In this issue: mobile phone calls become secure; VoIP calls could threaten LAN security; virtual raindrops help robots walk on water; ebay - the archaeologists friend and Kaspersky Lab CEO wants greater regulation and an 'Internet government'. And that's just to start.
UK start-up secures mobile voice calls
By Luke Collins
A UK start-up has developed a technique for protecting voice calls made from mobile phones, including the BlackBerry and those running the Symbian or Windows Mobile operating systems.
"Little has been done to secure voice data," said Simon Bransfield-Garth, CEO of CellCrypt. "It's the last form of unsecured data."
Bransfield-Garth claims the technology is secure enough to be used in 'BlackBerry One', the special smartphone that is said to be under development for US president Barack Obama. It would just take too long to get the necessary certifications.
"There's no reason why the technology we've developed couldn't go through the process to get certification at that level, but it takes two to three years," he said.
Instead the company is focusing on general government users and the senior levels of corporations.
"The initial market for this is in government but we're seeing a strong growth in the corporate market as well. The CEO of Exxon has a secure voice phone, and we think our solution would also be appropriate for use in the oil business, drug discovery, legal, finance and transportation sector as well - anywhere there's a potential threat of eavesdropping."
Bransfield-Garth says that voice encryption for mobiles used to be done by digitising speech, encrypting it and then sending it as series of audio tones over circuit-switched data connections, which haven't been implemented everywhere. Cellcrypt's approach is to encrypt the digitised voice and send it as IP data over 3G and Wi-Fi connections, reducing the latency involved and using a more widely implemented channel to carry the data on than before.
"This gives you two big benefits over existing solutions," he said. "You don't have long latencies - over a Wi-Fi network it will be about 250ms and over 3G about 375ms - and it doesn't care which country it is working in."
Bransfield-Garth says his company's technology relies on a combination of expertise in efficient encryption algorithms, to save the handset's battery power, and network architectures, to manage the latency involved in sending encrypted speech over wireless networks. It uses standard cryptography algorithms to encrypt and authenticate the voice data, exchange keys and assure data integrity.
Cellcrypt runs secure servers that help authenticate connections and establish secure routing, but which don't take any part in the trust relationship that is created for each secure call.
VoIP connections threaten LAN security
The increasing use of voice over Internet Protoctol (VoIP) systems to save money on phone calls may be threatening the security of corporate local area networks (LANs), according to Alcatel-Lucent.
Speaking at the InfoSecurity Europe trade show, Natalie Stallwood, business development manager for Alcatel-Lucent in UK and Ireland, said: "More than 75 per cent of the deployments of VoIP are done without considering the security of the LAN."
Stallwood blamed the fact that "VoIP equipment is bought by telecoms people, not IT people," but runs over data networks not a custom voice IP network.
VoIP calls need four ports on a network, which are often assigned statically and then left open. This leaves the network vulnerable to denial- or degradation-of-service attacks, toll fraud and other issues.
"There are off-the-shelf scanning tools to find these vulnerabilities, and websites that list the vulnerabilities of various manufacturers' VoIP equipment," said Stallwood.
Alcatel-Lucent's solution, dubbed the Brick, was originally developed by Bell Labs to protect US government networks and so far has not had any vulnerabilities reported on the Computer Emergency Response Team database.
The Brick uses a technique called 'IP dynamic pinholing' to secure VoIP connections, opening up a fresh set of random assigned ports for each call and closing them when the call ends.
It also takes steps to protect the Session Initiation Protocol (SIP) used to start VoIP calls, by limiting the length of the SIP header and blocking comments within it.
Internet 'needs a government'
Regulation must be introduced into the management of the Internet, to defend it against cyber-criminals, says Kaspersky Lab CEO Eugene Kaspersky.
In a video interview for E&T, Kaspersky insists that the Internet is now far too important to global economies for it to remain largely unregulated. "If I were designing the Internet from scratch, I would factor regulation into it from the ground up," he says, "the same as we have on any other public network, where the fact that every user has registered ID is the norm."
