keeps UWB signals in a short range (a definite plus for home media networking), and protects the signals from multipath interference. However, the FCC mandate has forced the IEEE 802.15.3a UWB task group to rethink their technical strategy. In June, a coalition of companies including Intel, Microsoft, and Hewlett-Packard formed the MultiBand OFDM Alliance to support a proposal from Intel and Texas Instruments to combine frequency hopping with orthogonal frequency-division multiplexing (OFDM). On the other hand, Partus-Cerva, XtremeSpectrum, and Motorola favor direct-sequence code-division multiple access technology, while Andreas Molisch of the Vienna University of Technology reports that Mitsubishi Electric devised a way to create a two-part spectrum that retains UWB's original pulse-train attributes. Next-generation security tools originally developed for IEEE 802.11 could be embedded in UWB, while Bluetooth's authentication mechanism could become a UWB component, perhaps in the form of an "authentication button" that allows two devices in a home media network to communicate with each other.
Click Here to View Full Article
- "5 Technologies That Will Change the World"
Fast Company (09/03) No. 74, P. 93; Kirsner, Scott
The Internet meltdown has not halted technological development, and five technologies--radio frequency identification (RFID) tags, 3D printing, biosimulation, self-aware computers, and distributed power generation--have the potential to dramatically change the world. RFID tags are used to keep track of items' location, usage, and functionality; they have been used in military operations to keep tabs on wounded soldiers, while ExxonMobil's SpeedPass system features smart tags to pinpoint the position of drivers. Smart tags are expected to revolutionize inventory management starting in 2005, when Wal-Mart's top 100 suppliers will affix them to every forklift pallet of products they send to the retailer. Product design and prototyping is changing thanks to 3D printing, which allows objects to be printed out layer by layer; the technology is also a fast, low-cost way to change designs on the fly. Biosimulation--the computer modeling of diseases and disease behavior--is being used to anticipate the performance of new drug candidates so that pharmaceutical companies will be less stung by product failures, and can accelerate the discovery of effective treatments. Distributed or decentralized power generation seeks to effect the transition from a mainframe-like power grid to one that resembles the Internet and is more easily upgradeable. This switchover involves the installation and wide distribution of smaller generating facilities in closer proximity to where power is being used, thus boosting reliability. Finally, self-aware or autonomic computing initiatives such as IBM's aim to make systems capable of configuring, maintaining, and upgrading themselves, as well as predicting and responding to problems; this will free up IT workers to focus on core enterprise projects, according to Alan Ganek of IBM's autonomic computing effort.