From the Newsstand

Elsewhere From the Newsstand

Alison Skratt

Elsewhere in the IEEE Computer Society Internet Media

Computer Dr. Dobb’s Journal Yet, the availability of inexpensive www.computer.org/computer/ www.ddj.com stereoscopic display devices and December 2005 March 2006 webcams that connect to PCs via “Will Proposed Standard Make “Real Time Stereoscopic Video USB has now made it an affordable Mobile Phones More Secure?” Streaming,” by Karen McMenemy option. by Neal Leavitt and Stuart Ferguson McMenemy and Ferguson outline Currently, manufacturers employ an Today’s multiplayer computer games how to build a stereoscopic webcam add-on approach to mobile phone show that, to some degree, a distrib- with an off-the-shelf PC that delivers security, using network-based malware uted virtual reality is possible, partic- real-time virtual reality using Micro- defenses, screen locks, cryptographic ularly given the continued expansion soft’s DirectX Windows API and the software, and other strategies that of Internet bandwidth. To make dis- OpenGL open-source 3D application. don’t involve the phone’s core opera- tributed virtual reality really work, Their server application is a Win32 tions. With some predictions that however, requires a more believable project written in C++ that uses the smart phones — which work like hand- environment. McMenemy and Fergu- DirectShow API to deliver synchro- held computers, offering Internet son argue that will happen only when nous video frames from two sources access and other functions — will you can see things stereoscopically — and write them to a RAM buffer as a account for 15 percent of the market a 3D view created by combining sepa- single frame. Their client application, by 2008, such an ad hoc approach could rate video streams for the left and which uses TCP/IP to request a soon be untenable. right eye. left–right image pair from the server, As with other technologies, smart Until recently, stereoscopic tech- utilizes the same stereoscopic display phones’ popularity comes at the price nology has been either too rudimen- abilities of the 3D graphics in of becoming a more frequent target for tary or too expensive for broad use. OpenGL libraries. hackers and malware — primarily due to increased e-commerce capabilities. To help address that fact, the Trusted Mobile and Wireless Computing Computing Group, a consortium that includes developers, component ven- PC Magazine wireless Internet access at its recently dors, and network manufacturers, is cre- www.pcmag.com renovated Town Plaza. ating a set of specifications for mobile January 2006 Like other municipalities that have phone security. TCG wants the pro- “Get with the Mesh,” decided to set up free Wi-Fi access, posed standard to provide protection by Sebastian Rupley Culver City officials had several obsta- not only for user data and transactions When Culver City, Calif., decided it cles to overcome. They needed a sys- but also for intellectual property. needed an innovative way to get peo- tem that would cover at least one TCG won’t divulge the specifica- ple to come downtown, it decided to square mile and work even if one of its tion’s technology until its unveiling (cur- appeal to the primarily young, techni- components failed. In the end, the city rently set for 2007), but early reports cally creative people that made up its settled on the Firetide HotPoint 1000R continued on p. 13 working population by launching free outdoor mesh router because it came

