AWS Marketplace Webinar
Welcome to the September 4, 2020 edition of ACM TechNews, providing timely information for IT professionals three times a week.

Please note: In observance of the U.S. Labor Day holiday, TechNews will not be published on Monday, Sept. 7. Publication will resume Wednesday, Sept. 9.

ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).

To view "Headlines At A Glance," hit the link labeled "Click here to view this online" found at the top of the page in the html version. The online version now has a button at the top labeled "Show Headlines."

contactless payment transaction Outsmarting the PIN Code
ETH Zurich (Switzerland)
Felix Würsten
September 1, 2020

Researchers at ETH Zurich in Switzerland have found a serious loophole in the EMV (Europay, Mastercard, Visa) standard on which contactless payments are based. The researchers discovered a critical gap in a protocol used by Visa that renders ineffective the PIN code to be entered at checkout for large purchases, allowing fraudsters to steal money from cards that have been lost or stolen. The researchers exploited the vulnerability by developing an Android app and installing it on two Near-Field-Communication-enabled mobile phones. The first phone scans the necessary credit card data and transfers it to the second phone, which simultaneously debits the amount at checkout without a PIN request. The researchers have informed Visa about the vulnerability and proposed a solution requiring three changes to the protocol that could be installed in the payment terminals with the next software update.

Full Article

Glacier National Park Melting Glaciers Are Filling Unstable Lakes. And They're Growing.
The New York Times
Katherine Kornei
September 2, 2020

Researchers at the University of Calgary in Canada who created the first global database of glacial lakes found such lakes have grown in number by more than 50% and risen in volume by almost 50% in recent decades, changes largely attributed to climate change. The database was developed by feeding more than 250,000 Landsat images of the Earth's surface into Google Earth Engine. Said Carnegie Mellon University's David Rounce, who was not part of the study, "Being able to churn through over 200,000 images is really remarkable" and demonstrates the capabilities of cloud computing. The database could help determine which glacial lakes need to be monitored as flood risks.

Full Article

online voting ballot box, illustration Online Voting Company Pushes to Make It Harder for Researchers to Find Security Flaws
Alfred Ng
September 3, 2020

The Voatz electronic-voting company argued in a brief filed with the U.S. Supreme Court that security researchers should only seek flaws in e-voting systems with companies' permission. Voatz said, "Allowing for unauthorized research taking the form of hacks/attacks on live systems would lead to uncertain and often faulty results and conclusions, [and] makes distinguishing between true researchers and malicious hackers difficult." Voatz in February disputed Massachusetts Institute of Technology researchers' conclusions that its e-voting platform was rife with vulnerabilities, claiming their findings were "relatively useless" because the investigation was unauthorized. Researchers are pushing for the high court to consider such work shielded from the Computer Fraud and Abuse Act, which deems any intentional, unauthorized access to a computer a federal crime. They warned that malefactors will exploit the knowledge gap created if flaw detection and disclosure are allowed only with companies' explicit consent, rendering security research ineffective.

Full Article

man with laptop computer sitting on stack of coins, illustration Developers: These Are the Programming Languages that Pay the Most
Liam Tung
September 3, 2020

Freelance hiring platform Upwork said freelance software developers who work with old, relatively unpopular coding languages command the highest salaries. Those skilled in Objective-C, which Apple wants developers to use in place of Swift, earn the highest rates, averaging $66 per hour. Although hourly rates among the top 15 languages show little variance, three stand out for year-over-year growth in contract volume: SQL topped the list with 152% growth, while Ruby and Java each grew 127% over the same term. Upwork's Mike Paylor said, "There is demand for a broad range of programming skills, including mobile experts using Objective-C or Kotlin, data analysts and engineers using SQL, and developers using Java and Go."

