Association for Computing Machinery
Welcome to the October 26, 2009 edition of ACM TechNews, providing timely information for IT professionals three times a week.


Scan of Internet Uncovers Thousands of Vulnerable Embedded Devices
Wired News (10/23/09) Zetter, Kim

A scan of the Internet by Columbia University researchers searching for vulnerable embedded devices has found that nearly 21,000 routers, Webcams, and VoIP products are vulnerable to remote attack. They say there could be as many as 6 million vulnerable devices on the Internet. The scan also found that the devices' administrative interfaces are viewable from anywhere on the Internet, and their owners have not changed the devices' passwords from the manufacturer's default. The study scanned networks belonging to the largest Internet service providers (ISPs) in North America, Europe, and Asia, and vulnerable devices were found in significant numbers in all parts of the world. Since starting the project last December, the researchers have scanned 130 million IP addresses and found nearly 300,000 devices whose administrative interfaces were remotely accessible from anywhere on the Internet. Devices with default passwords are most vulnerable, but others are theoretically vulnerable to brute-force password-cracking attacks. The researchers have provided ISPs with their findings, but Columbia professor Salvatore Stolfo says product manufacturers are the real culprits. He says that they need to hide their administrative interfaces by default and give customers clear instructions on how to alter the configuration to protect themselves. Stolfo also says that vendors should be more vocal in encouraging customers to change default passwords.

Robotic Perception, on Purpose
ICT Results (10/26/09)

The Perception-on-Purpose (POP) project is an effort by European researchers to develop technology enabling a robot to integrate visual and audio data to facilitate purposeful perception. "It is not that easy to decide what is foreground and what is background using sound alone, but by combining the two modalities--sound and vision--it becomes much easier," says project coordinator Radu Horaud. "If you are able to locate 10 sound sources in 10 different directions, but if in one of these directions you see a face, then you can much more easily concentrate on that sound and throw out the other ones." The researchers followed this strategy in their development of algorithms that allowed their robot, Popeye, to reliably identify speakers. "Most often, sound research is conducted in specialized labs, with arrays of microphones and a very controlled acoustic environment," Horaud says. "But we integrated our two microphones and two cameras onto the head of our Popeye. The idea is to have an agent-centered cognitive system." Horaud believes there is a link between multi-sensory perception and cognition, and that some modern artificial intelligence applications are constrained by their inability to learn from their environment.

Google Envisions 10 Million Servers
Data Center Knowledge (10/20/09) Miller, Rich

The computer industry had an opportunity to learn about the technical details of Google's infrastructure during LADIS 2009, ACM's recent SIGOPS International Workshop on Large Scale Distributed Systems and Middleware. Jeff Dean, a Google engineer who was one of the keynote speakers, also talked about Spanner, a new storage and computation system for automating the management of services across multiple data centers. Spanner, which will have a scale of 1 million to 10 million servers in the future, would be capable of automatically allocating resources across "entire fleets of machines," Dean says. The goal will be "automatic, dynamic, worldwide placement of data and computation to minimize latency or cost." Spanner also would offer a cost management strategy for addressing regional differences in bandwidth and power costs. Google would have energy management opportunities because Spanner can seamlessly shift workloads between data centers. Automated capacity management also would enable Google to route around failures or data center downtime as well as plan more energy-efficient facilities.

Scientists Hope to Network Facebook-Style
Associated Press (10/21/09) Kates, William

A coalition of seven academic institutions will use a $12.2 million National Institutes of Health grant to develop VIVOweb, a Facebook-style professional networking system for biomedical researchers across the United States. Participating institutions say VIVOweb will make it easier for scientists to find one another, ultimately enabling them to improve their ongoing studies and create long-term collaborative projects that could result in new discoveries. University of Florida professor Michael Conlon, the principal investigator on the project, says scientists often have difficulty finding each other, and currently the best way to connect with others performing similar research is through lists of publications. Dean Krafft, who is leading the project at Cornell University, says VIVOweb will use the Semantic Web to make information more available to scientists. The public also will be able to access the site, but some information will be available only to scientists. The open source software developed by Cornell for VIVOweb collects the facts a person is looking for and assembles a unique Web page just for that search. Participants expect to have VIVOweb connected across the country within two years, and eventually plan to connect scientists from around the world.

