Association for Computing Machinery
Welcome to the March 3, 2014 edition of ACM TechNews, providing timely information for IT professionals three times a week.

ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).


Report Calls for Better Backstops to Protect Power Grid From Cyberattacks
The New York Times (03/02/14) Matthew L. Wald

A recent Bipartisan Policy Center report found that despite increasing anxiety over the possibility of a cyberattack on the power grid, the U.S. energy industry and government are ill-equipped to counter the threat. In addition, federal rules designed to protect the electric system from cyberattack are inadequate because they do not give companies an incentive to continually improve and adapt to a changing threat. Although the U.S. government has focused on the high-voltage power grid, less work has been done on the lower-voltage distribution system, which could cause problems that would propagate up the chain, according to the report. The report, which recommends establishing an organization to conduct peer-to-peer audits and disseminate best practices, was led by Michael V. Hayden, the former director of the Central Intelligence Agency. In a panel discussion about the report on Friday, Hayden said cyberwarfare is "a domain that favors the attacker," and noted most hacking against utilities is done by people trying to steal financial data. However, he said experts fear an act of war, or what he called "recreational espionage." The report also examined the issue that public utility commissioners have trouble determining the value of such utility expenses.

The IETF Needed a Wake-Up Call on Security, Says Chairman
IDG News Service (02/28/14) Mikael Ricknas

Internet Engineering Task Force (IETF) members will focus on security and how to protect users from pervasive monitoring in a meeting that began Sunday in London. "Obviously it's important that we have reliable tools for e-commerce, banking, private communications and everything else," says IETF chairman Jari Arkko. "My vision of the end goal is that we try to build a more secure Internet based on the assumption that there are all these threats around us." Arkko says the IETF also wants to make security features easier to use, and encourage standards organizations to think of security from day one when developing new protocols. In conjunction with the IETF meeting, the Internet Architecture Board and the World Wide Web Consortium are organizing a high-level workshop that will more closely examine some of these challenges, including tradeoffs between strengthening security measures and performance. "At this meeting, we are talking about something that would enable authorization to work better in this environment," Arkko says. "Even if you have security, you need to decide who can use the thermostat at home."

Battery-Free Technology Brings Gesture Recognition to All Devices
UW News (WA) (02/27/14) Michelle Ma

University of Washington computer scientists have created AllSee, a gesture-recognition system that runs without batteries and enables gesture control for electronic devices that are hidden from sight. Existing TV signals serve as AllSee's power source and a way of picking up gesture commands. The system uses a small sensor that attaches to an electronic device, with an ultra-low-power receiver that detects and classifies gesture data from wireless transmissions. The sensors detect specific amplitude changes of wireless signals in the air created by various gestures. Because the sensors use power from wireless transmissions, they use three to four times less power than existing gesture-recognition systems, enabling mobile devices to leave the gesture technology always enabled. Unlike AllSee, existing gesture-recognition systems must be manually enabled, require that devices be within sight, and drain phone batteries if left on. By attaching sensors to household devices, the researchers say AllSee could enable users to interact via gesture with everyday objects and connect them to the Internet as the Internet of Things becomes a reality.

Meet Oppia, Google's New Open Source Project That Allows Anyone to Create an Interactive Learning Experience
TechCrunch (02/27/14) Rip Empson

Google has launched Oppia, an online, open source education project that enables users to develop interactive activities for educational purposes. As educational content is increasingly delivered via video and short message service, Google says it often lacks opportunities for interactivity, dialogue, and feedback. Oppia will serve as a framework to enable anyone to quickly create interactive learning experiences and add them to their site. Google calls Oppia a "smart feedback system" that asks the learner questions and adjusts instruction based on responses. In addition, Oppia collects information on learner interaction and content provided, which is shared with content creators to enable them to refine lessons. Based on an extensible framework, Oppia allows developers to add their own inputs and extend the range of potential formats and response types that are compatible with the system. The system also enables users to collaborate in developing and editing explorations, with version control. Parameters can be linked to a particular learner, which enables teachers to build deeper interactive experiences. Google says Oppia is not officially a Google product, suggesting the company intends for developers to take ownership while the community assumes maintenance.