Elsewhere in the IEEE protected from the weather, didn’t IT Architect Computer Society require networking multiple outdoor www.itarchitect.com PCs, and its mesh routers — which December 2005 continued from p. 12 adjust in real time to communicate “DNS: A Free Ticket to the indicate that it will require hardware to with various locations — offered the Internet?” by David Greenfield support features like those in the Trust- ability to automatically reroute signals A new DNS protocol, called Name- ed Platform Module chip used in servers if one point went down. server Transfer Protocol (NSTX) will and PCs.The TPM chip acts as a crypto- The city installed three weatherized almost certainly worry not only secu- graphic processor mounted to the mesh routers on top of city hall, a rity experts but also fee-based public motherboard, however, so it’s not yet hotel, and a theater, and then installed Wi-Fi networks. That’s because it pro- clear how that would work with the a Vernier Networks control manager vides free Internet access at Wi-Fi mobile phones, which have little room for user authentication. The system hotspots worldwide. for another chip. uses a DSL connection to provide Developed by Florian Heinz, NSTX shared Internet access that’s overseen encapsulates IP commands within a IEEE Intelligent Systems by an 802.11b Wi-Fi access point and DNS query, so as long as a hotspot or www.computer.org/intelligent/ the mesh routers that act as repeaters Internet connection has an open DNS November/December 2005 for the Wi-Fi signal. If a central node connection, users can use it to establish “Customized Delivery of goes out, the other mesh routers seek a bidirectional IP tunnel across DNS E-Government Web Services,” out another one. using a “morphed” DNS server as relay. by Brahim Medjahed and Athman Bouguettaya Many local, state, and federal govern- Networking ments are now offering online options for senior citizens who need assis- IT Architect up power to PCs, and other such tasks. tance with things like health care and www.itarchitect.com The new version, called PoE Plus, social and welfare programs. In addi- January 2006 will probably require manufacturers to tion to tapping into the trend that sug- “PoE Plus and Minus,” change their current 48 V network gests that seniors are one of the by David Greenfield switches because the two groups have fastest-growing groups on the Web, The IEEE 802.3af Data Terminal Equip- agreed to standardize to a 51 V switch. these services also aim to address the ment (DTE) Power Enhancements task The standard’s goal was to double fact that people need more assistance force is currently evaluating two com- 802.3af’s 12.95 W on two-wire pairs. as they get older. peting proposals for the next version of One of the proposals calls for passing To date, however,these efforts have the Power-over-Ethernet (PoE) standard. at least 40 W over four-wire pairs; the had little effect on seniors because the PoE aims to provide enough power to other calls for nearly 30 W over two- online processes don’t eliminate bu- recharge laptop batteries, deliver back- wire pairs. reaucracy or address the fact that seniors often have physical ailments that make using the Web more difficult Performance for them. Researchers at Virginia Tech and the Dr. Dobb’s Journal which not only makes it possible to Virginia Department for the Aging are www.ddj.com quickly deliver multifaceted home- working to address those issues January 2006 pages but also offers a cheaper way to through the WebSenior project. The “PHP & Preprocessed serve significantly more pages than prototype project uses Semantic Web Web Pages,” by Betsy Gamrat standard processing. technologies to give seniors access to A homepage is the most important Gamrat outlines how to pre- 25 customized e-government Web page in a Web site because it’s usually process content and how it affects services. WebSenior includes a com- the most traveled. Online purchasing delivery time. She also explains position engine with three significant systems, news providers, Internet radio drawbacks and how to address them, modules: a matchmaker receives and for- shows, forums, and other resource- including loss of some dynamic con- wards seniors’ service requests; a gen- intensive content thus increase the tent, limitations imposed by hosting erator receives the requests and taps chances that a homepage will crash accounts, and problems that crop up into a UDDI registry to create and for- during high-traffic periods. if the application assigns session IDs ward composite services; and an orches- One solution is preprocessing, to site visitors. continued on p. 14

IEEE INTERNET COMPUTING www.computer.org/internet/ MARCH • APRIL 2006 13 Department

Elsewhere in the IEEE Computer Society Peer-to-Peer continued from p. 13 trator receives the composite services PC Magazine tions, including the fact that its pro- and launches all necessary operations. www.pcmag.com prietary voice-over-IP (VoIP) protocol January 2006 allows it to cross over corporate fire- January/February 2006 “Skype Security Questioned,” walls and symmetric network address “Knowledge Management by Nicole Price Fasig translators. from the Semantic Web: The Info-Tech Research Group recent- Skype’s calls are encrypted from start From Scenario to Technology,” ly sent an advisory to its clients ques- to finish, but the report points out that by Paul Warren tioning whether businesses that use IT departments have difficulty monitor- In their seminal 2001 article, Tim the popular Skype peer-to-peer (P2P) ing its call interaction and that any Berners-Lee and colleagues described Internet phone service are exposing business that’s subject to compliance the Semantic Web vision as centered themselves to possible security prob- regulations could be opening itself to around the notion of identifying and lems. Roughly a third of Skype’s reg- violations by using the service. Skype using services on the Web. They argued istered users are using the service for says it has handled the security issues, that those offering services would business reasons. The report suggests and Tom Berson, a principal at Anagram want to annotate them to make them that businesses should ban Skype use Laboratories, has reviewed Skype’s more useful. for largely the same reasons that encryption and calls an attack from Warren disagrees with this basic many already bar other P2P applica- hackers “computationally infeasible.” tenet as it pertains to one of the larger groups that would use it.“Knowledge workers” — historians, physicists, and Programming and Development others who need to frequently find per- tinent information quickly — have little Dr. Dobb’s Journal best examples, Bruno says, include motivation to invest the time required www.ddj.com Google Suggest, Google Maps, Goo- to manually create the metadata the February 2006 gle GMail, Flickr, and the Writely free Semantic Web requires. Although these “Ajax: Asynchronous JavaScript online word processor. He says devel- workers would obviously benefit from and XML,” by Eric J. Bruno opers can also create Ajax appli- a world in which everything on the Web Asynchronous JavaScript and XML cations, such as magazine archive was annotated, the sheer volume of (Ajax) uses HTML, XML, JavaScript, viewers, with just a browser and a information they deal with precludes and Internet Explorer’s XMLHttp Web server that provides common the labor-intensive annotation process. Request object to create more gateway interface (CGI) support for To solve this dilemma,Warren suggests dynamic Web-based applications. The server-side code. an alternate vision of the Semantic Web as a knowledge-management environment with at least semiautomatic tech- Security niques for creating metadata. Technology Review munity should be working to build a IEEE Security & Privacy www.technologyreview new basic architecture for the Inter- www.computer/security/ December/January 2006 net — one with a strategy for proving November/December 2005 “The Internet Is Broken,” its viability to improve its chances of “Security Standards for the by David Talbot implementation. RFID Market,” by Ted Phillips, The Internet has bestowed wonders on Among those who support this Tom Karygiannis, and Rick Kuhn the world, but Talbot says that today’s notion are David D. Clark, former More than 500 radio frequency identifi- Internet is analogous to New York’s chief protocol architect of the devel- cation (RFID) tag types are now com- Times Square in the 1980s: although oping Internet, and the US National mercially available, and the technology’s it’s a hotbed of amazing sights and Science Foundation, which is trying growing popularity has given rise to sounds, visitors also know that lurk- to put together a five- to seven-year concerns about how these technologies ing around every corner are dangers plan to develop clean-slate architec- will address security and privacy issues. they want to avoid. The Internet’s tures. In addition to addressing secu- Because of government and public pres- “dark side” and lack of built-in security, Clark says a new architecture continued on p. 15 rity fuel the argument that the com- should include simple technologies

