Welcome to the August 1, 2018 edition of ACM TechNews, providing timely information for IT professionals three times a week.

ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).

To view "Headlines At A Glance," hit the link labeled "Click here to view this online" found at the top of the page in the html version. The online version now has a button at the top labeled "Show Headlines."

A wafer containing hundreds of tiny computer chips made from carbon nanotubes Beyond Silicon: $1.5-billion U.S. Program Aims to Spur New Types of Computer Chips
Robert F. Service
July 24, 2018

The U.S. Defense Advanced Research Projects Agency (DARPA) has announced $75 million in new grants to revitalize the computer chip industry via fundamental research into new designs and materials. The program is expected to grow to as much as $300 million in grants per year, or $1.5 billion over five years. One grant recipient is the Massachusetts Institute of Technology's Max Shulaker, who is researching carbon nanotube-based transistors incorporated into three-dimensional (3D) chips. His team is developing 3D chips with features 10 times larger than state-of-the-art silicon chips, boasting a 50-fold upgrade in speed and energy efficiency. Another focus of the DARPA program is flexible chip architectures, with Arizona State University's Daniel Bliss using a grant to improve wireless communications with chips capable of on-the-fly reconfiguration for specialized tasks. Bliss envisions his work on radio chips that blend and filter signals using software instead of hardware enabling interference-free, multi-device signal transmission and reception. Stanford University's Subhasish Mitra says DARPA's program has the potential to "completely revolutionize how we design electronics."

Full Article

Man in suit getting mugshot taken Amazon Face Recognition Falsely Matches 28 Lawmakers With Mugshots, ACLU Says
The Guardian
Sam Levin
July 26, 2018

A test of Amazon's facial recognition software incorrectly matched the faces of 28 U.S. legislators to images in a mugshot database, with people of color misidentified disproportionately, according to the American Civil Liberties Union (ACLU). The organization assembled a face database and search tool from 25,000 public arrest photos, then cross-referenced that data with public photos of every member of Congress. Eleven of the misidentified lawmakers were people of color, representing nearly 40% of those wrongly matched, even though minorities comprise only 20% of those in Congress. Says the ACLU Foundation of Northern California's Jacob Snow, "Our test reinforces that face surveillance is not safe for government use." Amazon said the test’s results could “probably be improved” by increasing “confidence thresholds.”

Full Article

Samin Khan (U of T) and Hamayal Choudhry (UOIT) celebrate their smartARM win on the Imagine Cup World Finals stage U of T Student Part of Team That Wins Imagine Cup Over 40,000 Other Students With Design of Prosthetic Robotic Hand
University of Toronto
Nina Haikara
July 26, 2018

A student from the University of Toronto (U of T), working with a colleague at the University of Ontario Institute of Technology (UOIT) in Canada, received a global award at Microsoft's 16th annual innovation competition, which included more than 40,000 student competitors and 49 teams qualifying for the Imagine Cup World Finals in Seattle, WA. The winning team was recognized for its smartARM, a prosthetic robotic hand. The students also received a mentoring session with Microsoft CEO Satya Nadella, $85,000, and a $50,000 Microsoft Azure grant to continue developing smartARM. The smartARM is equipped with an embedded camera that recognizes objects and calculates the necessary grip for a task using computer vision, machine learning, and cloud storage technologies. SmartARM is the first "service" prosthetic, with an algorithm that learns and improves with continued use, and stored data that can be downloaded to future prosthetic devices.

Full Article
The Ethics of Computer Science: This Researcher Has a Controversial Proposal
Elizabeth Gibney
July 26, 2018

In an interview, Brent Hecht, chair of ACM's Future of Computing Academy, proposes the computer science community revise its peer-review process to guarantee that scientists report any potential negative societal consequences of their published work. Hecht says the idea is to have reviewers contact researchers with the appeal that, as good scientists, they should fully describe possible outcomes of their research before they will be allowed to publish. Hecht says panels that decide on research funding "might want to have different rules, and consider whether to fund a research proposal if there's a reasonable suspicion that it could hurt the country." He also says the proposal appears to be gaining favor in the computer science community, because "we're moving towards a more iterative, dialogue-based process of review, and authors would need to cite rigorous reasons for their concerns."

