ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either Gateway Inc. or ACM.

To send comments, please write to [email protected].

Volume 3, Issue 265: Wednesday, October 17, 2001

  • "Senator Backs Off Backdoors"
    Wired News (10/17/01); McCullagh, Declan; Polen, Ben

    In an abrupt reversal, Sen. Judd Gregg (R-N.H.) has elected not to pursue a bill that would require backdoors to be installed in data-scrambling products for government surveillance, according to spokesman Brian Hart. The Sept. 11 attacks on the World Trade Center and Pentagon spurred Gregg to propose such legislation, although whether the terrorists used encryption to plan the attacks is a matter of debate. Cryptographers and legal scholars have criticized the proposal, claiming that forcing backdoor installation on manufacturers or distributors would hobble American companies and violate many tenets of the open-source community. Critics are also concerned that the legislation would infringe on people's right to privacy. At any rate, activists such as Rob Carlson are relieved at Gregg's apparent change of mind, although he raises the possibility that the senator may reverse his decision again.

  • "Tech-Visa Workers Feel Heat"
    USA Today (10/17/01) P. 1B; Swartz, Jon

    Foreigners working under the H-1B program say the Sept. 11 terrorist attacks have exacerbated an already tense workplace reeling from the economic slump. The Asian American Public Policy Institute in Silicon Valley says this year has seen the most complaints about divisions between H-1B workers and their American counterparts, but that the number of incidences reported has risen by about five times since Sept. 11. A Cornell University study found that H-1B workers received 20 percent to 30 percent less than co-workers who are citizens, and a survey by techies.com showed that 85 percent of tech workers said the H-1B program hurts salaries and job security. This contrasts with the often cordial relations between H-1B workers and their colleagues during the Internet boom, says Rama Prasad, an H-1B worker in New York. Immigration lawyer Mark Topoleski compares current sentiment to the backlash against Japanese car imports in the 1970s and opposition to the North American Free Trade Agreement. U.S. Rep. Jim Ramstad (R-Minn.) had already said before the attacks that Congress had raised the ceiling for H-1B permits too high, and that the slow tech economy did not warrant the 70 percent annual rise Congress approved in July of last year.

  • "Is Net Rife With Hidden Code?"
    Investor's Business Daily (10/16/01) P. A8; Howell, Donna

    Experts say Al-Qaida terrorists likely used online steganography to secretly send messages to one another. Unlike cryptography, steganography is an attempt to make private messages undetectable instead of indecipherable. Recently, government investigators in Europe and the United States said they found important clues to the Internet usage of the terrorists and their suspected accomplices. One suspect in England had a computer code book that officials will try to use to find hidden messages online. Using readily available programs, the terrorists likely hid their messages in subtle alterations of digital images, which could then be posted anywhere on the Internet. To scour the millions of images on the Web may not be as daunting a task as it seems, says Niels Provos, a computer engineering PhD student at the University of Michigan. He has made it one of his projects to sift through 2 million photos posted on eBay, looking for mathematical variations that could be coded messages. Using computer programs, he found 17,000 suspect photos in just 10 days.

  • "'Govnet' Would be Costly, Prone to Failure--Experts"
    Reuters (10/15/01); Abreu, Elinor Mills

    Presidential advisor on cyberspace security Richard Clarke has proposed that the U.S. government build a classified, Internet-independent computer network called Govnet in an effort to protect critical federal systems from hackers and viruses, but experts warn that such a network will be expensive and ultimately will fail. Lumeta's Bill Cheswick argues that bigger networks mean more difficult security, while RIPTech CEO Amit Yoran notes that classified network security is often loose because users assume that they are invulnerable to attack. SecurityFocus.com CTO Elias Levy says that Govnet could be hobbled by physical attacks if its fiber-optic cable uses the same conduits used by the Internet; he adds that floppy disks could be used to infect Govnet with viruses from the public Internet. The government should enhance its security practices using existing technology rather than setting up a separate network, according to Yoran and other experts.

  • "On Tech's Shifting Sands, a Party Dries Up"
    Washington Post (10/17/01) P. E1; Klein, Alec

    A variety of factors are to blame for the disappointing turnout at International Data Group's Agenda 2002 conference this week, an annual event that normally attracts the technology industry's leading players. Once thought to be a high-energy forum where tech industry leaders can set the community's agenda, the event saw lower attendance, canceled speaking engagements, and a decline in pitches and sales. Anxiety and travel fears engendered by the terrorist attacks, combined with the economic downturn, are responsible for this discouraging turn of events. But this erosion started even before the attacks: As early as last year, Lotus Development founder Mitchell Kapor noted that the conference "had lost its way, its reason for being." Vaunted guests such as Bill Gates and Steve Case were no-shows this year. Only about 325 attendees showed up, about 100 less than in previous years.

