Lobbyists, elected representatives, business leaders, and security experts are worried that the White House has lost focus on the implementation of its National Strategy to Secure Cyberspace, and plan to use the National Cyber Security Summit on Dec. 3 to spur the Bush administration to take a more proactive stance. The national cybersecurity initiative has been plagued by a lack of forward momentum and the resignations of two cybersecurity czars--Richard Clarke, who left two weeks before the strategy was adopted by President Bush, and Howard Schmidt, who departed just two months after his appointment. Their responsibilities now reside in the Department of Homeland Security's National Cyber Security Division, whose director, former Symantec executive Amit Yoran, has only been in office since mid-September. Yoran calls the National Cyber Security Summit "a call to action" that will inform the public that his division is up and running, and initiate dialogue between both industry and government and security technology users and academic experts. Greg Garcia of the Information Technology Association of America says that five industry-backed task forces will present several recommendations at the summit, including making computer users more aware of the need to regularly update their software and deploy security measures; establishing best corporate and business cybersecurity practices; lowering the number of computer vulnerabilities; and setting up a national cybersecurity response system. Among those expected to attend the summit are Homeland Security chief Tom Ridge and Homeland Security Department assistant secretary of infrastructure protection Robert Liscouski. "Our goal has been to really encourage the senior people in the department to make sure a high priority is given to this aspect of security," says TechNet CEO Rick White.
Click Here to View Full Article

Last week's vote by the European Commission's Competitiveness Council on the European Union's controversial draft Directive on Computer Implemented Inventions has been postponed until April 2004 due to the lobbying efforts of European mobile phone makers and multinational technology firms. An earlier version of the directive, which was drafted to reconcile Europe's patent system based on best practices, was amended after critics, including software developers and computer scientists, complained that the ambiguity of its wording permitted the legitimization of software patents, and opened the door to a patent system controlled by corporate monopolies, as in the United States. However, the CEOs of Alcatel, Siemens, Nokia, Ericsson, and Philips sent a letter to the European Commission in November objecting to these amendments because they would "send a message to the rest of the world that one of the legal cornerstones necessary for attaining a viable European Information Society is unstable, unpredictable, and unreliable." The Foundation for a Free Information Infrastructure countered that economists had already invalidated the companies' contentions, and that a draft of the directive supported by the European Information, Communications, and Consumer Electronics Technology Industry Association allows companies' patent departments to expand their stockpiles at the expense of innovation. The Commission announced the possibility of removing the directive from consideration due to the amendments. A representative of the French government said it would call for a delay in order to hold further consultations.
Click Here to View Full Article

Despite the current shortage of available and lucrative IT positions, many people inside and outside the IT industry believe the job market is poised for a resurgence, a hope that appears to be borne out by statistical data. A 7.2 percent quarterly increase in gross domestic product and a three-year low in jobless claims are helping boost optimistic forecasts of an economic recovery. A poll of around 300 corporations, recruiters, and staffing firms conducted by the Dice.com online IT job board finds that 72 percent of respondents intend to boost their hiring initiatives over the next six months, with 88 percent seeking experienced, hands-on tech workers; nearly 50 percent of respondents are hiring more than they were 12 months ago. Dice also reports a 6 percent increase in available IT positions over last year, as of October 2003. "With a majority of our customers planning to increase their recruiting over the next six months, and with job postings on Dice.com increasing by more than 40 percent since the beginning of the year, we believe technology hiring has turned a corner," enthuses Dice CEO Scot Melland. Remington International's Deidre Kashou anticipates that the IT job market will return to 2000 or 2001 levels given time, and notes that employers are particularly interested in job candidates willing to make a long-term commitment. She says job applicants with a minimum of five years' experience in their chosen field and familiarity with IT business applications stand a better chance of being considered prime candidates than those with less than two years' experience. Jobstor.com President Jamie Maitlin recommends that IT job seekers submit professionally written resumes, which can be a deciding factor in recruiters' ultimate choice.
Click Here to View Full Article

