Volume 5, Issue 497: Monday, May 19, 2003
- "Internet Dreams Turn to Crime"
Washington Post (05/18/03) P. A1; Eunjung Cha, Ariana
Russian hackers are often normal programmers who cannot find legitimate work and use their government's laxity on cybercrime as cover for attacking foreign firms. U.S. authorities have a difficult time capturing offenders because of the relative ambiguity of international cyberlaw. The investigation and rare capture of two Russian hackers sheds light on how these operations are run. Vasiliy Gorshkov and Alexey Ivanov have been apprehended after stealing account information and using it to hold companies hostage. After his Internet startup firm became financially pressured in the Spring of 2000, Gorshkov and two of his programmer employees decided to join a nebulous group of Russian hackers who collaborated to attack U.S. business interests for profit. The group consists of about 12 to 15 hackers in their Ural town of Chelyabinsk and others throughout Russia. Teams of about three people each case and attack victims, who then pay "protection" fees based on their size and assets. U.S. authorities say Gorshkov and his partners netted at least $10,000 in extortion fees wired to accounts in Russia, Romania, and Cyprus. Using stolen credit card numbers, the group also bought things online and had it shipped to Kazakhstan, just hours away by car, or set up bogus PayPal accounts to transfer money to themselves. The division of labor in the team meant Gorshkov handled the communication with victims and organized business aspects--including the 30 percent fee paid to the still-unknown "protector" under whose aegis the group operated--and his associates did the hacking and casing using Google and scanning software. The group often broke into unpatched Windows NT systems with default sign-in information and made little attempt to cover their tracks. However, some of the companies that the hackers believed were cooperating with them were actually working with the FBI, which eventually led to the capture of Gorshkov and Ivanov.
Click Here to View Full Article
- "Threat Is Seen to Heirloom Software"
New York Times (05/19/03) P. C4; Markoff, John
The software accompanying the birth of the PC industry less than three decades ago is in danger of extinction, warns Brewster Kahle, chairman of the Internet Archive. He spoke at the U.S. Copyright Office's meeting last week in Los Angeles about the threat posed to early PC programs such as AppleWriter and VisiCalc. Although Kahle's group and Stanford University librarians are working to preserve early PC software online, he says some companies are destroying their archived software wholesale out of fear of the Digital Millennium Copyright Act, which makes tampering with copy-protection technology illegal. Kahle says, "Part of the danger is bit rot;" he says the law should be amended to allow preservationists to circumvent copyright protection schemes and store the software's code before the original storage media degrades too much. Some firms have stepped forward to put their software heritage in the hands of the Internet Archive and their academic colleagues, such as Macromedia, which donated 10,000 CD-ROMs for preservation.
http://www.nytimes.com/2003/05/19/technology/19ROT.html
(Access to this site is free; however, first-time visitors must register.)
To read Barbara Simon's statement presented at the Copyright Office's hearing,
Visit http://www.acm.org/usacm/Testimony/Simons_LOC_Copyright.htm.
- "IRC Operators May Out-Hack Fizzer"
CNet (05/16/03); Lemos, Robert
Internet relay chat administrators are considering possibly illegal actions to shut down the Fizzer virus, which has spread rapidly since May 12 through email and the Kazaa file-trading network. Fizzer connects to IRC in order to receive instructions and is proving to be an increasing strain on resources, says QuakeNet security team member Daniel Ferguson. Postings to the IRC-Security email list show some possible solutions, including typing a long string of characters in the IRC chat room where the bot is awaiting instructions. That action will crash the program, and is legal if no other computer functions are affected, says Stanford Law School official Jennifer Granick. However, Granick says manipulating the virus through the Web site it connects to violates the Computer Fraud and Abuse Act. Fizzer connects daily to a Geocities Web site that was unreserved, but since has been registered by an IRC administrator who attempted to post uninstall code. The code has since been taken down after it was said to be ineffectual. Despite the illegality of that tactic, Granick says it is unlikely prosecutors would choose to follow up such a case since the statute is too broad. Another part of the Computer Fraud and Abuse Act makes it illegal to breach computer protections unauthorized across state lines, though Granick says IRC administrators could claim service provider status to protect themselves.
