Association for Computing Machinery
Welcome to the February 23, 2015 edition of ACM TechNews, providing timely information for IT professionals three times a week.

Updated versions of the ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).


Document Reveals Growth of Cyberwarfare Between the U.S. and Iran
The New York Times (02/22/15) David E. Sanger

A recently disclosed U.S. National Security Agency (NSA) document from 2013 shows how the clandestine cyberwarfare between the U.S. and its allies and Iran has accelerated in recent years. The document originally was written in April 2013 for Gen. Keith Alexander, who was then director of the NSA, and describes cyberattacks carried out by Iran against the U.S. and its allies after the existence of Stuxnet, a worm developed by the U.S. and Israel to damage Iran's nuclear enrichment facilities, came to light in 2010. The report says Iran retaliated with a series of denial-of-service attacks targeting the websites of U.S. financial institutions in 2012. Those attacks received a great deal of coverage at the time, but were never publicly attributed to Iran by the U.S. government. The document also says Iran was responsible for a 2012 attack on Saudi Arabia's state oil company in which data was erased from thousands of computers, and claims the attack had come in retaliation for a similar attack on Iran's oil industry. The document discusses the U.S. response to Iran's increasing belligerence, including efforts by NSA, the U.S. Cyber Command, and U.S. allies to respond to "multiple high-priority surges," and disagreement between the U.S. and its allies on how to respond.
View Full Article - May Require Free Registration | Return to Headlines | Share Facebook  LinkedIn  Twitter 

Spies Can Track You Just by Watching Your Phone's Power Use
Wired News (02/19/15) Andy Greenberg

A new paper from a team of researchers at Stanford University and Israel's Rafael defense research group found it is possible to determine an Android phone's location and movement by monitoring and analyzing its power consumption. The paper describes a technique the researchers call PowerSpy, which employs machine-learning algorithms and the fact that cellular transmissions use more or less power depending on how far the phone is from a cell tower and whether obstacles such as buildings are blocking the signal. The researchers found that by using a machine-learning algorithm to analyze a phone's power consumption, they were able to determine the location and movement of an Android phone with up to 90-percent accuracy, although with one major caveat: the phone had to be moving along one of a certain number of pre-measured routes. Although the researchers acknowledge this can somewhat limit the utility of the spying method, they say PowerSpy could still be used by spies or advertisers to determine where a specific person is on a regular route, such as a daily commute. The researchers note Android allows all apps access to power consumption data, which means any app could be tweaked to track a user's location by employing PowerSpy.

What 'The Imitation Game' Didn't Tell You About Turing's Greatest Triumph
The Washington Post (02/20/15) Joel Achenbach

"The Imitation Game," a film about computer science pioneer Alan Turing's efforts to break Nazi codes during World War II, has received a great deal of attention, but the film does a poor job of accurately portraying Turing's contributions to computer science. Turing's most indelible contribution to the field, arguably its founding document, was a 1936 paper, "On Computable Numbers," in which he laid out the concept of computable numbers and a device that could use 1s and 0s to carry out computations. His idea would be built upon by John von Neumann, who was a faculty member at Princeton University's Institute for Advanced Study when Turing was studying at the school. "Turing invented computer science and the idea of the computer, and John von Neumann built the first stored-program computer," says Andrew W. Appel, chair of the Princeton computer science department. "The Imitation Game" instead implies it was Turing's work on the code-breaking machine the Bombe that marked the mathematician's major contribution to the field of computing, even though the Bombe itself was not even a computer and was not invented by Turing, who instead improved upon the design of a similar machine being used by Polish codebreakers. The film also mischaracterizes several aspects of Turing's personality and his time breaking codes at Bletchley Park.
View Full Article - May Require Free Registration | Return to Headlines | Share Facebook  LinkedIn  Twitter 

Radio Chip for the "Internet of Things"
MIT News (02/22/15) Larry Hardesty

Massachusetts Institute of Technology (MIT) researchers have developed a new wireless transmitter design that reduces off-state leakage 100-fold while providing adequate power for Bluetooth transmission, or for the longer-range 802.15.4 wireless-communication protocol. The technology could extend the life of batteries and hasten the development of the Internet of Things. "A key challenge is designing these circuits with extremely low standby power, because most of these devices are just sitting idling, waiting for some event to trigger a communication," says MIT professor Anantha Chandrakasan. "When it's on, you want to be as efficient as possible, and when it's off, you want to really cut off the off-state power, the leakage power." The new transmitter reduces the leakage by applying a negative charge to the gate when the transmitter is idle, driving electrons away from the electrical leads and making the semiconductor a much better insulator. During testing, the researchers found the new circuit spent only 20 picowatts of power to save 10,000 picowatts in leakage. The MIT researchers say the new circuit can reduce power consumption 100-fold. "Ultralow-leakage energy is critical for future sensor nodes that need the transmitter to be on only a very small percentage of time," says Texas Instruments director Baher Haroun.

