Critics of the computer security industry say more needs to be done to train system administrators about how viruses work and propagate. The University of Calgary, for instance, has opened a virus-writing course to fourth-year students with the intent of improving security defenses. Wired Magazine recently analyzed the source code for the Slammer virus, which Trend Micro education director Dave Perry likened to pornography, saying it made irresponsible behavior more acceptable. Wired editor-in-chief Chris Anderson says critics of the closed approach to computer virus study only sustain the knowledge gap between virus writers and system administrators. University of Calgary officials note the security precautions taken: No disks allowed outside, no outside network connections, and hard drives to be erased at the end of the course. The school wrote in a statement that, "It is time for critics to take their heads out of the sand and work with us to start developing the next generation of computer professional." Computer security to date has been based on rapid reaction, but needs to be more proactive, according to the school. Meanwhile, security vendors benefit from others' ignorance and closely guard secrets, says physicist Mark Ludwig, who was criticized sharply in 1991 for writing "The Little Black Book of Computer Viruses."
Click Here to View Full Article

The right to online privacy has been worn down by a raft of legislation and lawsuits, ostensibly to ensure security and protect the livelihoods of copyright holders. A sore point among ISPs and consumer advocates is the Digital Millennium Copyright Act (DMCA), which allows content owners to pressure ISPs to reveal the names of subscribers who allegedly infringe digital copyrights; critics claim the DMCA shows favoritism toward copyright holders. "Anyone alleging copyright infringement can just walk into a court office and get a subpoena without going through adequate due process," comments EarthLink chief privacy officer Les Seagraves. The Recording Industry Association of America (RIAA) has been particularly fervent in hounding pirates through the DMCA: Verizon associate general counsel Sarah Deutsch predicts that content owners will make hundreds, perhaps thousands, of requests for subscriber IDs this summer. The RIAA is also aggressively going after colleges, a recent example being four students' agreement to each pay $12,000 to $17,500 to compensate record labels for downloading music on campus without authorization. Also raising privacy proponents' hackles is the Patriot Act, which broadens the FBI's authority to access Internet, financial, and commercial transaction databases for signs of terrorist activity without search warrants. Center for Democracy and Technology attorney Lara Flint notes that the inaccuracy of commercial data is likely to lead to false positives, and adds that few people know exactly how far the government's clout stretches, or have a clear idea how law enforcement agencies will share data. "Another concern is that we aren't sure to what degree the government is monitoring traffic on the Internet, although the service providers say it is extensive," says Barry Steinhardt of the ACLU.
http://www.ecommercetimes.com/perl/story/21688.html

To read more about ACM's reaction to DMCA, visit http://www.acm.org/usacm/Issues/DMCA.htm.

The IEEE give final approval to the 802.11g Wi-Fi standard, which is backwards compatible with and up to four times faster than the previous 802.11b standard. Experts say the new protocol will spur more investment in wireless technologies by both equipment manufacturers and users, while large firms that sat out the early 802.11g market are now expected to embrace the technology. The 802.11g protocol also adds security and can support more concurrent users per base station. Meanwhile, another Wi-Fi standard, called 802.11a, also offers speedier connections and frequency transmission not as susceptible to microwave interference. Analysts expect future Wi-Fi devices to incorporate both standards, while 802.11g products will begin replacing compatible but slower 802.11b-specification products. Before the release of the final 802.11g protocol, some device manufacturers incorporated Wi-Fi chips using earlier, uncertified versions, but some of those failed to work properly with other technology brands. Companies are expected to provide software patches to make pre-certification versions of the 802.11g protocol compatible with the new standard. Meanwhile, International Data estimates Wi-Fi technology to generate $559 million in revenues this year compared to $471 million last year, and 802.11b chips to make up just 50 percent of all Wi-Fi chips this year compared to 94 percent last year, as 802.11g products begin to dominate in 2004.
http://www.nytimes.com/2003/06/12/business/12WIFI.html
(Access to this site is free; however, first-time visitors must register.)

