Download PDF version of this article PDF

News

Uncrackable passwords

As a result of “heightened demands” for secure computing, PC makers are taking a serious look at biometrics. Companies such as Apple, Dell, Gateway, and MicronPC (MPC) are marketing fingerprint readers or developing add-ons.

MPC’s TransPort laptops, for example, use heat-sensitive scans integrated into the system’s BIOS. The MPC’s TouchChip, manufactured for MPC by STMicroelectronics, captures fingerprint scans from the laptop’s palmrest. A laptop can be registered to multiple users, who can each designate which files, folders, or directories will be shared. Very James Bond.

Unfortunately, Linux and Unix users will have to wait a little while to get their hands on one of these new TransPorts; at the moment an individual’s fingerprint scans can only be tied in with Microsoft Windows’ security functions.

The other gotcha’? The TransPort’s thermal scans are so sensitive that users might experience difficulties logging on if they’ve been sipping a hot or cold beverage. As a failsafe, users must register the fingerprints of two fingers—one from each hand—which is probably just fine because, if you’re drinking two mugs of coffee or two chilled pints of beer, you probably shouldn’t be working on the computer anyway.

WANT MORE?

http://www.gcn.com/22_14/security/22347-1.html

WebFountain drinks down the Web

After approximately three years of development involving over 250 participants in five countries, IBM is finally readying WebFountain, its super spider that can slurp down the entire Internet—as well as intranet and third-party data—in a couple of weeks.

As a first step, WebFountain uses focused crawling to access all unstructured data on the Internet (Web pages, Word docs, PowerPoint presentations, etc.). After that comes a detailed analysis of its findings. This might emcompass, for instance, anything from popular trends in online publications to complex patterns in designated communities to consumer feelings as expressed in blogs, chat rooms, and bulletin boards.

WebFountain’s results can be gathered, organized, and delivered within a week—instead of the six-month to one-year turnaround that current analysis projects typically take.

Here’s the good news: WebFountain’s platform is open source and will be accessible to programmers and content developers.

The bad news? Leasing IBM’s 1,000-node Intel Linux cluster, with its half a petabyte of storage, is sure to cost a pretty penny.

WANT MORE?

http://www.almaden.ibm.com/webfountain/

Embracing open source in India

Open source software was a topic of concern during a May dedication ceremony for India’s new International Institute of Information Technology (I2IT). Dr. A.P.J. Abdul Kalam, president of India, lamented, “The most unfortunate thing is that India still seems to believe in proprietary solutions.” He then challenged current and future members of India’s techno-elite, stating that even a small shift toward business practices involving proprietary models could have a devastating impact on Indian society. “It is precisely for these reasons,” he continued, “that open source software needs to be built [so as to] be cost effective for the entire society.

Perhaps less of a highlight: During his speech, Kalam also referred to a “difficult” conversation he had with Bill Gates, a guy who tends to favor those maligned proprietary models.

Just six months prior to Kalam’s speech embracing open source, Microsoft made a three-year commitment to donate $400 million toward technology development and education in India.

No wonder the conversation was difficult.

WANT MORE?

http://presidentofindia.nic.in/S/html/speeches/others/may28_2003_2.htm

acmqueue

Originally published in Queue vol. 1, no. 5
Comment on this article in the ACM Digital Library





More related articles:

Gobikrishna Dhanuskodi, Sudeshna Guha, Vidhya Krishnan, Aruna Manjunatha, Michael O'Connor, Rob Nertney, Phil Rogers - Creating the First Confidential GPUs
Today's datacenter GPU has a long and storied 3D graphics heritage. In the 1990s, graphics chips for PCs and consoles had fixed pipelines for geometry, rasterization, and pixels using integer and fixed-point arithmetic. In 1999, NVIDIA invented the modern GPU, which put a set of programmable cores at the heart of the chip, enabling rich 3D scene generation with great efficiency.


Antoine Delignat-Lavaud, Cédric Fournet, Kapil Vaswani, Sylvan Clebsch, Maik Riechert, Manuel Costa, Mark Russinovich - Why Should I Trust Your Code?
For Confidential Computing to become ubiquitous in the cloud, in the same way that HTTPS became the default for networking, a different, more flexible approach is needed. Although there is no guarantee that every malicious code behavior will be caught upfront, precise auditability can be guaranteed: Anyone who suspects that trust has been broken by a confidential service should be able to audit any part of its attested code base, including all updates, dependencies, policies, and tools. To achieve this, we propose an architecture to track code provenance and to hold code providers accountable. At its core, a new Code Transparency Service (CTS) maintains a public, append-only ledger that records all code deployed for confidential services.


David Kaplan - Hardware VM Isolation in the Cloud
Confidential computing is a security model that fits well with the public cloud. It enables customers to rent VMs while enjoying hardware-based isolation that ensures that a cloud provider cannot purposefully or accidentally see or corrupt their data. SEV-SNP was the first commercially available x86 technology to offer VM isolation for the cloud and is deployed in Microsoft Azure, AWS, and Google Cloud. As confidential computing technologies such as SEV-SNP develop, confidential computing is likely to simply become the default trust model for the cloud.


Mark Russinovich - Confidential Computing: Elevating Cloud Security and Privacy
Confidential Computing (CC) fundamentally improves our security posture by drastically reducing the attack surface of systems. While traditional systems encrypt data at rest and in transit, CC extends this protection to data in use. It provides a novel, clearly defined security boundary, isolating sensitive data within trusted execution environments during computation. This means services can be designed that segment data based on least-privilege access principles, while all other code in the system sees only encrypted data. Crucially, the isolation is rooted in novel hardware primitives, effectively rendering even the cloud-hosting infrastructure and its administrators incapable of accessing the data.





© ACM, Inc. All Rights Reserved.