Kaspersky wants to see an 'Internet government' that would manage such controls, and administer 'Internet passports' for all online users. He also favours an 'Internet Interpol' that would coordinate regional and international law enforcement of the Web.
See the full interview in 'New Technologies, New Risks' - the second of E&T's video reports from Infosecurity Europe:
View from Brussels
Green homes or just red tape?
By Pelle Neroth
Incandescent light bulbs, as we all know, are to be a thing of the past. Encouraged by this, what is the European parliament seeking to ban next? Think: home fittings.
This move is the final blast of lawmaking from the European parliament of 2004-09. The elections of the body responsible for 40 per cent of UK legislation take place in June.
I heard about the latest changes at a reception with the UK Independence Party (UKIP), whose feel for what Europe cooks up that voters could find onerous remains healthy.
This is shown by their latest tip-off: MEPs have endorsed a Commission proposal to subject every element used in constructing buildings - boilers, bricks, insulation, shower heads and windows - to an eco-audit. "More Brussels red tape for Britain," my UKIP friend crowed.
I rang the European parliament. "Just as washing machines and TVs are given stickers with a rating depending on their environmental friendliness, so will construction materials," one parliamentary official explained. "As with light bulbs, you could see phase-outs of the less green alternatives."
The rating will be given according to the material's energy use, calculated over the entire lifecycle. Eventually green audits will be extended to consumer products such as detergents - even food.
"Obviously it is going to be a case of diminishing returns," Liberal Democrat MEP Fiona Hall told me. "It will be a while before we see green audits on supermarket shelf products."
The lists of products, expert reviews and impact assessments will be drawn up by the Commission. One insider predicted that it would favour higher quality European over Chinese manufacturers. "We find European industry likes this kind of standards-tightening legislation."
This legislation fits, I am told, hand-in-glove with a green buildings initiative passed in a busy last session of parliament. In the past, only new, large buildings were subject to energy regulations. But now the rules will be extended to private homes.
Will it work? Constant van Aerschot of the World Business Council for Sustainable Development think tank says buildings account for 40 per cent of global energy use, but the problem with housing legislation is two-fold. The European building stock is renewed at the rate of one per cent a year, and home renovations are infrequent. Plus, it's the whole picture that counts. You can buy the finest double glazing, but if it's badly fitted, it won't save energy.
I ask Hall whether people feel they can afford this environmental race to the top. She replies: "My constituents come up to me approving of the ban on bulbs. Because of economies of scale, the new CFL bulbs are down from £10 each to 30p."
She adds: "The environmental package is the best thing the European parliament has done this parliamentary term."
UKIP would surely disagree: at the meeting, several speakers said they thought global warming was a hoax perpetrated by the eurocrats.
eBay comes to rescue of historical sites
By Dominic Lenton
Far from encouraging indiscriminate digging at archaeological sites, the arrival of online auction sites such as eBay has actually reduced looting, a comprehensive review of online transactions has revealed.
Charles 'Chip' Stanish, a professor of anthropology who heads the Cotsen Institute of Archaeology at the University of California, Los Angeles, has been tracking objects advertised as antiquities on eBay for more than nine years.
Writing in the current issue of Archaeology, Stanish claims that online auctions have drastically altered the transporting and selling of illegal artefacts, but not in the way he had expected.
"My greatest fear was that the Internet would democratise antiquities trafficking, which previously had been a wealthy person's vice, and lead to widespread looting," he writes.
In reality, however, eBay has inadvertently created a vast market for copies of antiquities, diverting whole villages from looting to producing fake artefacts. And the proliferation of copies has made buying such a risky business that it has reduced the incentive to loot by depressing overall demand.
Stanish, who heads one of the world's biggest teams of working archaeologists, has worked for 25 years at fragile archaeological sites in Peru. When he first started tracking eBay sales he focused on objects related to his field and estimates that the ratio of real artefacts to fakes was about 50:50. Five years later, 95 per cent were fakes.
