Association for Computing Machinery
Timely Topics for IT Professionals

About ACM TechNews

ACM TechNews is published every week on Monday, Wednesday, and Friday.


ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either AutoChoice Advisor or ACM. To send comments, please write to technews@hq.acm.org.
Volume 7, Issue 843:  September 19, 2005

  • "Hollywood Unites in the Battle to Wipe Out Movie Pirates"
    New York Times (09/19/05) P. C5; Halbfinger, David M.

    Frustrated with what they view as laziness or reluctance on the part of consumer electronics and information technologies industries to invest in anti-piracy technology, the six major Hollywood studios have partnered on a research laboratory designed to accelerate the development of new techniques to thwart film pirates. Motion Picture Laboratories (MovieLabs) will initially investigate methods to disrupt the recording of movies inside cinemas by camcorders; prevent home and personal digital networks from being hacked while allowing consumers to send content to multiple TVs without being overcharged; detect unauthorized content sharing on peer-to-peer networks; spot and impede illegal file transfers on campus and business networks; connect senders and receivers of films relayed over the Internet to geographic and political territories; watchdog the distribution of movies; and curb license agreement violations. The research "allows us to develop more ways of getting creative content into the home, to mobile devices, theaters and so forth, without exposing us to more sources of theft," says 20th Century Fox co-Chairman James Gianopulos. MovieLabs will receive over $30 million for its first two years of operation. The facility is modeled after CableLabs, the cable TV industry innovator. Like CableLabs, MovieLabs will work to reach industry-wide consensus on how to tackle problems, develop an approach in collaboration with manufacturers, concoct industry standards from specifications, and help manufacturers create and test prototypes.
    Click Here to View Full Article

  • "Now, Every Keystroke Can Betray You"
    Los Angeles Times (09/18/05) P. A1; Menn, Joseph

    Cybercriminals have begun to prey on online banking customers, using sophisticated software to record individual keystrokes and obtain passwords and PIN numbers. From June to July, the number of reported phishing attacks dropped, while the number of programs designed to steal passwords, known as crimeware, more than doubled. Though many consumers report that fears of cybercrime will lead them to modify their shopping habits, many banks encourage the use of online transactions because they entail far less cost than a visit to a branch. Crimeware can be installed inadvertently by opening an attachment or an advertising link, after which it can record all keystrokes or only those made at selected financial sites; the information is then relayed back to the hackers, who thus far have largely been using it to access accounts one at a time, though efforts at automating the process have recently emerged. One particularly malicious program, known as Grams, cuts out the step of relaying the information to the hacker and automatically cleans out the account once the information is recorded. In response, the FDIC has implored banks to investigate new security measures, though they respond with the fear that too much security could become a nuisance and cost them customers. As security measures become more sophisticated, criminals are keeping the pace, as efforts to select passwords with a mouse instead of using keystrokes have been met with programs that can take a picture of a computer screen to intercept the mouse clicks; some banks have even taken to calling customers when irregular activity is observed on their accounts. Liability remains a pressing issue, as the FDIC and many banks disagree on the extent to which consumers are covered in the event that their data are compromised.
    Click Here to View Full Article

  • "Google to Put Copyright Laws to the Test"
    Associated Press (09/18/05); Jesdanun, Anick

    Not all publishers are happy with Google's initiative to digitally scan massive libraries of books into a searchable Internet archive, out of concern that their bottom lines could suffer. Google has an arrangement with most major American and British publishers in which it scans any titles they submit, presents digital images of selected pages in response to search queries, and gives publishers a portion of revenues from accompanying ad displays; but publishers are refusing to submit many titles. Google launched the Print Library Project to scan obscure, out-of-print books that publishers have no claim to, while publishers reserve the right to ban the scanning of any library book whose copyright they own. The search company believes the project is protected under copyright law's "fair use" provisions, and lawyer Jonathan Band says the limitations Google has placed on the display and printing of works scanned from libraries strengthen Google's argument. Readers can view no more than five pages of publisher-submitted works at a time, and no more than 20 percent of an entire book via multiple searches; however, works in the public domain are fully accessible online. Many publishers are worried that Google's library project will encourage others to set up similar databases of copyrighted works that could negatively affect their revenues. Google has put the scanning of copyrighted books on hiatus until Nov. 1 so that publishers can compile lists of titles they do not want archived. Text and Academic Authors Association executive director Richard Hull thinks such a move places an unfair burden on publishers.
    Click Here to View Full Article