Privacy concerns could hamper the growth of radio frequency identification (RFID) technology in the retail market, warn experts at MIT's RFID Privacy Workshop. Consumer advocacy groups such as Customers Against Supermarket Privacy Invasion and Numbering (Caspian) say RFID could be the basis of a new surveillance society, and that consumer buying histories would inevitably end up in the hands of criminals, marketers, or law enforcement agencies. The debate has heightened since a Chicago Sun-Times report earlier in November said that RFID technology was being tested in an Oklahoma Wal-Mart, where sales of Max Factor Lipfinity lipstick were tracked and shoppers observed via Web cam; Wal-Mart and Procter & Gamble were criticized severely for conducting the test without consumer notice, but they claim the test was only to see if RFID could be used to make sure products were placed correctly. Conceivably, RFID tags would allow retail stores to identify individual items, not just their type, as they move through the store and even in people's homes. Retailers insist they have no such plans, and RFID proponents offer several technical solutions, including a kill command that would disable the tag after it is scanned, and hanging the tags visibly so that consumers can remove them after purchase. Removing or disabling the tags would, however, make RFID useless against fraud at the time of product return or exchange, a major concern for retailers. Other proposed technical solutions involve cryptography, sophisticated RF protocols, and the incorporation of physical distance in a tiered authentication structure. Bar code technology developer and ePC Group co-founder Pete Abell says many of the concerns of privacy advocates are unfounded and that benefits of RFID include better protection against infected meat products and counterfeit pharmaceuticals. Allied Business Intelligence research director Edward Rerisi says RFID will be used mostly in distribution and not actually affect the consumer for the first few years.
Click Here to View Full Article

Major technology companies, working under the aegis of the Organization for Internet Security (OIS), are formalizing rules to determine the best time for hackers and researchers to publicly disclose software bugs so that vendors should not have to worry about malicious parties exploiting these vulnerabilities. The guidelines outline what someone should and should not do after discovering a software security hole, as well as how the software's authors should respond. According to the plan, a hacker who finds a bug must report it to the software maker and give the company time to study the flaw and develop a patch; it is recommended that the software maker keep the hacker apprised of its progress. Around a month is the prescribed time a software maker should have to devise a patch, while the hacker ought to wait another month before publicly disclosing the patch. The OIS advises hackers never to broadcast details of the vulnerability if a patch cannot be developed. Few hackers who work for tech companies or on their own are fans of the guidelines: Many contend that software firms would lie about their failure to build a patch just to prevent flaws from being exposed, while experts are concerned that patches will be reverse-engineered by talented virus writers so they can learn the holes they are designed to fix and develop malware to take advantage of them. The major tech companies feel they must take some kind of action, especially with pressure building for Congress to pass legislation making them liable for shoddy software. Some hackers are trying to mobilize into a trade group to fight the OIS guidelines, which PivX Solutions researcher Thor Larholm claims would endanger the livelihood of hackers who are paid to discover and help repair software bugs.
Click Here to View Full Article
(Access to this site is free; however, first-time visitors must register.)

Amit Yoran, who was recently appointed director of the National Cyber Security Division of the Information Analysis and Infrastructure Protection Directorate at the Department of Homeland Security, plans to bolster the security of the United States and its cyberinfrastructure during his tenure. He believes that cyberterrorism is something people must always be aware of, and sees little difference between safeguards used to thwart cyberterrorists and those used to shield against other threats. Yoran advocates a two-pronged strategy to combat outbreaks of worms and viruses such as Code Red, Slammer, and Nimda. The first part of the approach involves implementing long-term projects such as the improvement of software engineering and the invention of better software development processes, and the second part is the pursuit of short-term objectives such as boosting cybersecurity awareness, and improving the national response system and coordination with critical infrastructures. Yoran says the key players in this effort--critical infrastructure owners, software developers, and the system operators--can receive government advice, guidance, and aid through a secure communications infrastructure. Although Yoran says the level of security called for by the National Strategy to Secure Cyberspace has yet to be reached, he has been encouraged by what he has seen in his first month in office, as well as the private sector's enthusiasm to contribute to the cybersecurity effort. He notes that the National Strategy cannot succeed without coordinated public-private collaboration. How the country can better deal with future cyberattacks will be the focus of a talk Yoran will give in Silicon Valley this week.
Click Here to View Full Article

