Welcome to the August 15, 2018 edition of ACM TechNews, providing timely information for IT professionals three times a week.

ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).

To view "Headlines At A Glance," hit the link labeled "Click here to view this online" found at the top of the page in the html version. The online version now has a button at the top labeled "Show Headlines."
IBM Has a Watson Dilemma
The Wall Street Journal
Daniela Hernandez; Ted Greenwald
August 11, 2018

IBM's Watson artificial intelligence (AI) system is falling short of some expectations for its outcomes in the fight against cancer, with many users citing inaccuracy, the AI's susceptibility to error due to a lack of data, and the evolution of cancer therapies outpacing the ability of human trainers to upgrade Watson. IBM says Watson offers valuable cancer-care benefits, such as helping physicians keep up with medical knowledge. For an AI to recommend fine-tuned personalized cancer treatments, the software requires training with data on past treatments, including patients' medical histories and treatment outcomes, which is often recorded in differing format and may be incomplete or inconsistent. IBM's planned integration of medical-claims databases and electronic health records has not yet been realized, partly due to the task's complexity. Still, IBM's John Kelly remains positive on Watson's potential, saying the system's treatment recommendations have changed the course of care for as many as 8,400 patients thus far.

Full Article
*May Require Paid Registration
Spectre Reloaded: New Intel 'Foreshadow' Vulnerabilities Open the Door to Hackers
Duncan Riley
August 14, 2018

Intel on Tuesday announced three vulnerabilities that target speculative execution on its chips. The Foreshadow vulnerabilities allow the chip to predict possible outcomes of the code it is in the process of executing, and has three variants that target different types of processing. Foreshadow operates through the Software Guard Extensions (SGX) in Intel chips, impacting certain microprocessor products supporting Intel SGX. Hackers could target the speculative data because SGX does not always protect access to that data as intended. Tod Beardsley at software security firm Rapid7 says enterprises running virtual computers in shared hosting environments should be aware of the flaw and watch for communications from their hosting providers with any instructions they will need to carry out, in the event an update to their guest operating system is required.

Full Article

Man dribbling basketball on court How a Computer Learns to Dribble: Practice, Practice, Practice
Carnegie Mellon University
Byron Spice
August 7, 2018

Carnegie Mellon University and DeepMotion researchers have developed a physics-based, real-time method for controlling animated characters that can learn basketball dribbling skills from experience. The system learns from motion capture of movements performed by people dribbling basketballs. The researchers used deep-reinforcement learning to enable the model to identify important details associated with dribbling. The system learned the skills in two stages: it first mastered locomotion, and then learned how to control animated characters' arms and hands to manipulate the ball. DeepMotion's Libin Liu says, "The technology can be applied beyond sport simulation to create more interactive characters for gaming, animation, motion analysis, and in the future, robotics." The researchers are presenting the work this week at ACM SIGGRAPH 2018 in Vancouver, British Columbia.

Full Article
Quantum Chains in Graphene Nanoribbons
Karin Weinmann
August 9, 2018

Researchers at the Swiss Federal Laboratories for Materials Science and Technology in Switzerland (Empa) and the Max Planck Institute for Polymer Research in Germany have succeeded in adjusting the electronic properties of graphene nanoribbons by varying their shape, a process that could generate specific local quantum states in the ribbon. Changing the width of a graphene nanoribbon from seven to nine atoms produces a transitional zone, giving rise to a "protected," highly robust new quantum state that could serve as a basic element in customized semiconductors, metals, insulators, and perhaps even quantum computers. Building ribbons with regularly alternating zones of different widths creates a chain of interlinked quantum states with its own electronic structure, with electronic properties that shift based on the width of the different segments. The researchers say electronic quantum states at junctions of graphene nanoribbons of different widths also carry a magnetic moment that could enable information processing via spin.

Full Article
A Botnet of Smart Irrigation Systems Can Deplete a City's Water Supply
Help Net Security
August 9, 2018

Scientists at Ben-Gurion University of the Negev (BGU) in Israel say urban water services are vulnerable to a botnet attack on smart irrigation systems that water concurrently. The team analyzed three popular commercial smart irrigation systems and found they contained weaknesses susceptible to botnet hijacking. The attack strategy does not require infecting a water service's physical cyber systems, as a bot running on a compromised device can identify a smart irrigation system connected to its local access network in less than 15 minutes, and switch on watering via each system using an series of session hijacking and replay attacks. BGU's Ben Nassi says, "By simultaneously applying a distributed attack that exploits such vulnerabilities, a botnet of 1,355 smart irrigation systems can empty an urban water tower in an hour and a botnet of 23,866 smart irrigation systems can empty flood water reservoir overnight." Nassi said the researchers notified the smart irrigation companies tested of the security gaps.

Full Article
Georgia Tech Creates Cybersecurity Master's Degree Online for Less Than $10,000
Georgia Tech News Center
August 8, 2018

The Georgia Institute of Technology (Georgia Tech) will offer an online cybersecurity master's degree that will cost students less than $10,000, in collaboration with edX. Georgia Tech's Online Master of Science in Cybersecurity (OMS Cybersecurity) degree is designed to address an anticipated global shortage of cybersecurity professionals. Georgia Tech's Milton Mueller says, "The OMS format not only extends Georgia Tech's reach to American professionals in cybersecurity, but also makes it possible for working professionals anywhere in the world to avail themselves of Tech's educational resources and expertise." OMS Cybersecurity will be Georgia Tech’s third at-scale online degree program, following the online Master of Science in Computer Science program launched in 2014 on Udacity, and the Online Master of Science in Analytics program on edX.

