Welcome to the June 21, 2010 edition of ACM TechNews, providing timely information for IT professionals three times a week.
HEADLINES AT A GLANCE
Why Can't Johnny Develop Secure Software?
Dark Reading (06/16/10) Wilson, Tim
Despite a wealth of security knowledge and developers' access to advanced tools, many software security risks remain. Analysts say that vulnerabilities arise because many software developers do not understand how to build security into their code. "There's a lot more acceptance of security as part of the process now, but historically developers have never been responsible for security," says Fortify chief scientist Brian Chess. Although there have been several initiatives aimed at educating developers about secure software development practices, "the talent coming out of schools right now doesn't have the security knowledge it needs," says SAFECode executive director Paul Kurtz. Some organizations are implementing secure development frameworks, such as the Building Security In Maturity Model (BSIMM), which impose secure best practices throughout the entire development team. "BSIMM is a good strategy if you have a formalized software development process," Chess says. The goal of the frameworks is to help developers identify and remediate the most common coding errors and fix them during development, rather than waiting until after the code is complete.
Fears Over Dearth of Engineers in Europe
Financial Times (06/21/10) Milne, Richard
The European Roundtable of Industrialists (ERT) says that Europe needs to take action to encourage people to become engineers or risk losing out to India and China. "What we really need to be concerned about is that we have the right skills and education," says ERT's Leif Johansson. The ERT, which consists of chief executives and chairpersons from 50 of Europe's largest firms, lists the growing skills shortage as one of its biggest concerns. "We have too few young people all in all, and too few young people going into engineering," Johansson says. "We are beginning to see real competition coming from India and China in, for example, highly-qualified engineers." Fewer and fewer young people are pursuing technical degrees in Europe, which has led to an acute shortage of engineers. For example, Germany currently lacks 30,000 engineers, while China trains 400,000 engineers annually.
UM Scientists Design Intelligent 3-D Simulation Robots to Compete in the RoboCup 2010
University of Miami (06/18/10) Guma-Diaz, Marie
University of Miami (UM) professor Ubbo Visser will present his work on robotics and artificial intelligence (AI) at the 14th annual RoboCup World Championship and Symposium. Visser will describe the architecture of his multi-agent system as well as motion-capture techniques for graphical animation. "To understand what it takes for a robot to integrate knowledge and put information into context so that it can make decisions in a split second: that is one of the hardest problems in AI and robotics to solve right now," Visser says. To participate in the RoboCup competition, the UM researchers had to develop a soccer team of six three-dimensional autonomous robots that have the ability to acquire strategic knowledge and real-time reasoning and can communicate with each other during a game. "There is a noble goal behind this work, namely to understand what's going on if we send robots in the field and let them do the work of humans," Visser says. "Doing this work gives one a lot of respect for the human mind."
Clouds Add Depth to Computer Landscapes
New Scientist (06/19/10)
Nathan Jacobs and colleagues at Washington University in St. Louis have created a depth map from a single camera. Depth maps, which record the geography of a three-dimensional landscape and represent it in two dimensions for surveillance and atmospheric monitoring, are usually created using lasers. Creating a depth map from one camera is difficult because the shadows cast by clouds distort the scene and are difficult for image-processing algorithms to recognize. The team compared a series of images and recorded the time at which the passing shadows change a pixel's color, which enabled it to estimate the distance between each pixel. "If the wind speed is known you can reconstruct the scene with the right scale," Jacobs says. "That is notoriously difficult from a single camera viewpoint." The cloud map has an average positional error of just 2 percent, compared with laser-created maps.
Wanted: Young Cyberexperts to Defend Internet
USA Today (06/21/10) P. 1B; Acohido, Byron
The U.S. government, education officials, and military contractors are increasingly launching nationwide campaigns to attract young technologists to pursue careers in cybersecurity. The leading recruitment tools are competitions designed to match tech-savvy youths against professional hackers in mock warfare games. "Our goal is to increase the opportunities for young cyberexperts to exercise and demonstrate their passion for this career field," says Boeing's Alan Greenberg. Promotional materials tout bragging rights for defeating the hackers. "We're building the pipeline that will produce our future cyberguardians," says SANS Institute's Alan Paller. Enrollment in two-year programs participating in CyberWatch, a consortium of Mid-Atlantic colleges focused on cybersecurity training, has jumped 66 percent in each of the past two years, says CyberWatch's Casey O'Brien. "People are starting to get that the success of these programs is absolutely critical to the future of our country," O'Brien says.