http://news.com.com/2100-1002_3-1003894.html
- "In Search of the World's Hotbeds of Innovation"
Financial Times (05/19/03) P. 8; Marsh, Peter
CHI Research has been tracking patents developed in different countries and calculating their worth for more than 30 years. It now says the United States is outstripping European nations such as the United Kingdom, Germany, Italy, and France in the number and commercial value of its patents, together dubbed the national innovation score. CHI Research says the number of times a patent is cited in subsequent patent claims is a good indicator of its commercial success. The group also assigns patents to each country based on the work address of the researcher filing the patent, not the headquarters of the company owning it. While the U.S. national innovation score has more than doubled, Japan has kept pace fairly well while the European countries have stagnated. Germany, despite poor performance, remains in third place, while Canada has made good progress. But the fastest rising countries are Taiwan and South Korea, whose national innovation scores have shot up since 1985. Different nations fare better when looking only at patents in specific sectors. Japan's innovation score for office equipment and cameras is 79.2 percent of the U.S. score, while Germany and Japan both pose more robust challenges to the United States in the car manufacturing sector. Similarly, the United Kingdom does relatively well in biotechnology and pharmaceuticals compared to other technology areas.
- "Business Is Toying With a Web Tool"
New York Times (05/19/03) P. C3; Cortese, Amy
Wiki, Web collaboration software used by informal online groups, is taking hold in the business realm. More useful for collaboration than email or face-to-face communication, wiki pages are also a cheap and easy alternative to full-blown collaborative packages such as Lotus Notes. Wiki pages can be edited by any group participant and are sparse in terms of technical overhead. Chris Coldewey, a consultant whose company uses commercial wiki software called SocialText, says the application is useful for archiving client meetings and notes that the only user requirement is that they be able to type. Bicycle tire maker Composite Tech uses SocialText as a replacement for other ad hoc modes of communication and serves as an "informal corporate memory," according to the company's Denham Grey. Ward Cunningham, who created the first wiki program in 1995 and authored a wiki manifesto called, "The Wiki Way," says wiki enables "idea keeping" amongst a community. Wiki communities often employ social standards, such as not pushing commercial products (wiki spam) and not using wiki pages for personal purposes (wiki-squatting). Despite natural social rules, wiki software is likely to grate against corporate managers unless some level of administration is built in, as is the case with the SocialText version; wiki programs often first emerge in companies through the back door, much like instant messaging programs have. Proponents of wiki, which comes from the Hawaiian word for fast, say it is only a matter of time before the technology improves enough to take over more standard software, in the same way Linux has improved to threaten Microsoft's Windows operating system. New York University professor Clay Shirky says, "You just have to do things well enough...it's the attack-from-below strategy."
http://www.nytimes.com/2003/05/19/technology/19NECO.html
(Access to this site is free; however, first-time visitors must register.)
- "India Seeks To Be Global R&D Center"
EE Times (05/15/03); Krishnadas, K.C.
Indian government and information technology industry officials would like to see the local industry take the next step to becoming a hub for research and development. Already a market of choice for low-cost software development, India could become a major player in IT globally if the local market starts to design, develop, and produce hardware, officials say. The Department of Information Technology, an Indian technology agency, plans to conduct a study that officials say will determine the feasibility of positioning the local market as an R&D center. Several Indian companies, such as Wipro, operate as R&D laboratories, while a number of global IT companies, such as Cisco Systems and IBM, have R&D centers in India. "The government and the industry need to position India as a nation of technological excellence, or the perception will forever remain that we are only providers of inexpensive services," says S. Devarajan, president of the Manufacturers' Association for Information Technology (Mait). India could become an excellent R&D market for chip design, embedded software design and development, intellectual property, interoperability, gaming, software development, and hardware and software co-design, Gartner Group consultants in India suggest.
http://www.eetonline.com/story/OEG20030515S0044
- "The Big Undo: A Time Machine for Corporate Computing Traces, Fixes Hacker Damage"
AScribe Newswire (05/19/03)
New research from the University of Michigan may help system administrators discover the way hackers invade their systems and undo the damage. Hackers can do a considerable amount of damage to a company's networks in a very brief time, and can leave few traces of what they have done. New research from the University of Michigan may provide a way to rerun what happened to the network and observe it as well as to undo damage. Commercial products already exist to record changes to hard drives and allow limited restorations, but the ReVirt project can do more by hiding the system's operating system and hardware behind a virtual machine that runs a guest operating system. Users interact with the guest system, and ReVirt can log all events on two levels and restore the system by using log entries. The ReVirt logging system is out of the reach of hackers, and its logs are isolated from users. Peter Chen, associate professor of electrical engineering and computer science at the university, says, "Not only can we turn back the clock on an attack to undo the damage, we can also get back to any point during the attack to observe exactly how the intruder breached the system." Chen says ReVirt generates minimal overhead and can store several months of log data on a 100 GB hard disk.
- "What's Going on With the Internet?"
