Welcome to the January 28, 2015 edition of ACM TechNews, providing timely information for IT professionals three times a week.
Updated versions of the ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).
HEADLINES AT A GLANCE
Mass Surveillance 'Endangers Fundamental Human Rights,' Says Study
IDG News Service (01/27/15) Loek Essers
A leading European human rights body has issued a report warning mass Internet surveillance is a threat to basic human privacy rights and has not apparently prevented terrorist attacks. The legal affairs and human rights committee of the parliamentary assembly of the Council of Europe arrived at this conclusion from an analysis of documents leaked by Edward Snowden in 2013. The documents pointed to persuasive evidence of "far-reaching, technologically advanced systems" deployed by U.S. intelligence agencies and their partners for the purpose of collecting, storing, and analyzing communication data on an immense scale. The committee also cautions resources that might deter terrorist attacks are funneled into mass surveillance, giving potential terrorists the freedom to act. The report recommends countries encourage encryption technology usage and "resist any attempts to weaken encryption and other Internet safety standards." According to the report, national laws should only permit the collection of personal information without consent following "a court order granted on the basis of reasonable suspicion," while illegal data collection should be punished and the creation of backdoors to bypass security measures banned. In addition, the committee argues all businesses and institutions holding personal data should be mandated to employ the most effective available security measures.
FTC Says Internet-Connected Devices Pose Big Risks
The New York Times (01/27/15) Natasha Singer
Internet-connected devices present serious data security and privacy risks, according to a U.S. Federal Trade Commission (FTC) report released on Tuesday, which urged organizations to make data protection a top priority. Although the report acknowledges the potential benefits for users of smart devices, it notes the technology also generates enormous amounts of personal data that could be misused or obtained by hackers. The report also says organizations should develop new ways to communicate their data collection and handling practices. However, the FTC does not have the power to enforce these regulations, and it has urged Congress to enact a baseline federal consumer privacy law, although such legislation is unlikely to pass in a Republican-controlled Congress. "I think everyone can agree that industry needs to do a better job, writ large, on addressing Internet of Things security issues," says the Center for Democracy & Technology's Justin Brookman. About 4.9 billion connected items for consumers, enterprises, manufacturing, and utilities will be in use this year, and that figure is expected to rise to 25 billion by 2020, according to Gartner. In order to limit consumers' vulnerability, the FTC recommends companies consider putting limits on the volume of information their devices collect from consumers and on the amount of time they retain those records.
More Students Earning STEM Degrees, Report Shows
U.S. News & World Report (01/27/15) Allie Bidwell
The prevalence of science, technology, engineering, and mathematics (STEM) degrees increased between 2004 and 2014 at the bachelor's, master's and doctoral levels, according to a National Student Clearinghouse report. Although both men and women increasingly are choosing STEM degrees, "in terms of the shares of degrees earned within individual disciplines, women are gaining ground in some STEM areas, while losing ground in others," says Clearinghouse executive research director Doug Shapiro. Overall, 40 percent of bachelor's degrees earned by men and 29 percent of those earned by women are now in STEM fields, according to the report. In addition, 58 percent of the degrees earned by men at the doctoral level and 33 percent of the degrees earned by women at the doctoral level are in STEM fields. The biggest decrease in STEM-related bachelor's degrees was in computer science, where women earned just 18 percent of bachelor's degrees in 2014, compared to 2004 when women earned 23 percent of computer science bachelor's degrees. "This data demonstrates the importance of tracking science and engineering degree attainment at different levels and within specific fields of study," Shapiro says.
New Programming Language for Fast Simulations
SINTEF researchers have developed a new language for faster programming and simulations. The researchers say the language is similar to the language of mathematics in that it enables them to subdivide the work process in such a way that reduces the time it takes to develop a simulator. Although the new language has many potential applications, the researchers are focusing on the way in which oil flows within its natural reservoir, and the way flood waves spread across a landscape. The source codes are used to develop simulation tools that can predict what happens to the oil in the reservoir and where the greatest volumes of floodwater occur. The innovation the researchers want to introduce is the use of a domain-specific language, which is a precise language that focuses on a closely-defined area of application. A domain-specific language will enable them to develop new simulation programs while guaranteeing the code is correct. "Our new programming language is easy to use, it takes less time to write programs, and the sources of error have been removed," says SINTEF researcher Andre Brodtkorb.