Lawmakers argued at a June 11 hearing of a Senate Commerce subcommittee that more aggressive measures are needed to pursue the most prolific purveyors of unsolicited commercial email, such as an FTC-drafted proposal calling for a broadening of the commission's Internet enforcement authority. The FTC said the International Consumer Protection Act "would be particularly helpful to enable the FTC to investigate deceptive spammers more effectively and work better with international law enforcement partners." Under the proposal, the FTC could serve ISPs with confidential subpoenas to disclose information on targeted subscribers, mine FBI criminal databases, and exchange sensitive data with international law enforcement authorities. Furthermore, targets of fraud probes may not be given notice for up to six months, a provision that Verizon Communications opposed because it does not conform with current privacy laws. Electronic Privacy Information Center director Marc Rotenberg warned that the FTC bill lacks critical oversight mechanisms, and "should be drafted in such a way so as to safeguard American values, including procedural fairness, privacy protection and open government." House Energy and Commerce Committee Chairman Rep. Billy Tauzin (R-La.) called an earlier anti-spam proposal he co-sponsored even more aggressive than the FTC bill, because it would grant consumers the power to opt out of all commercial email, not just spam. Meanwhile, subcommittee chairman Sen. Gordon Smith (R-Ore.) argued that pornography traded over peer-to-peer (P2P) networks falls under the jurisdiction of the Federal Trade Commission Act, because it is a deceptive practice. He also cautioned that people who install P2P software could compromise the security of their sensitive files.
http://news.com.com/2100-1028_3-1015948.html

Colleges in the Washington, D.C.-Maryland area have started offering courses, degrees, and projects that aim to produce future members of the IT workforce, in anticipation of an expected resurgence in demand for technical skills. George Mason University, American University, and the University of Maryland are just some of the schools that mix both business and technical training. Lloyd J. Griffiths of George Mason's School of Information Technology and Engineering forecasts that IT graduates will qualify for jobs in sales, human resources, and other positions in the "middle third of the company," and starting this fall, George Mason will offer a master's program in information security as well. Other schools that have launched network security programs include George Washington University, Gallaudet, and Marymount, which jointly received a pair of grants from the National Science Foundation last week to set up a CyberCorp program that aims to produce specialists who maintain the safety of the country's information backbone. The University of Maryland hosts initiatives such as the Hinman Campus Entrepreneurship Opportunities Program, which brings together business and engineering undergraduates in collaborative ventures. This fall, American University's Kogod School of Business will give students an opportunity to combine technical knowledge with business school training in an information technology management master's program. "It's very critical that graduates of these programs become comfortable with their information technology people and their information technology people can come and talk to their business people," explains Kogod executive-in-residence Jill Klein.
Click Here to View Full Article

Some analysts claim that enthusiasm toward Sun Microsystems' Java programming language approaches the status of a cult or religion. Programmers appreciate Java's versatility: The language is compatible with all operating systems and works across mobile phones, PCs, servers, and many other devices. Java has also become a symbol of many programmers' derision for Microsoft's attempt to dominate the software industry, as well as the general unreliability of Microsoft software. "If you have a problem and want to write a piece of software to fix that problem...in C++ you will run into a lot of technical difficulties," notes software engineer Nathaniel Baughman. "Java almost protects you from tripping yourself up." An independent observer remarks that mobilizing around Java is considered to be taking a stand against an "evil" corporate force. Hardcore Java enthusiasts convene at the annual JavaOne conference in San Francisco, where Java store manager Jim Childers says some attendees typically spend $500 to $600 on the latest Java merchandise. Several JavaOne engineers derided Microsoft for refusing to embed Java in its Windows operating system. The number of Java developers currently totals 3 million.
http://www.wired.com/news/culture/0,1284,59225,00.html

Nullsoft programmer Justin Frankel's Waste program is already courting controversy: Mere hours after Frankel published the program on the Nullsoft Web site, parent company America Online removed it and posted a bulletin warning people that downloading Waste was illegal. Waste's ultimate purpose is hard to determine, since the code is in a "1.0 beta" stage, but the program allows users to establish small, encrypted chat networks that maintain privacy thanks to a decentralized architecture. Several individuals who set up mirror sites featuring the code estimate that Waste has been downloaded over 1,600 times; more than 20 mirror sites remain operational, in spite of AOL's warning. Frankel is no stranger to notoriety, having created and freely published Gnutella, which became the source code of many peer-to-peer (P2P) file-trading networks. Waste's file-trading capability is not its primary feature, although initial news releases incorrectly reported this. Waste users can form a network, provided they share their public encryption keys, and sharing is carried out through a folder set up on the user's hard drive. Network members are allowed to search folders for files and exchange the folders' contents, and can also seek out specific files in individual folders or throughout the whole Waste network. The program cannot support large-scale encrypted chat without a serious renovation of the source code, but this is not impossible, given that users are allowed to modify Waste under the open-source Gnu General Public License.
Click Here to View Full Article

