Fordham Graduate School of Arts and Sciences
Welcome to the June 8, 2020 edition of ACM TechNews, providing timely information for IT professionals three times a week.

ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).

To view "Headlines At A Glance," hit the link labeled "Click here to view this online" found at the top of the page in the html version. The online version now has a button at the top labeled "Show Headlines."
Report Details New Cyber Threats to Elections From Covid-19
The Hill
Maggie Miller
June 5, 2020

A report compiled by New York University's Brennan Center for Justice outlines a wide range of cyber threats stemming from voting changes prompted by Covid-19. Such threats include attempts to target election officials working on unsecured networks at home, recovering from voter registration system outages, and securing online ballot request systems. Report co-author Lawrence Norden said election officials already dealing with cyber threats now face additional challenges due to the pandemic. Election-security upgrades come with funding challenges because of Covid-19 disruptions, and the Brennan Center calculates $4 billion must be appropriated to make needed changes. Said Norden, "There is no question that what Congress can do, and really has to do very soon, is provide more money to states and localities so they can invest in election security over the next few months."

Full Article

Trello’s mode for colorblind users. Colorblind Users Push Technology Designers to Use Signals Beyond Color
The Wall Street Journal
Katie Deighton
June 5, 2020

Colorblind users are pressing technology developers to redesign products to accommodate their disability. Kathryn Albany-Ward at U.K. nonprofit Colour Blind Awareness said colorblind people have difficulty discerning basic color-coded data in various technology applications, such as reading maps online or determining whether light-emitting diodes on Wi-Fi routers are blinking green or red. Tom van Beveren, founder of the advocacy organization We Are Colorblind, said the gaming industry is taking progressive steps, with many new releases featuring a built-in colorblind mode. Accessibility efforts of international brands are crucial for colorblind-friendly design, as Impact Branding & Design's Joseph Rinaldi said, "As these bigger companies push for this ... smaller companies will kind of take notice ... and follow suit. They dictate the way the Web is going to look for most people."

Full Article
*May Require Paid Registration

An app that blurs faces. Encrypted Messaging App Signal Adds Facial Recognition Protection for Protesters
Alexandra Garrett
June 4, 2020

Signal is introducing a blur tool to hide faces in photos before sharing them. The encrypted messaging app said the tool, which automatically detects and blurs faces in pictures, is intended to protect the identities of protesters demonstrating against police brutality. The tool also can be used the manually blur out tattoos, logos, street signs, and badges, among other things. Use of the app could potentially protect protesters from facial recognition tools increasingly used by law enforcement despite its inaccuracies, particularly among ethnic groups, women, and young people. Signal said an updated version of the app featuring the new tool will be available soon.

Full Article
In Anti-Piracy Work, Blocking Websites More Effective When Multiple Sites Are Targeted
Carnegie Mellon University Heinz College
June 2, 2020

Researchers at Carnegie Mellon and Chapman universities analyzed British anti-piracy efforts and found that blocking websites is more effective when targeting multiple channels. The investigators examined Internet service providers' blocking of a single dominant site in 2012, blocking of 19 piracy sites in 2013, and blocking of 53 video piracy sites in 2014. The single-site blockage in 2012 caused no increase in the use of legal sites, but did cause users to more often visit unblocked piracy sites and virtual private network sites. However, blocking multiple sites in 2013 and 2014 caused a decline in piracy, and boosted use of legal subscription sites by 7% to 12%. The researchers suggested the multiple-site-blocking strategy was more effective due to higher search and learning costs associated with piracy.

Full Article
Cisco's Warning: Critical Flaw in IOS Routers Allows 'Complete System Compromise'
Liam Tung
June 4, 2020

Cisco has released information on four security flaws impacting router equipment that uses its IOS XE and IOS networking software. One flaw involves the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE, which could allow a non-credentialed remote attacker to execute Cisco IOx application-programming-interface commands without proper authorization. Another flaw is a command-injection bug in Cisco's implementation of the inter-virtual machine (VM) channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers and Cisco 1000 Series Connected Grid Routers. The software inadequately validates signaling packets routed to the Virtual Device Server (VDS), which could allow attackers to send malware to an affected device, hijack VDS, and completely compromise the system. The two remaining bugs involve a vulnerability in Cisco's 800 Series industrial routers, through which hackers could remotely execute arbitrary code or cause it to crash and reload. Cisco says it has delivered updates to address the critical flaws affecting its industrial routers.

Full Article

Setting up the robot bartender. A Robot Walks Into a Bar, Helps Make a Cocktail
Hyunyoung Yi; Minwoo Park; Daewoung Kim
June 4, 2020; et al.

Robo-bartenders are now part of South Korea's cafe and bar scene as the country moves toward what the government calls "distancing in daily life" amid the coronavirus outbreak. The six-foot-tall Cabo robot works at Coffee Bar K in Seoul, narrating his actions as he carves ice for drinks. Meanwhile, a robot arm at Seoul’s Cafe Bot Bot Bot coffee bar shakes up cocktails. Unlike human bartenders, these "drink bots" are able to provide a consistent quality to their drinks. Although the robo-bartenders appear to make customers feel less anxious about being in a bar during the outbreak, customers say they miss being able to chat with human bartenders.

