Editorial Pointers This month marks my 17th result, particularly as they pertain to intelligence gath- year with Communications. During ering, protecting the global network infrastructure, that time this magazine has chroni- and enhancing emergency response. Guest editor John cled the evolution of practically Yen says such protective efforts require “tremendous every known—and heretofore science” and that major challenges remain, given the unknown—discipline within com- secretive nature of terrorist activities and daunting puter science. Indeed, we watched environmental constraints. We hope this section the computing field itself evolve prompts the IT community—worldwide—to help into a global arena of unprecedented triumphs and develop the solutions together. erratic spirals. But with it all, it’s still difficult to accept Also in this issue, Wang et al. contend the criminal that events would one day warrant the coverage we mind is no match for a new record-linkage method feature here—U.S. homeland security. designed to match different, deceptive criminal identi- Naïve? Perhaps. ACM is indeed a global village; we ty records. And Escudero-Pascual and Hosein argue are well aware there are many readers of and authors that government attempts to create a one-size-fits-all in this magazine who live in parts of the world where technology policy to protect communications infra- homeland security—or lack thereof—has always been structures do not translate on an international scale. a tangible part of everyday life. For many more of us, Dalal et al. describe a framework for enterprise however, terrorism on home soil is fresh ground. In its process modeling that should enhance the design of aftermath, governments worldwide have turned to the next generation of ERP systems. Kim and their science and technology communities to build the Schneiderjans offer a unique interpretation of distance tools and intelligence capabilities to better secure their learning, asserting success of Web-based education citizens and defend their borders against attack. programs may depend on the personality characteris- The U.S. government has drawn upon a vast uni- tics of employees. And Sethi interprets a series of stud- verse of technologists from all disciplines to develop ies on stress among IS professionals and how it affects new digital techniques for defending national borders productivity and costly employee turnover. and interests. Although homeland security incorpo- rates myriad research branches, this month’s special section introduces some of the information and com- munications technologies that have emerged as a Editor OF THE ACM • A monthly publication of the ACM Publications Office ACM, 1515 Broadway, New York, New York 10036-5701 USA (212) 869-7440 FAX: (212) 869-0481 Editor: Diane Crawford Advertising Communications of the ACM Managing Editor: Thomas E. Lambert ACM Advertising Department (ISSN 0001-0782) is published monthly by the Senior Editor: Andrew Rosenbloom 1515 Broadway, New York, NY 10036-5701 ACM, 1515 Broadway, New York, NY Editorial Assistant: Mailyn Chang (212) 869-7440; Fax: (212) 869-0481 10036-5701. Periodicals postage paid at Copyright: Deborah Cotton Account Executive: New York, NY 10001, and other mailing William R. Kooneyemail: [email protected] offices. POSTMASTER: Please send address Contributing Editors changes to Communications of the ACM, 1515 Phillip G. Armour; Hal Berghel; For the latest media kit—including rates—contact: Broadway, New York, NY 10036-5701 USA Michael Cusumano; Peter J. Denning; Graciela Jacome: [email protected] Robert L. Glass; Seymour Goodman; Printed in the U.S.A. Meg McGinity; Rebecca Mercuri; Contact Points Peter G. Neumann; Pamela Samuelson CACMeditorial: [email protected] aaccmm Copyright permission:[email protected] PRESS Art Director: Caren Rosenblatt Calendar items:[email protected] Production Manager: Lynn D’Addesio Change of address:[email protected] COMMUNICATIONSOF THE ACMMarch 2004/Vol. 47, No. 3 5 ACM The Association for Computing Machinery ACM (founded 1947) is an international scientific and educational organization dedicated to advancing The art, science, engineering, and application of information technology, serving both professional and public interests by fostering the open interchange of information and by promoting the highest professional and ethical standards. Executive Director and CEO: John White Board Chairs and Standing Committees Associate Director, Office of Education Board: Russell Shackelford; SGB Board: Alan Berenbaum; Director, ACMU.S. Public Policy Office: JeffGrove MembershipBoard: Terry Coatta; Mike Macfaden; Publications Board: Robert Allen USACM Committee: Deputy Executive Directorand COO: Patricia Ryan Director, Office of Information Systems: Wayne Graves Eugene Spafford, Barbara Simons Director, Office of Financial Services: Russell Harris Financial Operations