A new algorithm was recently discovered by Idaho State University researchers Vitit Kantabutra, Elena Zheleva, Angela Hillier, Batsukh Tsendajv, and Steven Miller that can train artificial neural networks quickly and reliably without getting stuck. Kantabutra says such networks are employed for voice, handwriting, and image recognition, while industry is especially interested in the technology for its character recognition applications. "[The neural network] learns based on what's shown to do and can approximate any function," Kantabutra explains. These networks must be put through a series of training exercises in which various concepts are repeatedly shown to them until they can identify the real answer, but Kantabutra notes that different situations might cause neural networks to sustain a cycle without halting training. "The most important of these problems is that these networks have to be trained to learn to solve the problems they are meant to solve, much like humans and animals have to be trained to solve problems," he reports. Training algorithms are frequently sluggish and can become stuck indefinitely. Kantabutra says his team discovered the faster, more reliable training algorithm by concentrating on three unique problems: The first two were technical and benchmark problems or common problems employed to gauge the training of an algorithm, while the third focused on character recognition with the numbers zero through nine. Kantabutra hopes the breakthrough can be applied to another category of procedures for other neural networks.
Click Here to View Full Article

MIT Media Lab Europe's Habitat project includes equipping kitchen tables with radio frequency identification (RFID) tag readers, projectors, and computers to establish a two-way, Internet-enabled communications system in which people separated by distance can maintain a feeling of connectedness. Habitat researcher Dipak Patel says the environment was designed as a less intrusive method to remotely connect people than telephones, which he terms an "interrupting technology." Cups, saucers, and other objects outfitted with RFID tags are picked up by the table's reader, while its Linux or Macintosh computer operates the projector, which displays an image of the tagged objects sent over the Internet. The objects grow in size and definition the longer they remain on the table, and fade away as they are removed. The presence of such objects can help participants gauge each other's activities and even emotional states over the course of a day: For instance, the projected image of a book on a table could indicate that a person is relaxing, while the presence of a pack of cigarettes could be sign of stress. "We hope that...couples will develop their own symbolic language using the objects, knowing that the images represent subtler messages," Patel states. Habitat was created under the auspices of the Media Lab's Human Connectedness research group, which intends to embed RFID tag readers into other kinds of furniture and will shortly link together a table at Media Lab Europe in Dublin, Ireland, with a table at a British Telecom facility in England.
Click Here to View Full Article

The United States' leadership in science and innovation is eroding, according to findings from the National Science Board, which recommends that the government devote more funding to the training of science and math teachers and sponsorship of college students, while bringing more minorities--women, Latinos, Indians, and blacks especially--into technical fields. "We believe that competition will heighten, and we will no longer be able to rely on the foreign-born to fill the gap and fill our needs," states Corning CTO Joseph A. Miller Jr., who oversaw the task force that furnished the report. Though the growth of available science and engineering jobs is expected to outpace that of other occupations by a factor of three, the percentage of American students training for those positions has flattened or even dropped, the task force concludes. Furthermore, between 2001 and 2002, the number of H-1B visas issued to foreign science, engineering, and technology professionals declined by more than 50 percent. The report indicates that 13 nations--Canada, Japan, and several European countries among them--are churning out more science, engineering, or technology college graduates than the United States. University of California-Santa Cruz chancellor M.R.C. Greenwood says American companies have begun to offshore research and development operations "not just because labor costs less, but because these countries are beginning to produce an international brain trust which is beginning to rival the United States." Finding more domestic science and engineering professionals in underrepresented minorities will be critical, as the ranks of college graduates in these minorities will swell dramatically over the next 30 years. The science board report says the United States should not scale back its efforts to lure talented students and researchers from overseas, though George Castro of San Jose University notes that this will intensify the competition U.S. science and engineering graduates will face.
Click Here to View Full Article