The A-Z of Programming Languages: Objective-C
Computerworld Australia (06/17/10) Hutchinson, James
Brad Cox, creator of the Objective-C programming language, says he co-developed the language with partner Tom Love as a reaction to the C language and its limitations for constructing reusable elements. "The only encapsulation tools C provides are macros and functions as building blocks for applications," he notes. "Objective-C added objects originally and packages followed thereafter." Cox also added mini-applications that comprised the Taskmaster support library. He points out that object-oriented programming was largely unknown outside of research facilities, and he created Objective-C to take it "to the factory floor." Cox says that Objective-C protocols spurred the development of Java and related interfaces. He says that transforming software into an engineering discipline involves construction through the assembly of trusted components, and this has motivated his pursuit of elements with various granularities, starting with objects via Objective-C and continuing with service-oriented architecture services and OSGI. He says the future of programming languages lies in the transition to tested, certified, and trusted components.
Japan's Hitachi Creates Roller-Skating Robot
Agence France Presse (France) (06/18/10)
Hitachi recently demonstrated a humanoid robot fitted with wheels on its two legs, which feature complex spring-loaded shock absorbers. The design enables the robot to move across minor bumps and wires on the floor without falling over. "It can control its posture the way humans do when we stabilize ourselves after jumping [with] inline skates," says Hitachi chief researcher Yuji Hosoda. Dubbed excellent mobility and interactive existence as workmate (EMIEW2), the robot moves up to 3.7 miles an hour, which is a fast walking speed for a human. The researchers also placed 14 microphones in EMIEW2's helmet, which enables it to pick out human voices from background noise and to respond to voice commands. The 32-inch-tall robot, which weighs nearly 31 pounds, could serve as a receptionist and visitor's guide in office buildings. "It could also be used for security, such as patrolling and surveillance as it could find a suspicious person hiding in blind spots out of range of fixed security cameras," Hosoda says.
Innovation on Demand
Wall Street Journal (06/16/10) Bland, Will
Russia is planning the construction of an international technology innovation hub designed to draw the world's best engineers, programmers, and venture capitalists. Under the guidance of businessman Viktor Vekselberg, the Skolkovo innovation center will be established as a Russian version of Silicon Valley. Vekselberg says businesses focused on energy efficiency, information technology, telecommunications, biotechnology, and nuclear technology will be granted priority residency at the Skolkovo center. A recent government report says that Russia must seek opportunities to use "American technological potential" and form "alliances of modernization" so that it can attract technology from Europe. Vekselberg says the government's role is to provide an environment where innovators can thrive. He expects to start construction by January 2011, but it will likely be two or three years before the first businesses arrive. However, Russian government officials say that several U.S. and European companies already want to be part of the project.
AMS Group Demonstrates Self-Healing for Electronics
University of Illinois at Urbana-Champaign (06/17/10) McGaughey, Steve
Researchers at the University of Illinois at Urbana-Champaign (UIUC) have applied the concept of self-healing materials to small-scale electronics. A microcapsule system has been designed to restore conductivity in damaged electronic devices. Using a twin-microcapsule method, the system's repairing agent does not become conductive until there is damage to the electronics and the conductivity agents are needed. The twin microcapsules have microcapsule shells that rupture when there is damage, and the component precursor materials are released as a liquid from the core, which forms a solid-transfer salt that restores conductivity to the device. "We've been able to encapsulate this conductive salt on its own but we wanted to show that we could encapsulate something that was non-conductive," says UIUC researcher Susan Odom. "This system has the potential to serve as a useful model for a two-part electronic self-healing system using liquid precursors by comparing the degree of restoration of conductivity of one- and two-part microcapsule systems," the researchers write.