Planning: Darren Ramdin SIG Chairs Director, Office of Membership: Lillian Israel SIGACT:Harold Gabow; SIGAda:Currie Colket; SIGAPL: Robert G. Brown; SIGAPP:Barrett Bryant; Director, Office of Publications: Mark SIGARCH:Norman Jouppi;SIGART:Maria Gini; Mandelbaum SIGBED:Janos Sztipanovits; SIGCAPH: John Goldthwaite; Deputy Director: Bernard Rous Deputy Director, Magazine Development: Diane Crawford SIGCAS: TomJewett; SIGCHI: Joseph Konstan; Publisher, ACM Books and Journals: Jono SIGCOMM: Jennifer Rexford; SIGCSE: Henry Walker; Hardjowirogo SIGDA: Robert Walker; SIGDOC: Scott Tilley; SIGecomMichael Wellman; SIGGRAPH: Alain Chesnais; Director, Office of SIG Services: Donna Baglio SIGGROUP: Wolfgang Prinz; SIGIR: Jaime Callan; Assistant Director, Office of SIG Services: Erica Johnson SIGITE: Edith Lawson; SIGKDD: Won Kim; Program Director: Ginger Ignatoff SIGMETRICS: Leanna Golubchik; SIGMICRO: Kemal Ebcioglu; SIGMIS: Janice Sipior; SIGMOBILE: Victor Bahl; ACM Council SIGMOD:M. Tamer Ozsu; SIGMULTIMEDIA: Ramesh Jain; President Maria Klawe SIGOPS: Keith Marzullo; SIGPLAN: Michael Burke; Vice-President David S. Wise SIGSAC: Sushil Jajodia; SIGSAM: Emil Volcheck; Secretary/Treasurer Telle Whitney SIGSIM: John Tufarolo; SIGSOFT: Alexander Wolf; Past President Stephen R. SIGUCCS: Robert Paterson; SIGWEB: Peter Nuernberg Bourne Chair, SGB Board Alan Berenbaum Chair, Publications Board Robert Allen For information from Headquarters:(212) 869-7440 Members-at-Large:Roscoe Giles (2002–2006); Denise Gürer ACM U.S. Public Policy Office: (2000–2004); David S. Johnson (1996–2004); Michel Beaudouin- Jeff Grove, Director Lafon (2000–2004); Edward Lazowska (2000–2004); Barbara Ryder 1100 Seventeenth St., NW (2002–2004); Gabriel Silberman (2002–2006) Suite 507 SGB Council Representatives: Stuart Feldman (2002–2004); Washington, DC 20036 USA Mark Scott Johnson (2001–2005); JimCohoon (2001–2005) +1-202-659-9711—office +1-202-667-1066—fax [email protected] OF THE ACM • A monthly publication of the ACM Publications Office ACM, 1515 Broadway, New York, New York 10036-5701 USA (212) 869-7440 FAX: (212) 869-0481 Editorial Advisory Board Copyright for components of this work owned by Single Copiesare $8 to members and $17 to Gordon Bell; Hal Berghel; Grady Booch; others than ACM must be honored. Abstracting with nonmembers. Please send orders prepaid plus $7 for Nathaniel Borenstein; Vinton G. Cerf; credit is permitted. To copy otherwise, to republish, shipping and handling to ACM Order Dept., P.O. Kilnam Chon; Jacques Cohen; Larry L. Constantine; to post on servers, or to redistribute to lists, requires Box 11414, New York, NY 10286-1414 or call Jon Crowcroft; Peter J. Denning; Mohamed E. Fayad; prior specific permission and/or fee. Request permis- (212) 626-0500. For credit card orders call Usama Fayyad; Christopher Fox; Ravi Ganesan; sion to publish from: Publications Dept. ACM, Inc. (800) 342-6626. Order personnel on duty 8:30-4:30 Don Gentner; Don Hardaway; Karen Holtzblatt; Fax +1 (212) 869-0481 or email <permissions@ EST. After hours, please leave message and order Barry M. Leiner; Pattie Maes; Eli Noam; acm.org> personnel will return your call. Cherri Pancake; Yakov Rekhter; Douglas Riecken; For other copying of articles that carry a code at Ted Selker; Dennis Tsichritzis; Ronald Vetter the bottom of the first or last page or screen display, Notice to Past Authors of copying is permitted provided that the per-copy fee ACM-Published Articles ACM intends to Publications Board indicated in the code is paid through the Copyright create a complete electronic archive of all articles Chair: Robert Allen; Gul Agha; Clearance Center, 222 Rosewood Drive, Danvers, and/or other material previously published by ACM. Michel Beaudouin-Lafon; Ronald F. Boisvert; MA 01923, 508-750-8500, 508-750-4470 (fax). If you were previously published by ACM in any Adolfo Guzman-Arenas; Wendy Hall; journal or conference proceedings prior to 1978, or Carol Hutchins; Mary Jane Irwin; M. Tamer Ozsu; Subscriptions any SIG newsletter at any time, and you do not Holly Rushmeier Annual subscription cost is included in the society want this work to appear in the ACM Digital member dues of $99.00 (for students, cost is included Library, please inform [email protected], stating ACM Copyright Notice in $40.00 dues); the nonmember annual subscription the title of the work, the author(s), and where and Copyright © 2004 by Association for Computing is $179.00 See top line of mailing label for subscrip- when published. Machinery, Inc. (ACM). Permission to make tion expiration date coded in four digits: the first two digital or hard copies of part or all of this work for are year, last two, month of expiration. Microfilm and personal or classroom use is granted without fee microfiche are available from University Microfilms aaccmm provided that copies are not made or distributed for International, 300 