  • "Intel and 2 Smaller Rivals Plan New Energy-Saving Chip Lines"
    New York Times (10/16/01) P. C2; Gaither, Chris

    At an industry conference in San Jose, Intel, Transmeta, and Advanced Micro Devices introduced faster, more energy-efficient chips, many of which are expected to hit the market next year. Intel announced the Bania mobile chip, which can deactivate components that are not in use to save energy and is expected to be available in 2003; the company plans to offer a new Xeon chip around the same time. Transmeta said that its Crusoe TM6000 chips would appear in new generations of small computers and handhelds, and would be one-third the size of current Crusoe models. Meanwhile, AMD will start selling its Athlon MP 1800+ chip soon, and detailed its next-generation Hammer line.
    (Access to this site is free; however, first-time visitors will need to register.)

  • "Software Firms Renew War on Counterfeiting in Light of New Threats"
    Investor's Business Daily (10/17/01) P. A8; Seitz, Patrick

    Software piracy is still rampant in many parts of the world, costing software firms $11.8 billion in lost revenue worldwide last year. Some of the organized operations that make money from illegal software help to fund terrorist or criminal groups such as the Irish Republican Army, Hezbollah, and the Japanese Yakuza. However, American software piracy, which totaled $2.6 billion in losses last year, often occurs in the corporate sector, according to the Business Software Alliance (BSA). The BSA has a Web site and toll-free number that disgruntled employees or ex-employees often call up to snitch on their own companies that might be copying software from one desktop to another. Besides campaigns from anti-piracy groups like the BSA, many software firms are beefing up their built-in copy-protection schemes, such as Microsoft's controversial activation feature included in Windows XP.

  • "The Future Looks Assured"
    Financial Times--IT Review (10/17/01) P. 11; Talacko, Paul

    A decade since its inception, the Linux operating system has gained the acceptance of nearly all the major technology companies, especially those that make products that run on the Unix platform. Linux has no licensing fees and support costs are relatively cheap. Because of its open framework, companies can also tweak their versions to suit their needs and download easy updates posted on the Web by vendors. IDC predicts Linux services will grow to $284 million by 2004, but many Linux companies are still struggling. Only Red Hat Software has posted a slight profit in the first quarter of this year. Red Hat's Colin Tennick says Linux appeals to the enterprise market because it costs one-third less than Sun's Solaris. Linux has been especially successful in the Web server market, where Tennick says it will compete fiercely with Microsoft's server operating system. Already, 24 percent of Web servers run on Linux.

  • "Send In the Cyber G-Men: Private Sector Urged to Partner in Defense"
    Boston Globe (10/15/01) P. C1; Kerber, Ross

    Computer-security experts believe the terrorist attacks on the United States will lend a sense of immediacy to the law enforcement community's call for the private sector to be more cooperative on cyber-security. Richard A. Clarke reiterated the call last week when he was named the nation's point man on information security efforts. For years, the law enforcement community has been calling on the private sector and the government to improve their information security. Their efforts to foster cooperation and improve information security has been stumped by everything from bureaucratic rivalries and an unwillingness to share business secrets, to fear of regulation and bad press from reporting security breaches. According to a September report by Dartmouth's Institute for Security Technology Studies, "trends seem clearly to point to the possibility of terrorists using information technology as a weapon against critical infrastructure targets." Clarke, who will advise the Office of Homeland Security, wants to see improved warning systems and notifications to companies that may be targeted for an attack. Other insiders say Clarke must press the FBI and other agencies on sharing information that may suggest a future attack on virtual assets. Sen. Bob Bennett (R-Utah) is sponsoring a bill that would change the Freedom of Information Act so that information-sharing among companies would not fall under the law.
    Click Here to View Full Article

  • "Wearable Computer Could Rescue Lost Spacewalkers"
    New Scientist Online (10/15/01); Knight, Will

    Boeing and MIT's Media Laboratory are working with NASA to develop a wearable computer system that could help lost astronauts find their way back to the International Space Station (ISS) as well as solve engineering difficulties. Using the system, spacewalkers who have lost their way could establish connections to micro satellites that would relay information on how to safely return to the ISS via jetpack, according to Boeing's Ilia Rosenberg. Furthermore, "If an astronaut is unable to solve a problem and the crew don't know how to solve it either, video could be uploaded from the ground to the station and then shown to the astronaut," he adds. Developed by MIT using off-the-shelf materials, the prototype combines a pocket-sized computer, a wireless networking card, and a head-mounted display. Testing has demonstrated that the system is resistant to the radio frequency radiation that the ISS' communications array emits, while its power source runs below 500 milliwatts in order to prevent ignition of the pure oxygen within the spacesuit. The researchers think the system could become available in just a few years, while Rosenberg reckons that its cost would be below $1 million. The system lacks an input device, however.

