FACING THE

WIRELESS
CHALLENGE
Also in this issue:
> Architecture from a Developer’s Perspective
> The Rise of Multimedia for
Online Communication Startups

FEBRUARY 2016 www.computer.org

 Move Your Career Forward
IEEE Computer Society Membership

Explore These Wireless Technology Resources

Create Connections
LAN/MAN (IEEE 802) Standards Committee
Chartered by the IEEE Computer Society Standards Activities Board, the LAN/MAN committee is tasked
to develop, maintain, and advocate for networking standards and recommended practices for local,
metropolitan, and other area networks, using an open and accredited process. The most widely used
standards are for:

• Ethernet • Bridging and virtual bridged LANs • Wireless LAN • Wireless PAN • Wireless MAN • Wireless
coexistence • Media-independent handover services • Wireless RAN

Build Your Knowledge

17th International Symposium on a World of Wireless, Mobile, and
Multimedia Networks
21-24 June 2016 - Coimbra, Portugal
IEEE WoWMoM 2016 focuses on wireless networking technologies’ evolution and key
role in future Internet scenarios, offering an increasing wealth of opportunities for distributing multimedia
over wireless networks and sharing user-generated content with mobile users.

International Conference on Selected Topics in Mobile and

Wireless Networks
11-13 April 2016, Cairo, Egypt
MoWNet 2016 seeks to address the rising research issues that are
requiring rethinking of current mobile technology solutions to meet the
emerging needs of a broader and ever-growing base of smart-device users whose everyday lives are deeply
influenced by wireless networks’ ubiquitous availability.

FOR DIRECT LINKS TO THESE

RESOURCES, VISIT
www.computer.org/edge-resources
 IEEE Computer Society http://computer.org • +1 714 821 8380

Staff
Editor Manager, Editorial Services Content Development
Lee Garber Richard Park

Senior Manager, Editorial Services

Contributing Staff
Robin Baldwin
Christine Anthony, Lori Cameron, Carrie Clark, Chris Nelson,
Meghan O’Dell, Dennis Taylor, Bonnie Wylie Director, Products and Services
Evan Butterfield
Production & Design
Carmen Flores-Garvey, Monette Velasco, Jennie Zhu-Mai, Senior Advertising Coordinator
Mark Bartosik Debbie Sims

Circulation: ComputingEdge is published monthly by the IEEE Computer Society. IEEE Headquarters, Three Park Avenue, 17th Floor,
New York, NY 10016-5997; IEEE Computer Society Publications Office, 10662 Los Vaqueros Circle, Los Alamitos, CA 90720; voice +1
714 821 8380; fax +1 714 821 4010; IEEE Computer Society Headquarters, 2001 L Street NW, Suite 700, Washington, DC 20036.
Postmaster: Send undelivered copies and address changes to ComputingEdge-IEEE Membership Processing Dept., 445 Hoes Lane,
Piscataway, NJ 08855. Periodicals Postage Paid at New York, New York, and at additional mailing offices. Printed in USA.
Editorial: Unless otherwise stated, bylined articles, as well as product and service descriptions, reflect the author’s or firm’s opinion. Inclusion in ComputingEdge
does not necessarily constitute endorsement by the IEEE or the Computer Society. All submissions are subject to editing for style, clarity, and space.
Reuse Rights and Reprint Permissions: Educational or personal use of this material is permitted without fee, provided such use: 1) is not made for profit;
2) includes this notice and a full citation to the original work on the first page of the copy; and 3) does not imply IEEE endorsement of any third-party products
or services. Authors and their companies are permitted to post the accepted version of IEEE-copyrighted material on their own Web servers without permission,
provided that the IEEE copyright notice and a full citation to the original work appear on the first scree n of the posted copy. An accepted manuscript is a version
which has been revised by the author to incorporate review suggestions, but not the published version with copy-editing, proofreading, and formatting added by
IEEE. For more information, please go to: http://www.ieee .org/publications_standards/publications/rights/paperversionpolicy.html. Permission to reprint/republish
this material for commercial, advertising, or promotional purposes or for creating new collective works for resale or redistribution must be obtained from IEEE by
writing to the IEEE Intellectual Property Rights Office, 445 Hoes Lane, Piscataway, NJ 08854-4141 or pubs-permissions@ieee .org. Copyright © 2016 IEEE.
All rights reserved.
Abstracting and Library Use: Abstracting is permitted with credit to the source. Libraries are permitted to photocopy for private use of patrons, provided the per-
copy fee indicated in the code at the bottom of the first page is paid through the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923.
Unsubscribe: If you no longer wish to receive this ComputingEdge mailing, please email IEEE Computer Society Customer Service at [email protected]
and type “unsubscribe ComputingEdge” in your subject line.
IEEE prohibits discrimination, harassment, and bullying. For more information, visit www.ieee.org/web/aboutus/whatis/policies/p9-26.html.