North Zeeb Road, Dept. PR, Ann profit or commercial advantage and that copies bear Arbor, MI 48106; (800) 521-0600. this notice and full citation on the first page. 6 March 2004/Vol. 47, No. 32 COMMUNICATIONSOF THE ACM News Track Blurred Vision vacy and security. Now major employers are banning The U.S. Government, bowing to repeated Secret Ser- camera phones on the job amid growing fears these vice requests, is now deliberately obscuring its highest- devices pose serious threats to company secrets and quality aerial photographs over Washington in an effort worker privacy, reports USA Today. Firms worry to hide visible objects on the roofs of the White House, employees will use the phones to send images of new Capitol, and Treasury products or other company information, departments. The or else take pictures of unsuspecting co- Associated Press workers in locker rooms or bathrooms, reports this blurring which may lead to business or legal risks. policy also includes General Motors, Texas Instruments, views of the Naval DaimlerChrysler, BMW, and Samsung are Observatory where a few of the recent corporations to issue the Vice President “no camera phone” zones in the work- lives. Experts are con- place. U.S. courthouses are also starting to cerned the unusual adopt the ban fearing camera phones can decision reflects a be used to photograph jurors or under- troublesome move cover agents serving as witnesses. toward new govern- Love/Hate Relationship ment limits on com- mercial satellite and In other phone news, the cell phone topped aerial photography. the list of the annual Lemelson-MIT Inven- Moreover, the effec- tion Index as the invention users love to tiveness of blurring hate. Unlike recent U.K. surveys that found one set of govern- the majority of users developing a strong, ment-funded photos is questionable since tourists can sentimental attachment to their phones, the U.S.- see the roofs of these noted buildings from dozens of based study concluded that cell phones have become a taller buildings in downtown D.C. Secret Service necessary part of life, but the devices in fact drive most spokesperson John Gill explained the agency worried users crazy. “The interconnections you get from the that high-altitude photographs, so detailed that pedes- cell phones is a very positive thing. The downside is trians can been seen on crosswalks, “may expose security that you sometimes want to be alone,” explained operations.” Interestingly, the policy does not extend to Lemelson Center Director Merton C. Fleming. detailed pictures of the Pentagon, Supreme Court, Jus- Among the other inventions getting a collective rasp- A tice Department, or FBI and CIA headquarters. berry: the alarm clock, television, razor, microwave BAT oven, computer, and answering machine. E O K ASA (Keep) Phone Home Image Makeover M Y NS B An increasing number of companies are joining the The image of the stereotypical Internet user, long O ban on camera phones. Health clubs and popular characterized as an antisocial geek with no friends ATI R gambling casinos were quick to forbid the discrete pic- and no interest in the real world, has been shattered UST ILL ture-taking devices for obvious reasons of patron pri- by a new survey that finds the typical Web surfer one COMMUNICATIONSOF THE ACM March 2004/Vol. 47, No. 3 9 News Track wrong key at one point. The robot was also more sensitive in finan- cial concerns; human players were penalized for overspending. Ron Chrisley, University of Sussex, is quick to point out that having robots work in research labs is that shuns TV and is quite the social animal. The really nothing new. “We’ve had robot scientists for UCLA World Internet Project (ccp.ucla.edu/pages/ a long time now. But in the past we’ve always called internet-report.asp), a three-year survey of Net and them ‘grad students’.” non-Net users in 14 countries, produced global Rooms with a View comparisons data on social, political, and economic effects of the Net. The survey shows a digital gen- A million-dollar two-story home constructed of der gap in all participating countries and surpris- walls made mostly of windows that turn from clear ingly high levels of online use among the poorest to opaque, or to computer screens, to speakers, or citizens of the surveyed countries. The gender gap to television screens was a main attraction at the is most prevalent in Italy where 41.7% of the users recent Sundance Film Festival. The 6,000 square- were men; 20.1% women. The lowest gap was in foot prototype house, built in Park City, UT, is the Taiwan (where user makeup is 25% men, 23.5% creation of Anderson Windows and Time Warner women). Internet users in all surveyed countries and considered by both a research project. The spend more time socializing and exercising. In fact, windows, found inside and out including the roof, Net surfers also read more books (except in Ger- between