  • "Crave Privacy? New Tech Knocks Out Digital Cameras"
    CNet (09/19/05); Kanellos, Michael

    Photographers trying to take unauthorized pictures or video at presentations and other venues could find themselves thwarted by a system developed at the Georgia Institute of Technology. The prototype technology that Shwetak Patel and other Georgia Tech researchers devised can detect a digital camera from as far away as 33 feet via infrared scanning, and fire a targeted beam of light at the camera lens, resulting in a blurry image filled with glare. The device can sense a camera's presence and precisely localize the distorting beam when the emitted infrared bounces off the camera's highly retroreflective lens. The neutralizing light beams are sent out in a pattern that prevents the camera from compensating for the glare, and are also highly focused to keep distractions to a minimum. The technology can sense and block multiple cameras and affect cameras with either CMOS or CCD imagers. The prototype, which uses a digital projector for the neutralizing light source and a modified video camera, can only function indoors and cannot spot cameras in close proximity to the detector and at sharp angles, while filters and fast shutter speeds could also challenge its effectiveness. Patel thinks replacing the projector with a laser pointer and a pair of mirrors will make the system less expensive. The technology was detailed by the Georgia Tech group last week at the Seventh International Conference on Ubiquitous Computing.
    Click Here to View Full Article

  • "American Robots Face Spirited Competition Abroad"
    Pittsburgh Post-Gazette (09/19/05); Spice, Byron

    A six-member panel led by University of Southern California roboticist George Bekey summed up a two-year initiative from NASA, the National Science Foundation, and the National Institutes of Health to assess the state of robot technology around the world at an NSF workshop last week. Bekey acknowledged U.S. superiority in surgical, biological, and space robotics, while Asian robotics programs are yielding superior humanoid and caregiver machines. Such overseas efforts are characterized by a coordinated, long-term developmental strategy, which Matt Mason of Carnegie Mellon University's Robotics Institute said runs counter to the U.S. research community's culture of independent thought. Asian and European robotics research is more commercial-oriented, while American research has been chiefly fueled by the military; Bekey noted, however, that NASA and the Defense Advanced Research Projects Agency have scaled back R&D spending in recent years. He said major companies have avoided robotic technology investment out of concern for short-term returns, in contrast to the long view held by Asian firms. Bekey also pointed to the underfunding of U.S. startup firms stemming from the desire for faster profits. Mason cited the commercial applications of speech recognition and motion planning and simulation technology as examples of robotic technologies' "spectacular success," and argued that the panel's evaluation of the worldwide robotics field is too narrowly focused. The NSF workshop featured demonstrations of robots developed by U.S. groups, such as the six-legged RHex and the RiSE climbing machine.
    Click Here to View Full Article

  • "Researchers to Help Smart Radios Form Cognitive Networks"
    Virginia Tech News (09/19/05)

    The National Science Foundation has awarded Virginia Tech's Center for Wireless Telecommunications (CWT) a three-year grant to further its cognitive radio effort to the point where the radios can share a distributed knowledge base for individual and collective reasoning and learning. The grant comes under the aegis of the NSF's NetS Programmable Wireless Information Networks Program. CWT director and electrical and computer engineering professor Charles Bostian describes cognitive radios as "similar to living creatures in that they are aware of their surroundings and understand their own and their user's capabilities and the governing social constraints." He says the first step is to train the radios to form into networks by seeking others of their own kind and recognizing their environment, and then teach the different cognitive radios to interact. The first large-scale tests of cognition will be carried out by the CWT team in a wireless network setting, and are expected to determine whether cognitive methods can permit "Wi-Fi like" services in previously unusable TV spectrums, among other things. Bostian says the experiments will involve fully implementing a cognitive engine in any wireless network, deploying cognitive engines within the GNU radio, and practically evaluating cognitive wireless networks' advantages in terms of performance.
    Click Here to View Full Article