Now, he admits, he can't always tell, because the quality of the counterfeit workmanship is so good. Around 5 per cent of 'antiquities' currently for sale on eBay are genuine treasures, and about a third can be identified as fakes at a glance because they use incorrect iconography, colours and shapes. The majority are ambiguous, and convincing enough that even experienced archaeologists would have to hold them in their hands to be able to make an informed judgement.
Visiting workshops in Peru and Bolivia that specialise in reproduction pottery suggests that eBay's biggest impact has been to reduce the financial incentive to dig for genuine treasures. "People who used to make a few dollars selling a looted artefact to a middleman in their village can now produce their own 'almost-as-good-as-old' objects and go directly to a person in a nearby town who has an eBay account," says Stanish. "They will receive the same amount or even more than they could have received for actual antiquities."
At the same time, eBay has tended to have a depressing effect on prices for real looted artefacts, by creating a market in which buyers will pay £35 for pottery that, if it were really genuine, would cost thousands of dollars. As a result, says Stanish, many dealers have shifted from looting sites to faking antiquities, and the phenomenon isn't restricted to the American continent: "Chinese, Bulgarian, Egyptian, Peruvian and Mexican workshops are now producing fakes at a frenetic pace," he writes.
And with authentication technology struggling to keep up with increasingly sophisticated fakes, getting a reliable result, while possible, is expensive. Laser technology and chemical processes used to artificially age objects make it "almost impossible" to authenticate them with today's technology, Stanish writes. To make things more difficult forgers tend to only guarantee pieces as long as no form of 'destructive' analysis is used. So, although just a tiny flake of pottery is required for thermoluminescence dating, the process would invalidate such a warranty, no matter what its conclusion.
However, the likelihood that authentication technology will eventually catch up with today's fakes is having a chilling effect on the market by adding to the risk of illicit, high-end trafficking, Stanish claims. "Who wants to spend $50,000 on an object 'guaranteed' to be ancient by today's standards, when someone can come along in five years with a new technology that definitively proves it to be a fake?"
Wave Hub on course despite setback
By Mark Venables
The Wave Hub project is still on track to plug in its first device in 2011 despite E.On and its partner, Ocean Prospect, withdrawing their interest.
Wave Hub will be a giant electrical 'socket' on the seabed, some ten miles off the north Cornwall coast and connected to the National Grid, into which wave energy developers can plug their devices and carry out pre-commercial testing.
It is already being hailed as one of the UK's flagship renewable energy projects and is one of just six case studies to feature in the government's Low Carbon Industrial Strategy, which was launched in London in March.
The partners were among four developers looking at using Wave Hub to 'plug in' marine power projects, and intended to use a Pelamis wave power device at the site, which is due to be built next year.
However after the purchase of a next-generation Pelamis device to be tested in Orkney, the companies decided to withdraw from Wave Hub for the time being so that other developers could take advantage of the project.
"We still believe Wave Hub is an excellent project - and we may well return to it in the future - but our initial goal is to get a machine into the water as quickly as possible, which we'll be able to do in Orkney," said Dave Rogers, E.On's regional director of renewables.
Nick Harington, head of marine energy at the South West Regional Development Agency, which is developing Wave Hub, said: "It's entirely understandable that E.On wants to test a single next-generation device at the European Marine Energy Centre rather than an array of devices, which is what Wave Hub is designed for. We wish them well and hope to welcome them back in the near future.
"Wave Hub is on course to be built and commissioned next year. We are currently in detailed negotiations with three wave device developers, and look forward to the first device being deployed in 2011."
The decision leaves three companies still on board at Wave Hub: Fred Olsen, Ocean Power Technologies and the most recent addition, Orecon. The Bodmin-based company joined the project last month after successfully raising $24m of private investment for the development of its wave-to-energy buoy, which it says can generate enough power for 1,000 homes.
Construction of Wave Hub is expected to start in May 2010 and be completed by August 2010, with the first wave energy devices deployed in 2011.
Harrington added: "Wave Hub is just part of a bigger ambition to make south west England the cradle of offshore renewables development, not just in the UK, but the world."