Link Between NSA and Regin Cyberespionage Malware Becomes Clearer
IDG News Service (01/27/15) Lucian Constantin
Portions of the QWERTY keylogging malware thought to be used by the U.S. National Security Agency (NSA) and its intelligence partners significantly overlap with a component of the Regin cyberespionage software platform, according to researchers from Kaspersky Lab cited by Der Spiegel. "Looking at the code closely, we conclude that the 'QWERTY' malware is identical in functionality to the Regin 50251 plug-in," they warn. The researchers also found that both QWERTY and Regin rely on a different module of the Regin platform identified as 50225, which manages kernel-mode hooking, enabling operation of the malware in the operating system kernel. "Considering the extreme complexity of the Regin platform and little chance that it can be duplicated by somebody without having access to its source code, we conclude the QWERTY malware developers and the Regin developers are the same or working together," the analysts note. Der Spiegel says QWERTY is probably a plug-in of the WARRIORPRIDE unified malware framework that all Five Eye partners--the British, Canadian, Australian, and New Zealand intelligence agencies, and the NSA--use. Security researchers think Regin is similar in sophistication to Stuxnet, a computer worm allegedly developed by the U.S. and Israel to sabotage uranium enrichment centrifuges in Iran.
New Search Engine Lets Users Look for Relevant Results Faster
Aalto University (01/27/15)
Researchers at the Helsinki Institute for Information Technology believe they have developed technology that will make Web searches more efficient. The new search engine is designed to show related keywords and topics to help those who do not know exactly what they are looking for or how to formulate a query to find it. The SciNet search engine features a topic radar to display the range of keywords and topics, and how they are related to each other. The relevance is tied to its distance from the center point of the radar, with the most related being closest to the center. Users would indicate what information is most useful by moving the words around the keyword cloud. The search engine also provides alternatives that are connected to the topic but which the user might not have thought of querying. "It's easier for people to recognize what information they want from the options offered by the SciNet search engine than it is to type it themselves," says project coordinator Tuukka Ruotsalo.
Electronic Circuits with Reconfigurable Pathways Closer to Reality
Swiss Federal Institute of Technology in Lausanne (01/26/15)
Swiss Federal Institute of Technology in Lausanne (EPFL) researchers have demonstrated it is possible to create conductive pathways several atoms wide in a material, to move them around at will, and even to make them disappear. The breakthrough means it could eventually be possible to reconfigure microchips in any way desired, even when they are in use. The technology also could lead to the development of resilient circuits, which could theoretically reconfigure themselves when damaged. The researchers say they were able to control the formation of walls on a film of ferroelectric material, and thus to create pathways where they wanted at given sites. They say the key is producing a sandwich-like structure with platinum components on the outside and a ferroelectric material on the inside. "By applying electric fields locally on the metal part, we were able to create pathways at different sites and move them, and also to destroy them with a reverse electric field," says researcher Leo McGilly. Low conductive electrodes were used to surround the ferroelectric material, which means the charge spreads very slowly in the structure, making it possible to control exactly where it is applied. "When we use highly conductive materials, the charge spreads rapidly and walls form randomly in the material," McGilly says.
A Machine Can Learn to Identify Sign Languages
Radboud University Nijmegen (01/26/15)
A Ph.D. student at the Max Planck Institute for Psycholinguistics has teamed up with the machine-learning group at Radboud University to train a computer program to quickly identify the sign language of signers. Binyam Gebrekidan Gebre first addressed the problem of automatic language recognition, training a program using a video of signers working in six sign languages. The program is able to distinguish between the languages with an accuracy rate of 84 percent. "This is a big success rate, given the fact that the machine learned to do so from four signers per language only," Gebre says. "This accuracy will improve when we feed the program with more data. We solved this by generating a dictionary of pixel patterns that appear in the videos and then matched that to those patterns in named languages." He also addressed the recognition of role-taking in conversations by a computer and the meaningful part of a gesture. The research could be used for transcribing videos of signed stories or for translating signed languages into spoken or written languages in real time. Video search engine projects also stand to benefit from the work.
Gartner Foresees 250M Connected Vehicles on the Road by 2020
Computerworld (01/26/15) Lucas Mearian
There will be about 250 million Internet-connected vehicles on the road by 2020, according to a Gartner report. The report says the adoption of connected-car technology is being driven by the expansion of high-bandwidth wireless network infrastructure, rising expectations for access to mobile content, and better service from smartphones and tablets. In addition, regulations are targeting vehicle-to-vehicle communications capability in many countries. "The increased consumption and creation of digital content within the vehicle will drive the need for more sophisticated infotainment systems, creating opportunities for application processors, graphics accelerators, displays, and human-machine interface technologies," says Gartner analyst James Hines. The report says the proliferation of connected vehicles also could lead to an expansion of alternatives to car ownership, such as being able to rent an autonomous car through mobile apps and have the vehicle show up at your door, as well as enabling new concepts of mobility. Gartner predicts a vehicle will be able to talk to wirelessly connected appliances in the home, and the steering wheel will be able to take the driver's pulse. Finally, the report predicts vehicles will be able to report hazards and traffic conditions, select routes to avoid congestion, coordinate with traffic signals to optimize traffic flow, and travel in platoons to minimize energy consumption.
