Webtagr - Technology News Summarizer

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Volt Boot: Exploiting Power Domain Isolation to Bypass On-Chip SRAM Security

2025-07-29

This paper introduces Volt Boot, a novel attack that leverages power domain isolation in modern Systems-on-a-Chip (SoCs) to compromise the security of sensitive information stored in on-chip SRAM. Traditional cold boot attacks are ineffective against on-chip SRAM, but Volt Boot achieves cross-power-cycle SRAM data retention by maintaining the voltage of the target memory domain during system reset. Experiments on three commercially available Cortex-A processors successfully extracted data from caches, CPU registers, and iRAM, demonstrating the attack's effectiveness. The research highlights new security challenges for systems relying on on-chip computation and proposes countermeasures such as eliminating power domain isolation, purging residual memory, resetting SRAM at startup, and enforcing TrustZone support.

(cacm.acm.org)

Tech chip security cold boot attack power domain isolation

Breaking the 40-Year Barrier: New Algorithm Cracks the 'Bookshelf Problem'

2025-07-04

Computer scientists have cracked the 'bookshelf problem' (list labeling problem), a decades-old challenge in efficiently inserting new data into sorted data structures. Researchers developed a new algorithm that approaches the theoretical lower bound, achieving a significant breakthrough in insertion cost. This advance has the potential to challenge the dominance of binary search trees in data management, revolutionizing how we handle massive datasets.

(cacm.acm.org)

Development

How AWS Uses Formal Methods to Build Reliable Services

2025-05-30

Amazon Web Services (AWS) employs a multi-pronged approach to building reliable services, leveraging formal methods from TLA+ to the newer P language, alongside lightweight techniques like property-based testing, fuzzing, and fault injection. These methods not only help AWS identify and eliminate subtle bugs early in development, boosting developer velocity and efficiency, but also provide a robust foundation for performance optimization. The article also explores challenges like metastability and future opportunities using LLMs and AI assistants to lower the barrier to entry for formal methods.

(cacm.acm.org)

Tech

Model Collapse: The Risk of AI Self-Cannibalization

2025-05-17

As large language models (LLMs) become more prevalent, a risk called "model collapse" is gaining attention. Because LLMs are increasingly trained on text they themselves generate, the training data drifts away from real-world data, potentially leading to a decline in model output quality and even nonsensical results. Research shows this isn't limited to LLMs; any iteratively trained generative model faces similar risks. While data accumulation slows this degradation, it increases computational costs. Researchers are exploring data curation and model self-assessment to improve synthetic data quality, preventing collapse and addressing resulting diversity issues.

(cacm.acm.org)

AI model collapse

The Crisis of Academic Conferences: Formalism Stifles Innovation?

2025-04-28

In computer science, top academic conferences have become the primary metric for research value, but their increasing bureaucratization and formalism threaten the vitality of academic innovation. The article argues that conferences have devolved into annual 'promotion exams,' with reviews focusing more on formal rules than on the inherent value of research, stifling many promising, innovative works. The author calls for a change in conference review culture, shifting the focus back to academic innovation itself. Recommendations include eliminating unnecessary bureaucratic rules and entrusting decision-making to senior experts in the field to foster academic advancement.

(cacm.acm.org)

Development academic conferences

CACM's Practice Section: Call for Articles

2025-04-26

Communications of the ACM (CACM) is seeking submissions for its new Practice section, focusing on enhancing the skills and job performance of computing practitioners. The section welcomes articles on technical advancements, development practices, organizational structures, successful system examples, and other relevant topics. Articles should be broadly applicable and insightful, avoiding highly specialized content or detailed tutorials on specific technologies. Submissions are limited to 10 pages (approximately 6,000 words) and can be previously blogged, but not formally published elsewhere. Authors retain copyright. Potential authors are encouraged to contact the co-chairs before submitting.

