Welcome to the April 15, 2019 edition of ACM TechNews, providing timely information for IT professionals three times a week.

ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).

To view "Headlines At A Glance," hit the link labeled "Click here to view this online" found at the top of the page in the html version. The online version now has a button at the top labeled "Show Headlines."
Who Comes to the Rescue of Stranded Robots? Humans
The Wall Street Journal
Marc Vartabedian
April 11, 2019

As competition among automated delivery services intensifies, robot manufacturers think it is vitally important to win over pedestrians and local officials as they try to expand the emerging technology into communities and ease potential regulations. Robotic technology is still imperfect, and some robots have ended up stuck as they try to navigate public spaces, having to rely on assistance from sympathetic humans in the area. Some companies, such as Starship, have even staged stuck robots in public, and then hid nearby to see if anyone helped. The Starship researchers found people helped the robots more often when they emitted audible signals for help. Following the experiment, the researchers gave the robot a human-sounding voice, which says phrases such as, "Hello, here's your delivery," though it does not call for help.

Full Article

A person standing in front of a screen of data How China Is Using AI to Profile Minority
The New York Times
Paul Mozur
April 14, 2019

Chinese authorities are using facial-recognition technology to monitor China's Muslim Uighur minority, in what experts call the first known instance of intentional government use of artificial intelligence (AI) for racial profiling. The technology is combined with China's surveillance-camera networks, and searches for Uighurs based on appearance, maintaining records of their whereabouts for search and review. Facial recognition technology uses traits like skin tone and face shapes to sort images in photos or videos, but humans must categorize people based on social definitions of race or ethnicity. Chinese law enforcement, with the help of domestic AI startups like Yitu, Megvii, SenseTime, and CloudWalk, has enabled racial profiling, with engineers feeding the algorithms thousands of labeled images of Uighurs and non-Uighurs. The startups hope to expand overseas, potentially giving more governments access to racial-profiling AI.

Full Article
*May Require Paid Registration
5G to Get a Big Boost From Trump and the FCC
The Washington Post
Brian Fung
April 12, 2019

The Trump administration and government regulators on Friday unveiled plans to expedite rollout of high-speed, next-generation 5G mobile data technology. U.S. Federal Communications Commission (FCC) chairman Ajit Pai said his agency will release for auction the largest trove of high-frequency airwaves for cellular use to date, on Dec. 10. He added that up to 3.4 gigahertz of "millimeter-wave" spectrum could be sold to wireless carriers like AT&T and Verizon, while the FCC also proposed a $20-billion fund to expand rural U.S. broadband access over the next 10 years. Both proposals highlight the administration's ambition to out-compete other countries in the push to build a fully functional nationwide 5G network. Advocates said 5G will facilitate mobile download speeds of up to 1,000 megabits a second, and clear a path for technological breakthroughs like driverless cars and virtual reality.

Full Article
*May Require Paid Registration
TajMahal Cyber-Espionage Campaign Uses Previously Unseen Malicious Tools
Danny Palmer
April 10, 2019

Kaspersky Lab researchers have discovered a cyber-espionage framework that uses a new form of malware, with no known associations with any known malefactors or hacking organizations. TajMahal has been active for more than five years, and employs previously unknown backdoor penetration strategies to enable the theft of documents sent to the printer queue, and files previously seen on removable drives once they become available again; the malware also can steal data burned onto a compact disk by its target, and capture screenshots when recording audio from VoiceIP apps. TajMahal offers hackers a "full-blown spying framework," with a backdoor into infected systems that issues commands, takes screenshots of the desktop and webcam, uses keylogging to steal data, and opens and exfiltrates documents using its own file indexer for the target's machine. Said Kaspersky’s Alexey Shulmin, “It seems unlikely that such a huge investment would be undertaken for only one victim. A likely hypothesis would be that there are other additional victims we haven't found yet."

Full Article

A photo of a cat being cropped Computer Model Automatically, Aesthetically Crops Photos
Penn State News
Sara LaJeunesse
April 11, 2019

Researchers at Pennsylvania State University (Penn State) have enabled computers to automatically crop photos in an aesthetically satisfying manner. The team simulated the amount of time the human eye is likely to linger on a particular segment of an image using the Markov chain statistical model, with attention paid to each segment's individual attributes like color, texture, brightness, and spatial relationship with other segments. The researchers would encode such data within the parameters of the Markov chain, then the model ranks the segments, with greatest significance given to the segment that retained gaze longest, highlighting the best area to crop. Said Penn State's James Wang, "Our code takes around 50 milliseconds to process an image of 400 by 300 pixels on a common desktop computer or laptop. As a result, our method is suitable for devices with limited memory and computing power."

