News Briefs

18 computer Published by the IEEE Computer Society 0018-9162/13/$31.00 © 2013 IEEE

Security Experts: Disconnect Universal Plug and Play

A technology designed to make it easy to connect PCs to various devices leaves those machines vulnerable to attack, according to security researchers.

Because of this, security vendor Rapid7 is advising people to turn off universal plug and play on their IP cameras, printers, Wi-Fi access points, routers, and millions of other Internet-connected devices on which it has been enabled either by default or by the user.

UPnP uses protocols—such as TCP/IP, HTTP, XML, and SOAP—that let devices join an IP network, seam-lessly discover one another, and establish the services necessary for peer-to-peer data sharing and communications.

However, in a report titled “Secu-rity Flaws in Universal Plug and Play: Unplug. Don’t Play,” Rapid7 research-ers said that various UPnP security flaws also make it easier for hackers to use the technology to compromise computers or networks.

In a recent experiment, the researchers issued UPnP discovery requests to millions of routable IPv4 addresses once weekly for about six months. They say that 81 mil-lion unique addresses from multiple networks responded, even though the technology is only supposed to enable communications within a single local network.

Approximately 17 million machines broadcast UPnP ser-vices based on SOAP, which is a Web services messaging protocol. By advertising these services, the machines would let hackers gain access without worrying about secu-rity measures such as firewalls.

Rapid7 says it has found 6,900 products from 1,500 vendors with at least one UPnP vulnerability.

Among the technology’s prob-lems, according to the company, are the rare implementation of authenti-cation by device manufacturers, the

frequent exposure of privileged capa-bilities to untrusted networks, and pro-gramming flaws in many software implementations.

Software Recreates Ancient Languages from Modern Tongues

Academic researchers have developed software that helps recon-struct old languages from their modern versions. Scien-tists at the University of California, Berkeley, and University of British Columbia say this could help main-tain languages that have very few native speakers left.

The new software analyzes today’s languages and then auto-matically and rapidly produces vocabularies of their historical pre-decessors, known as protolanguages. Until now, linguists have had to accomplish this by manually com-paring languages that appear to be based on the same ancestral tongue.

UC Berkeley associate professor Dan Klein said the new program uses ideas linguists have employed for years. It also utilizes a Markov chain Monte Carlo algorithm, a statistical approach that repeatedly samples probability distributions of possible protolanguage vocabu-lary words until it finds highly likely ones.

So far, the researchers have used the software to study today’s Austro-nesian languages—such as Hawaiian, Tagalog, Ilokano, Malay, Samoan, and Tahitian—which are used in various Southeast Asian islands, the Pacific, and mainland Asia.

The scientists have examined about 140,000 modern words and reconstructed about 600 Austrone-sian protolanguages. They say that

about 85 percent of the reconstruc-tions are extremely close to those that linguists have produced.

Klein said that the software is designed not to replace linguists but to provide them with a helpful tool.

The researchers note that their application also might be able to predict how languages will change in the future.

US Military Software Turns Warplanes into Wireless Routers

The US armed forces have developed software that can turn its warplanes into flying wire-less routers, making it easier for ground soldiers to communicate with one another.

The military could add the Net-T (network tactical) software to its LITENING and Sniper targeting sys-tems, which are installed in pods on various US Air Force aircraft that carry cameras, sensors, and commu-nications equipment.

Troops could send messages and data—including video, still images, or map coordinates—to one another via Net-T and the Remotely Operated Video Enhanced Receiver 5 system. ROVER-5 is a tablet that soldiers carry and that, until now, allowed communications only directly between ground troops and aircraft.

march 2013 19

to complete one set of HEVC exten-sions that would enable video with more color information and another that would support 3D and multi-view video, which uses sequences captured simultaneously from mul-tiple cameras.

Some HEVC technologies are covered by patents—from compa-nies such as Intel, Microsoft, NTT DoCoMo, Qualcomm, and Research In Motion—which means users could have to pay royalties. The ISO and ITU say holders of patents that are part of their standards must let people who deploy the technologies use them either royalty-free or by paying a reasonable fee.

MPEG LA—a company that licenses patents used in MPEG and similar standards—says it is working with various companies to license some of their HEVC-related patents.

Google is working on VP9, an open, royalty-free HEVC competitor.

With Net-T, soldiers could send messages and data to a properly equipped aircraft, which would route them to other troops on the ground, without relying on the availability of traditional satellite or radio technol-ogy. To do so, each set of soldiers would need to have line of sight with the plane, explained US Air Force Capt. Joseph Rojas, the Net-T Project test engineer. The troops don’t have to be able to see one another.

