Association for Computing Machinery
Welcome to the April 16, 2014 edition of ACM TechNews, providing timely information for IT professionals three times a week.

Updated versions of the ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).


Heartbleed Bug Fixes Threaten to Cause Major Internet Disruptions in Coming Weeks
The Washington Post (04/15/14) Brian Fung

Major disruptions to the Internet are expected over the next several weeks as companies scramble to fix the Heartbleed bug, which enables hackers to create replica websites where data can be intercepted using stolen security certificates. The upcoming surge in sites revoking and reissuing security certificates within a short time span is expected to drastically impact loading times as estimates of the severity of the bug's damage increases almost daily. Cybersecurity experts say there are few good options for addressing the Heartbleed vulnerability, which by some estimates affected as much as two-thirds of the Internet. Although there have not been any reported incidents of anyone exploiting the Heartbleed vulnerability, nine hours after CloudFare challenged hackers to steal a dummy server's security certificate, Fedor Indutny did it. Although many websites quickly updated their systems following the Heartbleed revelations, CloudFare's challenge indicates that affected sites must revoke their existing security certificates and get new ones. Doing so would make the lists of revoked security certificates that are downloaded by Web browsers much longer than normal, which in turn would significantly slow down the process of verifying a site's identity. However, Atlantic Council cybersecurity scholar Jason Healey says the only other option is to do nothing, which he says is not realistic.
View Full Article - May Require Free Registration | Return to Headlines | Share Facebook  LinkedIn  Twitter 

MIT's Alex Pentland: Measuring Idea Flows to Accelerate Innovation
The New York Times (04/15/15) Steve Lohr

Massachusetts Institute of Technology computational social scientist Alex Pentland's research has lately focused on social physics, which is the ability to employ new technologies to collect data and quantify communication and transactions on an unprecedented scale to acquire knowledge about the flow of ideas, which can be applied to expedite innovation. Pentland says the optimal decision-making environment is characterized by high levels of engagement and exploration. The former measure describes how frequently group members communicate with each other and share social knowledge, while the latter is a measure of looking for new ideas and new people. Pentland stresses there needs to be an ideal or golden mean between the two measures. He points to evidence from various experiments as proof his social physics theory is supportable, arguing that new data and measurement tools facilitate a "God's eye view" of human activity that can be used to potentially engineer better decisions in a "data-driven society." Pentland also acknowledges the risks this entails, which can include creating a surveillance society. He says big data could potentially yield considerable benefits in numerous fields, provided privacy is safeguarded, trust is established, and data is allowed to flow.

Trove of Software Flaws Used by U.S. Spies at Risk
Bloomberg (04/14/14) Michael Riley

It will be difficult for the U.S. National Security Agency's (NSA) elite cyberspies to comply with the White House's directive to limit the use of software flaws, according to intelligence professionals. Small flaws in the software of anything controlled by a computer chip, including industrial controllers, heating and cooling systems, printers, antivirus software, videoconferencing systems, and encryption protocols are essential to U.S. intelligence gathering. However, the directive to intelligence agencies to limit their use of software flaws could mean the disclosure of thousands of exploits considered some of the most valuable to U.S. intelligence-gathering operations. The White House reportedly issued its guidance to the entire intelligence community three weeks ago, but the biggest question could be how much of an impact it will have given that vulnerabilities can still be kept secret for national security purposes. Tailored Access Operations, NSA's main unit for hacking-based intelligence gathering, currently spends heavily to develop, store, and leverage the vulnerabilities it finds. The use of zero-day flaws enables government hackers to remain undetected and respond quickly in an emergency. Nevertheless, the American Civil Liberties Union's Christopher Soghoian says just discussing the government's zero-day policy is a major step forward and represents "a really big shift" by the Obama administration.

Cybersecurity Researchers Roll Out a New Heartbleed Solution
UT Dallas News (04/14/14) LaKisha Ladson

A new solution to the Heartbleed bug developed by University of Texas at Dallas (UT Dallas) researchers corrects the vulnerability while also spotting and trapping hackers who might be exploiting it to steal data. The Red Herring algorithm automates the process of generating decoy servers, fooling hackers into thinking they have gained access to confidential, secure information, when in fact their operations are being tracked, analyzed, and traced back to the source. "The attackers think they are winning, but Red Herring basically keeps them on the hook longer so the server owner can track them and their activities," says UT Dallas professor Kevin Hamlen. "This is a way to discover what these nefarious individuals are trying to do, instead of just blocking what they are doing." The algorithm automatically converts a patch into a honeypot that can simultaneously catch the attacker. Hamlen says Red Herring can be used to construct honeypots rapidly and reliably as new vulnerabilities are reported, and he notes the Heartbleed bug offers the ideal test of the Red Herring prototype.