  • "Camera Phones Will Be High-Precision Scanners"
    New Scientist (09/14/05); Graham-Rowe, Duncan

    Camera phones can capture and digitize small amounts of text from printed documents using limited optical character recognition software, but new software from NEC and the Nara Institute of Science and Technology (NAIST) in Japan can allow whole documents to be captured by stitching together dozens of still images of the page being scanned. The software can also correct distortions caused by the page's curvature. "The goal of our research is to enable mobile phones to be used as portable faxes or scanners that can be used any time," NEC says. Andrew Yates, intellectual property advisor to England's Periodical Publisher's Association, is concerned the new software will provoke howls of protest from publishers by enabling users to copy documents without purchasing them. NEC claims the software is designed to avoid copyright conflicts by triggering an alarm when it is used. Both NEC and NAIST say commercialization of the software is three years away.
    Click Here to View Full Article

  • "Internet Oversight Board OKs New Domains"
    Associated Press (09/16/05); Jesdanun, Anick

    ICANN has approved the ".cat" Web domain for people and organizations promoting the Catalan language and culture. Also in a recent teleconference, the ICANN board once again delayed its decision on whether to approve the much more controversial ".xxx" domain for Web sites with adult or pornographic content. The ICANN board's request for changes to a contract with proposed .xxx manager ICM Registry marks the second time in as many months that the organization has deferred its ruling on the domain. Conservative groups and some pornography Web site managers have expressed opposition to the creation of a separate domain for adult sites. While supporters say the domain would make the porn industry comply with anti-spamming and other rules, critics charge that the domain would legitimize pornographic material on the Internet and make it more accessible. Some porn sites have also argued that the domain could pave the way for censorship and more government control of adult content on the Web. In addition to the decisions regarding the ".cat" and ".xxx" domains, the ICANN board was also supposed to consider approving a proposed ".asia" domain, but no action was taken on the matter.
    Click Here to View Full Article

  • "How Does a Technology Improve?"
    Knowledge@Emory (09/21/05)

    Some researchers are challenging the long-established S-curve theory that holds that successful technologies begin their life cycles less effectively than the competition, but eventually intersect with them before eclipsing them entirely; at that point, the theory holds that the technology has matured and has little room for further improvement. The notion that managers should then abandon the technology in favor of something new is faulty, according to Ashish Sood, an assistant professor of marketing at Emory University. Sood contends that S-curve theory has become so entrenched that few people even question it, despite the absence of any solid evidence supporting it. Sood and fellow researcher Gerard Tellis, a professor of marketing at the University of Southern California, collected information on the development of 23 individual technologies and found that between 80 percent and 90 percent did not follow the S-curve; many new technologies initially outperformed the competition, while some older technologies continued to improve even after they reached the point of maturity. Technologies such as optical and magnetic memory bucked the trend, and followed an irregular pattern of alternating popularity. Sood and Tellis write that "using the S-curve to predict the performance of a technology is quite risky and may be misleading." Many existing technologies could improve if managers abandon the S-curve theory and reevaluate the way they apportion research funding. Many of his colleagues have been resistant to Sood's findings, however, arguing that he is not replacing the theory with anything measurable; Sood counters that technology is inherently unpredictable, and the simple fact that a technology has supposedly matured is not a legitimate reason to abandon its further development.
    Click Here to View Full Article

  • "Computer Science Majors Find Jobs Easily"
    El Paso Times (TX) (09/16/05); Flynn, Ken

    College students in the El Paso-Las Cruces area came out for a free seminar involving IBM executives to learn more about the opportunities available to them in pursuing a career in information technology. "Hundreds of thousands of high-tech jobs in the United States go unfulfilled because of the lack of qualified computer science graduates," said IBM's Mark Hanny. Hanny participated in the seminar at the University of Texas El Paso, along with Irene Hernandez Roberts of Austin IBM, as part of a series to get Hispanics and women more interested in the IT industry. Ann Gates, director of the UTEP Computer Science Department, said too many students believe the computer science field is for geeks who enjoy sitting alone in front of a computer all day. "Computer science majors are all over the world, as well as in the local business community, coming up with innovative ideas and applying them to solve problems," she said. UTEP launched a computer science doctoral program this fall, but Gates said the number of computer science majors has reached a 10-year low because of the poor image people have of tech jobs.
    Click Here to View Full Article