(cacm.acm.org)

Development Call for Papers

AI Winter Bites: The Struggle for Computer Science Grads in a Shrinking Tech Job Market

2025-04-23

The post-pandemic tech layoff wave has hit globally, with many tech companies, especially large ones, significantly reducing hiring. Simultaneously, rapid AI advancements are displacing some programmers. For recent computer science graduates, the job market is tougher. While some secure roles through internships and networking, intense competition and uncertainty remain. Experts suggest over-hiring during the pandemic and worsening macroeconomic conditions also play roles, not just AI. However, tech still needs talent; job types and locations are shifting, with opportunities emerging outside the tech giants, such as in banking.

(cacm.acm.org)

Tech tech layoffs

From X to Bluesky: Echo Chamber or Oasis?

2025-03-17

This article examines the migration of users from X (formerly Twitter) to Bluesky. While Bluesky offers a more welcoming community, it risks becoming a liberal echo chamber, mirroring X's conservative bubble. The article analyzes the reasons behind this migration, including dissatisfaction with X's prevalent viewpoints and interaction style, as well as a desire for more civil discourse. The author argues that while the ideal public sphere may be unattainable, improved platform design and user responsibility can create digital spaces conducive to understanding and dialogue.

(cacm.acm.org)

Tech echo chamber public sphere

Generative AI's Limitations: A Critique by Gary Marcus

2025-02-15

Cognitive scientist Gary Marcus is a prominent skeptic of generative AI, arguing that the current technological path suffers from technical and ethical flaws. He points out that Large Language Models (LLMs) excel at function approximation but fall short in learning functions, prone to "distribution shift" issues, and unable to understand abstract concepts or reliably follow instructions. Marcus contends that LLMs lack understanding of the real world, leading to logical errors and biases. He proposes integrating neural networks with classical AI methods to address these shortcomings. He introduces a new evaluation benchmark—the "comprehension challenge"—where an AI system should be able to understand a movie plot and answer related questions, measuring true comprehension.

(cacm.acm.org)

AI AI limitations

Non-Cryptographic Hash Functions: Design and Evaluation

2025-02-15

This article delves into the design and evaluation of non-cryptographic hash functions. By analyzing the performance of common functions like FNV-1a, FNV-1, Murmur2, and DJBX33A on diverse datasets (including names, words, IP addresses, and a deliberately biased dataset), the authors reveal key characteristics such as uniformity, collision rate, and avalanche effect. Experiments show Murmur2 excels in the avalanche effect but isn't always optimal for uniformity. The article stresses the importance of dataset characteristics in choosing appropriate hash functions and questions existing evaluation criteria, arguing that a single metric (like the avalanche effect) is insufficient for comprehensively assessing non-cryptographic hash function performance.

(cacm.acm.org)

Development hash functions

Meta's Data Center Secrets: Scaling to the Extreme

2025-02-11

This collection of papers unveils Meta's cutting-edge research in building and operating hyperscale data centers. From BGP routing to distributed storage (TAO), real-time data processing, cluster management (Twine), global capacity management (Flux), and power management (Dynamo), the papers detail the technologies enabling Meta to handle massive data, global user traffic, and high concurrency. Innovations like MAST for global ML training and RAS for continuous resource optimization highlight Meta's approach to building highly reliable, performant, and efficient data centers. These findings offer invaluable insights for anyone tackling the challenges of hyperscale infrastructure.

(cacm.acm.org)

Tech hyperscale

Memory Safety Standardization: A Path to Secure Software

2025-02-07

For decades, endemic memory-safety vulnerabilities in software trusted computing bases (TCBs) have fueled malware and devastating attacks. This article argues for memory-safety standardization as a crucial step towards universal strong memory safety. Recent advancements in memory-safe languages, hardware/software protections, formal methods, and compartmentalization offer solutions, but a lack of shared terminology hinders adoption. Standardization would improve industry best practices and address market failures preventing widespread use of these technologies, ultimately leading to more secure software for everyone.

