Issue No. 08 - August (2012 vol. 45)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MC.2012.272
US, Russia Plan Hotline to Prevent Cyberwar
The US and Russia are working on a hotline that would lessen the threat of cyberwar between the two countries. The hotline would function much like the systems they have had since 1963 to avoid misunderstandings that could lead to nuclear confrontations.
US and Russian representatives are working out details of how the secure communications channel would work and how it would be used. They plan to make the new hotline an extension of the Nuclear Risk Reduction Center, established in 1988. The NRRC uses direct, fast satellite links to let the US and Russia inform each other of missile tests or rocket launches.
Completion of the upcoming system would mark the first agreement between the US and another country on a program designed to reduce the risk of cyberconflict. The US is conducting similar discussions with China.
Establishment of the new hotline acknowledges the important role cyberwarfare now plays in national security. Many public officials worldwide have said that a serious attack could undermine a country's vital water, power, or other utility-infrastructure systems.
A key problem is identifying the source of such incidents. Many experts fear that one country could mistakenly believe another has attacked it and launch a response that escalates into all-out cyberwarfare or even a military conflict.
The proposed US-Russia agreement follows high-level talks in Moscow in February 2011 and in Washington, D.C., in June 2011. In addition to a hotline, the accord calls for a regular exchange of unclassified malicious-activity data between the two countries' computer-emergency-response teams.
IBM Sequoia Is World's Fastest Supercomputer
The Sequoia supercomputer, which IBM built for the US Department of Energy's Lawrence Livermore National Laboratory, has been rated as the fastest high-performance machine.
The TOP500 project, in which several academic and research experts rank the world's nondistributed supercomputer systems, placed Sequoia at the top of its list in its recent semiannual report.
TOP500 uses HPL, a portable implementation of the Linpack benchmark for floating-point computing power, to rate supercomputers.
The top five machines in the project's latest ratings are:
• IBM's Sequoia: maximum performance of 16.325 petaflops
• Fujitsu's K computer: 10.51 petaflops
• IBM's Mira: 8.162 petaflops
• IBM's SuperMUC: 2.897 petaflops
• Chinese National University of Defense Technology's Tianhe-1A: 2.566 petaflops
The previous TOP500 report ranked Fujitsu's K as the top supercomputer.
IBM says that Sequoia, fully deployed in June 2012, eventually will perform up to 20 petaflops. The company adds that Sequoia uses only 7.9 megawatts of power, compared to 12.6 megawatts for the less powerful Fujitsu K.
The US Department of Energy uses Sequoia to run complex, highly detailed simulations of nuclear-weapon blasts. The US has performed such simulations since 1992 instead of conducting test explosions.
Sequoia has 98,304 IBM 16-core, 1.6-GHz Power BQC processors, which means it operates with up to 1,572,864 processing cores. It has 1.6 petabytes of RAM, runs Linux, and utilizes IBM's BlueGene/Q super-computing architecture.
IBM made five of the top 10 super-computers on the most recent TOP500 list and 47.6 percent of all Top 500 systems.
Researchers Develop Gigapixel Camera
Duke University scientists have built a 1-gigapixel camera, offering about 25 times the resolution of today's best commercial cameras.
As part of the DARPA-sponsored Aware-2 project, the researchers are currently constructing a 10-gigapixel version of their camera and say even higher-resolution versions are possible.
The researchers, led by professor David Brady, say their device could yield a clear image of a postage stamp a half-mile away. They say the camera could ultimately be used to take clear photographs of distant objects or capture images of very large areas. DARPA hopes to utilize the camera in aerial and land surveillance.
In the past, individuals have manually stitched together multiple smaller images to produce a gigapixel image, but the goal of the Duke researchers was to build a camera that can take a single photograph with this level of resolution. Typically, though, huge sensor arrays have been expensive and computationally complex, and also have experienced optical aberrations.
Brady avoided these problems by creating a 100-pound system that combines 98 14-megapixel cameras within a two-and-a-half-foot-square case. The system includes Gigapan compositing software running on a PC that automatically stitches together the black-and-white images taken by the cameras.
Brady said future technological advances could help reduce their device's size so that users could easily hold it in their hands.
Hackers Use Automated Cloud System to Steal Millions of Dollars
Cyberthieves have built and used an automated cloud-based system to defraud banks and credit unions worldwide of millions, and perhaps billions, of dollars.
The hackers targeted banks first in Europe and then in Latin America and the US, according to Intel-owned security vendor McAfee, which helped in the theft investigation, dubbed Operation High Roller.
The company said the hackers focused on large bank accounts and stole between $75 million and $2.5 billion. Most of the withdrawals were less than $10,000, and the biggest was $130,000. The thieves transferred stolen money to their own accounts in various European locations.
McAfee said the attacks were unusual in that they were largely automated and used cloud computing. Typically, people who hack bank accounts steal usernames and passwords and then manually transfer money from one victim at a time.
In the recent hacks, the criminals, who appeared to be very familiar with banking transaction systems, used 60 cloud-based servers to host their attack mechanism's logic and functionality. They changed servers frequently, which kept blacklisting and several other security techniques from being effective.
They also employed encrypted links to help hide their activities and avoid antivirus scans, and took other measures to defeat endpoint-security and monitoring tools.
Their attacks began with an e-mail that looked as if it was from the recipient's bank. Clicking on a link downloaded Zeus- or SpyEye-based malware that was customized for each of the victimized banks.
The Zeus Trojan horse steals banking information by logging keystrokes or grabbing information that victims place into fake online forms.
The SpyEye Trojan downloads a configuration file—containing a list of websites the hackers want to use in their attacks—onto infected systems. When victims visit one of the sites, SpyEye injects code onto a webpage that creates a form asking for personal data the criminals can exploit.
Both Zeus and SpyEye create botnets that work with hackers' command-and-control servers.
Au Revoir to France's Web Forerunner, Minitel
The Minitel system, France's precursor to the Web, has stopped providing service after 34 years of operation. France Telecom recently shut down the system, which reportedly still had about 600,000 users, down from a peak of 25 million in the mid-1990s.
Industry observers said the decline in customers, high maintenance costs, and the Internet's increasing popularity caused the end of Minitel service.
The system was still generating revenue for France Telecom, which reported about $37 million in income in 2010, down from about $1.2 billion in the mid-1990s. Many of its remaining customers apparently were older users without Internet access.
France's former state communications agency—Poste, Téléphone et Télécommunications (PTT)—began testing the Minitel system in 1978, 11 years before Tim Berners-Lee wrote his initial proposal for the World Wide Web. The service—consisting of a Minitel terminal and the Teletel network—was available throughout France by 1982.
PTT gave away the hardware—a small beige box with a fold-down keyboard and a text-only interface—but charged for connections to information-providing services, the equivalent of today's websites.
The system was used briefly in other countries, including Belgium and Ireland, but was successful only in France.
Some critics say the French government didn't advance Minitel technology and kept it under central control, making it less appealing to many than the decentralized Internet. Others say Minitel slowed French Internet adoption.