FTC Chairman Timothy Muris announced yesterday that the agency would not develop a do-not-spam list similar to the highly popular do-not-call list; Muris said the list would be ineffective because spammers would simply choose to ignore it. Worse still, he said such a registry could be exploited by spammers to increase their mass sending of junk email. Sen. Charles E. Schumer (D-N.Y.) expressed his disappointment with the decision in a written statement, noting that "The registry is not the perfect solution but it is the best solution we have to the growing problem of spam and we will pursue congressional alternatives in light of the FTC's adamancy." Muris said the FTC would pressure industry to develop an electronic email sender authentication scheme that would make it more difficult for bulk emailers to conceal their locations and mask their identities, and Internet providers such as AOL, Yahoo!, Microsoft, and EarthLink are working toward a standard authentication platform. Lurking beneath the surface of the no-spam registry issue is the question as to whether the federal CAN-SPAM Act is successful, and recent reports have been less than encouraging: A survey sponsored by the Chief Information Officer Executive Council rates the law as ineffective, based on estimates that 39 percent of 141 polled CIOs expect their companies to spend more than $100,000 to combat spam this year. In addition, more than half of the respondents expressed a desire for a no-spam registry. Advocates believe such a measure could help correct what they perceive as a major drawback of CAN-SPAM, which is the reliance on an opt-out system that requires users to ask to be removed from marketing lists. Proponents argue that a no-spam registry would serve the same function as an opt-in system, eliminating much of the complexity of enforcement.
Click Here to View Full Article
(Access to this site is free; however, first-time visitors must register.)

The League of Women Voters on Monday reversed its position on paperless electronic voting systems after hundreds of members argued that paper ballots were needed to safeguard the accuracy of elections. The league overwhelmingly passed a new resolution on Monday that supports "voting systems and procedures that are secure, accurate, recountable and accessible." Former ACM President and league member Barbara Simons, who had sharply criticized the league's earlier position that paperless e-voting systems were reliable alternatives to punch card and lever systems, said, "This issue was threatening to split the league apart...The league now has a position that I feel very comfortable supporting."
Click Here to View Full Article
(Access to this site is free; however, first-time visitors must register.)

Barbara Simons is co-chair of ACM's U.S. Public Policy Committee (http://www.acm.org/usacm).

Approximately 300 biologists, artificial intelligence specialists, chemical engineers, circuit designers, and biotech industry researchers gathered at the MIT campus for the Synthetic Biology 1.0 conference, where topics of discussion included schematic capture, simulation, and tape out. MIT grad student Jonathan Goler discussed his BioJADE biochemical design tool, which represents protein and DNA interaction with standard electronic components such as AND, OR, and NOT gates, along with some new icons that symbolize biochemical functions. Entering a schematic results in the compilation and display of a biochemical diagram assembled out of BioBrick standard components tapped from a catalog being developed by Tom Knight's wet lab in MIT's Computer Science and Artificial Intelligence Laboratory. The next-generation BioBricks++ system features standard interfaces for all DNA segments that can be assembled into any configuration with commercially available enzymes. BioBrick catalog director Randy Rettberg is starting a standards process that will enable anyone to construct BioBricks and insert them into the catalog, and is also setting up a summer contest in which participants are challenged to genetically engineer a Finite State Machine (FSM). Competitors in the event, which is sponsored by the Defense Advanced Research Projects Agency and the National Science Foundation, include a Boston University group that will try to build a simple computer; a team from the University of Texas, which will create a huge array of identical FSMs in an attempt to overtake silicon's processing power; and MIT, whose team will develop "Self-replicating Machines of Undeniable Greatness." Molecular computing systems built by biosynthesized machines may take the reins from the very large scale integration (VLSI) generation, which is approaching the limits of complexity and size.
Click Here to View Full Article