rooms, stacked atop each other in bed- many and the U.S.). South Koreans rooms and bathrooms, are trust Net info the most; Swedes are the fitted with a microfiber LCD most skeptical. And China boasts the screen, which makes them most active Net socializers. opaque or able to display light from a TV projector. Robot Scientist Touch-screen computer mon- A robot that can formulate theories, itors are fully integrated into perform experiments, and interpret each window, allowing them results (and does all more cheaply than to receive and display infor- its human counterpart) has been cre- mation without projection. ated by a team of scientists at the Uni- Architect Michael James versity of Wales in Aberystwyth, U.K. Plutz designed the abode Nature magazine reports the Robot with “wall plans,” not floor Scientist isn’t as intelligent as, say, the plans. Of the resulting struc- leading chess-playing computer, but ture, he says: “We are a mul- combining the smarts of a computer with the titasking species. We want to do everything in agility to perform real scientific problems is a major every room. We should expect our windows to do engineering feat. In a recent test against human the same.” c competitors, the robot worked out which genes in yeast are responsible for making vital amino acids; even beating out a biologist who claims he hit the Send items of interest to [email protected] 10 March 2004/Vol. 47, No. 3 COMMUNICATIONSOF THE ACM Principles of Logical Thought Before Technical Details S imone Santini’s comment I have found that people using ardous object ... that can be (Forum, Dec. 2003) brought their brains get ahead further and expected to attract children to to mind something I con- faster than people who know only investigate or play.” In the case of stantly tell my students: There is technical details. In the end, it is classroom computers, the hazards nothing new about computers; not the computer that is impor- are encouragement for superficial they simply mechanize the applica- tant but the results they help thinking, facilitation of general tion of logical principles that have achieve. Knowing what to do with academic laziness up to and been around since Socrates, a logic the machine is far more important including plagiarism, ease of access that can be formally expressed than knowing how to do things to materials children ought not to through the mathematics invented with the machine. Well-consid- see, and general time wasting, by George Boole. ered definitions of what things to including game playing and aim- The two best courses I ever do inspire us to greater accom- less Web surfing. took for learning to work with plishments than trivial applica- As Santini pointed out, com- computers were formal logic and tions. Applying basic principles of puters are useful in a school Boolean algebra. The former was logical thought shields us from library, but their value in the class- taught by the philosophy depart- being overwhelmed by technical room is far from proven. If Aristo- ment, the latter by the mathemat- detail. tle, Newton, and Einstein were ics department. Neither professor Peter G. Raeth educated without computers, how knew much about computers. Fairborn, OH much of a handicap is not having Indeed, the subject of computers one? T never came up. Yet my experience he notion that we’re My one disagreement with suggests that everything a com- going to fix, or even help, Santini concerns is over the issue puter does is based on the princi- U.S. educational problems of school funding. I do not ples expressed in these two by putting a computer on every lament “the idea that public fund- courses. desk or even in every classroom is ing of education is destined to Thus, Santini’s assertion ridiculous. Simone Santini’s decrease.” I embrace it. When it appears to be correct: The mind Forum comment (Dec. 2003) was decreases to zero, children now should be developed first; techni- eloquent on this point. confined to public schooling will cal details should come later. It’s a Computers in the classroom are finally get the same chance to mistake to sit people in front of a what the law calls an “attractive excel as the U.S.’s seven million N O computer as the first step in teach- nuisance,” like a swimming pool private school and home-schooled WATS ing them how to program it to do in your neighbor’s backyard. The children have had for decades. AUL something useful. definition is “any inherently haz- The best alternative to public P COMMUNICATIONSOF THE ACM March 2004/Vol. 47, No. 3 11 Forum funding is not corporate sponsor- Still Seeking Software ((cid:1)18%) had the greatest gains. ship but self-funding. Productivity Software was last ((cid:2)1%). I For decades, government has n our article “Measuring These facts continue to support brainwashed parents into trusting Software Productivity in the our observations, measures, and the