Full Article

Two fighter jets Army Scientists Create New Technique for Modeling Turbulence in the Atmosphere
R & D
August 8, 2018

The U.S. Army Research Laboratory (ARL) developed a computer simulation that more effectively models the behavior of atmospheric turbulence in complex environments. With this method, soldiers could predict weather patterns earlier using computers at hand and more accurately evaluate flight conditions for aircraft on the battlefield. ARL's Yansen Wang and colleagues tapped the Lattice-Boltzmann method used by physicists and engineers to predict small-scale fluid behavior. They found the technique can accurately simulate atmospheric turbulence while demanding significantly less computation than if they had solved for nonlinear Navier-Stokes differential equations, reducing the number of neighboring behaviors to include. The multi-relaxation-time Lattice-Boltzmann method led to an advanced Atmospheric Boundary Layer Environment model, which could apply to military tactical compute platforms.

Full Article

VR surgery demonstration RPI Scientists Develop VR Surgery to Feel Real
Albany Times Union
Lynda Edwards
August 7, 2018

Rensselaer Polytechnic Institute (RPI) researchers have developed a virtual reality (VR) system to add realism to virtual surgical training. Led by RPI's Suvranu De, the project incorporates realistic-looking human avatars and haptic technology. De says, "Our programs are the equivalent of flight simulators for surgeons." The VR simulations range from routine procedures to extreme events that include patients bursting into flames. In training sessions for the latter, doctors and nurses wear VR headsets to watch a fireball erupt on the patient's chest so they can learn what proper mitigation steps to follow. De envisions avatars helping to train military medics to handle the worst wounds suffered by soldiers in the field.

Full Article
Millions of Businesses Vulnerable to Fax-Based Cyberattack
Computer Weekly (United Kingdom)
Warwick Ashford
August 13, 2018

Fax machines in millions of organizations worldwide could be exploited by hackers to launch cyberattacks, according to Check Point Software Technologies researchers. They say flaws in the communications protocols of the machines that have not been updated since the 1980s would allow malefactors to orchestrate myriad attacks. The vulnerabilities permit a hacker to create a specially coded color JPEG fax image in which any type of malware can be embedded, and then transmit it via telephone line to the target device. The image is automatically decoded and uploaded into fax memory upon receipt, after which the malware hijacks the device and can proliferate to any network to which the device is connected. Check Point's Yaniv Balmas says, "It is critical that organizations protect themselves against these possible attacks by updating their fax machines with the latest patches and separating them from other devices on their networks."

Full Article
Report: Python Closes In on C++
SD Times
Christina Cardoza
August 13, 2018

According to the August 2018 TIOBE Index, Python for the first time is closing in on the top three programming languages, Java, C, and C++. Interest in Python has been rising over the last decade, and it was the most taught language with 70 percent of the market in a 2014 survey, TIOBE says. Industry is adopting Python as well, and the language is now commonly deployed in large embedded systems. TIOBE says it is "very likely that Python will enter the top 3 and even might become the new number 1 in the long run." The index ranks Hack, Groovy, and Julia back among the top 50, while TypeScript fell to the 62nd spot, from its #50 ranking in July.

Full Article

Oil film covering body of water The Underwater Drones That Hunt for Oil Spills
New Scientist
Joshua Howgego
August 8, 2018

Javier Gilabert and colleagues at the Technical University of Cartagena in Spain have deployed a group of five autonomous underwater vehicles (AUVs) to locate and track oil spills below the surface of the ocean by measuring the oil's fluorescence and generating a three-dimensional (3D) model to aid responders. The Enhanced Underwater Robotics Ready for Oil Spill technology has been tested with a simulated spill off the coast of Ireland. The team overcame the challenges of communicating with underwater devices by transmitting Wi-Fi signals to floating stations, which then relay them to the AUVs using an acoustic signal. Scientists aboard a ship can access the 3D spill maps on their laptops. Gilabert says the difficulties of retrieving the drones from the ocean can be overcome by programming them to head to shore on their own.

Full Article
*May Require Paid Registration
Algorithms Help Power Grids Survive GPS Spoofs
IEEE Spectrum
Charles Q. Choi
August 7, 2018

Researchers at Clemson University and the University of California, Santa Barbara (UCSB) have developed algorithms that analyze data generated by phasor measurement units (PMUs), an approach that helps programs detect when discrepancies occur that could signal a global-positioning system (GPS) spoofing attack. PMUs are aligned with the atomic clocks in GPS, and the technology is growing increasingly important as power grids rely less on centralized power plans and more on solar power and other distributed energy sources. The algorithms do not need extra hardware to recognize GPS spoofing attacks, and they can help power grids run even if an attack compromises up to 33% of the grid's nodes. As a next step, UCSB's Joao Hespanha says the goal is to create control systems that can defend against GPS spoofing attacks in a more agile manner.

Full Article
ACM Open Access
ACM Online Books and Courses

Association for Computing Machinery

2 Penn Plaza, Suite 701
New York, NY 10121-0701

ACM Media Sales

If you are interested in advertising in ACM TechNews or other ACM publications, please contact ACM Media Sales or (212) 626-0686, or visit ACM Media for more information.

To submit feedback about ACM TechNews, contact: [email protected]