A paper authored by Intel researchers and published in last month's Proceedings of the IEEE theorizes that transistor shrinkage will reach its limit by 2021, which means that chipmakers will have to devise alternate methods to build more powerful and cheaper semiconductors. In other words, Moore's Law--the axiom that the number of transistors on a chip doubles every two years--will hit a wall within two decades. This issue will be a topic for discussion in Taiwan this week, when the International Technology Roadmap for Semiconductors is disclosed. Conservative estimates expect chips to be fabricated on the 16-nanometer manufacturing process by 2018 or 2019, which means the length of the transistor gate will be about 5 nm. Gate length under 5 nm leads to electron tunneling, which impacts the semiconductor's reliability as a source of basic data. The limits of Moore's Law have been forecast before by researchers, but their predictions were based on the continuing use of existing semiconductor materials, when in fact such materials are frequently modified and replaced. "The beauty of our paper is that it is independent of materials," states Intel fellow Paolo Gargini, who theorizes that a 4-nm gate length threshold could be reached, but only with increased energy consumption. Diffusing this heat with cooling systems does not prevent chips from overheating, since they require independent, heat-generating power sources. The paper suggests several alternate chip designs--some of them theoretical--as possibilities, including increasing the size of the chips, using carbon nanotubes and silicon nanowires, and recycling electrons.
Click Here to View Full Article

For five semesters, Cornell University professor David Schwartz has been teaching an experimental interdisciplinary course in game design as part of his Computer Game Design Initiative, whose overall goal is to spark interest in science and technology among high school and elementary school students through their love of gaming. The two-part course brings in computer science, art, music, English, and engineering students who first study the game industry and gaming's social aspects, and then design and build their own games using their particular skills. Schwartz says the interdisciplinary approach is key to game design: Physics knowledge, for example, is needed to give objects in games realistic movement, while storytelling skills are also important. The professor notes that the course can help prepare students for careers in the multi-billion-dollar gaming industry, and proposes to offer the class as a "real" course starting in the summer of 2004 and continuing in the fall. A Dec. 10 open house on the Cornell campus will offer various computer games and game technology--including multi-player, arcade-style, and strategy-style games--for public perusal and use. Schwartz eventually plans to extend game design instruction to local public schools by sending out teams of his students. He also intends to arouse interest in science and technology among female students through the Computer Game Design Initiative. Schwartz says research demonstrates that girls become disenchanted with computers somewhere around the fourth grade, and the violence and gunplay typical of many computer games may be a major factor in this trend. "We'll find women students who'd be interested in paying jobs to teach game design, and have them work with teams of young girls," he says.
Click Here to View Full Article

Bluetooth is inside about 1 million consumer electronics devices shipped each week, but only a small number of people seem to know what the wireless technology is or what it can do. Bluetooth special interest group executive director Mike McCamon estimates that only three out of every 10 people who buy a Bluetooth-enabled device actually make use of that capability. Gartner analyst Nigel Deighton says the proliferation of Bluetooth is due to the technology's close links with the mobile phone industry, which ships some 1.25 billion units each year. Deighton says user education is key, and that a project last year called Five Minutes out of the Box was a good start, focusing on making Bluetooth easy to use. Laws requiring hands-free mobile phone units for car drivers could spur increased use of Bluetooth, estimates Deighton. Meanwhile, British Telecommunications (BT) has introduced its Blue Phone application that allows mobile phone users with Bluetooth to wirelessly connect with nearby phone jacks, such as at their home or office; mobile phone users would be able to save their airtime minutes and BT, which spun off its mobile phone unit years ago, will give users a reason to keep their landlines. There are a number of other wireless technologies that Deighton says are either successors to Bluetooth or compatible, but not threats: These include the long-range Wi-Fi standard, a still-developing ZigBee standard intended for low-power and low-speed applications such as remote controls, and Ultrawideband, which transfers data at about twice the speed of Bluetooth and could be used for multimedia applications. In the future, people will have a number of seamless wireless connections forming what Deighton calls a wireless personal area network.
Click Here to View Full Article
(Access to this article is available to paid subscribers only.)