bureaucrats to educate their Software Industry” (Nov. rationale about low productivity children. The result has been a 2003), we developed a rationale using current software technology, disaster. The only way they can for measuring the productivity of as well as the steps needed to turn take back control is to pay fully development and support environ- it around. This has not seemed to for their children’s schooling ments as a first step toward solving stop the software industry from themselves. the problem of software produc- continuing to put itself further Mark Wallace tivity. behind in the productivity race Irvine, CA A 1995 BusinessWeek article sur- each year. veyed productivity in 25 indus- Donald Anselmo Why Reinvent When We tries, deriving percent productivity Phoenix, AZ Have Open Source? change over the previous five years Henry Ledgard R obert L. Glass’s Practical while reaching some astounding Toledo, OH Programmer column “A conclusions outlined in another Sociopolitical Look at Open article in Software Developer & Spare Me the Self-Service T Source” (Nov. 2003) discounted the Publisher(July 1996). Computers he News Track item (cid:1) practicality of users fixing their own (hardware) were first ( 153%), “Checked Out” (Jan. 2004) (cid:1) source, since the only users capable semiconductors second ( 84%), cited the skyrocketing use of (cid:2) of doing so are interested only in and software dead last ( 11%). self-service kiosks. I, for one, am system programs. Application end Independently, the Standish not convinced that the 14.5 mil- users hire consultants to do the fix- Group in Feb. 1995 published a lion passengers statistic really ing for them, and open source report on the software industry, means what it suggests. As a recent works out very nicely indeed. further supporting the negative first-class passenger on a major air- I’d like to understand the rea- productivity findings. line, I was directed to the self-ser- sons software developers insist on These facts were at odds with vice kiosk. Glancing at the reinventing the wheel despite the the implications of a 1991 Busi- counter, I noticed that all passen- availability of open source solu- nessWeekarticle “Software Made gers were being directed to the tions. As pointed out in Eric Simple,” which interviewed key “self-service” line; there was no Steven Raymond’s The Art of players in the world of object-ori- personal service. This is just Unix Programming ented programming. The article another way station on the road to (www.faqs.org/docs/artu/), the cited the naysayers who compared eliminating personal (but costly) notion of “not invented here” is OOP to artificial intelligence as face-to-face service without lower- not simply a response to the lack just another computer industry ing the price to the consumer. It of transparency in proprietary buzzword. Defending this com- didn’t cost me any less in effort solutions. The consequence in the parison, the authors wrote that, (checking in) or money (ticket open source world of program- unlike AI, object technology price), but it most certainly saved mers’ roll-your-own tendencies is would have “an immediate, practi- the airline some of both. that, except for a few areas with cal payoff.” Personally, I would prefer if the category-killer solutions, most Much more recently, Business- self-serve kiosks at airlines and problems are covered with Week (Jan. 12, 2004) discussed the grocery stores (along with tele- haystacks of partial solutions of annual percent productivity gains phone menu systems corporations questionable utility. of various major industries from use to punish us) would go away. David Hawley 1998 to 2001. Computer chips Dwayne Nelson Tokyo, Japan ((cid:1)19%) and consumer electronics Washington, D.C. 12 March 2004/Vol. 47, No. 3 COMMUNICATIONSOF THE ACM Lineage of the Internet’s came out in 1983. What is the The lineage of the individual Open Systems Foundation basis for the authors’ claim? protocols in the TCP/IP stack I ’d like to point out an Alex Simonelis clearly predate the concept of the important contradiction in Montreal, Canada standardized and layered stack Coskun Bayrak’s and Chad itself; TCP itself dates to the Davis’s “The Relationship Authors Respond: 1960s. However, the notion of T between Distributed Systems and hough we acknowledge the TCP/IP protocol stack isn’t Open Source Development” our semantic error we were the same as the individual proto- (Dec. 2003), which stated: “The lax not to catch prior to cols themselves. It wasn’t until original specifications of a layered publication, it shouldn’t be 1989 that the architecture of protocol stack upon which het- viewed as an indictment of the Internet communications was erogeneous distributed systems general line of our argument. A written into RFCs 1122 and could build their communication key part of our purpose, and of 1123, long after OSI and other