IEEE Computer Society Magazine Editors in Chief

Computer IEEE Micro IEEE MultiMedia
Sumi Helal, University of Florida Lieven Eeckhout, Ghent University Yong Rui, Microsoft Research

IEEE Software IEEE Computer Graphics and IEEE Annals of the History
Diomidis Spinellis, Athens Applications of Computing
University of Economics and L. Miguel Encarnação, ACT, Inc. Nathan Ensmenger, Indiana
Business University Bloomington
IEEE Pervasive Computing
IEEE Internet Computing Maria Ebling, IBM T.J. Watson IEEE Cloud Computing
M. Brian Blake, University of Research Center Mazin Yousif, T-Systems
Miami International
Computing in Science
IT Professional & Engineering
San Murugesan, BRITE George K. Thiruvathukal, Loyola
Professional Services University Chicago

IEEE Intelligent Systems

IEEE Security & Privacy Daniel Zeng, University of Arizona
Ahmad-Reza Sadeghi, Technical
University of Darmstadt

www.computer.org 1
FEBRUARY 2016 • VOLUME 2, NUMBER 2

THEME HERE

14
Establishing
17
Possessing
30
Tracking
and Maintaining Mobile Cows
Trust in a Devices Wirelessly
Mobile Device
 4 Spotlight on Transactions: Designing
Effective Refreshable Braille Displays
TIM MENZIES

7 Editor’s Note:
Facing the Wireless Challenge

8 Smartphone Security
LORI FLYNN AND WILL KLIEBER

14 Establishing and Maintaining Trust in a

Mobile Device
KRISTOPHER CARVER, VINCENT SRITAPAN, AND
CHERITA CORBETT

17 Possessing Mobile Devices

A.A. ADAMS

24 Concurrency in Mobile Browser Engines

CALIN CASCAVAL, PABLO MONTESINOS ORTEGO,
BEHNAM ROBATMILI, AND DARIO SUAREZ GRACIA

30 Tracking Cows Wirelessly

GREG BYRD

34 A Cloud-Focused Mobile Forensics

Methodology
QUANG DO, BEN MARTINI, AND KIM-KWANG RAYMOND
CHOO

40 Toward Mobile-Friendly Web Browsing

FENG QIAN

46 Architecture from a Developer’s Perspective

DIOMIDIS SPINELLIS

50 The Rise of Multimedia for Online

55
Communication Startups
RONG YAN

55 Technical Debt in Computational Science

KONRAD HINSEN
Technical Debt
in Computational Departments
Science 5 Magazine Roundup
60
Computing Careers: High-Tech Careers:
Finding the Job You Want
62 Career Opportunities
 SECTION TITLE
SPOTLIGHT ON TRANSACTIONS