EurekAlert (05/15/03)
Fundamental changes to the Internet are impossible because of the number of users and technologies involved, but computer scientists Wu-chi Feng and Wu-chang Feng say current problems such as denial-of-service attacks and spam can be solved. The Feng brothers are on the faculty of the Oregon Health & Science University and both work on research to improve Internet services. Wu-chi has received the National Science Foundation CAREER award for his work on video streaming, and is also involved in massive sensor networks using small electronic monitors. Together with colleagues in the Department of Environmental Science and Engineering, Wu-chi is working on such sensor networks that could be deployed in hospitals to monitor patients. Wu-chang researches intrusion detection systems and scalable computer networks. Both researchers point to the current music copyright situation as an example of unexpected problems emerging from the Internet. The inherent anonymity of the Internet means ISPs are hard-pressed to comply with the music industry's demand for accountability. Future fixes for problems spawned online will open up other, unforeseen issues, the Feng brothers say. Wu-Chang says, "We don't want to sound pessimistic, but short of completely shutting down the Internet and starting all over with a different architecture, there's only so much that can be done."
Click Here to View Full Article
- "Driving Into the Future"
Speech Technology (05/13/03); Markowitz, Judith
Model U, a futuristic SUV prototype from Ford Motor Company, features a number of innovative technologies including a speech recognition system. Bryan Goodman of Ford Research and Advanced Engineering says the speech-based system is intended to allow motorists to get a more personalized experience while boosting safety and ease of use. He says the system would be easy to use and serve as a standard car computer interface. People were studied to find common types of speech used during certain situations and function prompts were created based on those studies. Mike Phillips of SpeechWorks, which also helped develop the Model U, says the car's speech-based system, mixed with display features, increases a car's functionality without adding excessive cost or taking up too much dashboard space. Unlike current command-based conversational systems, the Model U's system relies on natural language, so a person does not have to refer to a list of about 200 commands to operate the system, says Phillips. For example, a driver can press a button and say, "I want to change the seat temperature," upon which the system will present additional questions, such as should the seat be warmer or cooler, and is it the driver's or passenger's seat. And to manage unwanted sounds, Goodman says such conversational interfaces can be made more accurate using environmental data collected from inside the vehicle.
Click Here to View Full Article
- "Game Over for Mod Chips?"
Technology Review (05/14/03); Kushner, David
The April sentencing of David "krazy8" Rocci to spend an unprecedented five months in prison and pay $25,000 in fines reflects the threat that the Digital Millennium Copyright Act (DMCA) poses to mod chips and the idea of user innovation. Rocci, a 22-year-old from Blacksburg, Va., was alleged to have sold 450 Enigmah mod chips over his isonews.com Web site. Mod chips are hardware coded in a way that allows users to modify existing hardware for use with different software. In the case of the gaming industry, brands such as Doom and the Sims enjoy much of their success to enhancements made by hacker-minded gamers, and even software such as Windows Media Player or America Online's instant messenger program give users an opportunity to modify and design the products in a similar manner. However, gaming giants such as Microsoft, Sony, and Nintendo oppose the cracking of their hardware, and authorities in the United States appear to view mod chips as a violation of the DMCA. According to the DMCA, it is illegal to circumvent copyright protections, and technology that allows circumvention of copyright protection is a violation of the law as well. But in Australia mod chips are not a violation of copyright protection laws, according to a court ruling last year. Backers of mod chips maintain that the technology is not about playing pirated games but about addressing the needs of users.
Click Here to View Full Article
- "Senator Stumps for More IT Training Funds"
InternetNews.com (05/15/03); Mark, Roy
Sen. Patty Murray (D-Wash.) says the Workforce Investment Act, a federal government training initiative, needs to focus more on new industry skills such as IT training. The $6.6 billion act was created in 1998 to provide vocational training to current and laid off workers across the United States, and is slated for re-approval this year. But Murray says the state-based Workforce Investment Boards that implement the act have largely aimed funds at manufacturing and other outdated skills. "Today, even the most basic of worker skills demands knowledge of IT," said Murray, addressing the Technology Workforce Coalition on May 15 in Washington, D.C. The program needs to be revised to make workers qualified to work in the global economy, she said. Also speaking at the conference were e-learning expert Steve Hoffman, coalition members from Microsoft, and representatives from CompTIA, which runs TWC. They advocated that workers earn certification for new skills, rules be less stringent for IT training providers, that employers have a bigger role in Workforce Investment Boards, and that e-learning and other new technologies be used to facilitate training for people in remote or impoverished areas. TWC Chairman and COO at New Horizons Computer Learning Centers Martin Bean also urged that the act be retargeted to IT, adding that TWC wants to be actively involved in the effort.