Computer Scientists' App Measures Our Online Footprints
Trinity College Dublin (02/18/15)

Researchers in Dublin, Ireland, have developed an app that can assess how well someone's online persona matches their true nature. The Bigfoot app is designed to analyze a user's social engagements such as their likes and music tastes, and then visualize these via widgets. The tool then asks users a few questions about their social media behavior, such as "Would you sell your data if you could, and for how much?" Bigfoot uses the social media data and the questionnaire results to give users a score from A to E, with A representing someone very shy and E representing someone who likes to share with everyone. Finally, the Bigfoot app presents users with psychometric tests. The team from Trinity College Dublin, the ADAPT Center, and AYLIEN then correlates the social media data with the psychometric data. Science Gallery Dublin's latest exhibit is the Bigfoot walk-in laboratory, where visitors will be able to use the app and learn more about the signals they send out online.

School Computer Coding Bill Passes First Vote in Senate
Deseret News (UT) (02/19/15) Morgan Jacobsen

The Utah Senate gave preliminary approval Thursday to a bill that would create a computer science initiative requiring the Utah STEM Action Center and the Utah State Board of Education to implement a range of computer science instructional resources, provide professional development for teachers, and select a software curriculum to use in computer coding classes. The legislation would provide as much as $1.5 million to license several computer coding instructional software providers, and $320,000 for the professional development for teachers. Part of the problem is "sometimes, because the resources are already allocated, the inertia of the status quo is so powerful that we just keep doing what we've always done, because that has first call on the priorities and first call on the dollars," says state Sen. Howard Stephenson. The $2-million total appropriation would be enough to open computer coding classes to half of all high schoolers in the state, with the possibility of expanding the program over time, according to initial estimates. Stephenson also is sponsoring a bill that would allocate more than $65 million to implement a one-to-one student technology program statewide. The bill passed its second reading in the Senate in a 21-4 vote, which will vote on the bill again before it is considered by the House.

To Attract More Women, Cybersecurity Industry Could Drop Macho Jargon
The Christian Science Monitor (02/16/15) Elizabeth Segran

Women make up less than 20 percent of the information security workforce, and many women leave the industry before advancing their careers, according to a Ponemon Institute study. "We are not innovating as quickly as we need to be because there aren't enough women in this field," says Intel Security chief privacy officer Michelle Dennedy. Although there are several efforts to support women in cybersecurity and encourage more female computer science students to pursue the field, achieving gender diversity will require the entire industry to talk differently about security. Cybersecurity parlance often mirrors the language of combat, but the field also relies on understanding human emotion, which tends to come more naturally to women. For women just starting in the field, the adversarial language of attack and combat often alienates female students who otherwise may pursue careers in security, according to the researchers. Only 18 percent of computer science degrees are awarded to women, and in the subfield of cybersecurity that figure is less than 10 percent, a gender gap that has also impacted women's experience in the classroom. The private sector is trying to set up programs to support women in cybersecurity. For example, Intel Security has launched a $300,000 diversity initiative to bring more women to the company.

Beyond Silicon: New Semiconductor Moves 'Spintronics' Toward Reality
University of Michigan News Service (02/19/15) Gabe Cherry

University of Michigan researchers have developed a semiconductor compound created from a low symmetry crystal structure. The researchers say the compound is the first to build spintronic properties into a material that is stable at room temperature and easily tailored to a variety of applications, including possibly being used as the base material for spintronic processors. Spintronics technology uses both the on or off electrical charge and the up or down magnetic spin of electrons to store information. Spin-based circuits can be smaller than charge-based circuits, enabling manufacturers to squeeze more circuits onto a single processor. "The spin of electrons remains stable at much smaller sizes, so spintronic devices open the door to a whole new generation of computing," says Michigan professor Ferdinand Poudeu. In addition, he notes spintronic devices can retain data even after the power is shut off. The researchers used a mixture of iron, bismuth, and selenium to create a complex crystal that offers much greater flexibility. This low symmetry crystal has holes of varying sizes placed at several distances in multiple, overlapping layers. The new compound "enables us to arrange atoms in a huge number of different combinations so that we can manipulate conductivity and magnetism independently," says Michigan researcher Juan Lopez.