The Cambridge-MIT Institute (CMI) is launching an unprecedented effort to create new opportunities in the communications market, bringing together three universities, major industry partners, and government policymakers. MIT Media Lab senior researcher Andy Lippman says the goal will be to enable a dramatically different communications paradigm where users are inventors. He says programmability at the edge of the network will enable users to create previously unthought-of services, similar to how the personal computer spawned spreadsheets and the Web spawned eBay and Napster; reaching that goal, however, requires cooperation on the part of academic research, industry, and government regulators. The CMI's new Communications Innovation Institute (CII) will bring those players together in order to negotiate potential obstacles, such as regulation of new technology. Among the issues to be discussed are the effectiveness of 3G spectrum auctions, the ability of pricing to control Internet congestion, and possible changes to Internet architecture that would lessen the problem of spam and other network attacks. CII will also study emerging communications technologies, including peer-to-peer 3G wireless networks, Internet piracy solutions, and wireless-on-optical technology. MIT computer scientist David Clark says the stifling of Internet innovation in certain areas is due to poor planning and cooperation between academia, industry, and government, and CII plans to draw up an industry and technology roadmap for communications that will address a variety of issues, including economic and societal concerns. A communications industry value chain will also be drafted to help participants understand the role of providers, manufacturers, content developers, and consumer markets.
Click Here to View Full Article

Car manufacturers are experiencing pains as they adapt to in-vehicle electronics, as demonstrated by the malfunctions such systems frequently suffer from. "The electronics in the car bring six or seven times more faults than normal mechanical parts," observes Valeo Chairman Thierry Morin. "The more pure electronic content that is in a car the more bugs there will be." Unreliable electronics can hurt the reputation of manufacturers, particularly those of luxury vehicles, where electronic systems were first introduced. In-vehicle software problems are attributable to three trends: In-vehicle electronic systems are growing too quickly for manufacturers with over a century of mechanical experience to come to terms; there is a profound lack of expertise in software development and electronics among carmakers; and proper testing is impossible because carmakers have permitted the networks connecting the individual components to become excessively complicated. BMW board member Michael Ganal notes that the growing importance of electronics and software is putting more control of the vehicle in the hands of suppliers. Carmakers are desperately hiring software engineers and forming coalitions such as AutoSAR to develop standard software platforms. Harbans Dass with Motorola's automotive division reports that software has improved "immensely" over the past few years, and a Consumer Reports survey gives this claim some credence: The poll finds that electrical problems are the No. 1 cause of complaint for drivers of five-year-old cars, while owners of six-month-old cars rate them as the No. 3 cause of complaint.
Click Here to View Full Article

California Secretary of State Kevin Shelley calls the protection of vote integrity "my principal charge," and to that end he has mandated that no California county can purchase a touch-screen voting machine without a voter-verifiable paper record by July 1, 2005, while all touch-screen systems in the state are required to be equipped with paper trails by July of the following year. Furthermore, on April 30 he forbade certain touch screens from being used in four counties, and decertified the systems in 10 other counties until additional safeguards could be installed. He also released paper trail standards to machine manufacturers on June 14: Requirements include the ability for handicapped users to vote and confirm their vote without any aid, voter verification prior to casting, and the printing of paper records in both English and the voter's language of choice. Shelley's mandates could influence national e-voting standards, because 40 percent of all touch-screen machines in use are concentrated in his state. But his actions have also provoked heavy criticism from local election officials such as Los Angeles County registrar Conny B. McCormack, who accused the secretary of state of shaking voter confidence by demanding the deployment of nonexistent technology. Several California counties are suing Shelley, and one of them, San Bernardino County, has no intention of complying with his directive to supply separate paper ballots to voters uncomfortable with touch screens. Shelley says, "I believe [touch-screen] machines have a very, very firm place in our future, but I also believe that in responding to the chaos in Florida in 2000 these machines were rushed out before all the kinks were worked out."
Click Here to View Full Article
(Articles published within 7 days can be accessed free of charge on this site. After 7 days, a pay-per-article option is available. First-time visitors will need to register.)

For information on ACM's activities involving e-voting, visit http://www.acm.org/usacm.