  • "U.S. Privacy Plan Bad for Business"
    CRM Daily.com (10/16/01); Morphy, Erika

    Forrester Research is condemning the FTC's new privacy agenda as misguided and confusing to the corporate world. The FTC's privacy policy "pours gasoline on the fires of the privacy debate," Forrester says, adding that the FTC is confusing matters by taking a piecemeal approach to privacy. "A company that thinks that the FTC's backing off of legislation means that the issue will go away is sadly mistaken," Forrester says. Forrester believes the FTC is wrong in expanding the privacy debate beyond the Internet and also criticizes the FTC agenda for failing to provide businesses with a framework of guidelines to work with. The FTC's agenda stresses privacy to such a degree that privacy advocates are likely to become even more vociferous and aggressive in their attacks on companies' privacy practices, Forrester claims. Thus, companies must be even more vigilant about their privacy practices, and should take direct action, including the hiring of a chief privacy officer, conducting audits of privacy practices, reviewing privacy practices on a regular basis, and creating a PR strategy to deal with potential privacy nightmares, Forrester says.

  • "Future Chip Choice--Silicon or Plastic?"
    ZDNN (10/11/01); Mueller, Dietmar

    Researchers are continuing to improve the techniques used to turn organic plastics into superconductors. Bertram Batlogg, a Austrian scientist working at the Swiss Federal Institute for Technology, has led work using carbon-60, an organic polymer used to construct plastics. This material loses its resistance to electricity once the temperature drops extremely low, but Batlogg has been working to raise that temperature so that, eventually, electronics manufacturers will have a cheap new superconducting material to use. Organic plastics may one day be used to make foldable computer screens, cheap solar cells, and supercomputers. Batlogg was awarded one of the leading scientific prizes in Europe this week, the German Braunschweig Prize, signifying the importance of his work. Batlogg, a former Bell Labs researcher, says he is focusing on the basic science of constructing plastic semiconductors, but is still in contact with his former Bell Labs colleagues who may soon be able to commercialize the technology.

  • "Tech's Last Hope--Services--May Be Fading as Well"
    Reuters (10/14/01); Henderson, Peter

    Analysts watching the technology services industry warn that the corporate spending slowdown that has hit all other sectors hard may be soon tighten outsourcing as well. Consulting services will be the hardest hit as companies need less expertise to integrate and install new IT purchases, according to IDC. Gartner analyst Eric Rocco says IBM's consultant services are going to take a big hit, but outsourcers EDS and Hewlett-Packard say their disaster recovery services and support businesses will grow through the downturn. Gartner predicts marginal growth for the sector while IDC is more optimistic, saying services revenue will increase by 8 percent this year. Last year, technology services garnered $666 billion, according to Gartner.

  • "Worried Workers Turn to Telecommuting"
    USA Today (10/17/01) P. 2B; Armour, Stephanie

    The recent terrorist attacks and anthrax scares have many companies offering their workers a chance to telecommute from home in an effort to reassure them of their safety. According to a study by Integra Realty Resources, taken after the Sept. 11 attacks, more than a fifth of all workers feel that being allowed to work from home would greatly reduce their stress. Companies are relaxing policies and initiating telecommuting arrangements, requesting phone and video support from communications and software companies. These new measures are raising new fears, however, such as how to protect workers from mail that may contain anthrax if packages are forwarded directly to their homes. Another issue is how to secure computer networks, with many companies requiring telecommuting workers to use smart cards, effective IDs, and security software programs.

  • "IT On High Alert"
    InformationWeek (10/15/01) No. 859, P. 22; Konicki, Steve; Garvey, Martin J.; Gilbert, Alorie

    Attorney General John Ashcroft last week warned CIOs and top management that their IT systems could be vulnerable to terrorists seeking reprisal for the bombings in Afghanistan. This warning has raised the stakes for many companies that are already on a high state of alert for hackers and viruses. InformationWeek Research's Global Information Security Survey finds that U.S. businesses are ill-prepared for break-ins: Nearly 50 percent of the respondents lack formal security policies, and just 49 percent plan to boost user awareness of such policies in the next 12 months. However, the Sept. 11 attacks and the subsequent air strikes have caused some companies to look beyond viruses; Exelon, for example, has increased security auditing and broadened its scope to look for hackers who might try to commandeer the company's IT system as a platform for cyberattacks. Pete Lindstrom of Hurwitz Group recommends installing firewalls and strong access controls to prevent hackers from swamping systems with traffic requests. Presidential adviser for cyberspace security Richard Clarke urges companies to set up disaster recovery contingencies, redundant telecommunications paths, and offsite backups; he also suggests that some business-to-business operations should migrate from the public Internet to virtual private networks or dedicated lines. In addition, he recommends that companies run detailed background checks on personnel with access to critical systems. However, one of the drawbacks of this increased emphasis on security will be a withdrawal from online collaboration.