Immersive Exhibit Redefines Bird's-Eye View (10/21/09) Leonard, Jenny

ACM's SIGGRAPH 2009 conference in August featured an exhibit that enabled visitors to experience the various levels of vision and hearing of animals, such as the ultraviolet vision of birds or the ultrasonic hearing of whales. Computer scientists at Texas A&M University worked with the university's fine arts expert Carol LaFayette on the virtual environment program, "I'm Not There." Professor Fred Parke developed the system, which requires participants to don three-dimensional glasses and use a Wii controller to navigate through the immersive exhibit. He also is working on a liquid-crystal display version of the system. The virtual environment was enhanced by surround-sound recordings of animals in the wild and scenes set on Cocos Island, located southwest of Costa Rica. "The Viz lab is about the synthesis between art and science, so we inserted artistic elements into these scenes to make them more realistic and interesting," LaFayette says. She believes science and natural history museums could use such technology to enhance the experience for visitors. "Think of all the exhibits that could come to life--and in a very green way," she says.

NSF Awards Wetzel & Lechler $144,000 for 2-Year Information Security Management Study
Stevens Institute of Technology (10/22/09) Berzinski, Patrick A.

Stevens Institute of Technology professors Susanne Wetzel and Thomas Lechler have received a two-year, $144,038 U.S. National Science Foundation grant to study advanced problems in managing information security. Wetzel and Lechler say their project has the potential for significant practical and theoretical progress in information security management. "During the past decade, research in information security has expanded from a purely technical focus to a more general technology-economic focus," the researchers say. "Despite its expansion, a multidisciplinary approach to understand and theoretically explain the interaction of security and economy within complex systems of partners is still missing." The project's primary objective is to develop an interdisciplinary information security framework to optimize and advance both system information security and system productivity. The researchers give the example of a hospital that exchanges patient data records with governmental data and insurance companies. "This may allow an insurance company to combine and deduce information from different data sources that could pose a security threat which is not addressed by traditional security considerations," they say. "From a security economics perspective, the impact of information exchange between partners on their productivity has to be considered to understand the conditions under which partners will obey or violate information security policies."

IBM Researchers Simplify Mobile Web Browsing
eWeek (10/26/09) Taft, Darryl K.

IBM researchers have developed technology that will make it easier to design Web sites for mobile devices. IBM researchers in Tokyo developed a visual editor that enables Web masters to arrange their Web site content in a logically-ordered, flowing sequence so it can be more easily read on a small, mobile device, without requiring the Web master to change the content. The editing tool also can improve the browsing experience for the visually impaired. The visual editor uses arrows to show in what order content should be presented, and editing the reading order only requires dragging and dropping to rearrange the arrows. This approach is a major improvement over traditional approaches, such as using voice browsers to check reading flow line by line or requiring Web masters to copy and paste content to a memo pad to check reading flow. The tool also can be applied to electronic presentations, PDF documents, and Flash content. IBM plans to make the new tool available through the Social Accessibility research project.

California Investigating Problems With Voting-Machine Audit Logs
Wired News (10/22/09) Zetter, Kim

California is engaged in a lengthy probe of the audit logs inside its electronic voting systems following reports of major defects, including the ability for parties to delete votes without being traced. Secretary of State Debra Bowen says the investigation focuses on what the audit logs record and whether they can be easily modified or erased. In January, investigators discovered that the tabulation software used with Premier Election Solutions' e-voting systems did not record critical events, including the deletion of votes from the system. Furthermore, the logs failed to record who conducted an action on the system and listed some events with the incorrect date and timestamps. A Premiere representative admitted at a March hearing that none of the logs in its Global Election Management System (GEMS) records significant events, and California verified the problems in a later report in which it also found that some versions of the GEMS software had a button that permits anyone with access to the system to indelibly erase certain audit logs "that would be essential to reconstruct operator actions during the vote-tallying process." The new version of the GEMS tabulation software records vote deletion and similar events, while also featuring other security measures that would block the system from operating if the event log was deactivated, according to a testing lab that examined the software for the federal government.