Full Article
Penn State Researchers Evaluate 2020 Census Data Privacy Changes
Penn State News
Kristie Auman-Bauer; Melissa Krug
May 29, 2020

The U.S. Census Bureau has proposed using differential privacy as a new method to protect the identities of individuals when publishing public data. A Penn State University-led research team found that when differential privacy was used on census data, it produced dramatic changes in population counts for racial and ethnic minorities compared to traditional methods. The researchers focused on mortality rate estimates because they are an essential population-level metric for which data is collected and disseminated at the national level; mortality rates also are a critical indicator of population health. The team examined changes in mortality rates resulting from two disclosure avoidance systems by metropolitan classifications. Said Penn State researcher Alexis Santos, "We discovered that by using differential privacy, there were both instances of under- and over-counting of the population."

Full Article
Exploit Code for Wormable Flaw on Unpatched Windows Devices Published Online
Ars Technica
Dan Goodin
June 6, 2020

A GitHub user published proof-of-concept exploit code for a wormable Microsoft Windows vulnerability online, which could potentially spread between computers without user interaction if unpatched. The SMBGhost flaw is based in the Windows implementation of the Server Message Block (SMB), a service employed by operating systems to share files, printers, and other resources on local networks and online. The vulnerability can be remotely exploited by sending malware to an Internet-connected SMB port. The potential for SMBGhost exploits and the slow rate of fixing even critical security vulnerabilities is concerning for security professionals, and Microsoft acknowledged the chances of malicious exploits are "more likely." Microsoft said it issued an unscheduled update to address the flaw in March, following its disclosure and later depublishing by security firm Fortinet and Cisco security group Talos.

Full Article
AI Dramatically Improves Accuracy of Classic Eye Exam
Marina Wang
June 3, 2020

Stanford University researchers have developed an artificial intelligence-driven online vision test that generates dramatically more accurate diagnoses than the classic Snellen chart eye exam. Stanford's Chris Piech and colleagues designed the Stanford acuity test (StAT) to have users first calibrate their screen size by adjusting a box on a Web page to the size of a credit card. After users input their distance from the screen, the test displays an "E" in one of four orientations, and the algorithm uses statistics to predict a vision score based on the answer. As the test progresses, the algorithm can produce a more accurate score prediction. The team ran the StAT through 1,000 computer simulations mimicking actual patients, and decreased diagnostic error by 74% compared with the Snellen test.

Full Article

Engineer John Haig using an automated underwater vehicle. Underwater Drones Join Hunt for Trillions in Mineral Riches Trapped on Ocean's Floor
Justin Higginbottom
June 6, 2020

The nascent seabed mining industry is using underwater drones from companies like Kongsberg Maritime to map the ocean floor in the hunt for manganese and other precious minerals worth trillions. Kongsberg's underwater automated vehicles can capture seabed images with a resolution superior to surface-ship sonar, and its latest model takes acoustic, laser, and photographic measurements. Kongsberg's Richard Mills predicts that next-generation drones will have more in-mission processing capability, including automated object detection for real-time quantification of manganese nodules. Mining company DeepGreen Metals’ Gerard Barron said automated vehicles are the only solution for tapping the ocean floor's mineral wealth. He added that drones will be excellent tools for environmental studies of potential mining areas, for tracking and monitoring mining apparatus, and for compiling data on dust plumes that can threaten deep-sea life.

Full Article

Protesters rallying in Arizona against lockdowns held up signs carrying anti-vaccine messages and promoting unproven treatments. The Epic Battle Against Coronavirus Misinformation and Conspiracy Theories
Philip Ball; Amy Maxmen
May 27, 2020 No. 581, P. 371

Scientists worldwide are scrambling to track and counter the spread of misinformation and conspiracy theories about the coronavirus pandemic by understanding their origins and growth patterns. Amil Khan with U.K.-based communications agency Valent Projects said rumormongers use social-media platforms designed to maximize user engagement, rather than to highlight evidence-based information. Efforts to analyze social-media messages include a University of Southern California-released dataset of more than 120 million tweets on the coronavirus, while Manlio De Domenico at Italy's Bruno Kessler Institute uses automated software to review 7 million tweets daily on Covid-19. De Domenico and colleagues gauge the tweets' emotional content and the region they were sent from where possible, then calculate their reliability by examining the sources to which a message links. Also fighting misinformation are initiatives like the International Fact-checking Network, a global effort to compile a database of fact-checks of Covid-19 claims.

Full Article
ACM Open Access
ACM Digital Government: Research and Practice

Association for Computing Machinery

1601 Broadway, 10th Floor
New York, NY 10019-7434

ACM Media Sales

If you are interested in advertising in ACM TechNews or other ACM publications, please contact ACM Media Sales or (212) 626-0686, or visit ACM Media for more information.

To submit feedback about ACM TechNews, contact: [email protected]