AI Gets Its Groove Back
Computerworld (04/14/14) Lamont Wood

The field of artificial intelligence (AI) is finally making real progress after a long period of sporadic advances that failed to pan out into major successes. "AI has reached an inflection point" thanks to the availability of massive volumes of online data and inexpensive computational power, says Narrative Science co-founder Kris Hammond. "We now see it emerging from a substrate of research, data analytics, and machine learning, all enabled by our ability to deal with large masses of data." Experts also believe better algorithms will further AI's progress, with the widespread use of the deep-learning algorithm expected to be a major driver. Yann LeCun with Facebook's AI Group says the algorithm offers a means to more fully automate machine learning by using multiple layers of analysis that can compare their outcomes with other layers. Another example of AI's progress is Google's translation page, in which an AI program sifts through millions of already translated documents for patterns between the original and translated versions, says Machine Intelligence Research Institute executive director Luke Muehlhauser. As for the future, some experts speculate AI technology will eventually yield a machine that can mimic a human, if the field's future advances matches previous progress.

The Digital Universe Will Reach 44 Trillion Gigabytes by 2020
Help Net Security (04/11/14)

The digital universe is doubling in size every two years and will multiply 10-fold between 2013 and 2020--from 4.4 trillion GB to 44 trillion GB, according to a new EMC study. IDC predicts the number of devices or things connected to and communicating over the Internet will grow from today's 14 billion, representing 2 percent of the world's data, to 32 billion in 2020, representing 10 percent of the world's data. The amount of useful data--data that can be analyzed--will grow from 22 percent of the information in the digital universe today to more than 35 percent by 2020. Data protection will be a challenge for businesses, with IDC estimating that 40 percent of data require some level of protection, from heightened privacy measures to fully-encrypted data. IDC also notes emerging markets such as Brazil, China, India, Mexico, and Russia will account for the majority of data by 2020, and data touched by the cloud will double to 40 percent. Data is outpacing storage capacity, but most of it is transient and requires no storage. Consumers also create most of it, but enterprises are liable or responsible for most of the data.
View Full Article - May Require Free Registration | Return to Headlines | Share Facebook  LinkedIn  Twitter 

'Wearable Eyes' Make You Appear Friendly, Social Even When You're Not
IEEE Spectrum (04/11/14) Angelica Lim

Tsukuba University's Hirotaka Osawa has created AgencyGlass, a wearable device that produces virtual eyes that naturally follow people and movement to give the wearer a semblance of friendliness and approachability. Osawa says the glasses are designed to help people with "emotional labor" by adopting cyborg technology to increase the emotional comfort of those around them. "This emotional support reduces a user's cognitive load for social manners," Osawa says. Emotional labor, as described by sociologist A.R. Hochschild, requires maintaining the appearance of politeness that is necessary for a job, but that can take a mental and emotional toll on the worker. When a person wearing AgencyGlass tilts their head back, the virtual eyes look upward to make it appear as if they are in thought, while nodding or shaking their head triggers blinks. The device uses a gyroscope and accelerometer to read head movements, and an external camera to spot faces and motion. Osawa downplays arguments that AgencyGlass deceives people, contending those around the user know they are wearing the device, which minimizes any deception.

MIT Transform Project Gives Shape to Human-Object Interplay (04/14/14) Nancy Owano

The Massachusetts Institute of Technology's Tangible Media Group gave the Lexus Design Amazing exhibition a glimpse of shape-shifting technology's future earlier this month, showing off a tabletop that becomes a dynamic display enabled by the interplay of humans with objects. The table, consisting of three displays, moved more than 1,000 pins up and down in real time, and the kinetic energy of the viewers, captured by a sensor, drove wave motion represented by the dynamic pins. The moving table is part of the Transform project, which is part of the team's efforts to explore interface design. Daniel Leithinger, one of the creators, predicts computers will not look like computers in the future. "They're going to be embedded in everything around us," he says. The group suggests a vision of Radical Atoms as a material that can be part of the future of human-material interaction, where all digital information has a physical manifestation so people can interact directly with it. "We no longer think of designing the interface, but rather of the interface itself as material," notes a description of the project.

