Association for Computing Machinery
Welcome to the August 22, 2016 edition of ACM TechNews, providing timely information for IT professionals three times a week.

Updated versions of the ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).


New Law in Mass. Attempts to Raise IT Pay for Women
Computerworld (08/19/16) Patrick Thibodeau

A new Massachusetts statute signed this month by Gov. Charlie Baker could help close the wage gap between men and women in the information technology (IT) industry. The Act to Establish Pay Equity, which goes into effect in 2018, bans employers from asking prospective employees about their past wages, which means they will have to benchmark compensation to an employee's skills and experience instead of previous salary history. Victoria Budson, chair of the Massachusetts Commission on the Status of Women, says the practice of benchmarking salaries against earlier pay creates "a snowball effect, where you'd see a continuing gap throughout that person's career." The law also bars employers from taking retaliatory action if people discuss their salary, which Budson believes will encourage a culture conducive to shrinking the gender gap. In addition, the law incentivizes employers to perform an internal wage review to determine pay variance on the basis of race, age, and gender, and any company that conducts this audit and then "takes meaningful steps" to correct any disparities will gain an "affirmative defense" to use in any wage litigation. Tufts University professor Karen Panetta, editor-in-chief of IEEE Women in Engineering Magazine, notes women typically start out with annual salaries that are $5,000 to $7,000 below that of men, and pay disparities often cause them to leave IT occupations.

Computer Science Professor Gives Failing Grade to Newly Leaked NSA Hacking Tool
Softpedia (08/19/16) Catalin Cimpanu

A hacking tool allegedly stolen from a cyber espionage group associated with the U.S. National Security Agency (NSA) was analyzed by University of Illinois at Chicago professor Stephen Checkoway. He studied the BANANAGLEE exploit targeting Juniper firewalls, examining its random key generation system and the process of redirecting Internet Protocol packets, rather than the entire codebase. Checkoway says the results indicate the tool is rife with poor coding, as reflected in the much smaller number of options the system was yielding to choose a random key. For example, he found 128-bit keys are generated with 64 bits of entropy instead of the intended 128. Moreover, Checkoway found the NSA programmers repeated cipher initialization vectors for the encryption, while authentication of the encrypted communications channel was lacking and there also was "sloppy and buggy code." Despite these unimpressive findings, Checkoway says analysis of this type of malware "gives us insight into the practices and methods of the malware's authors. As the NSA is widely considered to employ many of the best hackers and cryptographers, there may be a lot we can learn from studying their code." Checkoway also thinks such coders are superior to students, noting, "the leaked code was written by professionals. I would expect it to work in a hostile environment."

Internet Voting Leaves Out a Cornerstone of Democracy: The Secret Ballot
Technology Review (08/18/16) Mike Orcutt

Internet voting invalidates the secrecy of ballots, according to a report from Verified Voting. The report's authors conclude "because of current technical challenges and the unique challenge of running public elections, it is impossible to maintain the separation of voters' identities from their votes when Internet voting is used." Verified Voting president Pamela Smith says when votes are returned through the Internet, it is technically problematic to separate the voter's identity from the vote, as the server has to know that identity to authenticate the voter and record the vote. She notes, "the authentication typically happens at the same time as the voting process" in the systems states are currently using. Smith says this presents a notable difficultly; an earlier experiment tested giving voters PIN codes, but hackers were able to find those numbers and link them to voters. The report found 20 states have laws or regulations requiring that voters who return their ballots online also waive their right to a secret ballot. "Almost every state has a requirement that there should be secrecy of the ballot," Smith says. She notes Internet voting allowances required them to "carve out a special space" that is exempt from that requirement.

Fighting Poverty With Satellite Images and Machine Learning Wizardry
IEEE Spectrum (08/18/16) Prachi Patel

Stanford University researchers have developed a machine-learning method for estimating poverty levels by analyzing mobile phone usage data and satellite photos showing nightlights. Stanford Ph.D. student Neal Jean says the method combines nightlight intensity data with daytime satellite imagery, and the technique can be applied to any developing country. The researchers trained the machine-learning algorithm with millions of daytime satellite images, each labeled with a number that corresponded to how bright the area was at night. Daytime images, which contain features such as paved roads, metal roofs, and farmland that indicate livelihood, can help distinguish poor regions from ultra-poor regions. "The model looks for visual cues and automatically learns to find features in daytime imagery that correspond to nighttime light values," Jean says. The researchers then trained a second computer model to use the small differences in the images that are picked out by the first model in cooperation with existing economic data. The second model learns to estimate a village's relative level of poverty based on the data. The new model more accurately estimated poverty level than other models that used only nightlight data in areas where average income was half or even one-third of the poverty level.