http://dc.internet.com/news/article.php/2207151
- "New Role: IT Pros Need to Communicate"
ZDNet UK (05/16/03); Wearden, Graeme
Social skills and teamwork are becoming increasingly important skills for IT workers, according to a new survey of IT recruitment consultants by City & Guilds. IT workers with developed general business and communications skills are more likely to get hired and often earn substantially higher salaries, the survey found. City & Guilds' Paul McCloskey says, "Employers are increasingly recognizing the commercial and financial value of recruiting individuals who combine broad business and communication skills with sound technical abilities." Although many IT professionals believe that they have strong communications and business skills, 33 percent of IT recruiters surveyed by City & Guilds say it is hard to find such workers; they said interpersonal skills were the most to difficult to find, followed by customer relationship management and business knowledge.
http://zdnet.com.com/2100-1103-1003711.html
- "Wear Down Opposition"
Guardian Unlimited (05/15/03); Dodson, Sean
Some academics subscribe to the theory that the move toward wearable technology is part of an evolutionary trend stretching back more than seven centuries. In the past few months, Motorola and other companies have unveiled a plethora of wearable electronic products, some of which are still in the conceptual stage: Motorola's Offspring digital assistant family includes a pen, a wristwatch, an earpiece, and a pair of goggles that integrate voice recognition and navigation; Siemens' Xelebri line consists of jewelry that can be used to make phone calls. Several technology and textile firms are developing other wearable innovations, including "smart fabric" clothing that shifts color according to body temperature, Internet-linked watches, and shirts that boast interwoven email attachments. Wearable computing is not a future trend, as demonstrated in the United States, where soldiers wear head-mounted displays for military operations, McDonald's employees are testing wearable tills, and Northwest Airline personnel carry out check-ins via wearable computers. Wearable electronics are seen as fashionable as well as utilitarian--MIT Media Lab graduate Elise Co designed a luminescent jacket studded with water sensors that trigger electroluminescent lights to flicker in response to rainfall. Professional dancers are particularly enthusiastic about wearable technology; Ghislaine Boddington of Future Physical extols the virtues of wearables that incorporate motion sensor and motion capture systems, enabling dancers to control sound, lighting, and video in response to their movements. Boddington says such an application is very useful to companies, because dancers test the products to their limits. However, many people are worried that wearable technology could constitute a form of privacy invasion.
http://www.guardian.co.uk/online/story/0,3605,955751,00.html
- "WiFi Business Model Proves Elusive in Hype Deluge"
Reuters (05/18/03); Warner, Bernhard; Reddall, Braden
WiFi, a technology intended to let people connect to the Internet away from home via notebook PCs and handheld wireless appliances, is expected to be established in some 15,000 sites across Europe by the end of 2003. Unlike other widely hyped new technologies, WiFi is quickly becoming widely implemented as a land grab is underway to establish WiFi transmitters there might be users. The move to install WiFi technology is being led by coffee bars, wireless phone operators, and chip makers, but a steady stream of monthly repeat customers would be necessary for a small cafe to profit from WiFi's operating expenses, data shows. Deloitte Research analyst Paul Lee suggests that busy places such as airports would probably be more bankable areas for WiFi, but Edward van de Zande of Amsterdam's Schiphol Airport says on average, only about a dozen people use WiFi daily to access the Internet at the airport, compared to more than 600 via fixed line Internet. But some improvements are being made--costs are steadily decreasing to below $10 per day, and BT and TeliaSonera, as well as SwissComm and SFR, have made roaming pacts intended to allow people to use WiFi outside of their home country, but not necessarily in all areas of a particular country, says BT Retail's Dave Hughes.
Click Here to View Full Article
- "Event-Driven Architecture Poised for Wide Adoption"
Computerworld (05/12/03) Vol. 37, No. 19, P. 8; Sliwa, Carol
Event processing is currently limited to developers at financial institutions and software experts assembling operating systems or systems management applications, but Gartner analyst Roy Schulte declared at last week's Web Services and Application Conference that "mere mortals" will start to embrace event-driven architecture (EDA) within four years. In a service-oriented architecture (SOA), applications are built through the assembly of software components that characterize reusable business operations. These components are linked by standards-based interfaces, enabling developers to build applications in increments and swap out, reuse, and tweak elements without worrying about how they work. Schulte noted that SOA follows a horizontal, measurable path, while EDA takes into account multiple, unpredictable, unsynchronized events that occur simultaneously and lead to a single action. Application developers and business analysts' push to conduct more real-time business will enable complex event processing (CEP) to penetrate the mainstream in 2007, and Schulte said a major stepping stone will be the emergence of faster networks, general-purpose event management tools, and event processing standards starting in 2005. Stanford University's David Luckham says the purpose of CEP is to describe IT system activity in comprehensible terms, which could be used to boost security and identify favorable plans in supply-chain systems and customer relationship management, among other things. Luckham expects CEP to start penetrating middleware, applications servers, and Web services in two years, followed by the advent of CEP standards, languages, and event-pattern search engines three years later, and CEP pervasiveness by 2012.