Livermore Joins With Oak Ridge and Argonne to Develop Next Supercomputers
LLNL News Center (02/26/14) Donald B. Johnston

The collaboration of Oak Ridge, Argonne, and Livermore (CORAL) national laboratories plans to develop next-generation supercomputers capable of performing at up to 200 peak petaflops. CORAL is currently evaluating responses to a joint request for proposals for procurement issued in early January. The new supercomputers would be about 10 times faster than today's most powerful high-performance computing systems, and would support the research missions at their respective labs. At Livermore, a system called Sierra would serve the National Nuclear Security Administration's Advanced Simulation and Computing Program for stockpile stewardship. Oak Ridge and Argonne will utilize systems that fulfill the needs of their Department of Energy Office of Science missions under the Advanced Scientific Computing Research program. The technological innovations required for CORAL systems call for a deliberate and strategic investment plan. There are technological challenges to building the systems, such as containing power requirements, making sure it is reliable and resilient, and ensuring memory bandwidth is sufficient. The final decision on developing the supercomputers will be based on the small prototype systems that are built by the selected vendors. CORAL, which wants to produce three systems by 2017-2018, says the project could be key to the development of exascale systems.

Phone's Wi-Fi Hotspot Acts as SOS Beacon in Disasters
New Scientist (02/27/14) Paul Marks

Researchers at the Fraunhofer Institute for Applied Information Technology have developed an app that turns a smartphone into a wireless SOS beacon that could help rescuers find people who have been trapped in collapsed buildings after natural disasters or bombings. The researchers say they noticed the messages people sometimes broadcast by changing the name of their home Wi-Fi networks and thought a short SOS message could be inserted into the name field of a phone's Wi-Fi hotspot as well, which broadcasts a radio signal without requiring Internet access. Rescuers can then read the message with their own Wi-Fi app. The researchers developed a victim app and a seeker app, both of which are based on robust and receivable Wi-Fi radio. With the victim app, a trapped person can write a 27-character message, and a seeker app up to 100 meters away can pick it up, according to the researchers. The researchers want the victim app to be incorporated in Android or iOS operating systems because users do not expect to be in a disaster and are unlikely to download the app ahead of time.

Mobile Voting Systems Potentially Better Than Electronic Ones: Study
NDTV (India) (02/26/14)

Rice University researchers have designed a mobile voting system optimized for use on smartphones and have tested it against traditional voting platforms. The researchers found no reliable differences between the smartphone-based voting system and other voting platforms with regard to efficiency and usability. However, their study found smartphone owners made fewer errors while using the mobile voting system. A potential benefit of mobile voting would be the opportunity to cast votes when and where it is convenient for the voter. However, several critical security and authentication issues would need to be addressed to make mobile voting work, says Rice University professor Michael Byrne. For example, he says research may be needed to develop systems that support secure and anonymous submission of ballots. "There may be compromise solutions that involve the mobile user interface that do not have the same security requirements, though they would not be as convenient," Byrne says.

IBM Wants to See Your Watson Mobile Apps
InfoWorld (02/26/14) Serdar Yegulalp

IBM has announced its Watson Mobile Developer Challenge for mobile software developers to create applications that use its Watson cognitive computing platform on mobile devices. At the end of the three-month competition, IBM will select three winning apps for further marketing and development, but winners will not be required to release their products under the IBM brand. One of the most important benefits for mobile developers in using Watson is "the pedigree of the answer--why Watson answered a query that way," says IBM fellow Jerry Cuomo. He says one developer is considering using Watson in retail as a way to do advanced product recommendations that explain the reasoning behind similar purchases, while another is thinking of an app that a doctor could use to determine which treatment option might be most appropriate. However, IBM hopes developers will think of novel and unanticipated uses for Watson. "The more you put something out, the broader you make it, the less boundaries you put on it, the more open innovation you have--the more things you wouldn't expect," Cuomo says. In addition, IBM hopes the competition will speed feedback from Watson developers, so IBM can ensure it has appropriate and useful Watson APIs.