The debate over how secure the Linux open-source operating system is compared to closed operating systems such as Windows still remains unresolved. K.S. Shankar of IBM's Linux Technology Center says a case can be made that Linux boasts more security because of its openness, and its exposure to thousands of developers, some of whom keep an eye out for holes. Astaro CEO Jan Hichert concurs, stating, "The number of exploits [is] lower with open-source software, as is the response time until the exploits get fixed." Forrester Research analyst Steve Hunt notes that both Windows and Linux are vulnerable to the same attack methods, but a successful attack against Windows may not be successful against Linux. It is a matter of record that Linux and other Unix-based systems have been compromised via insecure daemons, and Shankar acknowledges the difficulty of predicting what daemons may be the target of future exploits; Guardian Digital CEO Dave Wreski adds that Linux can be exploited through information leaks, buffer overflows, unauthorized access, and programming errors that can fool the software into assigning more privileges to common users. Although distributors are continuously trying to boost Linux security through specialized distributions, Shankar points out that primary Linux distros are more or less the same, since they are based on the same code. The complexity of Linux configuration and management is the reason Linux networks may be less secure than Windows or Macintosh networks. Shankar says there is a strategy organizations can follow to make Linux and any other operating system secure--prioritizing security, building a security paradigm that can be applied to the entire environment, establishing a deployment policy, and instituting continuous, regular compliance to that policy.
http://www.newsfactor.com/perl/story/21702.html

Mesh networking is an emerging technology that turns each wireless Internet-connected device within a limited area into a small router for other devices nearby. The military developed mesh networking in the 1990s as a way to extend the abilities of soldiers' radios, and the 4th Infantry Division used it in the recent Iraq war. To connect to any point on the network, each radio on a battlefield only has to transmit to the nearest other radio, saving battery power. And the network automatically reconfigures itself as devices hop on and offline. MeshNetworks is selling the concept to police and firefighter units to bolster their communications abilities. Orange County Fire Rescue network coordinator Dean Valentine says the technology has the added benefit of tracking the physical location of each node, so that firefighters searching a smoke-filled building would be able to find distressed colleagues faster. MeshNetworks chief technology officer Peter Stanforth says mesh networking could be applied to Wi-Fi as well, to "turn a hot spot into a hot zone." Stanforth says, "The Internet is a big mesh network. We take that whole concept and make it mobile." The company has begun discussing opportunities with Cometa, the industry-backed nationwide Wi-Fi group. Eventually, Stanforth sees more commercial applications for mesh networking, including hooking up to phone networks for voice calls and placing mesh networking in cars, so that drivers and authorities can be quickly alerted to emergency situations. Mesh networks could also be used in homes to connect computers with stereos, TVs, DVD players, and other devices. Stanforth says adding phones to mesh networks is likely the final step; with added technology, cell phones could be relaying mesh networking signals even when not in use. Still, analysts warn that the technology is cutting edge and largely unproven.
Click Here to View Full Article

A team of physicists at Oak Ridge National Laboratory, the University of Tennessee, and North Carolina State University report a breakthrough in the June 13 edition of Science that could boost the productivity and efficiency of semiconductors and lead to smaller, faster, and more intelligent computers. The operation of microscopic solid-state transistors on which semiconductor devices rely depends on atomic-level interactions in the juncture between their oxide and silicon layers. The researchers have discovered a way to "tune" this zone of atomic interaction thanks to what Oak Ridge's Dr. Rodney McKee describes as "a reformulation of the classic Schottky Barrier problem that will impact everything in semiconductor technology from laser diodes to field-effect transistors in high-speed logic." This atomic manipulation takes place in the "Coloumb buffer," a hybrid interface phase at the borders of the transistors' oxide and silicon layers, explains NC State's Dr. Marco Buongiorno Nardelli, who analyzed the phase via computer models. He learned that raising or lowering the electronic "dipole charge" at the interface makes tuning possible. Through experimentation, the physicists have demonstrated that the Schottky Barrier, where electrons are trapped at the edge of a substance, is pliable. Nardelli asserts that the team's breakthrough will "change common beliefs" about semiconductor physics. The research was financed through the U.S. Energy Department's Office of Science.
http://www.newswise.com/articles/2003/6/NARDELLI.NCS.html