Major U.S. technology vendors are working hard on making their products compatible with the next-generation Internet standard, Internet Protocol version 6 (IPv6). With the announcement from the Defense Department that all new technology purchases will have to be IPv6-enabled, hardware and software vendors are taking the migration seriously, say attendees at the North American IPv6 Summit. IPv6 to date has been more of an issue in Asia, where Internet use continues to grow rapidly and is taxing the current IPv4 framework: In China, for example, there are 60 million Internet users sharing half as many Internet addresses, says Verio's Cody Christman, whose group is a subsidiary of Japanese telecom NTT Communications. In the United States, the Defense Department mandate, which is intended to improve battlefield networking capabilities, has spurred interest from a number of other large government agencies such as the Transportation Department and Homeland Security Department; there is even talk about the Office of Management and Budget requiring IT purchases across the federal government to include IPv6 capability, says North American IPv6 Task Force marketing director Alex Lightman. The recent moves by U.S. technology firms to adopt IPv6 means the standard will likely reach widespread commercial adoption by 2008, says task force business director Yuri Rich. IPv6 is meant to make networking discrete devices easier, but experts say migration will pose some security risks, especially since many security aspects with the new standard are being thought out. There may also be cross-platform attacks, with hackers taking advantage of links between IPv4 and IPv6 systems. Security consultant Richard Graveman says the most worrisome security risk with IPv6 is more powerful denial-of-service attacks.

Experts fear that email's utility is gravely threatened by a growing prevalence of malware, spam, and various online scams, and individuals and companies are considering or implementing alternate measures and restrictions to mitigate the problem. Many consumers have gotten into the habit of deleting unfamiliar messages, and have stopped attaching large documents to their emails because they are usually deleted by recipients concerned that such packages may contain malicious payloads. Meanwhile, some companies prohibit workers from using email accounts not related to their jobs, and an InsightExpress poll of 500 business owners estimates that roughly 40 percent of small businesses would consider dumping email for business correspondence if junk email gets worse. The situation is prompting security companies to market intrusion detection products, while AOL, Yahoo!, and Microsoft have joined forces to create the email equivalent of a "caller-ID" standard, which is at least a year away from rollout. Market researchers indicate that spam, computer viruses, and unique phishing attacks were responsible for personal losses and lost workplace productivity adding up to over $15 billion in 2003. The erosion of people's trust in email is being driven by an acceleration in spamming and scamming, while many home PCs lack proper security measures. Nucleus Research says the annual cost of spam in terms of lost productivity has doubled over the past year to almost $2,000 per worker; the Anti-Phishing Working Group estimates that the number of unique phishing attacks skyrocketed from 402 to 1,125 between March and April; and security experts report that virus authors, spammers, and phishers are increasingly teaming up outside of U.S. jurisdiction.
Click Here to View Full Article

Microsoft Research senior scientist Sir Tony Hoare argued before dozens of journalists and analysts on June 8 that the computer industry needs a "grand challenge" akin to the race to the moon or the human genome project to reach the next major turning point in its evolution. He listed seven such challenges whose multidisciplinary nature illustrates not only how deeply embedded IT has become in research in general, but how the nature of computer science is constantly changing. Hoare predicts that in 16 years' time the number of computers in the world will multiply a hundredfold, as will their individual processing power and memory capacity; these machines will also be networked into what he calls a global ubiquitous computer that does not fit within Turing's classical theory of computation. Hoare says that finding a computational theory that is "more realistic than the Turing model, and can take into account the discoveries of biology, and the promise of the quantum computer," is one of the grand challenges. An even more daunting challenge is creating a simulated organism that can make experimentally testable predictions, while more challenging still is modeling the workings of the human brain and how it relates to the human mind. Building such a computer program, Hoare reasons, will involve the collective expertise of biologists, psychologists, nerve scientists, linguists, social scientists, physiologists, and philosophers. Hoare says, "It is easy to predict that some of the discoveries of research directed towards Grand Challenges--but only the most unexpected ones, and at the most unexpected times--will be the basis of revolutionary improvements in the way that we exploit the power of our future computing devices."
Click Here to View Full Article