  • "What Would a Grid Domain Name System Look Like?"
    InfoWorld (09/14/05); Nawrocki, Greg

    The Corporation for National Research Initiatives (CRNI) is developing a handle system for grids that would provide attribute services and function as an infrastructure and root service. Based on a domain name system model, the handle system would globally resolve resource names. By facilitating user-management of bindings, access rights are administered on an individual level. A centralized root system is especially important in light of the development of extra-grids, where distributed policy mandates and resource discovery questions are especially pertinent. David Holtzman, the former CTO of Network Solutions, believes a grid handle system is the next phase of the grid's natural development as the number of domain names continues to swell exponentially. "Having the inventory of resources consolidated in a central broker seems like a logical step to solving the issues," says Holtzman. In addition, he emphasizes the importance of approaching grid on a framework level, rather than by addressing each of its individual components. The handle system also empowers low-level management to employ the technology without having to arrive at an organization-wide consensus. The handle system project aims to incorporate a Web services interface to augment conventional interfaces, such as SAML attribute and XKMS queries, as well as basic name/value resolutions.
    Click Here to View Full Article

  • "Silicon Insider: Sweet Music From a Simple Theory"
    ABC News (09/15/05); Malone, Michael S.

    Scientist and entrepreneur Stephen Wolfram postulates that incredibly complex structures can be randomly generated from very simple items and equally simple rules when they are run innumerable times on a computer. This theory, based on the field of cellular automata, underlies what Wolfram identified as a previously hidden order to the universe in his book, "A New Kind of Science." Although his theory has caused barely a ripple in the scientific world, Wolfram has applied it to a random music generator, WolframTones. A person accesses the WolframTones Web page, and chooses a style of music. The user can also adjust the music's pitch, the instrument selection, and the time signature. The computer then automatically generates musical notes using a small number of simple rules, which work in conjunction with segments of mosaic pyramids Wolfram created by cellular automata. The resulting tunes are random yet structured at the same time. Wolfram hopes WolframTones will fuel interest in his theory.
    Click Here to View Full Article

  • "Monitoring, Policing and Trust for Grid-Based Virtual Organizations"
    University of Southampton (ECS) (09/15/05); Patel, Jigar; Teacy, W.T. Luke; Jennings, Nicholas R.

    Developing an infrastructure that enables the automatic creation and management of an agile and resilient virtual organization (VO) in a grid environment is the goal of the Grid-enabled Constraint-Oriented Negotiation in an Open Information Services Environment (CONOISE-G) project. The effort is designed to supply mechanisms to guarantee the effective function of agent-based VOs in open, dynamic, and competitive settings inhabited by disruptive and potentially malign entities. In the researchers' implemented system prototype, VO formation is founded on the core technologies of agent decision-making, auctions for contract allocations, and service discovery that incorporates quality of service (QoS) evaluation. Ensuring that the VO can encourage good interactions and effectively deal with bad ones involves the monitoring of QoS levels, the minimization of uncertainty in participant behavior, and the setup of mechanisms for identifying and addressing breaches in contract once they have occurred. CONOISE-G uses a trust and reputation model for agent-based VOs (TRAVOS) that provides a trust metric representing the level of trust in an agent; it also mirrors an individual's confidence in its level of trust for another agent, and does not automatically accept the opinions of others as accurate or experientially-based. This last function is facilitated by an exogenous solution in which a reputation provider is assessed according to the perceived accuracy of its past opinions. CONOISE-G's QoS monitoring component assigns the QoS Consultant the task of recording and amassing QoS data, monitoring QoS levels, and notifying the VO Manager of any anticipated declines in QoS. The third central element of CONOISE-G is a policing system designed to respond to reported exceptional circumstances, and based on computational models of legal reasoning and argumentation.
    Click Here to View Full Article

