Association for Computing Machinery
Welcome to the May 21, 2010 edition of ACM TechNews, providing timely information for IT professionals three times a week.


Gauging Safety in the Electronic Age
University of Leicester (05/20/10)

A doctoral project by University of Leicester student Farah Lakhani is focusing on the development of software for embedded processors in the hopes of improving the reliability and safety of electrical systems. The project is atypical in that it is learning from methods developed in the architectural discipline. "Architects must couple knowledge of engineering--for example what type of steel girder is required to support a floor--with human-centered design, i.e. what makes a building a good place to live or work," Lakhani says. "Developers of embedded software must link similar concerns." Lakhani says her specific concentration is to consider how architectural "design pattern" techniques can be used by developers of reliable embedded systems. "This is important not just to meet the needs of businesses, but also because we rely for our safety on many embedded designs in systems such as cars, aircraft, and medical equipment," she says.

H-1B Visa Holders Earn More Than U.S.-Born IT Professionals, Study Claims
CIO (05/20/10) Overby, Stephanie

A new University of Maryland study found that foreign-born information technology (IT) professionals with temporary skilled worker visas earn more than their U.S. equivalents. Professors Hank Lucas and Sunil Mithas used data from online salary polls performed from 2000 to 2005 by InformationWeek and Hewitt Associates, and found that IT professionals without U.S. citizenship earned nearly 9 percent more than their U.S. counterparts. IT workers on temporary visas such as the L-1 and H-1B received 6.8 percent higher earnings than their U.S.-born counterparts, while green card holders earned almost 13 percent more than U.S. IT professionals. Lucas and Mithas credit restrictive visa policies with driving up salary premiums. Their research contradicts the conclusions of other studies that temporary visa programs are depressing U.S. IT workers' salaries, but Lucas and Mithas counter that those studies do not collate data at an individual level. The professors say their research indicates that corporations use foreign-born IT professionals as a complement to the U.S. workforce rather than as a less expensive substitute.

Bond-Style Tech for Emergencies
ICT Results (05/20/10)

European researchers working on the Workpad project have developed instantly deployable information and communications technologies to coordinate disaster response among diverse agencies and nongovernmental organizations (NGOs). The researchers worked on five allied major problems and dozens of minor ones. First, the researchers developed a reference architecture and a peer-to-peer data integration system. The project then focused on large-scale collaboration and workflow in a mobile environment. The team also focused on the use of geo-referenced information to show a team leader the location of all the team members. "We wanted to deal with real problems, rather than solving problems we thought were important," says Sapienza University of Rome professor and Workpad technical manager Massimo Mecella. The project also examined several communication technologies to ensure the system could be set up and transmitted in a matter of hours, and that it can adapt to the most appropriate available technology at any site.

Gesture-Based Computing on the Cheap
MIT News (05/20/10) Hardesty, Larry

Massachusetts Institute of Technology researchers have develop a user interface system that can translate gestures made with a gloved hand into the corresponding gestures of a three-dimensional model of the hand on screen, with almost no lag time. The system uses a standard webcam and an inexpensive multicolored Lycra glove. The glove is covered with 20 irregularly shaped patches that use 10 different colors. The arrangement and shapes of the patches were chosen so that the front and back of the hand would be distinct but also so that similar-colored patches would rarely collide with each other. The other key to the system is an algorithm that can rapidly look up visual data in a database. Once a webcam has captured an image of the glove, the software crops out the background, so that the glove alone is superimposed upon a white background. The software then reduces the resolution of the cropped image to 40 pixels by 40 pixels. Next, it searches through a database containing myriad 40-by-40 digital models of a hand, wearing the distinctive glove, in a range of different positions to find a match in a fraction of a second.