The 40th Flight Test Squadron at Eglin Air Force Base in Florida recently finished testing Net-T on aircraft such as the B-1B bomber, and the F-16 and F-15E fighters.

Pilots activate the system by pushing a single button. Then, said US Air Force Maj. Olivia Elliott, who helped test Net-T, “After that, the pilot must stay within the range of the ROVER’s transmitter and stay within view of the users.”

The Air Force plans to begin using Net-T operationally by 2014.

New Standard Enables Ultrahigh-Quality Video

Two standards groups have col-laborated on a new compression technology that promises higher-quality video that could get even better in the future.

The International Organiza-tion for Standardization’s (ISO’s) and International Electrotechni-cal Commission’s Moving Picture Experts Group (MPEG), along with the International Telecommunica-tion Union-Telecommunication (ITU-T) Standardization Sector’s Video Coding Experts Group (VCEG), have completed designing the High Efficiency Video Coding (HEVC)

standard, also called H.265. It will succeed the popular Advanced Video Coding specification, also known as H.264.

HEVC will support 4K video, a high-definition format in the early stages of adoption in which the horizontal resolution is about 4,000 pixels. This is four times the resolution of typical high-defini-tion 1080p video.

Proponents say HEVC could also support 8K video, which would have 16 times 1080p’s resolution but hasn’t been adopted yet. HEVC uses bandwidth more efficiently than its predecessors, enabling media players and networks to play higher-resolution video without bogging down in huge amounts of data.

Consequently, industry observers say, HEVC could become popular quickly. Numerous vendors have already announced support for the technology in their products.

By January 2014, MPEG expects

Maj. Olivia Elliott of the US Air Force’s 40th Flight Test Squadron looks over the LITENING advanced targeting pod on her A-10 Thunderbolt II warplane at Eglin Air Force Base in Florida. Elliott helped test the military’s new Net-T software, which is installed in the pod and turns jets into wireless routers that enable ground troops to communicate more easily.

News Briefs

20 computer

IBM Advances New Chipmaking Approach

IBM has developed a chip with carbon nanotube transistors at twice the density produced else-where, further advancing research on ways to replace silicon in future processors.

Chipmakers are concerned that they may be approaching the limit as to how much smaller they can make silicon transistors. This would restrict the amount of cir-cuitry they could put on a chip to increase its performance.

To address this issue, IBM researchers recently built a hybrid chip with 10,000 working transis-tors made of carbon nanotubes on a silicon substrate. Carbon nano-tubes can be grown very small, enabling their use in tiny transis-tors that could be packed onto processors. The IBM scientists say this approach could let them con-tinue developing faster chips for at least another 10 years.

To build their chip, the researchers drew circuitry pat-terns on their silicon substrate. They then applied tiny pieces of carbon nanotubes that they had first soaked in a soapy liquid. Via chemical self-assembly, nanotubes stuck to the parts of the patterns where the circuitry was to go.

Ultimately, the researchers will have to perfect the process of build-ing chips with such material. The IBM scientists say they hope to do so during the next decade.

editor: Lee Garber, Computer; l.garber@computer.org

touch Your pLant, controL Your computer

D isney Research has developed a technology that could let users touch or wave a hand near a house plant and control their PCs, MP3 players, or other electronic device. The

botanicus interactus technology could work even with artificial plants.The approach recognizes human touch or proximity via capacitive touch sensing, which

most smartphone touchscreens also utilize. In the new technology, capacitive coupling would transfer energy from the human body to a wire in the plant.

Unlike touchscreens, which recognize just one capacitance signal frequency, botanicus interactus uses swept frequency capacitive sensing, which monitors signals across a range of frequencies. This lets the system determine where and how a user has touched a plant or track a person’s proximity to a plant.

These capabilities help the system recognize different touches as different commands, which could then be transmitted to the device being controlled.

Disney Research senior research scientist Ivan Poupyrev is leading the botanicus inerac-tus project and is working with the Berlin University of the Arts, Studio NAND in Germany, and the University of Tokyo.

Disney Research has led development of a technology that lets people control their electronic devices by touching a common house plant.

Selected CS articles and columns are available for free at http://ComputingNow.computer.org.

Calls for PapersIEEE Micro seeks general-interest submissions for publication in upcoming issues. These works should discuss the design, performance, or application of microcomputer and microprocessor systems. Of special interest are articles on performance evaluation and workload characterization. Summaries of work in progress and descriptions of recently completed works are most welcome, as are tutorials. IEEE Micro does not accept previously published material.

www.computer.org/micro/cfp