Full Article
Research Team Builds Quantum Network With Long-Distance Entanglement
Stony Brook University
April 8, 2019

Researchers at Stony Brook University and the U.S. Department of Energy (DoE)'s Brookhaven National Laboratory and Energy Sciences Network (ESnet) have jointly constructed a quantum network testbed, which links buildings on the Brookhaven campus using portable quantum entanglement sources and an existing DoE ESnet communications fiber network. The entanglement sources can be easily mounted in standard data center computer server racks connected to regular fiber distribution panels. The testbed also features portable quantum memories that can run at room temperature. Stony Brook's Eden Figueroa said this "makes it natural to expand the test to principles of quantum repeaters, which are the technological key to achieving quantum communication over hundreds of kilometers."

Full Article

A locked android phone. Google Turns Your Android Phone Into Security Key
Frederic Lardinois
April 10, 2019

Google says it has developed a Bluetooth-based authentication protocol that will enable smartphones to communicate with the Chrome Web browser, facilitating a standards-based second factor for access, similar to modern security keys. In most two-factor authentication systems, the second factor is provided as a push notification or text message, or via an authentication app like the Google Authenticator; this carries the risk of someone intercepting those numbers, or phishing the user's account and using that second factor to log in. Google is employing the same authentication standard with different hardware, ensuring the phishing safeguard remains intact when the user employs their phone as well. Google says the protocol will work with all Android 7+ devices enabled for Bluetooth and location services.

Full Article
Amazon Workers Are Listening to What You Tell Alexa
Matt Day; Giles Turner; Natalia Drozdiak
April 10, 2019

Amazon employs thousands of people around the world to help improve the Alexa digital assistant powering its line of Echo speakers. The team listens to voice recordings captured in Echo owners' homes and offices, which are transcribed, annotated, and fed back into the software as part of an effort to eliminate gaps in Alexa's understanding of human speech and help it better respond to commands. The team comprises a mix of contractors and full-time Amazon employees who work nine-hour shifts in outposts around the world, each parsing as many as 1,000 audio clips per shift. Alexa's privacy settings give users the option of disabling the use of their voice recordings for the development of new features, although the company says recordings of those who opt out of that program might still be analyzed over the course of the review process.

Full Article

A boy’s face being scanned 3D Facial Analysis Could Help Identify Children with Rare Conditions
New Scientist
Ruby Prosser Scully
April 8, 2019

Researchers at Curtin University in Western Australia have developed a tool that can identify subtle but important differences in facial geometry, allowing medical professionals to more quickly diagnose rare medical conditions in children. The tool, called Cliniface, scans a person's face and creates a three-dimensional (3D) image of it, measuring the distances between the person's facial features before comparing that data with average measurements for the person's age, sex, and ethnicity. If the measurements deviate too far from the average for that demographic, the system will flag the deviations and provide a provisional diagnosis, to be confirmed by a human clinician.

Full Article

An artist’s impression of wireless hackers in one’s computer Serious Flaws Leave WPA3 Vulnerable to Hacks that Steal Wi-Fi Passwords
Ars Technica
Dan Goodin
April 11, 2019

An international team of researchers has found several serious design flaws in the Wi-Fi Protected Access (WPA3) protocol, raising new questions about the future of wireless security, especially for Internet of Things devices. The researchers disclosed several vulnerabilities in WPA3 that leave users open to many of the same attacks that threatened WPA2 users. In addition, the researchers warned that some of the flaws are likely to persist for years, especially in lower-cost devices. The team also found that its exploits work against networks using the Extensible Authentication Protocol (EAP), where serious bugs allow an adversary to impersonate any user, and thereby access the Wi-Fi network, without knowing the user's password.

Full Article
Machine Learning Moves Popular Data Elements into a Bucket of Their Own
MIT News
Adam Conner-Simons
April 3, 2019

Researchers at the Massachusetts Institute of Technology's (MIT) Computer Science and Artificial Intelligence Laboratory (CSAIL) have developed LearnedSketch, a method of findiing patterns in large volumes of Internet data using machine learning. The system uses a neural network to predict if a specific element will appear frequently in a data stream. If it does, it is placed in a separate bucket of so-called "heavy hitters" to focus on; if it does not, it is handled via hashing. During testing, the researchers showed the learning-based approach had about 57% fewer errors in estimating the amount of Internet traffic on a network, and about 71% fewer errors in estimating the number of queries for a given search term. LearnedSketch could help technology companies more effectively analyze a range of meaningful data, from trending topics on Twitter to spikes in Web traffic that could suggest future distributed denial-of-service attacks. Said MIT researcher Chen-Yu Hsu, "These kinds of results show that machine learning is very much an approach that could be used alongside the classic algorithmic paradigms like 'divide and conquer' and dynamic programming."

Full Article
Asian Deans' Forum 2019
ACM WiSec 2019 Conference

Association for Computing Machinery

2 Penn Plaza, Suite 701
New York, NY 10121-0701

ACM Media Sales

If you are interested in advertising in ACM TechNews or other ACM publications, please contact ACM Media Sales or (212) 626-0686, or visit ACM Media for more information.

To submit feedback about ACM TechNews, contact: [email protected]