systems, and upon which TCP/IP this citation in particular, was to projects brought attention to the was closely modeled, is of course highlight the open system nature significance of openness and the Open Systems Interconnect of the Internet’s technological interoperability. model [5].” Reference 5 is Peter- foundations, at the core of which We appreciate the opportunity son’s and Davie’s Computer Net- is the TCP/IP suite. to revisit these issues. The history works: A Systems Approach, which From a historical perspective, of these systems had been on the stated: “The Internet and the evolution of OSI vs. TCP/IP margins of our thinking prior to ARPANET were around before is a subjective issue. One may be this reexamination of our topic. the OSI architecture, and the interested in the invention of We thank Gottlieb and Simonelis experience gained from building specific protocols or, alternatively, for initiating this dialogue, them was a major influence on the invention of open system encouraging us to delve further the OSI reference model.” concepts, including layering and into the genealogical elements of Though this obvious contra- interoperability. However, the our topic. We also hope to hear diction was made by the authors, citation reinforced the openness more about our discussion of the a thorough review should have of the Internet’s core communi- Internet’s fundamental reliance on caught it. cations mechanisms. The notion communication systems demon- Yitzchak Gottlieb of what won—OSI or TCP/IP— strating high levels of openness. Princeton, NJ is not relevant in this sense. Rele- Concerning the mechanisms vant is the nonproprietary, open of development utilized by open T he article by Coskun system qualities of the Internet source projects, including Linux Bayrak and Chad Davis protocol suite. itself, we were unable in the con- would have been more We do not support the sugges- text of the article to fully explore informative and more interesting tion that the protocols within the the inner structures of the open had it let us in on the mechanisms TCP/IP suite were derived from source development model and the Linux community uses to sort OSI. We would, however, like to its intriguing similarities to the the good from the bad features know whether anyone finds fault inner structures of distributed and code so we “can bet the prod- with our characterization of the software systems. uct will be substantially better in TCP/IP stack as an essentially Coskun Bayrak only a few weeks,” as they say. and significantly open system. In Chad Davis Moreover, the authors assert regards to history and our discus- Little Rock, AR that TCP/IP was closely modeled sion of openness, the OSI project on ISO’s OSI. Vinton Cerf and was meant to clarify the role of Please address all Forum correspondence to the Robert Kahn began their work openness in the Internet’s devel- Editor, Communications, 1515 Broadway, New on TCP in 1973, whereas OSI oping infrastructure. York, NY 10036; email: [email protected]. COMMUNICATIONSOF THE ACM March 2004/Vol. 47, No. 3 13 Security Watch Rebecca T. Mercuri Superscaled Security Exponential increases in computational speed, memory capacity, and bandwidth impose futuristic security demands and challenges. A dvances in high-perfor- in the same amount of time) has “Moore’s Law, coupled with the mance computing have continued to endure. It is likely to business imperative to be more found their counterpart surpass even Gordon Moore’s competitive, is driving vendors to in new security threats. own 1997 prediction [5] that it build systems of exponentially Yet there is an interesting twist in will “run out of gas” around increasing complexity without that computational expansion 2017, as new materials and fabri- making security experts exponen- tends to be relatively pre- cation technologies emerge tially smarter to compensate.” dictable, whereas security chal- (including those intro- “The current trend is to build sys- lenges are typically duced through tems that conceptually are secure, introduced and mitigated the recur- but in practice and probability (when possible) in a sive appli- the systems’ ability to resist the more chaotic fashion. cation of efforts of a creative attacker are Few would have improved less,” said Kocher in a pre- surmised, for computers USENIX 2002 interview. “The example, that spam would into the manu- idea is that security should be get- have exceeded facturing ting better, however, design flaws 60% of all process). In 2003, are becoming an increasingly cata- email trans- Moore told the Inter- strophic problem” [2]. missions by the national Solid- Some believe that cryptography end of 2003, nor States Circuit can help reverse this trend, and that detection Conference “I cryptosystems are playing a signif- software would require remember thinking icant role in providing security sophistication