Poor Decision-Making Can Lead to Cybersecurity Breaches
MSUToday (02/14/15) Mark Kuykendall

Michigan State University professor Rick Walsh is studying the reasoning process behind the decisions people make that lead to computer security breaches. During a presentation at this year's meeting of the American Association for the Advancement of Science, Walsh discussed how social interactions affect the processes behind personal cybersecurity decision-making. His research shows that how people visualize and conceptualize hackers and other cybercriminals affects their cybersecurity decision-making. People form impressions about the risk of sharing passwords and other behaviors based on the influence of the media, interpersonal interactions, and storytelling, and the assessments are powerful, according to Walsh. He says the teenager on a computer in their parents' basement and the professional criminal in a foreign country are two of the most common and easily recognizable images that people have of hackers. People who visualize the professional do not always make the best decisions because they are likely to believe the hacker is focusing on lucrative targets, Walsh suggests. His work could help to influence effectiveness in the development of the science of cybersecurity.

NTIA Says ICANN-Oversight Plan May Be Ready in Late July
FierceGovernmentIT (02/17/15) Dibya Sarkar

The National Telecommunications and Information Administration (NTIA) says a plan to shift Internet governance from the U.S. government's control to a global stakeholder community could be ready by the end of July. However, BloombergBNA reports further delays could prevent the Internet Assigned Numbers Authority Stewardship Transition Coordination Group (ICG) from delivering a transition plan before the U.S.'s contract to manage Internet addresses expires in September. The U.S. government announced last March it would not renew its contract with the Internet Corporation for Assigned Names and Numbers. If a new governance model is not in place before the contract expires, the U.S. can extend its governance of the Internet for up to another four years. Last September, ICG published a request for transition proposals to the multistakeholder community for the protocol parameters, numbering, and domain name-related functions. Although a draft proposal on domain name-related functions is still under review, BloombergBNA also says several accountability mechanisms being discussed would be ineffective under California law. NTIA says there is no deadline for the transition, and if the community requires additional time then the current contract can be extended.

Social Network Analysis Privacy Tackled
Penn State News (02/14/15) A'ndrea Elyse Messer

Pennsylvania State University (PSU) researchers are researching ways to maintain privacy on social networks. PSU professor Sofya Raskhodnikova says the goal is to be able to release information without making personal or sensitive data available and still be accurate. With multiple public databases available, data can easily be correlated between databases to assemble pieces of deleted data and recover the identifying information. Differential privacy, which restricts the types of analyses that can be performed to those for which the presence or absence of one person is insignificant, is needed to maximize the accuracy of analysis while preventing identification of individual records. Differential privacy guarantees an analysis performed on two databases that differ in only one record will return nearly the same result. Raskhodnikova says, "one approach for achieving differential privacy is adding a small amount of noise to the actual statistics before publishing them," but the problem is determining how much noise and how to execute it so the accuracy of results is retained. The idea of differential privacy could be especially important to the protection of graph data. The researchers found differentially private methods for releasing many graph statistics. The degree distribution of a social network specifies how many friends each member has, but some information is inherently too sensitive to be released with differential privacy.

Q&A With UC Davis Computer Science Assistant Professor Yong Jae Lee
California Aggie (02/12/15) Tarischka Stamboel

in an interview, University of California, Davis assistant professor Yong Jae Lee discusses his computer vision research. "My research focuses on the design of algorithms and image representations that allow a machine to accurately recognize objects, their properties, and the activities of people appearing in an image or video with minimal human guidance," Lee says. He notes in one study, he developed an algorithm that automatically creates a short visual summary of a very long video taken by a wearable camera. The algorithm predicts the important people and objects the wearer interacted with, and uses those predictions to select the keyframes that go into the final summary. Lee says the technology could be used in a wide range of applications, such as summarizing police videos, creating video diaries, or examining videos taken by robots that are exploring new territories. He also says more can be done to increase interest in computer science, and he believes the key is to provide computer classes in elementary, middle, and high school. "Computer scientists will be in much need, as computers will become ubiquitous in almost all aspects of our everyday lives," Lee predicts. "If you are a creative person that likes to solve problems and think clearly and logically, then this is a field that you should definitely consider."

Abstract News © Copyright 2015 INFORMATION, INC.
Powered by Information, Inc.

To submit feedback about ACM TechNews, contact: [email protected]
Current ACM Members: Unsubscribe/Change your email subscription by logging in at myACM.
Non-Members: Unsubscribe