Armed with Global Positioning System (GPS) devices, some 3,000 high-tech "explorers" worldwide are documenting the exact confluences of latitude and longitude with pictures and stories and then publishing the information on the Web. The Degree Confluence Project seeks to document almost 16,000 such intersections that occur on or near land masses and chronicle achievements at www.confluence.org. Programmer Alex Jarrett started the Web site project seven years ago after trying out his new GPS unit near his Northampton, Mass., home. Friends and family were intrigued and began contributing their own GPS-enabled discoveries and the circle of participants has grown. So far, only 65 of 867 confluences in North America have been secured, with the remaining ones protected by suspicious land owners and the government, which does not allow documentation of its confluence at the infamous Area 51 in Nevada. Perusing the collection of photos and stories on the Degree Confluence Project Web site gives viewers a unique sense of the world. For most of the explorers, the trips have been about personal fulfillment, and one confluence-discovery trip improbably drew two couples to the same point at once. "We made introductions all around, took group photos and enjoyed an excellent geek moment in the wilderness," wrote Jim Gaughran, who sought a mountain confluence in Mendocino County, Calif.
Click Here to View Full Article
(Access to this site is free; however, first-time visitors must register.)

So that military and emergency personnel will be able to make critical decisions faster and respond to threats with greater efficacy, researchers from Texas A&M University, Penn State's School of Information Sciences, and Wright State University have developed open-source software designed to bypass information overload. Collaborative Agents for Simulating Teamwork (CAST) employs semi-autonomous software agents to infer what information people will need to optimize operational performance, and provide that data on a need-to-know basis. CAST's organizing principle is "shared mental models"--concepts, aims, and concerns related to a project coordinated by a specific team of workers--and the software is programmed to learn the best behavioral procedure to follow under certain conditions. The CAST system kernel consists of a series of algorithms used by CAST agents to determine their course of action as the situation evolves, and each algorithm uses a computational template of the team's mental processes. One algorithm, dynamic role selection, delegates specific tasks to agents according to limitations defined in the general strategy as it unfolds; another, dynamic inter-agent rule generator, finds critical information before team members are aware that they need the data. Both algorithms work in concert to determine the best way to send the most critical data to the most qualified person. The software can also sift through information much faster than people, and is particularly adept at finding related pieces of data.
http://www.wired.com/news/technology/0,1282,59170,00.html

Researchers at the University of Illinois at Urbana-Champaign have developed a prototype "smart brick" that can monitor vibrations, temperature, and movements throughout a building and transmit those readings wirelessly. Electrical and computer engineering professor Chang Liu, who devised the brick with graduate student Jon Engel, says the innovation could transform the construction industry and significantly improve safety and comfort. The readings the brick takes could be useful to firefighters and rescue workers, and the device could also be applied to nurseries, daycare centers, senior homes, and "smart toys." The brick incorporates off-the-shelf elements including a thermistor, transmitter, two-axis accelerometer, antenna, battery, and multiplexer. Liu adds that the sensors could also be integrated with other building materials, such as steel and concrete. The brick could send sensor readings to a remote operator at intervals to minimize power consumption, while an inductive coil could be used to charge the battery. Engel explains that the ultimate goal is to embed all components on a single chip laminated on a polymer substrate, thus boosting sensor devices' resiliency and versatility. Both Liu and Engel have successfully fabricated "smart skin," a sensor material deposited on flexible plastic that can be wrapped around any surface. The National Science Foundation funded the smart brick project, which was carried out at the university's Center for Nanoscale Science and Technology.
Click Here to View Full Article