How to Prevent Language Extinction
Technology Review (06/16/10)
Two-thirds of the world's languages are in danger of extinction, being nudged toward oblivion by the overwhelming use of English, Spanish, Russian, Hindi, and Mandarin. A new mathematical model of language competition developed by the Universidade de Santiago de Compostela's Jose Mira and colleagues indicates that this threat can be countered. Early analyses studied a stable population in which two languages competed for speakers who selected one over the other depending on their perceived socioeconomic benefits as well as their similarity. However, the researchers' studies point to the development of bilingual speakers as a force for co-evolution of several competing dialects. They say languages can coexist in a stable fashion over a prolonged period, but that this outcome depends greatly on the initial circumstances. "An exogenous injection of just a few speakers into one group or another can determine whether a language lives or dies," note Mira and his fellow researchers. The implication of this conclusion is that it may be possible to improve the chances of survival for languages under threat of extinction by creating bilingual speakers in one of the major language groups.
Fighting Back Against Web Attacks
BBC News (06/18/10)
The bugs and vulnerabilities in the kits used by cybercriminals could be exploited to identify hackers and even launch a counterattack, according to Tehtri Security's Laurent Oudot. The French computer security researcher has studied high-tech criminals' malware kits, which are widely available online, and concludes that the attack tools have vulnerabilities that should be easy to exploit. During a presentation at a recent security conference in Singapore, Oudot provided details on 13 unpatched loopholes in popular malware kits that have been used to attack Web sites. The vulnerabilities in the malware kits could be used to obtain more information on attackers, perhaps identify them, steal their tools and methods, or even follow their trail back to their own computers, according to Oudot. He acknowledges that using the loopholes might "lead to legal issues," but says the strategy should "open new way[s] to think about [information technology] security worldwide."
Interview: Stanford's Top Engineer From Chips to ABCs
EE Times (06/16/10) Merritt, Rick
James Plummer, dean of Stanford University's school of engineering, envisions an expansion of the electronics industry's purview from information technology (IT) to energy and biotechnology. Plummer forecasts that Silicon Valley will become a nexus of such an expansion over the next 10 or 20 years, and predicts "almost unlimited opportunities" for IT, biotech, and energy. Plummer also sees a shift in students' perception of career opportunities, in that they are less concerned with making money and more interested in making a difference. Consequently, their focus has shifted to engineering to concentrate on developing alternative energy and biotech solutions. Plummer stresses that educators have to prepare students for a multicompany, multidisciplinary career by cultivating both technical expertise as well as softer skills, such as creativity, innovation, and entrepreneurship. "Most of the interesting research proposals people are working on are multidisciplinary problems involving materials and computing and non-engineering expertise," he says. "Getting teams to work together effectively is the only way to tackle these problems."
Stanford Helps to Digitally Preserve Mountains of Documents
Stanford News (06/15/10) Haven, Cynthia
The U.S. Government Printing Office (GPO) has joined Lots of Copies Keep Stuff Safe (LOCKSS), a Stanford University-based international consortium of more than 200 university and college libraries that collects and preserves electronic documents. LOCKSS centralizes digital content and offers a safety net in case the data or public records are tampered with. "The more you centralize digital content, the easier it is to change things without anybody knowing," says Stanford's James Jacobs. "The simplicity and beauty of LOCKSS is that there are lots of libraries which preserve that content." Jacobs says that as LOCKSS becomes more established, it will develop a routine in which every time a new document is published by the GPO, the Stanford system will be alerted and automatically harvest the document. The GPO turned to LOCKSS for backup after launching the Federal Digital System last year, which provides public access to the U.S. government's published data. "It's a complete preservation archive--the content only gets made accessible if the live content goes away," Jacobs says.
Abstract News © Copyright 2010 INFORMATION, INC.
To submit feedback about ACM TechNews, contact: [email protected]
Current ACM Members: Unsubscribe/Change your email subscription by logging in at myACM.