A next-generation Internet is being developed by the Internet2 consortium as an antidote for the slowdown of information flow between universities caused by the deluge of commercial traffic online. Some 70 corporations and around 40 organizations and federal agencies--the National Science Foundation among them--are collaborating with the consortium's 204 U.S. colleges to make Internet2 a reality. Internet2 innovations already in use include the remote, computer-controlled operation of telescopes in Chile and Hawaii; collaborative videoconferencing systems that support high-definition-TV-quality images; data-mining programs that can be conducted across great distances; and the upgrade of the Abilene computer network to a data transfer rate of 10 Gbps, which is about 10,000 times faster than average computer networks' data transfer speeds. Internet2 is pursuing computer and Internet breakthroughs that could be used by consumers in the future, such as improved security and faster connection speeds. "Our value proposition is that what we discover can be used by our corporate members, who can then transfer that technology to the public sector," states Michigan State University professor Doug Van Houweling, who also serves as Internet2 President and CEO. He says Internet2 is not designed as a replacement for the Internet, but as an upgrade. Participating universities contribute $60 million annually to the consortium, while corporations donate $20 million; additional funding comes from government grants. The last annual Internet2 meeting in October was centered around high-performance computer network infrastructures.
Click Here to View Full Article

The upcoming World Summit on the Information Society will involve 6,000 delegates and a number of issues, including the contentious one of Internet governance. Many nations would prefer ICANN to turn over administration of the domain name system to all governments, while critics of this idea say that decentralization and self-regulation are better. Governments are already involved at the national level, according to one study, which found that almost every respondent manages, keeps direct control, or is considering formalizing its relationship with its country-code top-level domain. At the national level, domain names are usually administered by commercial companies, public institutions, academic institutions and individuals, or nonprofit entities. Nations with public ccTLDs kept the public interest as a top priority, but more commercialization meant more importance placed on domain name registration totals. The real debate at the summit will concern how governments should be involved in Internet governance.
Click Here to View Full Article

A lot of fear is circulating that viruses and worms could be used by terrorists to threaten entire societies with destruction and anarchy, but fewer than 1 percent of recent cyberattacks originated from terrorist-sympathetic nations, and the majority were conducted by hackers within the United States. Hackers are more likely to be money-hungry thieves or techno-savvy adolescents hoping to disrupt networks to satisfy their egos than terrorists; network security expert Bruce Schneier also notes that terrorists face greater difficulties than seasoned hackers in penetrating computer systems, while physical attacks remain a more effective technique of hurting people than disrupting networks. The Internet must become more trustworthy in order to reach its full potential, but the growing frequency, intensity, and speed of cyberattacks, along with hackers' increasing use of self-propagating worms, is eroding Net security--and this threat will only escalate as users move from dial-up access to broadband and connect even more devices to the Internet. Nor is cybercrime limited to worms and viruses: Brand spoofs, counterfeit Web pages, and "phishing" are just a few of the fraudulent practices running rampant online. Though cybersecurity measures such as firewalls, intrusion-detection systems, and anti-virus software are effective to a degree, experts such as Stanford University professor Lawrence Lessig contend that legislators need to pressure companies to make their software more secure. Former @Stake executive Dan Geer blames most of the Internet's security problems on Microsoft's operating system monoculture, and adds that the complexity of the software only makes it harder for users to secure their systems. Schneier says that software vendors must be made accountable for insecure products, which sets up an economic incentive to fortify their software against cyberattacks. Another strategy calls for Internet users to become better versed in good security practices while making it easier to trace online criminals, a development that will require a reduction of online anonymity.
Click Here to View Full Article

