Certificate in Cyber Security
Welcome to the August 19, 2020 edition of ACM TechNews, providing timely information for IT professionals three times a week.

ACM TechNews mobile apps are available for Android phones and tablets (click here) and for iPhones (click here) and iPads (click here).

To view "Headlines At A Glance," hit the link labeled "Click here to view this online" found at the top of the page in the html version. The online version now has a button at the top labeled "Show Headlines."
Algorithm Improves Fairness of Search Results
Cornell Chronicle
Melanie Lefkowitz
August 17, 2020

Cornell University researchers have developed an algorithm to improve the fairness of online search rankings while retaining their utility or relevance. Unfairness stems from search algorithms prioritizing more popular items, which means that the higher a choice appears in the list, the more likely users are to click on and respond to it, reinforcing one item's popularity while others go unnoticed. When seeking the most relevant items, small variations can cause major exposure disparities, because most people select one of the first few listed items. Cornell's Thorsten Joachims said, "We came up with computational tools that let you specify fairness criteria, as well as the algorithm that will provably enforce them." The FairCo tool allocates approximately equal exposure to equally relevant choices and avoids preference for items that are already highly ranked; this can remedy the innate unfairness in current algorithms.

Full Article

Eyes of multiple people/races The Quiet Growth of Race-Detection Software Sparks Concerns Over Bias
The Wall Street Journal
Parmy Olson
August 14, 2020

More than a dozen companies offer some type of race or ethnicity detection software. Race detection software is a subset of facial analysis that uses artificial intelligence (AI) to scan faces for a range of features and draw conclusions from that information. In comparison, facial recognition uses AI to identify particular faces. Race detection software is being used by companies to understand how certain customers use their products, target advertising, authenticate people's identities, and collect statistical data about customers, among other uses. However, there are concerns that the use of such software could perpetuate discrimination, especially as the Chinese government has used face scanning technology to monitor the Uighur Muslim minority. Meanwhile, researchers at Ruhr-Universitat Bochum in Germany have developed an algorithm that can identify a person's race with 99% accuracy. Their algorithm was trained using a database of prison mug shots that were labeled with the person's race.

Full Article
*May Require Paid Registration
Breakthrough Extends Quantum State Stability by 10,000 Times
Brooks Hays
August 14, 2029

Scientists at the University of Chicago (UChicago) have developed the means to maintain quantum state stability 10,000 times longer than previously. UChicago's Kevin Miao said, "We don't try to eliminate noise in the surroundings; instead, we 'trick' the system into thinking it doesn't experience the noise." The team exposed the quantum system to electromagnetic pulses and a continuous alternating magnetic field, tuning it to the rapid rotation of the electron spins with the quantum system so it would tune out noise. The system remained functional for 22 milliseconds, and the same method tuned out temperature fluctuations, physical vibrations, and electromagnetic noise. UChicago's David Awschalom said, "This approach ... should make storing quantum information in electron spin practical."

Full Article

Tilt-Bot — a square tray attached to the arm of a Sawyer robot Sounds of Action: Using Ears, Not Just Eyes, Improves Robot Perception
Carnegie Mellon University
Byron Spice
August 14, 2020

Carnegie Mellon University researchers have conducted the first large-scale study of interactions between sound and robotic action to determine if sounds could help robots distinguish between objects and identify specific sound-causing actions. The team compiled a dataset from simultaneous video and audio recordings of 60 common objects as they slid or rolled around a tray attached to a robot arm and crashed into its sides, cataloging 15,000 interactions in all. The researchers also collected data by having the robot arm push objects along a surface. They learned, for example, that a robot could use knowledge gleaned from the sound of one set of objects to predict the physical properties of previously unseen objects. Robots that used sound were able to successfully classify objects 76% of the time.

Full Article
Security Gap Allows Eavesdropping on Mobile Phone Calls
Ruhr-University Bochum (Germany)
Julia Weiler
August 12, 2020

Researchers from Germany's Ruhr-Universitat Bochum (RUB) and New York University Abu Dhabi in the U.A.E. have eavesdropped on cellphone calls by exploiting a security flaw in base station implementation. The bug impacts the Voice over LTE (4G) standard used for nearly all cellphone calls not made through special messenger services. With this exploit, a hacker who called one of two people shortly after their conversation, and recorded the encrypted traffic from the same cell, would receive the same key that shielded the previous conversation. Tests of randomly chosen radio cells in Germany revealed that the vulnerability affected 80% of the cells, and by now manufacturers and phone providers have updated base stations' software to patch the bug. The RUB team has developed an application for Android devices to track down still-vulnerable radio cells, to be reported to the Global System for Mobile Communications Association.

Full Article
The Hack That Could Make Face Recognition Think Someone Else Is You
MIT Technology Review
Karen Hao; Patrick Howell O'Neill
August 5, 2020

McAfee researchers used machine learning to show that modern facial recognition systems can be tricked into seeing someone else. They fed 1,500 photos of the two project leads into an image translation algorithm known as CycleGAN to morph them into one another. The CycleGAN eventually created a faked image that looked like person A to the naked eye but was identified as person B by the facial recognition system. Said McAfee's Steve Povolny, "[Artificial intelligence] and facial recognition are incredibly powerful tools to assist in the pipeline of identifying and authorizing people. But when you just take them and blindly replace an existing system that relies entirely on a human without having some kind of a secondary check, then you all of a sudden have introduced maybe a greater weakness than you had before."