Researchers Discover Dangerous Ways Computer Worms Are Spreading Among Smartphones
Syracuse University (04/09/14)

Syracuse University researchers have found that some of the most common activities among smartphone users can leave devices vulnerable to computer worms. The researchers say the worms can infiltrate smartphones through apps designed in a specific computer language, and they can spread to the owner's personal contacts. "These attacks target an increasingly popular type of app known as HTML5-based app," says Syracuse University professor Kevin Du. "Once the worm takes control, it can duplicate itself, and send copies to your friends via SMS messages, multimedia file sharing, and other methods." He notes so far they have identified 14 vulnerable HTML5-based apps from three types of mobile systems, including Android, iOS, and Blackberry. The researchers currently are developing solutions to help users and app developers detect and prevent such attacks. "We are launching a large-scale search in the Google Play market and expect to find more vulnerable apps," Du says. "By 2016, it's estimated that more than 50 percent of the mobile apps will be produced using HTML5 technology."

The Forecasting Challenge for Power Networks of the Future
Technology Review (04/11/14)

The likely shift in power generation from a few large power stations to many small generators producing power when it is required will demand the ability to predict local power consumption ahead of time. A Technical University of Munich research team led by Andreas Veit has determined the most refined household power consumption forecasts are no better than the most fundamental methods and none generate projections with errors less than about 30 percent. An analysis of data from a single German home outfitted with a network of sensors that tracked power consumption over eight months showed prolonged periods of flat demand with peaks in the evenings, while 70 percent of all the power readings in this data set hover between 25 and 30 watts. A second data set the researchers used measured power consumption in six U.S. households over three months, but because these experiments did not quantify the same features in each household, some data manipulation was necessary to produce a single data set. The simplest forecasting technique was to make each forecast equal to the last observation, but even the use of more sophisticated algorithms revealed they were inferior to persistence forecasting, which by itself is not particularly accurate.

Researchers Bolster Development of Programmable Quantum Computers
UChicago News (IL) (04/09/14) Steve Koppes

A proof-of-concept experiment that will help the future development of programmable quantum computers has been conducted by researchers at the University of Chicago and University College London. The researchers say the quantum mechanical spins contained in a crystalline quantum magnet were manipulated through thermal annealing and quantum annealing. Sapphire rods attached to a refrigerator via more or less contact with the crystal controls the speed and strength of thermal annealing at temperatures near absolute zero. Simultaneously, the rate of quantum annealing can be controlled by a magnetic field, which locks in the rate of quantum tunneling in the magnetic sample. If the system operates in a mode where thermal annealing is turned down and quantum annealing is turned up, it creates a different state of magnetic spins, which represents a different solution to the computational problem. The researchers determined that when the system reached its final solution through thermal annealing alone, it was very dissimilar from the state reached when the thermal annealing was turned down and quantum annealing was activated. The outcomes suggest quantum optimizers could produce different solutions to certain problems when compared with conventional methods, with implications for the design and use of quantum optimization systems.

Computing's Invisible Challenge
Northeastern University News (04/07/14) Angela Herring

Northeastern University professor Ningfan Mi has won a Young Investigator Award from the U.S. Air Force Office of Scientific Research and will use her three-year grant to find a better way to manage the vast amount of information sharing that takes place online. Mi says her research will help push that enormous challenge further into the background for end users. The effort will focus on modeling performance in different scenarios and determining the best ways to manage resources based on the outcomes of those models. Mi says the result should be a better understanding of the workloads and number of traffic requests that remote servers are likely to have to handle. "Based on this kind of information, how can I find the best configuration for the platform in order to provide the highest quality of service?" Mi asks. The models will help detect bursts in traffic with more immediacy and even predict them a couple of hours in advance in some cases.

Long: NGA Is Moving Toward 'Immersive Intelligence'
Federal Computer Week (04/15/14) Sean Lyngaas

In an interview, U.S. National Geospatial-Intelligence Agency (NGA) director Letitia Long says her agency is best suited to converting big data into actionable intelligence. She says NGA is the prime mover for intelligence integration "because everything is somewhere on the Earth at a point in time." Long cites NGA's Map of the World, which combines data from top-secret, classified, and unclassified networks made available to U.S. government agencies, some of their international partners, commercial users, and academic experts, as an example. The map so far has nine data layers, including those for maritime and aeronautical data, online and available, and Long says several more layers will be added soon. An advance copy of Long's keynote address at this week's GEOINT Symposium emphasizes NGA's role helping the intelligence community migrate from using integrated intelligence to immersive intelligence, which Long describes as "living, interacting, and experimenting with the data in a multimedia, multisensory experience with [geospatial intelligence] as its core." She says the Map of the World is the key geo-intelligence platform NGA supplies its fellow intelligence agencies, and it can function as a reference point for collaboration.

Abstract News © Copyright 2014 INFORMATION, INC.
Powered by Information, Inc.

To submit feedback about ACM TechNews, contact: [email protected]
Current ACM Members: Unsubscribe/Change your email subscription by logging in at myACM.
Non-Members: Unsubscribe