Full Article
Toward an ML Model That Can Reason About Everyday Actions
MIT News
Kim Martineau
August 31, 2020

Researchers from the Massachusetts Institute of Technology (MIT), Columbia University, and IBM have trained a hybrid language-vision machine learning model to recognize abstract concepts in video. The researchers used the WordNet word-meaning database to map how each action-class label in MIT's Multi-Moments in Time and DeepMind's Kinetics datasets relates to the other labels in both datasets. The model was trained on this graph of abstract classes to generate a numerical representation for each video that aligns with word representations of the depicted actions, then combine them into a new set of representations to identify abstractions common to all the videos. When compared with humans performing the same visual reasoning tasks online, the model performed as well as them in many situations. MIT's Aude Oliva said, "A model that can recognize abstract events will give more accurate, logical predictions and be more useful for decision-making."

Full Article

students on NJIT campus Computing Professor's App Manages NJIT Converged Learning
New Jersey Institute of Technology
Dean Mudgett
August 27, 2020

An app created by developers at the New Jersey Institute of Technology (NJIT), working with colleagues at Aegean AI Inc., helps manage converged learning at universities, in which some students are physically present in the classroom and the rest participate virtually. The app,, generates detailed analytics, including the in-person utilization rate on any given day or time of day for different buildings, classrooms, and common spaces. The app allows students to reserve or cancel in-person spots, download their reserved spots to their calendars, and mark their attendance for an in-person or remote spot. Faculty can use the app to view a student's status and take attendance. NJIT's Pantelis Monogioudis said other universities have expressed interest in the app and its capabilities for classroom capacity management.

Full Article

Visualization of a search path. Scientists Use Reinforcement Learning to Train Quantum Algorithm
Argonne National Laboratory
Jared Sagoff
August 25, 2020

Researchers at the Argonne National Laboratory, the Illinois Institute of Technology (Illinois Tech), Clemson University, and Los Alamos National Laboratory developed an algorithm to optimize the Quantum Approximate Optimization Algorithm (QAOA) using reinforcement learning. QAOA is a hybrid quantum-classical algorithm that enables a quantum computer to solve combinatorial optimization problems, where the solution space grows exponentially larger as the number of decision variables is expanded. The new algorithm learns how to configure QAOA through a feedback mechanism that trains it with "rewards" and "penalties" based on its performance. Said Illinois Tech's Sami Khairy, "It's an iterative procedure that allows us to improve how the computation is running. It learns a better way to assign new parameters, and we want to assign good parameters as fast as possible."

Full Article
Robot Trucks Seek Inroads Into Freight Business
The Wall Street Journal
Jennifer Smith
September 1, 2020

As self-driving trucks drive closer to widespread adoption, startups are developing prototype autonomous trucks to haul freight while reducing transportation costs and expediting deliveries, even as suppliers of driverless trucking technology are attempting to provide it to current trucking operations. Some organizations are working to automate full truck trips from start to finish, while others are focusing allowing automation to handle highway driving, then handing the wheel to human drivers to navigate surface streets, which experts say could provide a faster path to automation. Said Alden Woodrow of startup Ike Robotics, “It will be several years before automated trucks without drivers are operating commercially, and longer to reach any meaningful scale.”

Full Article
*May Require Paid Registration

A photo of wiring mazes inside datacenter equipment. Attackers Trying to Exploit High-Severity Zero-Day in Cisco Gear
Ars Technica
Dan Goodin
August 31, 2020

Networking hardware company Cisco warned telecoms and datacenter operators that hackers are attempting to exploit a high-severity zero-day vulnerability in the firm's networking devices. The flaw is rooted in the Distance Vector Multicast Routing Protocol within Cisco's iOS XR Software, an operating system for carrier-grade routers and other networking devices. Cisco said the vulnerability can enable malefactors to "cause memory exhaustion, resulting in instability of other processes," including but not restricted to internal and external routing protocols. Cisco added that hackers could send malign Internet Group Management Protocol traffic to vulnerable devices. The company warned that exploits could be severe because they jeopardize high-availability servers where reliability and security are crucial, adding that a patch for the vulnerability is not yet available.