  • "The Broadband Explosion: Thinking About a Truly Interactive World"
    HBS Working Knowledge (09/05); Grant, Sara

    Although the long-anticipated promise that technology will be able to replicate face-to-face human interaction has thus far been elusive, the emergence of broadband figures to make that dream a reality, according to professors Robert Austin and Stephen Bradley in their new book, "The Broadband Explosion." Interactive media and communication tools abound, though none have been able to simulate the real-time interaction of personal contact. As broadband consolidates its hold on the future of communications, there is considerable debate about what, if any, role government and other regulatory bodies should play in its development: The United States has taken a laissez faire approach to broadband development that encourages competition but leaves the specifics to be determined by the forces of the market, while some foreign governments are playing a more active role in creating broadband infrastructure. This has some concerned that the United States will fall behind, as it does not rank in the top 10 in the measure of broadband deployment. Once broadband reaches a certain speed that can be obtained consistently and easily, the business model will have to change to find new measures of value. Just as no one could have predicted the sweeping impact of computers in the early years of their development, broadband is likely to usher in a host of unforeseen applications as the technology matures. As broadband begins to bring interaction closer to real time, innovation is likely to be one of the prime beneficiaries, as it will foster the sharing of ideas in a collaborative environment. It is also possible that communication will be able to take on a human dimension, as factors such as emotion creep into broadband-enabled interactions.
    Click Here to View Full Article

  • "Cyber Pork: DHS Progress Proves Elusive"
    eWeek (09/12/05) Vol. 22, No. 36, P. 24; Carlson, Caron; Roberts, Paul F.

    None of the Department of Homeland Security's stated cybersecurity responsibilities have been addressed by its Information Analysis and Infrastructure Protection (IAIP) Directorate, according to the Government Accountability Office, despite a 2004-2005 budget of nearly $2 billion. Reasons cited for this lack of progress include organizational instability, a political de-emphasis on cybersecurity funding, unwieldy procurement and hiring procedures, and uncertainty among potential private-sector partners that they will benefit. In addition, the DHS is susceptible to the influence of legislators whose agendas are often shaped by special interests; for example, SANS Institute director Alan Paller says the DHS has been dissuaded from pressuring software vendors to improve the security of their products largely thanks to the lobbying efforts of ISPs and software providers. A restructuring announced by DHS Secretary Michael Chertoff in July includes the dissolution of the IAIP directorate and the creation of an assistant secretary for cybersecurity and telecommunications, who has yet to be appointed. Nevertheless, some people say the DHS has performed admirably, given the challenges it faces. Chairman of U.S.-CERT Howard Schmidt lauds the agency for facilitating dialogue with information sharing and analysis centers and private-sector industry groups, while Savvis Communications chief security officer Bill Hancock cites DHS' effectiveness in cultivating engagement between different government agencies. Andy Purdy, acting director of the National Cyber Security Division (NCSD), reports that his division has made progress in the construction of a National Cyberspace Security Response System and the deployment of a cyber-risk management program for critical infrastructure. Yet he admits there are few readily available, quantifiable results in terms of cybersecurity progress.
    Click Here to View Full Article

  • "IT Workers: You Can't Always Guess What They Want"
    Computerworld (09/12/05) P. 52; Horowitz, Alan S.

    Fulfilling IT staffers' needs is the secret to high productivity and low turnover, but there is often a disconnect between what IT managers think workers want and what they actually want. This is critical in view of the apparent resurgence of turnover as a result of retiring baby boomers, a decline in computer science majors graduating from U.S. universities, and more overseas opportunities that encourage foreign-born IT talent to stay at home. Many experts say it is folly to assume that money is the chief desire of IT employees: More important to workers is the feeling that they are making a meaningful contribution to the company, a feeling reinforced by recognition and appreciation for their efforts. Other documented wants of IT professionals include job security; access to new technologies; reasonable and less stressful work schedules; and more appreciation from business customers. Managers have a responsibility to ensure that IT's contributions are esteemed and to relay such recognition to employees. Humana CTO Brian LeClaire places IT workers in several distinct categories in terms of motivation: Some employees enjoy their usually technology-centric work as it is and wish to continue in that vein, while some prefer new challenges and projects. Still others want to advance their careers and move into management, a common desire among increasing numbers of IT workers. The best strategy for determining what IT workers want is simply to ask them. Such needs can be extracted through performance reviews, formal surveys, "town hall" meetings, and other programs.
    Click Here to View Full Article