approaching Tur- one micron (a milestone the assurances. Yet each generation of ing Test intelligence levels. It is industry passed in 1986) was as computers brings with it an obso- useful, therefore, to consider far as we could go because of the lescence of some earlier crypto- some of the impacts of scaled-up wavelength of visible light used graphic methods, usually computing on our overall secu- at the time. Engineers then considerably sooner than has been rity environment. switched to ultraviolet light.” predicted. This will likely con- Certain rules continue to apply But as advancements in hard- tinue to be the case, and may to computational evolution. ware continue to occur, security even accelerate as new paradigms Moore’s Law (which anticipates appears to be declining (although for algorithmic attacks, including Y processing power doubling not necessarily at an equivalent distributed techniques, evolve. So E O H approximately every 18 months rate). As Paul Kocher of Cryptog- this implies that if cryptography is R E ET while the equivalent price halves raphy Research, Inc. asserted, used to sign and protect data and P COMMUNICATIONSOF THE ACM March 2004/Vol. 47, No. 3 15 Security Watch software (especially for archival vast quantities of information also against us.” Whether the negatives purposes) then a systematic increases the likelihood that this will eventually outweigh the posi- method for updating these wrap- data will eventually be used for tives, in terms of adverse impacts pers will need to be devised, lest heretofore unknown and poten- on connectivity and usability, is trust in content be undermined. tially nefarious purposes. yet to be determined. Cryptography, though, cannot We may have no choice regard- There is a storehouse of data be expected to solve all security ing such data dissemination, since that we are looking forward to problems. PGP encryption guru global economic forces may be having online, which is currently Phil Zimmerman told London’s driving us toward total intercon- located in libraries, recordings, 2003 Infosec security conference nectivity of all humans on the and research databases. As David that Moore’s Law is a “blind planet. This is ultimately feasible, Sarnoff predicted in an article he force” for undirected technology since in the networking world, wrote for the New York Heraldin The ultimate question must be whether or not there will someday be a computational system that can prevent all forms of nefarious attack. escalation. He explained that “the Gilder’s Law dictates that the total 1922, “It is inconceivable that the human population does not dou- bandwidth of communication sys- development of the transmission ble every 18 months, but its abil- tems will triple every 12 months. of intelligence will go forward at a ity to use computers to keep track (By comparison, the number of leisurely pace; everything points to of us does,” and added, “you can’t humans is only expected to dou- a very great acceleration.” One encrypt your face.” He fears the ble from 6 to 12 billion by 2100.) wonders whether Sarnoff might series of initiatives in U.S. home- Metcalfe’s Law rates the value of a have imagined that such accelera- land security have far-reaching network as proportional to the tion would, within the next effects on privacy because “it has number of nodes squared, so the decade, make it feasible for a lap- more inertia and is more insidi- merit of connectivity increases top computer to hold the contents ous. When you put computer exponentially as units are intro- of the entire Library of Congress. technology behind surveillance duced, while costs tend to remain Certainly it is imperative to ensure apparatus, the problem gets stable. But this supposition of that all information will be repli- worse.” We already yield a continually increasing payback is cated correctly in such compendia. tremendous amount of personal not necessarily correct. Jake Brod- Imagine an insidious virus that information to our PDAs and sky reminds us of Newton’s Third permutes documents such that permit tracking of our movements Law (“For every action, there is an history eventually reflects that in exchange for continuous equal and opposite reaction”), Thomas Jefferson was the first incoming telephone service, so the noting that events are “going on president of the United States. devices we voluntarily adopt may under our noses this very minute: This might not be so damaging, ultimately prove more untrust- Security holes, hacking, and but other transformations could worthy than the monitoring being phreaking. The very tools that have dire results. Even if data is imposed. The increasing ability of make this ‘revolution’ [in technol- maintained intact, accessibility to computers to store and analyze ogy] possible are also being used powerful search and logic engines 16 March 2004/Vol. 47, No. 3 COMMUNICATIONSOF THE ACM