3D Model of Blood Flow by Supercomputer Predicts Heart Attacks
Ecole Polytechnique Federale de Lausanne (05/20/10)

The Ecole Polytechnique Federale de Lausanne (EPFL) has used the Cadmos supercomputer to develop software that can create an accurate model of an individual's cardiovascular system. The precision of the simulation of the complex system of blood flow in the heart is down to ten millionths of a meter or 10 microns, and takes up to six hours to create using a supercomputer. "When studying the blood flow in arteries, one has to take into account a vast number of different fluid interactions that happen on different time scales and of different sizes," says project leader Simone Melchionna. Using a detailed heart scan, the simulation has to make sense of more than 1 billion variables to represent fluid containing 10 million red blood cells. EPFL also used a supercomputer in Germany to improve the precision of the program and allow for the visualization of the interaction of plasma, red blood cells, and micro-particles. The software will enable doctors to predict heart disease much earlier. EPFL plans to develop the program for individual PCs, which will enable it to be used for clinical applications.

Scientists Devise Algorithm to Detect Sarcasm (05/19/10) Moore, Matthew

Researchers at Hebrew University in Jerusalem have developed an algorithm that can recognize sarcasm in texts by analyzing patterns of phrases and punctuation often used to indicate irony. The algorithm had a 77 percent success rate in detecting sarcastic comments in a test on 66,000 Amazon product reviews. The researchers trained the algorithm to recognize sarcasm by teaching it nearly 5,500 sentences from Amazon reviews that human volunteers had marked as either sarcastic or non-sarcastic. Using the list of sarcastic phrases, the algorithm was taught to recognize patterns of words commonly used by writers to show that they do not mean to be taken literally. "We found strong features that recognize sarcastic utterances, however, a combination of more subtle features served best in recognizing various facets of sarcasm," the researchers say.

Advancing the Nuclear Enterprise Through Better Computing
Oak Ridge National Laboratory (05/18/10) Pearce, Jim

Oak Ridge National Laboratory (ORNL) scientists are merging years of nuclear energy and safety expertise with high-performance computing to address a range of nuclear energy- and security-related problems. One of the goals is to integrate existing nuclear energy modeling and simulation capabilities with high-performance computing to solve problems that were previously unthinkable or impractical in terms of the computing power required to address them, says ORNL's John Wagner. "We're now simulating entire nuclear facilities, such as a nuclear power reactor facility with its auxiliary buildings and the ITER fusion reactor, with much greater accuracy than any other organization that we're aware of," says Wagner. More accurate models allow for more accurate and safer nuclear plant designs. The models are created using a combination of ORNL's Jaguar supercomputer, advanced transport methods, and a next-generation program called Denovo. "There's no special transformational technology in this software, but it's designed specifically to take advantage of the massive computational and memory capabilities of the world's fastest computers," says Denovo creator Tom Evans.

Protecting Websites From Shared Code
Technology Review (05/20/10) Naone, Erica

Code sharing between Web sites can be an Achilles heel if third-party programs have security weaknesses, but the new ConScript browser extension could remove this vulnerability by giving developers and site owners an easier method for controlling the extent of what third-party code can do on their sites. ConScript works through the addition of a relatively small amount of code to the browser, which then analyzes JavaScript commands that the browser is processing. JavaScript can be prevented from attempting tasks that the user has configured to block through the injection of extra code. ConScript is aware of what behavior to enforce according to a set of policies selected by the site's owner. Microsoft researcher Ben Livshits says ConScript offers a technique for developers and browser makers to promote the ways that sites use JavaScript without endangering security. University of California, Berkeley researcher Leo Meyerovich says the extension's design should permit developers to use older code without having to modify it, even if it contains known security vulnerabilities.

The Business of Research
Computerworld Australia (05/17/10) Lohman, Tim

Ian Oppermann, the new director of Australia's Commonwealth Scientific and Industrial Research Organization's (CSIRO's) Information and Communication Technology (ICT) Center, says that his role calls for a very strong emphasis on business and commercialization, while still requiring an understanding of scientists' modus operandi and motivations. "There is a lot of great science and fantastic work going on [at the CSIRO] so I want to make sure that science engine is humming along nicely," he notes. "I also want to make sure we are engaged with the world and that we have good commercialization strategies and partners." Oppermann says his job involves developing a framework for ensuring that the ICT Center's researchers have the flexibility they need to stay motivated without losing sight of project delivery and commercial and corporate goals. He says his group is attempting to take a balanced portfolio view of the center's current roster of projects. Oppermann describes the center's core strengths as wireless, networking, and information security.