Oscar-winning special-effects maestro Stan Winston, whose animatronic creations have dazzled movie goers in such films as "Aliens," "Jurassic Park," and the "Terminator" series, teamed up with MIT roboticist Cynthia Breazeal to collaboratively develop an autonomous robot that can move on its own, maintain eye line with the people it interacts with, and express emotional states. The design and hardware component of the machine, dubbed Leonardo, was contributed by Stan Winston Studio, while Breazeal supplied the software that allows the robot to perceive its surroundings, recognize and synthesize speech, and build fundamental cognitive skills. The project taps into Winston's 35 years of working with and often pioneering breakthrough automaton technology, and Breazeal's efforts in the field of artificial intelligence, which have yielded sophisticated (for their time) robots such as Cog and Kismet. Leonardo's appearance is supposed to accommodate both technical and emotional considerations: His potbelly and oversized head provide more room for his internal mechanisms, his large eyes facilitate more light for the robot's cameras, and his ears relay sound to microphones; Breazeal, meanwhile, mandated that Winston keep Leonardo from looking too human so as to avoid what Japanese roboticist Masahiro Mori calls "the uncanny valley," the tenet that people find it harder and harder to relate to robots that appear increasingly human-like. Some of the AI ideas Breazeal wants to encapsulate in Leonardo are echoed in Donald Norman's forthcoming book, "Emotional Design," in which he contends that emotions are just as critical as cognition in intelligence. Leonardo's benefits for Winston include the development of artificial creatures that can lock eyes with actors, and his studio will own the patent on Leonardo itself. Breazeal thinks this marriage of robotics and AI could help clear the way for sociable robots, which would be companions and caretakers of growing ranks of elderly persons.

An unusual practice of modern timekeeping is the insertion of a "leap second" into the calendar, which occurs less than once a year on average; this is done to make up for the discrepancy between international atomic time and solar time, which is changing as the Earth's rate of rotation gradually slows. Since the inception of leap seconds 30 years ago, coordinated universal time has lagged in fits and starts behind universal atomic time, and the situation has been complicated by the rollout of various technologies that have their own internal time frames. "With [these technologies] becoming more interactive, they need to be synchronized," states the Naval Research Laboratory's Ron Beard. Technologies ranging from GPS to air traffic control systems to the Internet to military systems are not designed with leap seconds in mind, which makes leap second insertion the responsibility of software engineers. This task is difficult enough, but complicating matters is the unpredictable nature of the Earth's slowing spin, a phenomenon attributed to as-yet-indeterminate internal forces; in fact, the planet's rotation has recently sped up, the result being no leap seconds for the last five years. Affected by this is Motorola's Oncore GPS receiver, which will add an extra day to the calendar just after midnight on the morning of Nov. 28, 2003. This extra day will only last for a second, but Motorola GPS product manager Dave Huntingford is worried that this could affect Nov. 28 cell phone bills and lead to lost revenues; Global Timing Services consultant William Klepczynski is even more concerned that such glitches, when combined with worker stress, could lead to disastrous errors in air traffic control. Beard and others think leap seconds should be jettisoned in favor of a continuous timekeeping system called international time, although astronomers fervently oppose this because of their high reliance on software that automates the alignment of their telescopes.

An August roundtable of CIOs, financial executives, and business management experts convened to discuss the problem of measuring IT's return on investment (ROI) and whether alternate ways of determining IT's value to the enterprise are worth pursuing; many IT executives polled by CIO Insight last December expressed dissatisfaction and frustration with current ROI methods. In general, the panel agreed that separating IT's ROI from the ROI of a business process or project is difficult, while the precision and objectivity ROI promises is an illusion. In addition, ROI lacks a universal definition; company cost structures, economics, and risk are being left out of the ROI equation; checking the accuracy of ROI predictions is a rarity among executives; and managers are expected to meet ROI numbers that are often inaccurate, and they forget ROI's actual purpose of making resource-allocation decisions. Forrester Research principal Bobby Cameron argued that failed projects or bad IT histories are not the reason ROI fails: It is the IT department's attempts to effect returns in isolation, when in fact it is how people use technology rather than the technology itself that drives ROI. Pamela Cohen Kalafut of Intangibles Valuation Services expanded this assertion, noting that the key determinant is how people are empowered to use the technologies. Atefeh Riazi of Ogilvy & Mather Worldwide stated, "You have to look at [an organization] strategically, look at it organically, and acknowledge IT will help, but ROI shouldn't drive it." She also commented that technology vendors and CIOs share a responsibility to understand technology's impact on an organization's operations, but vendors are overlooking this duty. "As I see it, the benefit of going through a process...where you identify the strategy first, is that IT flows in as an enabler of the strategy, not as somebody trying to implement a specific thing," explained FA Group's Denise K. Fletcher, while Ameritrade Holding's Asiff Hirji stressed that decision-making should be kept simple.
Click Here to View Full Article