Draft Language Signals More Transparent NIST
Federal Computer Week (02/25/14) Frank Konkel

The U.S. National Institute of Standards and Technology (NIST) has released new guidance on cryptographic standards that emphasizes transparency, openness, technical merit, balance, and integrity. The draft guidance comes in the wake of fallout over revelations the U.S. National Security Agency (NSA) subverted NIST-adopted computer encryption standards. NIST officials hope to win back the trust of the cybersecurity community and the general public through such efforts. The draft guidance calls for access to essential information on standards-related activities and venues for all stakeholders in the private sector, academia, and the public, with a commitment from NIST to be transparent during the development and documentation of cryptographic standards. Moreover, it makes clear NIST will continue to work with NSA due to its expertise in cryptography and its statutory obligations to consult with the agency on standards. NIST will accept public feedback on the draft guidance until April 18.

DARPA Targets Counterfeit Electronics
InformationWeek (02/25/14) Elena Malykhina

The U.S. Defense Advanced Research Projects Agency (DARPA) is developing a tool to verify the trustworthiness of electronic components. The new DARPA program, called Supply Chain Hardware Integrity for Electronics Defense (SHIELD), focuses on the creation of a small component, known as a dielet, for authenticating electronic parts at any step of the supply chain. DARPA wants hardware that contains a full encryption engine and sensors to detect tampering, and also has the ability to attach to current electronic components. The dielet would be inserted into an electronic component's package at a manufacturing site or attached to existing components, according to DARPA. In addition, technology coming from the SHIELD program would guarantee protection against threats related to counterfeit electronics. SHIELD technology also would protect against clones and copies, as well as parts that have been repackaged for unauthorized applications. "What SHIELD is seeking is a very advanced piece of hardware that will offer an on-demand authentication method never before available to the supply chain," says DARPA's Kerry Bernstein.

Georgia Tech Project Ensures 'What You See Is What You Send'
Georgia Tech News Center (02/23/14)

Georgia Institute of Technology (Georgia Tech) researchers have developed Gyrus, security software that takes extra steps to prevent malware from sending spam emails and instant messages, and blocking unauthorized commands such as money transfers. The software is based on the observation that for most text-based applications, the user's intent will be displayed on the screen, and the user will be able to make changes. "The idea of defining correct behavior of an application by capturing user intent is not entirely new, but previous attempts in this space use an overly simplistic model of the user's behavior," says Georgia Tech Ph.D. student Yeongjin Jang. He says Gyrus captures data such as user actions, text content, and application semantics to make the system send only user-intended network traffic. Gyrus also indirectly determines user intent from the screen that is displayed to the user. Gyrus captures the user's intent and interactions with an application, and verifies the resulting output can be mapped back to the user's intention, resulting in the application ensuring accurate transactions even in the presence of malware.

13 of Today's Coolest Network Research Projects
Network World (02/26/14) Bob Brown

Research labs at universities and vendors are developing a wide variety of technologies, from networked honey bees to evidence of time travel. For example, Michigan Technological University researchers have used three Internet search implementations to look for signs of content that should not have been known about at the time it was posted. Meanwhile, Massachusetts Institute of Technology researchers have developed an algorithm that is more computationally effective than other approaches, because it scales in a near-linear fashion. Microsoft researchers are developing a smartphone app that can tell whether the device is being used by a driver or passenger, and the U.S. Department of Energy has invested more than $30 million to help devise systems to detect and stop cyberattacks on critical infrastructure such as utilities and power grids. University of Michigan researchers have studied the timing of cyberattacks, examining the incidents from the perspective of a cyberattacker but providing information that might be used to sniff out such attacks. Meanwhile, Australia's Commonwealth Scientific and Industrial Research Organization is equipping up to 5,000 honey bees with tiny radio-frequency identification sensors to monitor the insects with the goal of improving pollination and productivity on farms and gaining insights on widespread colony collapse.

Abstract News © Copyright 2014 INFORMATION, INC.
Powered by Information, Inc.

To submit feedback about ACM TechNews, contact: [email protected]
Current ACM Members: Unsubscribe/Change your email subscription by logging in at myACM.
Non-Members: Unsubscribe