14 MARCH • APRIL 2006 www.computer.org/internet/ IEEE INTERNET COMPUTING Elsewhere

Elsewhere in the IEEE that make the Internet more robust turn, slow down that data’s movement. Computer Society and easier to manage; and protocols Jonathan Zittrain, cofounder of the that let ISPs better route traffic and Berkman Center for Internet and Soci- continued from p. 14 work together without compromising ety at Harvard Law School, further sure, the industry is weighing how to their business plans. It should also suggests that “the cure may be worse protect privacy and security without allow any computing device to con- than the problem,” given the inevitable adversely affecting RFID technologies’ nect to the network, from sensors to influence that nontechnical issues cost and functionality. Encrypting data, embedded processors. Proponents would also play. for instance, would make an RFID tag argue that this new architecture Nonetheless, the current system of more expensive, as well as decrease could run alongside the old, rather add-ons and patches can last for only storage capacity and increase latency in than replace it immediately, growing so long. What will it take to force read cycles. as users saw the value in switching. major change, and what form will the This article outlines the security and Talbot points out that such a project redesign take? privacy features of eight different RFID isn’t without risks. Vint Cerf, for technologies, explaining how technical example, argues that anything that Alison Skratt is a freelance writer based in characteristics such as read range and asks a network to analyze data will, in Oakville, Conn. frequency band can affect those features. It also gives an overview of the state of the industry with regard to policy issues and research and development. DON’T RUN THE RISK. IEEE Software www.computer.org/software/ January/February 2006 “Portable C/C++ Code for Portable XML Data,” BEBE SECURE.SECURE. by Zhaoqing Wang and Harry H. Cheng Although XML has improved information sharing by letting users define documents and data for specific tasks, XML-based applications rely on programming technology to complete processing tasks. Ensure that your networks operate Application developers commonly use safely and provide critical services toolkits based on C/C++ to accomplish even in the face of attacks. Develop this,but Wang and Cheng say this can be lasting security solutions, with this problematic because the compilation peer-reviewed publication. processes are platform-dependent:“Truly portable C/C++ code isn’t typically gen- Top security professionals in the field share erated or executed dynamically.” information you can rely on: The authors say that Ch, an em- beddable C/C++ interpreter for cross- platform scripting, allows C/C++ Wireless Security • Securing the Enterprise applications to run dynamically across • Designing for Security Infrastructure Security • multiple platforms without compiling Privacy Issues • Legal Issues • Cybercrime and linking.They go on to outline how • Digital Rights Management • Intellectual Property they used Ch to create the open-source Protection and Piracy • The Security Profession Ch XML package, based on Gnome • Education libxml2 and the Oracle XML Develop- er Kit for C++ (XDK), and discuss its potential for applications in network Order your subscription today. computing, rapid prototyping, Web- www.computer.org/security/ based applications, mobile computing, and teaching and learning XML.

IEEE INTERNET COMPUTING www.computer.org/internet/ MARCH • APRIL 2006 15