People Favor Expressive, Communicative Robots Over Efficient and Effective Ones
University of Bristol News (08/19/16)

Researchers at the University of Bristol and University College London (UCL) have found making an assistive robot partner expressive and communicative could make it more satisfying to work with and improve trust, but it also could encourage users to lie to the robot in order to avoid hurting its feelings. The researchers experimented with a humanoid assistive robot helping users to make an omelet, with the goal of investigating how a robot can regain a user's trust when it makes a mistake and how it can communicate its erroneous behavior to somebody who is working with it. The study suggests a communicative, expressive robot is preferable for the majority of users to a more efficient, less error-prone one, despite it taking 50-percent longer to complete tasks. During the study, users reacted well to an apology from the robot, and were particularly receptive to its sad facial expressions. "Human-like attributes, such as regret, can be powerful tools in negating dissatisfaction but we must identify with care which specific traits we want to focus on and replicate," says UCL researcher Adriana Hamacher. Meanwhile, Bristol professor Kerstin Eder notes, "complementing thorough verification and validation with sound understanding of these human factors will help engineers design robotic assistants that people can trust."

Half of High School Seniors Lack Access to Computer Science
THE Journal (08/17/16) Richard Chang

More than half of U.S. high school seniors attend schools that do not offer computer science courses, according to an analysis by Change the Equation (CTEq), a nonprofit organization that aims to mobilize businesses to improve science, technology, engineering, and math (STEM) education. The analysis found only 22 percent of 12th graders said they have ever taken a computer science course, and just 44 percent of seniors said they have access to any computer science classes. In addition, less than a quarter of seniors have access to Advanced Placement (AP) computer science courses. CTEq examined data from the 2015 National Assessment of Educational Progress. The data indicated that low-income students are less likely to have access to computer science courses than higher-income students. The analysis also found African American and Native American students were much less likely than Asian and white students to attend high schools offering computer science. Only 30 percent of seniors who live in rural areas said their high school offers any computer science classes, and only 15 percent said their school offers an AP computer science course.

Party Algorithm Hides Messages in Ibiza Trance Music
Technology Review (08/18/16)

Warsaw University of Technology researchers have developed a new form of musical steganography that exploits the trance-like rhythm of dance-club music. The technique involves varying the tempo of the beat in a way that encodes information, but the changes have to be too subtle for human listeners to notice. The researchers say this type of modification is possible because of modern digital audio systems that enable various elements of compositions to be manipulated. They first developed a Morse-like code in which the beat can be used to spell out a series of dots and dashes to send messages; dashes are indicated by speeding up the tempo for a single beat, while dots are indicated by a slower beat. The researchers tested the method by asking 20 volunteers to listen to the music at an open-air summer party, and 10 of the people had musical backgrounds. When the researchers changed the tempo by more than 3 percent, about half the listeners noticed the difference. However, when the change was less than 2 percent, none of the participants noticed. Warsaw University of Technology researcher Krzysztof Szczypiorski notes it would be a simple process to develop software that automatically encoded or decoded messages sent in this manner.

This Web App Will Warn You If You Are a Twitter Troll
ReCode (08/20/2016) Ina Fried

Intel researchers have developed a Web application that tells users how harassing they are on Twitter, providing a numerical rating as well as example tweets that could be seen as harassing. The app was produced through Intel's Hack Harassment, an effort to see if there are high-tech ways to make Internet communities safer. The researchers trained the algorithm using a wide range of Internet content from Reddit, mainstream news websites such as those of The New York Times and The Wall Street Journal, and data from Twitter. The researchers say their goal is to release the tool publicly, as well as the source code behind it, over the next couple of months. As an example, the researchers ran the algorithm on one user's tweets, analyzing nearly 43,000 posts. The application analyzed a subset of the more recent tweets, and rated the user as 99-percent nice. Twitter recently released new tools designed to better mask harassing tweets. "I think technology is where this is happening,” says Intel's Doug Fisher. "Technology has a role to play to figure out ways to help in all this."