Full Article

Power grids This Lab Aims to Prepare the U.S. Electricity Grid for Climate Transformation
Scientific American
John Fialka
August 17, 2020

The U.S. Department of Energy (DOE) is readying technological advances to help U.S. power grids transform energy generation to reduce emissions, and the National Renewable Energy Laboratory (NREL) has unveiled a testbed for such innovations. NREL's Advanced Research on Integrated Energy Systems (ARIES) testbed will boost the facility's power and connections with other DOE labs 10-fold. Energy Secretary Dan Brouillette said, "ARIES will enable DOE and industry to de-risk the technical, the operational, and the financial impacts of large-scale integration in a unique environment that doesn't currently exist." DOE calls ARIES a "virtual emulation environment that uses advanced computing and digital real-time simulators" for testing the effects of battery- and hydrogen-powered energy storage systems and big increases of renewable energy. The program also hopes to meet the fuel requirements of millions of future electric vehicle owners, and the impact of automated devices like smart thermostats.

Full Article
Hands-Free Driving Could Be on U.K. Roads by Spring
BBC News
August 19, 2020

The U.K. government suggests hands-free driving could be on the country's roads by spring of 2021, with the Department for Transport (DfT) issuing a call for evidence into automated lane keeping systems (ALKS). The technology controls vehicle movements and can keep cars in lane for prolonged periods, with drivers ready to take over. The DfT said ALKS could be sanctioned to speeds of up to 70 miles per hour, and the government is seeking input from the motoring industry in order to decide how to safely deploy the technology. These experts would determine if ALKS-enabled cars should be designated automated, assigning the technology provider responsibility for safety rather than drivers while the system is engaged. Society for Motor Manufacturers and Traders CEO Mike Hawes said automated technologies could prevent 47,000 serious accidents over the next decade.

Full Article

3D-printed objects that glow brightly Super-Bright Fluorescent Solids Can Be 3D Printed in Any Shape
New Scientist
Jason Arunn Murugesu
August 6, 2020

Researchers at Indiana University and the University of Copenhagen in Denmark have created a method of making fluorescent solids by mixing doughnut-shaped molecules called cyanostars with fluorescent dyes. Cyanostars enable positively charged dye molecules to maintain their fluorescent properties in a solid state. Used with any positively charged dye and in conjunction with three-dimensional (3D) printing, the technique can create fluorescent solids. Although the conversion from liquid to solid results in the loss of some brightness, the technique improves on previous methods by at least a magnitude of 10. The University of Copenhagen's Bo Laursen said these materials could be used in solar harvesting and converting infrared rays or low-frequency visible light from the sun into a form that can be captured by solar cells could make the technology more effective.

Full Article
The U.K. Used an Algorithm to Estimate Exam Results. The Calculations Favored Elites.
The Washington Post
Karla Adam
August 17, 2020

After mass protests, the British government has changed its strategy for using an algorithm that estimates how students would have done on A-level exams used in university admissions, which could not be taken due to the coronavirus lockdown. The algorithm heavily relied on a school's previous track record for the A-levels, benefiting students at exclusive fee-paying private schools and penalizing top-performing students from disadvantaged backgrounds. Using the algorithm, the proportion of private school students awarded grades A and above was more than double that of students at state schools. There were concerns that the estimates generated by the algorithm would cause some students to lose the university spots they had been offered for the fall. The government has since announced that the official results would be based on the algorithm approximation or teacher estimates of how their students would have done, whichever is higher.

Full Article
AI Dupes Humans Into Believing Synthesized Sound Effects Are Real
IEEE Spectrum
Michelle Hampson
August 10, 2020

Researchers from the University of Texas at San Antonio (UTSA) have engineered a machine learning artificial intelligence that synthesizes its own sound effects to match scenes by analyzing motion in video frames. The AutoFoley model produces sounds authentic enough to fool humans into thinking they are real effects, as produced by Foley studio artists. UTSA's Jeff Prevost and Sanchita Ghose developed two models that identify actions in a video and ascertain the appropriate sound, by respectively extracting image features from frames and analyzing the temporal relationship of an object in separate frames. The second model applies relational reasoning to compare different frames temporally, and predict what action is occurring. In the last step, AutoFoley synthesizes sound to match the predicted activity or movement, and 73% of 57 college students thought the soundtrack synthesized by the first model was real, versus 66% who found the second model's soundtrack convincing.

Full Article
Black Hat: Hackers Are Using Skeleton Keys to Target Chip Vendors
Charlie Osborne
August 6, 2020

At the Black Hat conference, researchers at CyCraft Technology described attacks against semiconductor companies in Taiwan that may have been conducted by a Chinese advanced persistent threat (APT) group seeking semiconductor designs, source code, software development kits (SDKs), and other proprietary information. The researchers said at least seven vendors and their subsidiaries appear to have fallen victim to "precise and well-coordinated attacks" by the same APT group, which used the legitimate penetration testing tool Cobalt Strike and a custom skeleton key to launch a series of attacks in 2018 and 2019. The goal may have been to gain a competitive advantage over rivals. The so-called "SkeletonKeyInjector" can be implanted into Active Directory (AD) and domain-controlled servers, bypassing existing security software and moving laterally across a network to make direct syscalls. The researchers said skeleton keys could go undetected for a time given that AD machines rarely are rebooted.

Full Article
Advertise with ACM
ACM Chapters

Association for Computing Machinery

1601 Broadway, 10th Floor
New York, NY 10019-7434

ACM Media Sales

If you are interested in advertising in ACM TechNews or other ACM publications, please contact ACM Media Sales or (212) 626-0686, or visit ACM Media for more information.

To submit feedback about ACM TechNews, contact: [email protected]