U.Va. Technology Proves Effective in Thwarting Cyberattacks on Drones
UVA Today (01/23/15) Josie Pipkin
Researchers at the University of Virginia (U.Va.) are working to monitor unmanned aerial vehicles or systems and protect them from cyberattacks. The team has developed the System-Aware Cybersecurity concept and Secure Sentinel technology and reports its approach was successful in defending against simulated cyberattacks. Working with engineers from the Georgia Institute of Technology, the team flight-tested scenarios that involved global positioning system-embedded data manipulations, waypoint manipulations originating from the ground or onboard sources, manipulation of critical metadata related to transmitted imagery, and onboard surveillance and payload control breaches. In each case, during five days of testing in October, the technology quickly detected, informed, and corrected system performance. "Our research focuses on providing additional security by employing an onboard, secure monitoring subsystem to detect illogical behaviors relative to the expected profile of a system's performance," says U.Va. professor Barry Horowitz. "Detections can serve to initiate automated recovery actions and to alert operators of the attack. The cybersecurity Sentinel system includes design features that allow it to be far more secure than the system it monitors."
Early Warning Systems to Boost Security for Critical Infrastructures
CORDIS News (01/23/15)
The European Union is funding research designed to improve the security of vital infrastructure via the Advanced Protection of Critical Buildings by Overhauling Anticipating Systems (ARGOS) project, which is developing early warning systems that use complex techniques to calculate risk factors sensors identify outside the installation's perimeter. ARGOS is using data mining, data fusion, and rule-based engines to develop the systems. In particular, rule-based engines enable operators to teach the system which alarms are true, enabling it to learn and improve over time. The system would avoid false alarms, such as wildlife movement. ARGOS also focuses on creating a low-energy solution, one that uses energy-efficient algorithms, low-energy communications, and self-powered networks of sensors. Moreover, video sensors have auto sleep modes and the microelectronics employed have been optimized for energy efficiency. In integrating such components, researchers have created a system to keep vital installations safe even when they stretch over hundreds of kilometers where no security staff is available. The researchers note the technology could be used to detect threats from land, air, and sea, and at night and in fog.
Queen's University Belfast Leads Pioneering Research Into Cybersecurity
Queen's University Belfast (01/21/15)
Queen's University Belfast is launching a major new initiative involving cybersecurity research. The Leverhulme Interdisciplinary Network on Cybersecurity and Society (LINCS) will examine cybersecurity's legal, ethical, and cultural ramifications to society. LINCS will bring together researchers from the university's Center for Secure Information Technologies (CSIT) and the Institute for the Study of Conflict Transformation and Social Justice (ISCTSJ). "This project will offer a challenging, stimulating, and integrated academic environment within which a new generation of scholars can pursue truly interdisciplinary research on pressing issues of global significance," says ISCTSJ director Hastings Donnan. "It's a precondition of Leverhulme that research must be groundbreaking, and it's a measure of its confidence in this project that Queen's has matched the Leverhulme funding. This scheme will not only reinforce the interdisciplinary links that already exist between CSIT and ISCTSJ but will open up new avenues of inquiry, allowing researchers to develop new collaborations." Funding from the university and the Leverhulme Doctoral Scholarships program will provide 30 doctoral students with three-year scholarships for LINCS over the next eight years. The first class of LINCS researchers will begin work in September, and areas of study will include information-sharing at border controls, the use of surveillance technology such as drones, and the trust and authentication issues of the Internet of Things.
Can You Make Disaster Information Go Viral?
Emergency Management (01/20/15) Justine Brown
San Diego County and San Diego State University (SDSU) have formed a partnership to research and develop a social media-based platform for disseminating emergency warnings to citizens. The project was designed to enable San Diego County's Office of Emergency Services to spread disaster messages and distress calls quickly and to targeted geographic locations, even when traditional channels such as phone systems and radio stations are overwhelmed. The researchers recently received a $1-million U.S. National Science Foundation grant to refine software the county can use to better identify trends, topics, and influential messages disseminated through social media during a disaster. The researchers are identifying and reaching out to the top 1,000 Twitter users in San Diego County and asking them to agree to retweet the county's emergency messages. "We are changing our approach from the previous passive monitoring of social media to design an active platform for recruiting social media volunteers to accelerate social media communication before, during, and after disaster events," says SDSU professor Ming-Hsiang Tsou. The researchers then will use social network analysis tools to evaluate the selected followers' influential powers, such as their numbers of followers, how many retweets have stemmed from their accounts, and their social network structures.
Abstract News © Copyright 2015 INFORMATION, INC.
To submit feedback about ACM TechNews, contact: [email protected]
Current ACM Members: Unsubscribe/Change your email subscription by logging in at myACM.