Designing Effective use newer actuator technologies and

deliver both text and graphics content
would significantly expand access to

Refreshable Braille braille for individuals with visual im-

pairments. In their IEEE Transactions
on Haptics article “Refreshing Refresh-

Displays able Braille Displays” (vol. 8, no. 3, 2015,

pp. 287–297), Alexander Russomanno
and his colleagues examined the fea-
tures necessary for effective braille
Lynette A. Jones, MIT
reading using a refreshable display.
They quantified the contributions
This installment highlighting the work of lateral motion and proprioception
to experienced braille readers’ recog-
published in IEEE Computer Society nition of braille letters. The study par-
ticipants identified letters under static
journals comes from IEEE Transactions and sliding conditions as their hands
moved to read braille at varying presen-
on Haptics.
tation speeds. The 32-character braille
display illustrated in Figure 1 was either
mounted to a moving platform so that
the display moved beneath a stationary
finger (static condition) or mounted to
ground the finger mounted to the mov-
ing platform (sliding condition). The au-
thors found that the second condition’s
relative motion—movement between
the fingertip and the braille surface—
(a) (b)
resulted in more accurate letter recog-
Figure 1. Braille display (a) mounted to a moving platform so that the display moves nition, particularly with faster presen-
beneath a stationary finger (static condition) or (b) mounted to ground the finger tation speeds. The passively moving
mounted to the moving platform (sliding condition). hand’s proprioceptive inputs didn’t af-
fect error rates.

I
t’s been shown that non–visually image. It’s thought that larger-scale

C
impaired readers comprehend text features, such as the characters’ spatial ollectively, Russomanno and
better when they actively read it orientation, arise from proprioceptive his colleagues’ fi ndings sug-
rather than passively listen to it. cues as the hand moves across the dis- gest that refreshable braille
Active modes of processing text such play. Although skilled braille readers displays that allow sliding contact are
as reading braille—instead of more prefer active movement over the sur- more successful than displays that
passive modes like speech—would face of the braille text, a low-cost dis- update in place and thus don’t permit
likely confer a similar advantage to vi- play that incorporates sliding contact sliding contact between the fi nger and
sually impaired readers, particularly between the fingertip and the reading the braille letter.
for material that’s highly technical or surface might suffice in many contexts.
that requires spatial processing, such Electronic braille displays present
as maps and charts. both text and graphics, but current
In active braille reading, readers refreshable braille displays are ex- LYNETTE A. JONES is a Senior
move their hands over the text, with pensive, ranging from approximately Research Scientist in MIT’s
continuous slippage between the fin- $2,000 for an 18-character display to Department of Mechanical
Engineering. Contact her at
gertip and the surface providing the $50,000 for a half-page of braille. Low- [email protected].
cues necessary to render the braille cost refreshable braille displays that

4 February 2016 Published by the IEEE Computer Society  2376-113X/16/$33.00 © 2016 IEEE
14 CO M PUTE R PUBLISHED BY THE IEEE COMPUTER SOCIET Y 0018-9162/16/$33.00 © 2016 IEEE
 CS FOCUS

Magazine
Roundup
flexibility. The authors of “Elas-
tic Stream Processing for Distrib-
uted Environments,” from IEEE
Internet Computing’s November/
December 2015 issue, propose
elastic stream processing to
meet this challenge. Their pro-
posal builds on cloud comput-
ing and allows more scalability
and flexibility than traditional
approaches.

T he IEEE Computer
Society’s lineup of 13
peer-reviewed technical
magazines covers cutting-edge
topics ranging from software
medical-device software, and
new OS approaches.

IEEE Software
Computing in Science &
Engineering

CiSE’s January/February 2016

special issue features articles on
design and computer graphics IEEE Software’s January/February the US Department of Defense
to Internet computing and secu- 2016 special issue on software (DoD) High Performance Com-
rity, from scientific applications engineering’s future offers vari- puting Modernization Program’s
and machine intelligence to ous perspectives from profes- Computational Research and
cloud migration and microchip sionals around the world. The Engineering Acquisition Tools
manufacturing. Here are high- content ranges from detailed and Environments (CREATE) pro-
lights from recent issues. technical articles about the gram. The department launched
research areas behind today’s CREATE in 2006 to design and
Computer trends to shorter essays and deploy high-performance com-
opinion pieces by authors sharp- puting applications to help the
Computer’s January 2016 spe- ening their visions of the future. DoD and its contractors develop
cial outlook issue peers into innovative military equipment.
the future of computing, with IEEE Internet Computing
articles exploring topics such IEEE Security & Privacy
as collective computing, an inno- The advent of the Internet of
vative software-engineering Things has created the need IEEE S&P’s editorial board
paradigm, high-confidence for more stream-processing members collectively have deep,