History of Social Network Use Reveals Your Identity
New Scientist (05/18/10) Giles, Jim

Web browsing history can be used to identify individuals in a membership group on a social networking site, according to researchers at the Vienna University of Technology. The researchers built a Web site to read the Web addresses visited by people who use Xing, a business-oriented social network based in Hamburg, Germany. They collected data on 6,500 groups containing 1.8 million users, and analyzed the overlap between the lists of names of group members that were publicly available. The researchers estimate that 42 percent of Xing users could be uniquely identified by the membership groups they visited. Xing has begun to add random numbers to mask addresses, but the response might not be enough to foil a similar snooping site, says Stanford University computer scientist Arvind Narayanan. The next round of Firefox, Chrome, and Safari browsers could have fixes to prevent browsing history from being relayed to Web site owners.
View Full Article - May Require Free Registration | Return to Headlines

Risk of Cyberattacks Growing: CSIS Memo
CBC News (Canada) (05/18/10) DeCillia, Brooks

A secret memo from the Canadian Security Intelligence Service (CSIS) warns that the risk of cyberoffensives against government, university, and industrial computer systems has grown significantly over the past year. "In addition to being virtually unattributable, these remotely operated attacks offer a productive, secure, and low-risk means to conduct espionage," the memo says. Canadian government officials say they are developing a framework to manage cyberattacks, yet Canada still has no official coordinated cyberattack response strategy. Meanwhile, a report from the University of Toronto's Citizen Lab, the SecDev Group, and U.S. researchers from the Shadowserver Foundation emphasizes that the federal government must take urgent action or risk being targeted by hackers who steal sensitive information using social media. However, University of Calgary computer science professor John Aycock warns that the Internet's design makes it difficult to provide complete security. "It's not designed to be able to track people back," Aycock says. "There is no one cure-all."

P2P Networks a Treasure Trove of Leaked Health Care Data, Study Finds
Computerworld (05/17/10) Vijayan, Jaikumar

Dartmouth College researchers have found that health care data is as easily accessible on peer-to-peer (P2P) networks now as it was before the enactment of a new U.S. data security law last September. The study found that more than 20 percent of the documents researchers discovered after performing keyword searches on P2P networks contained information that would be protected under the law, known as the Health Information Technology for Economic and Clinical Health (HITECH) Act. The study found that much of the sensitive data found on P2P networks--such as insurance information, sensitive patient communications, and personally identifiable information--was contained in insecure spreadsheets and Microsoft Word documents. Dartmouth professor Eric Johnson says this indicates that many organizations are not taking steps to adequately protect data as they are required to do under the HITECH Act. The study also found that many organizations were not even aware that they were leaking information over P2P networks, Johnson says.

Cyber Challenge: 10,000 Security Warriors Wanted
Campus Technology (05/14/10) Schaffhauser, Dian

The goal of the U.S. Cyber Challenge is to recognize and train a cohort of 10,000 cybersecurity experts to help address gaps in government and industry. Program director Karen Evans says the concept behind the initiative is to cultivate participant skills and provide access to training and practice. She envisions the challenge possessing three core elements--community building for participants, "rack and stack" for recognizing skills and interests, and matching up individuals with government agencies offering scholarships and industry offering internships and jobs. An alpha run for the Cyber Challenge is being conducted this summer, where participants in California, New York, and Delaware can test a free online treasure hunt developed by the SANS Institute. Successful participants will be invited to attend a summer camp where they will get a week of training by SANS and university faculty and students. At the week's conclusion, participants will be broken up into teams to play a capture-the-flag competition by finding vulnerabilities in their opponents' systems while protecting their own.

Abstract News © Copyright 2010 INFORMATION, INC.
Powered by Information, Inc.

To submit feedback about ACM TechNews, contact: [email protected]
Current ACM Members: Unsubscribe/Change your email subscription by logging in at myACM.
Non-Members: Unsubscribe