Historic bridge to be revitalised
By Mark Langdon
Fireworks lit up the night sky over the River Tamar recently to celebrate 150 years of the Royal Albert Bridge - Isambard Kingdom Brunel's engineering masterpiece, which provides the only railway link to Cornwall.
The bridge, which opened on 2 May 1859, is to undergo extensive clean-up and strengthening works, including restoring the two main spans to their original colour - which is currently unknown, as it is hidden under 30 layers of paint.
This will be the most complex refurbishment work since the bridge was completed. Network Rail is carrying out a detailed study of the structure to better understand the original design. Over the next six months, engineers will plan the renovation programme, and work on site will start by summer 2010.
An area of 20,000m2 will be painted using a three-coat system that is also used on the Forth Bridge. Work will also be carried out to repair and replace worn-out structures, including all the hangers and track girders.
Rock album feels the heat
A new rock supergroup is launching its music with a heat-sensitive album cover that reveals the song titles and cover photos when you place your hand on it. It uses a patented thermochromic ink produced by US coatings manufacturer Chromatic Technologies Inc (CTI).
The band, called Chickenfoot, includes one-time members of Van Halen and the Red Hot Chili Peppers. The packaging on its self-titled debut album changes from opaque to clear when heated above 31°C, revealing images of the band and the song titles, and then turns opaque again as it cools.
CTI claimed that the ink "works by mastering the movement of a proton on the molecular level - essentially turning colour on and off."
Due out on 9 June, the album coincides with the band's planned European tour in June and July.
Virtual raindrops help robots walk on water
By Dominic Lenton
A five-year project to simulate what happens when rain falls on nanoengineered surfaces will help engineers build tiny robots that mimic some insects' ability to walk on water. The same research also promises to bring self-cleaning walls and fabrics closer to reality.
Scientists at the University of Nebraska-Lincoln in the USA and Japan's RIKEN Institute set out in 2005 to investigate super hydrophobia, the effect that causes water to bead up and roll off flowers and lets insects stand on the surface of a pond.
It's well known that both plants and animals rely on a combination of a wax-coated surface and microscopic hair-like structures that are sometimes themselves covered in even smaller hairs to greatly increase surface area.
In 2005, researchers began a series of tens of thousands of experiments using the supercomputer at RIKEN - then the fastest in the world - to simulate how different surfaces behave under a range of conditions.
By 'raining' virtual water droplets of different sizes onto surfaces with differently spaced pillar arrays of various heights and widths at a range of speeds, they discovered that there is a critical pillar height, depending on the particular structure of the pillars and their chemical properties, beyond which water droplets cannot penetrate.
If the droplet is able to penetrate the pillar structure and reach the waxy surface, it is in the merely hydrophobic 'Wenzel' state, described by Robert Wenzel the 1930s. If not, and it sits on top of the pillars before rolling away, it is said to be in the super hydrophobic or 'Cassie' state, first observed by ABD Cassie in the 1940s.
Performing the experiments on a computer rather than in a laboratory offered several advantages. As well as being able to run thousands more repetitions, the scientists didn't have to worry about variables such as dirt, temperature and air flow. They could also control the size of droplets down to the exact number of molecules.
UNL chemistry professor Xiao Cheng Zeng and his Japanese colleagues report their findings this month in a paper published in the online edition of the Proceedings of the National Academy of Sciences.
Zeng says that being able to tell the exact configuration at which the different effects occur will be useful for engineers hoping to develop self-cleaning surfaces or small-scale devices. He explained: "In the Cassie state, the water droplet stays on top and it can carry dirt away. In the Wenzel state, it's sort of stuck on the surface and lacks self-cleaning functionality."
Telemetry standards will cut water industry costs
By Mark Langdon
A new standard for equipment interoperability in the water industry was announced this month at the IET Water Event conference in Birmingham.
The benefits of the Water Industry Telemetry Standards (WITS) to suppliers and water companies alike were demonstrated at the event as master stations from Serck Controls and CSE Servelec communicated with field devices from ITT, Schneider and Technolog.