Researchers at the University of Southampton in the United Kingdom are developing software agent programs that will allow cell phones to determine certain routines and habits of users and make purchases for them. Funded by consumer electronic companies such as Nokia, Sony, and Vodafone, software engineer Nick Jennings and his team of researchers have already tested the programs on palmtop computers with built-in cell phones. The software agent would monitor the activities of cell phone users until it is able to determine certain preferences, and Jennings describes the artificial agent in cell phones as serving as a butler. For example, the software agent would be able to determine a pattern of behavior such as going to the movies every Friday, and would then seek information online in an effort to buy movie tickets for the user. What is more, by entering a trip in the cell phone schedule, the agent would go online to check the availability of flights and hotels in an effort to reserve a room and buy a ticket for the user. The full version of the technology, which will be designed to run on next-generation 3G phones, is expected to be available in 18 months. Jennings believes that although the technology might meet some resistance at first, its popularity will build as it becomes more common. Hewlett-Packard agent technology expert Dave Cliff says that eventually users will get tired of approving an agent's actions and will simply let the agent work autonomously, within certain limits.
http://www.newscientist.com/news/news.jsp?id=ns99993818

IBM and Infineon Technologies claim to have built the smallest, most sophisticated magnetic random access memory (MRAM) chip to date, one that integrates the non-volatility of flash memory, the high speed of static RAM, and the storage space and inexpensiveness of dynamic RAM. IBM's My Luu expects the technology to be ready for demonstration by 2004 and be embedded in devices the following year. The non-volatility of MRAM means that memory is saved when the device is turned off, enabling mobile devices such as PCs and laptops to be turned on instantly. In addition, MRAM eats up less power than current RAM technologies, which can significantly extend the battery life of laptops, handhelds, and mobile phones. Luu explains that a 0.18 micron logic-based process technology was used to build an MRAM core that is 20 million times smaller than the top of a typical pencil eraser. Gartner research analyst Richard Gordon notes that the chip has potential as a "universal memory" product that could be incorporated into all computing devices. However, Gordon adds that commercialization will remain elusive until manufacturers can agree to a per-bit price. This is not the first time IBM and Infineon have joined forces to develop MRAM technology, having embarked on a collaborative venture three years ago.
http://www.newsfactor.com/perl/story/21696.html

Cisco's Mario Mazzola notes that his company followed a clear research and development route in the past, and today is focusing on innovations that support easier application integration, multiple types of traffic and media, and technological evolution that preserves client investments; Mazzola says future areas of concentration include IP telephony, storage, and security. IBM Research's Alfred Spector speculates that the most commercially valuable projects are likely to attract the most-needed funding, and he says IBM's present research is focused on "factorizable" projects such as natural-language processing, speech recognition, and service-oriented software. Spector predicts that on-demand innovation services will enable IBM to interact more directly with customers, while hot R&D areas will include business process integration, self-managed systems, and autonomic computing. Richard Lapman of Hewlett-Packard Labs notes that corporate research labs used to pursue "technology work without realizing what the result would be;" HP's present R&D strategy is intensely focused on Itanium, while future technologies interesting the company include the virtualization of data center resources. Microsoft Research VP Dan Ling stresses the importance of rapidly incorporating customer feedback into the R&D process, lists storage and raw bandwidth availability as important centers of innovation, and urges companies to make long-tern research investments and the federal government to fund commercial IT research. Storm Ventures co-founder Sanjay Subhedar observes that corporate R&D labs have shifted from a centralized, proprietary model to a decentralized model, and says present-day R&D emphasizes mass production, dramatically compressed R&D cycles, and the rollout of global products; he believes future innovation will be nurtured through more collaborative ventures with academic institutions and close dialog between users and clients and researchers and suppliers. AT&T Labs President Hossein Eslambolchi says AT&T's R&D effort is concentrated in four areas: The elimination of legacy systems, zero defects and zero cycle time, predictive networks, and infrastructure capable of addressing network glitches before they affect customers.
http://www.nwfusion.com/research/2003/0609stateofunion.html