  • "Building SOA Your Way"
    InfoWorld (09/12/05) Vol. 27, No. 37, P. 20; Udell, Jon

    A service-oriented architecture (SOA) must boast scalability for future demands while simultaneously meeting immediate business needs, a deft balancing act given the maze of Web services standards, collectively known as the WS-* stack, that architects and developers must negotiate. A unifying conceptual framework is needed in order to make the Web services stack more manageable. RouteOne technology director T.N. Subramaniam thinks the Java Business Integration initiative could provide such an infrastructure, while Furrukh Khan with Ohio State University Medical Center sees Microsoft's Indigo suite of Web service protocols as a toolkit for subduing the complexity of the WS-* stack. OASIS CEO Patrick Gannon cites blueprints and reference models published by his standards body designed to show architects how the numerous WS-* specifications integrate to address particular problems. Architects and developers who do not require advanced WS-* at the moment typically concentrate on fundamental standards such as SOAP and WSDL. This is because toolkits and frameworks can entail proprietary abstraction lock-in even when wire protocols are standard and open. Ultimately, enterprises must decide for themselves what WS-* specs are appropriate.
    Click Here to View Full Article

  • "Packing More Electronics Into Cars"
    NE Asia Online (09/05); Kariatsumari, Koji

    Car manufacturers are accelerating their efforts to enhance vehicles with new electronics to accommodate environmental regulations, safety standards, and comfort issues. Legislation and political pressure in the United States and elsewhere to reduce CO2 emissions will likely increase the appeal of fuel-efficient hybrids and electric cars among consumers, forcing manufacturers to position themselves for widespread adoption. Electricity storage systems used in such vehicles are likely to be a source of major activity by the end of the decade as Li-ion rechargeable batteries, electrical double-layer capacitors, and other products join NiMH rechargeable batteries; however, cost represents the biggest obstacle to the adoption of these various technologies. Automobile makers are starting to develop safety enhancement systems for high-end vehicles that use cameras and radar to monitor road conditions and avoid accidents, while systems geared toward preserving vehicle stability are being commercialized. Transferring this technology to lower-priced vehicles is a major issue, and central to this problem is how sensor costs can be sufficiently lowered. A major escalation in software development is expected, but CATS Co.'s Masahiko Watanabe warns that traditional development techniques will have limited application. "Once the development of software design to prevent accidents and heighten safety through autonomous control gets rolling, the amount of simulation time required for verification will be staggering, and it will be extremely difficult to fulfill the requirements," he notes. Static verification is one possible solution.
    Click Here to View Full Article

  • "False Protection"
    Software Development (09/05) Vol. 13, No. 9, P. 34; O'Connell, Laurie

    The software designed to bolster enterprise systems against malware and other cyberthreats has itself become a ripe target for hackers, and analysts such as Cigital CTO and author Gary McGraw say security software providers' failure to be software security practitioners is chiefly to blame. "Vendors have to engineer security into the development application lifecycle, get developers to have core responsibility, and give them the tools to do it," says Yankee Group analyst Andrew Jaquith. He suggests that security software developers perform design reviews early and regularly; run nightly regression tests and frequent code base reviews; maintain focus on privilege levels and authorization management; study component authentication; unearth buffer overflows; and conduct checkpoint reviews with security-savvy personnel. Jaquith also recommends that developers test for functions the application is not supposed to carry out. Furthermore, he advises developers to base their choice of vendor or software security system on hard evidence of best practices and an exhaustive technique for spotting and fixing problems encountered by staff, clients, or third parties. Another way to boost security is to fortify the patching infrastructure and analyze security products' auto-update components. An organization's general security can also be shored up by deploying a diverse assortment of anti-virus products from multiple vendors, as well as multisourced solutions from varying code bases.
    Click Here to View Full Article