The WITS initiative was set up by individuals from a number of the Water Management Organisations (WMOs) in conjunction with consultants from Grontmij and Parsons Brinckerhoff, to standardise the way remote telemetry outstations communicate with the main system, and so to provide greater flexibility in product selection and lower costs when replacing equipment.
There are currently 30 potential users including all of the water companies in the UK, many of which have contributed to this initiative, said Charles Williams, Grontmij's strategic business director and one of the founding supporters of the WITS management committee.
The potential impact of WITS was highlighted in a UK water industry survey, which revealed that a significant number of telemetry systems, together with over 37,000 data loggers and 35,000 remote telemetry outstations, need replacing during the 2010-2015 investment cycle.
Until now, assets installed by one manufacturer needed to be replaced by the same manufacturer, tying WMOs to one company and causing problems when parts were discontinued.
"We established WITS to both reduce costs to the WMOs and to open up the market for the suppliers," explained Williams. "This has not been easy, with a great deal of effort supplied by both the group of suppliers and the WMOs. We are at the end of the journey, with the protocol standard and associated products about to be launched."
The Committee will be releasing the application notes to the market in September 2009, which will enable other manufacturers to begin developing master station products. A second release in April 2010 will cover field devices.
LEGO game spreads IET message
An online game based on the laws of physics has drawn over half a million players to the IET website in just four weeks.
The game, known as Cogitate, incorporates LEGO TECHNIC pieces and allows users to manipulate gears, beams, conveyors and motors to complete ten pre-built puzzles. Players can also create their own levels and challenge friends to complete them.
Cogitate was designed as a 'viral marketing' tool - one that is passed from person to person - to promote the IET, online research tool Inspec Direct and the IET Discover social bookmarking site.
Cloud computing standards initiative
By James Hayes
An industry group is working to develop standards that will enable better interoperability for cloud computing - where computing tools and services are provided online instead of on the user's own machine.
The Distributed Management Task Force (DMTF), an IT industry body, set up the Open Cloud Standard Incubator to produce informational specifications that can then be fast-tracked through the standards development process. Players involved include AMD, Cisco, Citrix, EMC, Intel, Redhat, Savvis, Sun, and VMware.
"Cloud computing will have a major impact on IT management," says DMTF president Winston Bumpus. "No specific standards exist for enabling interoperability between private clouds within enterprises and hosted or public cloud providers. The Open Cloud Standards Incubator will focus on addressing these issues by
developing cloud resource management protocols, packaging formats, and security mechanisms to facilitate interoperability".
IT industry analysts, however, have mixed feelings. "Clouds cannot work unless standards are consistent and at a solid level," said Clive Longbottom, service director, business process analysis at Quocirca. "Cloud has to be amorphous - and has to have some over-riding means of exchanging both function and data."
Ovum senior analyst Tim Stammers believes that although cloud computing is faring fine without standards, they will help reduce supplier lock-in. "One of the obvious issues for standards here is about the format for application data when a business switches providers - will it get its application data back in a format that another provider can work with?" The DMTF is well-placed to foster the initiative, he added: "It's a major systems management body, and this is a systems management problem."
However, Stammers also notes industry heavyweights conspicuous by their absence from the incubator leadership board, such as Amazon and Google. "Amazon's public position is that it is sceptical about the IT industry's ability to forge useful standards; so although it expects that cloud standards will develop, and promises that it will adopt them wherever they will help customers, it will stand back from the DMTF - for now at least."
Heads up for airline pilots
BAE Systems has unveiled a head-up display system based on technology used by fighter pilots that it says can be integrated with existing flight deck systems in any business or commercial aircraft.
Designed to improve situational awareness, particularly when visibility is low, the display includes information such as airspeed, altitude and heading. Because the image is generated within the glass, rather than projected onto the surface, there is no need for a bulky overhead projector, which makes the system half the size and weight of those available now. So pilots get more space in the cockpit and greater freedom for head movement without affecting their view.
BAE says that a number of companies have already expressed strong interest in the system, which went on show at the European Business Aviation Exhibition in Geneva this month.