Three classes of handhelds--smart phones, personal digital assistants (PDAs), and BlackBerries--offer many advantages, but have yet to meet the elusive goal of successfully integrating wireless computing and communications. The handheld with arguably the highest level of convergence is Handspring's Treo line, which bundles a thumb keyboard and close connections between PDA contact files and voice call control in one package. Smart phones are being promoted with numerous enhancements, including support for international frequencies for the Global System for Mobile Communications protocol and the competing Code Division Multiple Access; Web-surfing, email, video streaming, and gaming capabilities; and Multimedia Messaging Service. New PDAs from Palm and other vendors emphasize emerging wireless standards such as Wi-Fi, General Packet Radio Service, and 1xEV-DO, while some models incorporate phones, including newer BlackBerry products from Research in Motion. The call for more security has been answered by makers of all three handheld types, who are embedding Secure Sockets Layer encryption almost everywhere and virtual private network software in certain models. However, many people used to phones dislike the bulkiness of PDAs, while PDA battery life is shortened considerably by the voracious power requirements of Wi-Fi; and small keypads and color screens on phones do not offer the same advantages of conventional computing. PDAs, with their superior processing power, screen size, and RAM, are best suited for on-the-fly computing, while people who prefer voice would do well to carry an unenhanced cell phone. Users who rely on instant, secure, always-on enterprise email should probably invest in a BlackBerry or the G100 from Good Technology.
http://www.gcn.com/22_14/peripherals/22318-1.html

The field of nanotechnology is burgeoning: Large and small companies are pursuing nanotech research, as is nearly every university in the world; and the U.S. Defense Department is investigating the science's military applications, such as robust communications systems, distributed sensor networks, and stronger armaments. Nanotech has the potential to impact virtually all industries and aspects of daily life, and usher in such innovations as nano-based displays, high-density memory systems, better surgical instruments and drug delivery systems, molecular and quantum-dot computers, more efficient fuel cells, and filters. Carbon nanotubes are a particularly hot area of investigation: The minuscule structures are stronger than steel and alternately metallic or semiconducting, can conduct heat better than diamond, and boast very high levels of electrical resistance and conductivity. Most nanotech advocates agree that the fabrication of nanomaterials and nanostructures must follow a bottom-up approach, in keeping with the principal means of nanoscale organization--molecular self-assembly. "I see a gradual migration to atomic- and molecular-scale devices over the next couple of decades that will provide us with unique components for more versatile and precise self-assembly and improved materials," proclaims Philip Wong of IBM's T.J. Watson Research Center. Ralph Merkle of the nonprofit Foresight Institute says that many of nanotech's potential benefits will remain on the drawing board unless there is a more intense concentration on achieving precise atomic and molecular self-assembly. "If the apparent promise of nano-electronics continues to be strong during the next decade, a growing number of engineers will have to develop new design paradigms required for circuitry that are truly different from those developed during the 'silicon age' of the last 50 years," explains Ken Smith of Carbon Nanotechnologies.
http://www.elecdesign.com/Articles/Index.cfm?ArticleID=3567

Edward Tenner, author of "Why Things Bite Back: Technology and the Revenge of Unintended Consequences," writes that manufacturers of computer hardware and software are eroding the promise of user-centric computer control by building devices with features that impose limits on user behavior. Tenner observes that more and more technology companies are following a strategy of incapacitation in which products are embedded with copying and access controls that lock users into one type of brand, ostensibly to stop digital piracy and improve equipment reliability. Proprietary software from Sony can restrict how many times someone can download a digital song, a measure that complicates the duplication of CDs; and though consumers can still make backup recordings, anti-copying measures can affect product quality. Technology manufacturers are taking incapacitation a step further by designing tamper-proof products--a move that threatens innovation, which relies on the deconstruction and improvement of technology by users. Sen. Fritz Hollings (D-S.C.) has authored legislation requiring electronics manufacturers to deploy anti-modification safeguards in all their products, supposedly to force electronics and media companies to agree on a universal security standard. However, IT experts doubt that the right to tweak products will be eliminated, given the competitive environment as well as market stresses. Ironically, some users depend on usage restrictions, despite their hatred of them--for instance, an open computer network is undefended against cyberattacks, and the advantages of security tend to outweigh those of openness in today's computer industry. Overall, incapacitation will corrode the dynamic societal architecture that nurtured the PC revolution, Tenner warns.