Click Here to View Full Article
- "Ethernet at Thirty"
InfoWorld (05/12/03) Vol. 25, No. 19, P. 50; Margulius, David
Ethernet has evolved over the last three decades from a concept that few people had faith in into a burgeoning public-domain technology characterized by inexpensive components, compatibility, transparency, and widespread adoption in the enterprise space. The IEEE 802.3 standard bodies have nurtured Ethernet's development through its many iterations; the addition of switching, Quality of Service specifications, and IP proficiency; and speed upgrades from 10 Mbps to beyond 10 Gbps. One of the key advantages of Ethernet over ATM is its ability to allow enterprises to patch together different components and update networks for new applications on the fly. The technology's momentum toward gigabit capability and even 10 GbE connections is laying the groundwork for next-generation enterprise services, such as voice over Internet protocol, video, and enterprise-wide networked storage. When the price of Gigabit switches drops below $20 per port, Ethernet will boost the performance and storage density of data centers, forecasts Broadcom's Tom Lagatta. "It's not necessarily a Fibre Channel replacement, but Ethernet will bring a lot of new storage capabilities into the mainstream and make them globally available," notes Intel's Tim Dunn. "If you have a 1-gig connection at your desktop, [you] can do more cool things with storage aggregation and virtualization." Some people think Ethernet is poised to penetrate Metropolitan Area Networks, which are currently controlled by ATM and SONet ring technologies. Eventually, native Ethernet will bridge the "last mile" gap to home users through the integration of fiber, Cat 5 cabling, and 10BaseS Ethernet over copper twisted pair.
Click Here to View Full Article
- "Toward a Common Data Model for Supercomputing"
Science & Technology Review (04/03) P. 20; Walter, Katie
The Hierarchical Data Format 5 (HDF5) general purpose I/O library co-developed by the University of Illinois' National Center for Supercomputing Applications, Lawrence Livermore, Sandia, and Los Alamos national laboratories aims to write data from multiple processors into one file that can accommodate individual data structures exceeding 1 gigabyte and individual files bigger than 1 terabyte while maintaining a high degree of scalability. The HDF5 team set out to develop a parallel library that fulfilled the goals of the three collaborating Department of Energy laboratories before their individual libraries became inculcated, as well as devise a standardized library that the international scientific computing community could use. Livermore computer scientist Linnea Cook says that HDF5 seeks to lay the groundwork for overcoming interoperability barriers so that the I/O libraries of the major supercomputing facilities can exchange data and software utilities. The HDF5 file format boasts total portability and an evolutionary computing and storage environment. The library itself can store, access, manage, share, and document huge amounts of complex data as well as any kind of data suited for digital storage, regardless of where it comes from or how big it is. Governments, academic institutions, and industries in over 60 nations are using HDF5, which is also part of Argonne National Laboratory's grid computing initiative, the Globus Project. Meanwhile, a New Zealand company is using the library to generate graphical special effects for the "Lord of the Rings" movies.
http://www.llnl.gov/str/April03/Cook.html
- "The Copyright Wars"
IEEE Spectrum (05/03); Perry, Tekla S.
Although the development of technologies that support on-demand digital entertainment--broadband, digital compression, and recordable DVD drives--is proceeding apace, a lack of standards over how copyright owners should be compensated for the use of their content is impeding the rollout of such services. The consumer electronics industry says the technology cannot take off unless content is widely and cheaply available, while the entertainment industry has yet to agree on what forms of content usage deserve remuneration. Consumer groups are outraged that content owners' support of legislation such as the Digital Millennium Copyright Act--which criminalizes digital copying, ostensibly to thwart piracy--is eroding the right to fair use. "What we really want to do is not to stop copying, simply to stop redistributing," explains Universal Music Group's Larry Kenswil. "But the technology available doesn't distinguish between the two." Meanwhile, the consumer electronics industry does not want to completely eradicate copying capabilities, as it would negate the existence of whole categories of products and stifle innovation. Nevertheless, fair use is being scaled back: It is unlawful, for instance, to make backups of DVDs, which leaves law-abiding consumers with no choice but to buy new DVDs when old ones are broken.
Click Here to View Full Article
|