June 15 marks the official launch of the OpenIB Alliance, a coalition of high-performance computer users and technology vendors united in their goal of making the InfiniBand input/output architecture more usable with Linux. Members of the group said that they will collaborate on a standard platform of software utilities and InfiniBand hardware drivers, along with a deployment of networking protocols that include IP over InfiniBand and the Message Passing Interface protocol employed in high-performance computing. "It's really focused on interoperability and getting all these companies cooperatively working on the marketplace around this software stack," explained Stan Skelton with OpenIB Alliance member Engenio Information Technologies. He says the alliance will issue software under two separate open source licenses: The GNU General Public License and the Berkeley Software Distribution License. Sandia National Laboratories and Lawrence Livermore National Laboratory--both InfiniBand users--will participate in the alliance. An anonymous alliance participant noted that the coalition represents the first time InfiniBand hardware vendors have partnered to release open-source software. "Now it's open source, so in addition to pooling the resources of the [vendors] we're engaging the user community, both in terms of being able to get patches and bug fixes, but also in terms of giving them a real voice in terms of how we're trying to harness the stack," he explained, adding that project leaders ultimately want the software to be incorporated into the Linux kernel.
Click Here to View Full Article

Florida officials have learned that iVotronics touchscreen voting machines currently used in 11 counties suffer from flaws that could make manual recounts in close races impossible, a development that has voter proponents up in arms despite assurances from the machines' manufacturer and the state Division of Elections that the problem is easily remedied. The bug in question prevents the e-voting machines from producing a consistent "event log" of the voting activity when the systems are asked to replicate electoral events. Orlando Suarez of Miami-Dade County's technology department carried out an audit of the machines following a May 2003 election in Miami Beach, but determined that the machines' serial numbers were scrambled by the event log, complicating the identification of the machines being audited; Suarez also discovered in an October audit of the Homestead election that 162 votes were unaccounted for in the event log. Nicole DeLara, a representative for Florida Secretary of State Glenda Hood, describes the bugs plaguing the iVotronics systems as "minor technical hiccups," while state officials claim that the glitch only takes place when the audit is carried out after the election, not when the tally sheet is printed in each precinct following poll closings. They also say that neither recounts nor audit trails are necessary since the touchscreen system is designed to prevent people from voting multiple times in the same race and alert voters when they are skipping a race. However, Rep. Robert Wexler (D-Fla.) and advocates for the Miami-Dade Election Reform Commission call such assurances an attempt to cover up the fact that officials certified machines that violate state regulations.
Click Here to View Full Article
(Access to this site is free; however, first-time visitors must register.)

For more on e-voting, visit http://www.acm.org/usacm.

Columnist Michael Geist contends that the Canadian government needs to consider new approaches in applying copyright law to the Internet: The current process is proceeding too quickly and without balanced input, and should instead adopt procedures that follow the dictate of the Canadian Supreme Court, which calls for copyright reform fairly addressing the needs of content creators, users, and the public interest. The parliamentary committee headed by Canadian MP Sarmite Bulte recently issued a report that leans too far in favor of content creators; debate over reforms, which would seek to compensate creators for assumed use of copyrighted material, is split between those who view the Internet primarily as a means of copying and those who see the Internet as a medium for creativity. Previous attempts at copyright reform have already hurt unintended targets, such as the small Infertility Network charity that pays extra for blank CDs due to a levy imposed on recording media. Geist writes that Canada should move more slowly on copyright reform, and equally involve the three interest groups mentioned by the Supreme Court in all discussions. The Bulte committee, when forming its report, heard opinions from five rights holders groups on the issue of educational copyright use, while receiving input from only the Association of Universities and Colleges of Canada on the other side. Each policy decision should also seek a middle ground, unlike the Bulte report, which adopted the proposal of rights holders groups wholesale. Any decision should also be supported by facts--the notice-and-takedown system recommended by the Bulte committee for ISPs has not been proven to be the most effective approach. Finally, Canadian policymakers should not be afraid of adopting unique solutions, such as those offered by efforts such as the Creative Commons, which seeks to expand public domain.
Click Here to View Full Article

Apple responded to complaints relating to its lack of communication with users about the nature of several recent security updates to Mac OS X by holding press conferences in which executives admitted that its disclosure protocols were in need of refinement--and that steps were being taken to correct this oversight. Mac OS X director Ken Bereskin stated that Apple's security Web site contains a great deal of information about the patches, but noted that many people and even some security companies were unaware of its existence. He added that Apple will now include a link to the site beginning with the most recent security update. Aberdeen Group chief research officer Peter Kastner and Gartner research director Ray Wagner agreed that the Mac community has exaggerated the concerns about OS X security. "Most of the concerns have been around communication with developers and security practitioners, rather than end users," Wagner noted. Bereskin compared the number of security updates Apple and Microsoft have issued since OS X's March 2001 debut: Apple has released 44 updates for OS X, 3 percent of which were considered to be critical, in that they involve vulnerabilities that hackers can exploit remotely; Microsoft has issued 78 updates for its Windows operating system, 65 percent of which were classified as critical. "Most people we talk to, most of the security experts we work with closely, agree that because Mac OS X has a Unix [Berkeley Software Distribution] core, it [ends] up being more secure than other platforms, certainly more than Microsoft," Bereskin said.
Click Here to View Full Article