Full Article
South Korea to Invest $1.34 Billion in Next-Gen Semiconductor Tech
Cho Mu-Hyun
July 30, 2018

South Korea's Ministry of Trade, Industry, and Energy will invest $1.34 billion to develop next-generation semiconductor materials and devices and make the country a global semiconductor nexus. Minister Paik Un-gyu says investment priorities include developing new materials and devices in memory chips, cultivating logic and contract chipmaking businesses, and enticing global semiconductor materials and equipment manufacturers to set up production lines in South Korea. Paik also says South Korean manufacturers' proficiencies in dynamic random-access memory and non-volatile flash NAND memory production are unmatched, but integration is reaching its limit and new materials and devices need to be developed. South Korea is also concerned about China's rival memory semiconductor investments, a key focus of the Made in China 2025 initiative.

Full Article
New Spectre Cyberthreat Evades Patches
UCR Today
Holly Ober
July 26, 2018

Researchers at the University of California, Riverside (UC Riverside) have found a variant of the Spectre bug that could defeat currently available software patches. They say SpectreRSB appears to be unhindered by known defenses against other Spectre iterations, including Google's Retpoline patch for shielding branch predictors. The UC Riverside team warns SpectreRSB exploits the return stack buffer, which retains addresses the processor needs to return to once it has completed an operation. The variant inserts the wrong return address, or deletes addresses, in the buffer, and it can manipulate the speculation addresses, directing them toward secret information. This point of penetration could foil available patches, and the researchers urge all processors to embed the RSB refilling patch, which inserts a dummy address into the stack buffer to thwart SpectreRSB.

Full Article
CSAIL Launches New Initiative for Financial Technology
MIT News
Adam Conner-Simmons; Rachel Gordon
July 26, 2018

The Massachusetts Institute of Technology's (MIT) Computer Science and Artificial Intelligence Laboratory (CSAIL) recently launched a research-industry collaboration focused on creating financial technologies that will produce business models, provide new data insights, and boost security. The [email protected] initiative will include research into artificial intelligence, cryptocurrencies, blockchain foundation and applications, machine learning, multi-party computation for superior security and privacy, data management and analytics, natural language processing, and cyber risk management. Says MIT's Andrew Lo, who is co-leading the new initiative along with Silvio Micali and Shafi Goldwasser (co-recipients of the 2012 ACM A.M. Turing Award), "We need theories and algorithms on how people actually behave, and larger datasets where we can find meaningful trends and patterns." Lo's research focuses on using computational tools to make better financial decisions, while Micali and Goldwasser's efforts will center on enhancing information security and the privacy and correctness of computation and data.

Full Article
Same Web-Based Vulnerabilities Still Prevalent After Nine Years
Help Net Security
July 27, 2018

The threat of common Web-based vulnerabilities has not been significantly mitigated over the past nine years, according to a study by the U.K.-based NCC Group. The cybersecurity firm cites cross-site scripting vulnerabilities as the most frequent bug encountered, comprising 18% of all bugs logged. NCC Group's Matt Lewis says, "We should have seen a significant fall in these types of vulnerabilities, but this hasn't been the case, which highlights the need for better education around security within the software development life cycle." The study found growing numbers of bugs targeting complex applications and hardware, including deserialization flaws and exploitation of multiple low-risk issues in a chain across a complex Web application. However, NCC Group also says certain vulnerability classes have all but disappeared, including format string flaws, certain memory-related flaws, and bugs permitting exploitation of XML applications and services.

Full Article

Man reading braille plate Reprogrammable Braille
Harvard University School of Engineering and Applied Sciences
Leah Burrows
July 23, 2018

Researchers at Harvard University's John A. Paulson School of Engineering and Applied Sciences have developed a framework to encode memory—in the form of Braille-like dimples and bumps—onto a blank, lattice-free material. The framework demonstrates how an otherwise featureless curved elastic shell can store elastic bits (e-bits) that can be written and erased at will anywhere along the shell. The thin elastic shell is initially compressed by force on each end, and then indents are made using a simple stylus, similar to the way that pages of a traditional Braille book are printed. The shell will "remember" the indent when the force is no longer applied and the indent can be erased by stretching the shell back out. This marks the first time researchers have demonstrated mechanical memory in a system with no inherent lattice.