  • "Code's Flexible Future"
    Interactive Week (10/08/01) Vol. 8, No. 39, P. 48; Babcock, Charles

    Software industry experts believe the next generation of software will be based on developing a module of code once, then using it in many different applications. Success in this area could clear the way for software applications that are based on the Web. Although the industry is already moving in the direction of using software components distributed over a network, code would have to be developed based on shared standards and allow for portable access across systems if data is to be shared anywhere over the Internet with minimal involvement from programmers. The good news is that the industry already agrees on a core set of standards for developing code. Meanwhile, Rational Software has developed the Reusable Asset Specification (RAS), which essentially makes it easier for developers to reuse code; developers no longer have to parse the lines of each piece of code. "It's like opening every letter in the bag and seeing what it's about to find the one sent to you," says Alan Brown, director of the e-development accelerators group at Rational. XML, RAS, and the Unified Modeling Language, the Object Management Group's standard for application design tools, are the building blocks for making software more portable and reusable, according to Brent Carlson, co-founder of LogicLibrary. Still, Borland Software's Rick Nadler says the notion of components assembling themselves into Web services and monitoring and fixing themselves is "a fantasy," indicating that skepticism remains in the industry.
    Click Here to View Full Article

  • "Bigger Role Seen for Defense R&D"
    Network World (10/15/01) Vol. 18, No. 42, P. 1; Marsan, Carolyn Duffy

    The work of the Defense Advanced Research Projects Agency (DARPA) may become even more prominent as a result of last month's terrorist attacks and the economic downturn. The slump has caused many commercial companies to shy away from high-risk research that DARPA champions and funds. Its dedication to such investments will make the agency a major player in the development of next-generation technology, according to TerraConnect VP Glenn Thoren. Spectrum Equity Investors' Bill Collatos predicts that the fallout from the attacks will distinguish DARPA's research in the communications field, especially as it pertains to cyberterrorism and the steps businesses can take to protect information assets. David Honey, deputy director of DARPA's Microsystems Technology Office, says the agency spends up to $50 million annually on optical data network research that could be applied to weaponry as well as commercial routers and servers. DARPA is also working on directional antennas, a technology that DARPA's Jim Freebersyser says will offer "faster data rates, a lower probability of detection and anti-jamming." Besides their military applications, directional antennas could offer improved vehicle communications.

  • "Microsoft Revamps IT Certification Programs"
    Computerworld (10/15/01) Vol. 35, No. 42, P. 1; Sliwa, Carol

    Microsoft Certified Systems Engineers whose certifications were due to expire at the end of 2001 have been granted an indefinite reprieve from the company, thanks to customer feedback. The engineers, which are skilled in the Windows NT 4.0 operating system, will now be able to move to the Microsoft Windows 2000 operating system by their own volition rather than being forced to do so. Furthermore, Microsoft has added a new credential for systems administrators who manage and support Windows 2000-based networks, the Microsoft Certified Systems Administrator. Some IT managers, such as Management Systems Designers' David Sanders, acknowledge that the new policy may cause some MCSEs to stagnate rather than update their skills. Still, managers say they will continue to stress experience over certification when it comes to hiring engineers.

  • "Search Engines as a Security Threat"
    Computer (10/01) Vol. 34, No. 10, P. 25; Hernandez, Julio Cesar; Sierra, Jose Maria; Ribagorda, Arturo

    Search engines are tools hackers can use to seek out crucial information and security flaws, coordinate attacks, and keep themselves from exposure. The carelessness of users--lack of firewalls, prolonged connections, etc.--is the main reason why search engines lend themselves to such practices. Hackers locate vulnerable Web servers--particularly servers that have just been installed and not furnished with safeguards--by searching for unique text strings, images, or content that are characteristic of default installations. However, search engine bots can be programmed to not index or return default Web pages as well as purge default page files from the search engine. FTP search engines are even more capable of finding confidential or sensitive data, such as poorly encrypted passwords and standard security audits. Search engine bots could use a robot.txt file to figure out what files or directories should be indexed and what should not. Countermeasures for FTP hacking can also be found in a number of resources, including books and online sources such as Packet Storm Communications and the CERT Web site. One way hackers maintain anonymity is to use the search engine's translation machine as a proxy, although that also has its drawbacks.

[ Archives ] [ Home ]