People Disregard Security Warnings on Computers Because They Come at Bad Times
BYU News (UT) (08/17/16) Todd Hollingshead

Researchers at Brigham Young University (BYU) and Google recently conducted a study showing the current system of warning messages appearing randomly results in up to 90 percent of users disregarding them. The researchers found this strategy is less effective because of "dual task interference," a neural limitation in which even simple tasks cannot be simultaneously performed without significant performance loss. "Software developers categorically present these messages without any regard to what the user is doing," says BYU professor Anthony Vance. "They interrupt us constantly and our research shows there's a high penalty that comes by presenting these messages at random times." For example, 74 percent of study subjects ignored security messages, 79 percent ignored the messages if they were watching a video, and 87 percent disregarded the messages while they were transferring information. The researchers say there is a simple solution. "Waiting to display a warning to when people are not busy doing something else increases their security behavior substantially," says BYU professor Jeff Jenkins. The researchers found users pay the most attention to security messages when they pop up in lower dual task times such as after watching a video, waiting for a page to load, or after interacting with a website.

McMaster Researchers Resolve a Problem That Has Been Holding Back a Technological Revolution
McMaster Daily News (08/16/16)

McMaster University researchers say they have developed a way to purify carbon nanotubes, solving the issue of untangling metallic and semiconducting carbon nanotubes, which are both created simultaneously in the process of producing the microscopic structures. Normally, this process involves heating carbon-based gases to a point in which mixed clusters of nanotubes form spontaneously. The researchers achieved the breakthrough by reversing the electronic characteristics of a polymer known to disperse semiconducting nanotubes, while leaving the rest of the polymer's structure intact. This method enabled the researchers to leave the semiconducting nanotubes behind while making it possible to disperse the metallic nanotubes. The researchers note scientists have spent years trying to find effective and efficient ways to isolate carbon nanotubes and unleash their value. The next step is for the researchers to exploit this discovery by finding a way to develop even more efficient polymers and scale up the process for commercial production. "Once we have a reliable source of pure nanotubes that are not very expensive, a lot can happen very quickly," says McMaster University professor Alex Adronov. The technology is expected to revolutionize computers and electronics by replacing much larger silicon-based chips.

Down to the Wire: ONR Researchers and New Bacteria
Office of Naval Research (08/16/16) Warren Duffie Jr.

Scientists sponsored by the U.S. Office of Naval Research have used a common soil bacteria to create electrical wires that conduct electricity and are thousands of times thinner than a human hair. The work involved Geobacter, a bacteria that produces microbial nanowires--hair-like protein filaments protruding from the organism--enabling it to make electrical connections with the iron oxides that support its growth in the ground. However, Geobacter's current is too weak for human use. Led by microbiologist Derek Lovley at the University of Massachusetts Amherst, the team tweaked the bacteria's genetic makeup to replace two amino acids with tryptophan, which is very good at transporting electrons in the nanoscale. The synthetic, tryptophan-infused nanowires were 2,000 times more conductive than their natural counterparts, more durable, and much smaller, with a diameter of 1.5 nanometers. The engineered wires can be produced using renewable "green" energy resources, are made of non-toxic, natural proteins, and avoid harsh chemical processes typically used to create nanoelectronic materials. The researchers say extremely thin wires from sustainable materials have enormous potential application as components of electronic devices such as sensors, transistors, and capacitors.

Steinhardt Study Looks at How Racial Inequality Is Produced Online
NYU Steinhardt (08/15/2016)

A new study by New York University Steinhardt professor Charlton McIlwain suggests a tendency toward racially segregated website navigation, despite Web producers building pathways providing equitable access to sites. McIlwain aimed to demonstrate whether and how systemic racial inequality might manifest in users' Web navigation patterns. He documented racial and nonracial websites, which were designated depending on whether race-specific terminology was present in the websites' title, description, or meta-tags. Data also was gathered on each site's traffic ranking, and a spatial algorithm compared connections to study the traffic patterns between racial and nonracial sites. McIlwain calculated the expected number of connections between racial and nonracial sites based on chance, and then actual traffic patterns were compared to the predictions. The study found although hyperlink networks do not appear to direct audience traffic to other sites based on their racial or nonracial nature, user navigation reflects a racially segregated traffic pattern. McIlwain found visitors to nonracial sites are more likely to visit other nonracial sites than what would be expected by chance, and visitors to racial sites also visit other racial sites with greater frequency. "These how a race-based hierarchy might systematically emerge on the Web in ways that exemplify disparate forms of value, influence, and power that exist within the Web environment," McIlwain says.

Abstract News © Copyright 2016 INFORMATION, INC.
Powered by Information, Inc.

To submit feedback about ACM TechNews, contact: [email protected]