Full Article
A Tech Test to Keep Seniors in the Homes Longer
The Wall Street Journal
Sumathi Reddy
July 25, 2018

The Collaborative Aging (In Place) Research Using Technology (CART) Initiative, led by Oregon Health and Science University, is a national study involving the monitoring of seniors' daily activities using motion sensors and other technology installed in their residences. The sensors feed real-time data on participants' movements throughout the day, measuring how often they enter different rooms, how often they enter and exit their home, their computer use, and their walking speed. CART's purpose is to determine whether researchers can monitor and detect health changes in older adults so they can live independently longer. Participants have software set up to measure how much time they spend on their computers, while sensors are placed under their vehicles’ dashboards to monitor how often participants drive. Aging in Place Technology Watch founder Laurie Orlov says CART has significant potential for managing people sent home from the hospital who need monitoring.

Full Article
*May Require Paid Registration
Tennessee Approves First-Ever Computer Science Standards for K-8 Schools
Chalk Beat
Marta W. Aldrich
July 27, 2018

The Tennessee Board of Education has given final approval to the state's first computer science standards for elementary and middle schools. The benchmarks will be used in classrooms in the fall of 2019, replacing standards last revised in 2011. State officials say the old standards failed to capture the critical components of computer science. For elementary schools, the new standards will focus on introducing students to the basics of computer systems and programs. Middle school students will study computer science-related calculations and information processing skills used to create computer programs. In addition, older students will discuss "digital citizenship," which focuses on how to interact safely with people and content online. With the exception of coding and computer programming, which will be taught as a standalone class, the skills outlined in the standards will be integrated within existing core classes in English, math, science, and social studies.

Full Article

Doctor reading a tablet with medicine boxes in hand Software Cuts Through Costly Hospital Pharmaceutical Procurement
University of Sydney
Trevor Watson
July 24, 2018

Researchers at the University of Sydney in Australia have developed a software program that they say could significantly reduce the amount spent by Australia’s hospitals, currently estimated at more than $3 billion per year. The new system can replace a laborious, time-consuming process of selecting the most cost-effective pharmaceuticals by manually comparing spreadsheet information on thousands of products. The university’s Erick Li says, "Our system is able to organize all the information from the wholesaler's price books, quickly run the data for a particular medication, and determine the lowest price on the market." The program serves as an example of how data can be better utilized in hospitals for the benefit of patients and staff.

Full Article
Using Machine Learning to Detect Software Vulnerabilities
Tech Xplore
Ingrid Fadelli
July 24, 2018

Researchers at Boston University, working with colleagues at Cambridge, MA-based R&D company Draper, have developed a large-scale vulnerability detection system that could help to discover software vulnerabilities faster and more efficiently. The tool, which relies on machine learning for automated detection of vulnerabilities in C/C++ source code, has shown promising results. The researchers compiled a large dataset with millions of open source functions and labeled it using three static analysis tools—Clang, Cppcheck, and Flawfinder—designed to identify potential exploits. The dataset included millions of function-level examples of C and C++ code drawn from the SATEIV Juliet Test Suite, Debian Linux distribution, and public Git repositories on GitHub. The researchers said the results of tests on real software packages and the NIST STATE IV benchmark dataset demonstrate that deep feature representation learning on source code is a promising approach for automated software vulnerability detection.

Full Article
ACM Inroads Co-Editor-in-Chief
ACM Special Interest Groups

Association for Computing Machinery

2 Penn Plaza, Suite 701
New York, NY 10121-0701

ACM Media Sales

If you are interested in advertising in ACM TechNews or other ACM publications, please contact ACM Media Sales or (212) 626-0686, or visit ACM Media for more information.

To submit feedback about ACM TechNews, contact: [email protected]