A number of new Internet services are ready for adoption, but are held back by the conservative attitude of many users, according to an IAPP Truste Symposium keynote address from John Patrick, former IBM Internet technology vice president and now president of the Attitude consulting firm. With the increasing pervasiveness of the always-on Internet, new services such as VoIP and instant messaging alerts could change the way people communicate and plan their day. He says these new services must be intuitive and easily fit into people's lifestyle, pointing to instant messaging as a good example: Patrick notes that instant messaging has changed the way people use email, and predicts XML metadata attached to Web pages will similarly change the way people search and use the Web for information. Some new services are technically possible today, but require adoption of standards and agreed-upon frameworks, and Patrick says Linux will serve as the foundation for many new government and business IT innovations because it allows people to easily build upon others' work. "It's about freedom that's not tied to product cycles, but to the limits of people's innovation," he explains. As end users increase their level of Internet communication, they have a responsibility to increase their security consciousness and use safe surfing habits and software protection. On the other hand, companies are obligated to protect people's privacy with comprehensive privacy frameworks that detail how each piece of technology deals with data; spam stems from the SMTP's ease of use, and Patrick says the IETF will have to implement an authentication scheme that will have mail systems identify servers sending mail. In the end, however, Patrick says company leaders and users must be determined to modernize their work processes.
Click Here to View Full Article

Although there are flaws that need attention, now is not the time to review the federal cybersecurity strategy, says Homeland Security Department (HSD) cybersecurity director Amit Yoran. Yoran says new issues have come up since the strategy was issued by the White House early last year, such as a focus on securing infrastructure control systems, problems among information-sharing analysis centers, and the performance of the national cyber-alert system. With the latter, the government is trying to find a happy medium. "We're trying to walk the balance between not crying wolf and focusing people's attention on key issues," Yoran explains. He adds the government usually approaches cybersecurity in two ways, trying to improve preparedness and trying to get ahead of attackers, with the private sector's participation more important in the latter case. The strategic goal is to break the vicious cycle of ever-improving attacks and defenses. The HSD will continue to invest in improved software development and evaluation methods, along with ways to counter cybercrime. Yoran says the agency will rely on market forces to push cybersecurity improvement.
Click Here to View Full Article

Sophisticated new toll systems are spreading throughout the world and extending tolling beyond highways, tunnels, and bridges to include national road networks or city centers, and Hyder Consulting's Jack Opiola attributes the expansion of road tolling to two trends: Decreasing revenues from fuel tax because of more efficient vehicles, and the increasing difficulty and cost of road construction because of environmental concerns and rising prices for land, labor, and building materials. In addition to offering a steadier revenue flow than fuel tax, tolling also promises to be an efficient traffic management tool--but one that can only function effectively with inexpensive, dependable technology. The success and proliferation of electronic tolling systems is being driven by two technologies: Designated Short Range Communication (DSRC) that uses microwaves or sometimes infrared signals to allow vehicles to pass through a toll plaza without stopping; and the Global Positioning System (GPS), which pinpoints a vehicle's location to within a few meters. The design of an electronic tolling system is heavily influenced by national context. London, for instance, has set up a congestion-charging system in which vehicles enter a "congestion charge" zone where roadside cameras record their number plates, which are matched to a database of exempt or paying vehicles, after which drivers pay the toll online or over the phone while non-payers are fined through the mail. Germany's ambitious Toll Collect system (which is still under development) pinpoints the position of trucks through microwave beacons, GPS, built-in gyroscopes, and tachographs whose signals are combined by an on-board unit that calculates the toll, while roadside cameras make sure that all trucks are registered with the system. Obstacles to the mass adoption of electronic tolling systems include a lack of common standards and cross-border interoperability, political opposition, and concerns about financial costs and privacy infringement.