(cacm.acm.org)

Development Standardization

Modern C++: Key to Performance, Type Safety, and Flexibility

2025-02-05

This article explores key concepts in modern C++ (C++20 and beyond) for achieving performance, type safety, and flexibility, including resource management, lifetime management, error handling, modularity, and generic programming. The author highlights that many developers still use outdated C++ techniques, leading to less expressive, slower, less reliable, and harder-to-maintain code. The article introduces modern C++ mechanisms and proposes guidelines and profiles to ensure code modernity, aiming to help developers write cleaner, more efficient, and safer C++ code.

(cacm.acm.org)

Development Modernization

Effective Stakeholder Engagement in Agile Projects: A How-To Guide

2025-02-02

This article explores the crucial role of stakeholder engagement in agile project management. It highlights the challenges of maintaining consistent participation in fast-paced, iterative environments, particularly with changing requirements and geographically dispersed teams. The article emphasizes the importance of tools like stakeholder mapping, digital collaboration platforms (Jira, Trello), and prioritization frameworks (MoSCoW, Kano) in fostering effective communication and alignment. The key roles of project managers and business analysts in bridging the gap between stakeholders and agile teams are also discussed, illustrating how successful engagement leads to improved project outcomes and reinforces the value of agile methodologies. Real-world examples from Kaiser Permanente, Revolut, and Atlassian showcase the practical application of these strategies.

(cacm.acm.org)

Development Agile Project Management Stakeholder Engagement

50 Years in Computing: Life Lessons from a Legend

2025-01-25

Communications of the ACM features David Patterson's reflections on his five-decade career in computing. He shares 16 life and career lessons, emphasizing prioritizing family happiness, choosing happiness over wealth, valuing relationships, seeking honest feedback, and embracing bold visions. He highlights the importance of teamwork and a positive work culture, concluding with nine magic words for maintaining strong relationships. This Tech piece offers invaluable insights for those in the computer science field and beyond.

(cacm.acm.org)

Tech career advice computing

Software Bugs Lead to One of Britain's Biggest Miscarriages of Justice

2025-01-09

Nearly 1,000 UK post office managers were wrongly convicted of theft between 1999 and 2015 due to flaws in Fujitsu's Horizon accounting software. Poor coding, inadequate testing, and expanding functionality led to bugs causing account discrepancies, resulting in imprisonment, financial ruin, and even suicides. The convictions were overturned in 2024, and a compensation scheme was launched. This case highlights the devastating societal impact of software failures and the critical need for rigorous software development practices.

(cacm.acm.org)

Tech software bugs miscarriage of justice Horizon software

Tech Ethics Crisis: Are Big Tech Companies Doing Good?

2024-12-29

Moshe Y. Vardi, a professor at Rice University, revisits his previous stance on the tech ethics crisis. Initially believing that laws and regulations were sufficient to address computing's negative impacts, he now argues that a genuine ethical crisis exists, given the growing power of tech corporations and the ethical issues inherent in their business models. He questions the ethics of working for Big Tech, urging tech workers to consider the balance between self-interest and the public good, and to refer to ACM's Code of Ethics, emphasizing the support of the public good. The article discusses cases like Uber, illustrating how employees, even unknowingly, can participate in unethical practices. Ultimately, Vardi concludes that the tech industry needs a serious self-reflection to address its ethical dilemmas.

(cacm.acm.org)

AI tech ethics big tech public good

Will Large Language Models End Programming?

2024-12-15

Recent advancements in large language models (LLMs) have sparked debate about the obsolescence of programming. This article argues against this overly optimistic view. Focusing on the computational complexity of program synthesis, the author demonstrates that generating correct code is a PSPACE-complete problem, meaning even moderately sized inputs could require exponential time. While LLMs can assist programmers and boost efficiency, their inherent limitations prevent them from completely replacing human programmers. The core of programming remains problem-solving and system design, requiring human ingenuity and creativity.

(cacm.acm.org)

Development program synthesis future of programming