Full Article

A tiny electrode implanted into the nervous system of a songbird. UO Scientist Unveils a 3D-Printed Device to Excite Nerves
University of Oregon
Jim Barlow
August 27, 2020

A nanoclip developed by researchers at the University of Oregon (UO) was successful in recording electrical impulses that drive vocalizations when implanted in the peripheral nervous systems of songbirds. The nanoclip, a thin-film electrode about the diameter of a human hair with a three-dimensionally (3D)-printed housing, is the first nerve cuff electrode fabricated on a scale compatible with the smallest nerves in the body. The nanoclip captured stable, high signal-to-noise ratio recordings of nerve signals during vocalizations in adult male zebra finches. Researchers also were able to use the electrode to control the nerve's output, which has major implications for the use of bioelectric medicine to treat chronic conditions like asthma, or the damaging inflammatory response in some Covid-19 cases. Said UO's Tim Gardner, "I think many future devices will involve a combination of thin-film microfabrication using standard clean-room processes and 3D printing on a micron scale.”

Full Article

Photo of two smartphone-powered robots. Intel Researchers Design Smartphone-Powered Robot That Costs $50 to Assemble
Venture Beat
Kyle Wiggers
August 26, 2020

Intel researchers have created a wheeled robot powered by a smartphone that costs just $50 to assemble. The OpenBot's chassis can be created using a three-dimensional (3D) printer and can handle up to four motors, as well as a controller, microcontroller, LEDs, a smartphone mount, and a USB cable. Sensors on the two front wheels can send odometry signals, and real-time speed and direction adjustments can be made via pins connected to the motor controller. The operator can collect data via an Android app running on the smartphone, while an Arduino Nano board paired with the smartphone via USB handles low-level actuation and measurements of speed, distance, and battery voltage. Off-the-shelf Bluetooth-compatible PS4, Xbox, and Switch game controllers can be used to control the OpenBot. Said the researchers, "This work aims to address two key challenges in robotics: accessibility and scalability.”

Full Article

Photo of a pill bottle turned on its side with pills spilling out. UCF Researchers Develop AI to Detect Fentanyl, Derivatives Remotely
University of Central Florida
Robert Wells
August 25, 2020

Researchers at the University of Central Florida (UCF) have developed an artificial intelligence (AI) method of quickly and remotely detecting the drug fentanyl and its derivatives by using infrared light spectroscopy in a portable tabletop device. The researchers said their AI algorithm identified molecules related to fentanyl with a 92.5% accuracy rate during testing. The researchers used a national organic molecules database to identify molecules with at least one of the functional groups found in the parent compound fentanyl, then developed machine-learning algorithms to identify those molecules based on their infrared spectral properties. UCF’s Subith Vasu said the AI algorithm will be used in a device the researchers are building for the U.S. Defense Advanced Research Projects Agency.

Full Article
Revised Code Could Help Improve Efficiency of Fusion Experiments
Princeton Plasma Physics Laboratory
Raphael Rosen
August 25, 2020

An international team of researchers led by the U.S. Department of Energy's Princeton Plasma Physics Laboratory (PPPL) updated computer code for calculating the forces exerted on magnetically confined plasma in fusion energy experiments. The free-boundary stepped-pressure equilibrium code (SPEC) allows scientists to ascertain the boundary of plasma in stellarators more easily. An earlier iteration could only calculate how forces were impacting a plasma if the researchers already knew its location, but the revised version allows researchers to calculate the plasma's boundary without knowing its position beforehand. The researchers verified their results on PPPL computers. Said PPPL’s Stuart Hudson, “We demonstrated that the code works. Now it can be used to study current experiments and design new ones.”

Full Article
ACM Gordon Bell Special Prize for High Performance Computing-Based COVID-19 Research
ACM Online Books and Courses

Association for Computing Machinery

1601 Broadway, 10th Floor
New York, NY 10019-7434

ACM Media Sales

If you are interested in advertising in ACM TechNews or other ACM publications, please contact ACM Media Sales or (212) 626-0686, or visit ACM Media for more information.

To submit feedback about ACM TechNews, contact: [email protected]