Maturing standards and wide industry support for voice over Internet Protocol (VoIP) is generating corporate interest in the technology, whose promised benefits include significant cost savings and the enablement of true converged voice and data applications. However, many enterprises have only completed partial VoIP deployments in their infrastructure or are still in the pilot phase. Reasons for hesitancy include a lack of savings promised by the technology, such as productivity boosts through unified messaging; security issues further inflamed by increasing network attacks; and harder-than-anticipated integration of voice and data staffs. Current VoIP implementations are often hybrid models in which VoIP is installed at a point where costs are minimized and benefits are maximized, while legacy phone systems comprise the rest of the enterprise infrastructure. Examples of highly beneficial implementations include the combination of VoIP with real-time applications such as document sharing, instant messaging, and Web conferencing. Collaboration between branches and telecommuters can also be improved with IP systems thanks to their support for embedded, simple audio conferencing. There is consensus between many vendors and analysts that the next stage will involve the convergence of VoIP and other real-time communications with enterprise applications such as enterprise resource planning. The general prediction is that most companies will gradually roll out VoIP in greenfield branch offices, implementing IP where it can do the most good, replacing outdated legacy hardware, and incrementally improving the data network architecture.
Click Here to View Full Article

Embedding intelligent, autonomous agents in business processes will allow organizations to adapt their business intelligence (BI) capability to a growing reliance on globally distributed service networks. Whereas integrated BI involves the connection of information to specific business processes in order to support specific business activities, embedded BI (EBI) affords full visibility into the processes underlying business applications so that organizations can take action on decision-making checkpoints while remaining inside the business process flow. EBI requires not only the presence of distributed, autonomous intelligent agents to effect the collection of key information throughout the business process streams and make correct decisions en route, but distributed information mining algorithms that can handle organized and disorganized content, which could make many data warehouses obsolete through their ability to sense deviations and patterns and respond in accordance to service-level agreements (SLAs). A typical EBI system records an activity--a new order, for example--then sends out an agent to the client device to transport basic data to expedite the activity; the application studies the agent's request and selects the best way to process the order by analyzing the business processes, previous intelligence rules, and available SLAs. The application then aggregates its required set of services, critical decision-making checkpoints, and SLAs and makes a request for services that subsequently launches autonomous agents connected to individual services. EBI systems eliminate the need for agents to return to the originating application to seek data about ensuing appropriate actions by providing them with SLA-related information, thus making agents automatically adaptable to changes in the business environment. Technology providers are working out how to orchestrate autonomous intelligent agents, but legal concerns and security and privacy issues are still waiting to be addressed.
Click Here to View Full Article

Microsoft Research Asia's lab in Beijing, China, was set up in 1998 to tap the country's rich vein of students and scientists in order to perform cutting-edge infotech research and development that could be funneled back into products to ensure the parent company's future as well as expand opportunities for Chinese citizens. So that the lab could obtain the trust and support of local academics, Microsoft built an open environment where scientists could publish papers, interact with academics, and make product contributions; early on, lab founder Kai-Fu Lee stressed the importance of striking a balance between Chinese and Western cultural mores, such as adhering to the Chinese tradition of being straightforward instead of seeking hidden meaning, and the Western custom of allowing staffers to try out different approaches even if their supervisors have doubts. Lab managing director Harry Shum says the facility's remoteness from Microsoft's Redmond headquarters has become an advantage, in that it has spurred staffers "to try twice as hard." The Beijing lab currently hosts roughly 200 interns, most of them from local institutions, at any time, and 150 full-time researchers. Microsoft products already employ over 70 technologies developed at the lab, which also has 750 published papers and hundreds of filed patents to its credit. Notable achievements at the Beijing lab include advancements in generating photorealistic, computer-generated faces through computer vision; a bilingual speech synthesizer for primarily Asian users; and user interfaces that digitally capture handwriting. The facility is also breeding a new generation of corporate management: Former lab directors Lee and Ya-Qin Zhang are now vice presidents at Redmond, for example.
Click Here to View Full Article
(Access to this article is available to paid subscribers only.)