Fingerprint Technology Beats World's Toughest Tests...Including 100s of Builders' Thumbs
University of Warwick (10/26/09) Dunn, Peter

University of Warwick researchers have developed technology capable of quickly identifying partial or distorted fingerprints. Most fingerprint technology tries to identify a few key features on a fingerprint and match them against a database of templates. The Warwick researchers considered the entire detailed pattern of each print and converted the topological pattern into a standard coordinate system. The process enables the researchers to "unwarp" any fingerprint that has been distorted by smudging, uneven pressure, or another factor and create a clear digital representation of the fingerprint that can be mapped onto an "image space" of all other fingerprints held in the database, instead of comparing a print against each entry in the database. The technology has been examined by two of the world's leading technical fingerprint benchmarking tests. The National Physical Laboratory ranked the technology best overall for accuracy, and a test of 36 fingerprint technologies by the U.S. National Institute of Standards and Technology ranked the technology third overall.

Carnegie Mellon Expands Mobile Learning Project in India With Support From Nokia Research Center in Palo Alto
Carnegie Mellon News (10/21/09) Spice, Byron

Carnegie Mellon University (CMU) recently announced the expansion of its Mobile and Immersive Learning for Literacy in Emerging Economies (MILLEE) project, which aims to determine the effectiveness of mobile phone-based games for teaching English in rural India. Mobile phones could serve as learning tools as wireless carriers extend their services into underdeveloped regions, says CMU professor Matthew Kam. The MILLEE project has designed mobile phone-based educational games that are relevant to the culture in rural India. Over the next two years, the project will conduct a controlled study involving 800 children in 40 villages through the Indian state of Andhra Pradesh. "Our previous, smaller studies have shown that students have significant gains in learning when they use these games," Kam says. "By aiming to replicate these results in a much larger study, we anticipate that we can understand how to design and develop phone-based games to improve educational prospects for billions of people throughout the developing world." Kam and his team are developing games that support a new English curriculum adopted by Andhra Pradesh schools this summer, and they plan to have at least six, and as many as a dozen, games ready for deployment next year. If the trials are successful, the project wants to establish partnerships with content developers who are currently focused on educational programs for desktop computers.

A New Time Management Model to Improve Company Business Intelligence
Universidad Politecnica de Madrid (Spain) (10/26/09) Martínez, Eduardo

Universidad Politacnica de Madrid (UPM) School of Computing student Laura González Macho has developed a time management model that can be applied to data warehouse systems to optimize a company's business intelligence. The model was designed to alleviate the complexity of time management in data warehouse systems. The UPM system features a time management model that can be developed using relational database management systems capabilities and the most recent database standard query language. The model accounts for data structure issues, data query and modification operations, and any selected constraints. The time management model allows data structures to store time-variable data, and accounts for the extension of data modification and query operations to include time semantics. The model gives an overview of all aspects that need to be accounted for to build time management into a data warehouse system and provides a work guide that lays out all issues in a checklist format.

5 New Technologies That Will Change Everything
PC World (10/20/09) Fleishman, Glenn

Five new technologies are on their way that will give users unprecedented access to data thanks to new high-speed connections and user interfaces. First, USB 3.0 is a new standard that preserves backward compatibility by allowing older cables to plug into new jacks, but features an extra pin that boosts the data rate to 4.8 Gbps. USB 3.0, dubbed SuperSpeed by the USB Implementers Forum, can transfer a 30 GB video in just over a minute. Second, by 2012, two new wireless protocols--802.11ac and 802.11ad--should be able to provide over-the-air data transmissions of 1 Gbps or faster. The faster wireless data rate will enable users to stream multiple high-definition videos throughout a room or house. Third, the next wave of next-generation TVs will allow viewers to experience three-dimensional (3D) videos at home. 3D TVs are likely to rely on alternating left-eye and right-eye views for successive frames. Many HDTVs already operate at 120 Hz, so the ability to alternate left and right eye images far faster than the human eye can see is already available. This type of 3D viewing will require glasses that use rapid shutters to alternate the view to each eye, but TV manufacturers also are working on 3D sets that do not require glasses. Fourth, augmented reality in mobile devices will become increasingly popular as consumers expect to be able to receive information on any subject in any location. Researchers also are developing contact lenses capable of projecting images into someone's sight. Finally, HTML5 promises to do away with browser conformity issues and the need for audio, video, and interactive plug-ins. HTML5 will enable designers to create Web sites that work the same on every browser and give users a better and faster Web experience.

Abstract News © Copyright 2009 INFORMATION, INC.
Powered by Information, Inc.

To submit feedback about ACM TechNews, contact: [email protected]

Change your Email Address for TechNews (log into myACM)