2376-113X/16/$33.00 © 2016 IEEE Published by the IEEE Computer Society February 2016 5
CS FOCUS

broad expertise and experience IEEE Intelligent Systems surveys various security issues
in all aspects of security and pri- and presents tools that can help
vacy, which helps them suggest, Nonoccurring behaviors (NOBs) users better protect sensitive data.
develop, and review articles for ―those that should happen but
the magazine. In S&P’s November/ don’t for some reason―widely IT Professional
December 2015 special issue on occur in online, business, govern-
lessons learned from the edito- ment, health, scientific, and social IT project failures are pervasive,
rial board, members share what applications. Little research has and even though much has been
they’ve learned in their careers. examined NOBs because of the written on the subject, IT project
challenges posed by analyzing managers still must heed the les-
IEEE Cloud Computing behaviors that don’t actually occur. sons learned from such events. “IT
“Nonoccurring Behavior Analytics: Project Failures: What Manage-
Sensor networks and the Internet A New Area,” from IEEE Intelligent ment Can Learn,” from IT Pro’s
of Things will increase our ability Systems’ November/December November/December 2015 issue,
to connect the cyber and physi- 2015 issue, explores this topic. suggests ways that management
cal worlds, and enable important can ensure IT project success.
new applications. The successful IEEE MultiMedia
deployment of novel sensor-based IEEE Micro
applications requires the devel- Multimedia is no longer confined
opment of cloud-based cyber- to entertainment or personal media Autonomous vehicles are an
infrastructures able to manage but instead is now an important increasingly popular research
the sensors and data they collect. general means of communication. topic. Despite the amount of atten-
“Building Sensor-Based Big Data In fact, it has become an inte- tion the topic has received, details
Cyberinfrastructures,” from IEEE gral part of the tools and systems about experimental autonomous
Cloud Computing’s September/ that provide solutions to today’s vehicles aren’t being made acces-
October 2015 issue, elaborates on societal challenges, according sible to researchers in general but
the key challenges this entails. to “Multimedia Takes on Soci- instead are developed as propri-
etal Challenges,” which appears etary assets. “An Open Approach
IEEE Computer Graphics and in IEEE MultiMedia’s October– to Autonomous Vehicles,” which
Applications December 2015 issue. appears in IEEE Micro’s November/
December 2015 issue, introduces
With the rise of massive open IEEE Annals of the History of an open platform using commodity
online courses (MOOCs), mil- Computing vehicles and sensors, as well as a
lions of learners can enroll in common interface. The authors say
more than 1,000 courses via The history of computing in Latin this platform could facilitate auton-
MOOC platforms. These systems America is the theme of IEEE omous-vehicle development.
have collected a huge amount Annals’ October–December 2015
of detailed data, including large special issue. Computing Now
quantities of information on
learning behavior that research- IEEE Pervasive Computing The Computing Now website (http://
ers can analyze. “Visual Ana- computingnow.computer.org) fea-
lytics for MOOC Data,” which Smartphones generally handle and tures up-to-the-minute comput-
appears in CG&A’s November/ store sensitive data that users want ing news and blogs, along with
December 2015 issue, discusses protected. “Smartphone Security,” articles ranging from peer-reviewed
how visual analytics can help from IEEE Pervasive Computing’s research to opinion pieces by indus-
with this process. October–December 2015 issue, try leaders.

6 ComputingEdge February 2016

 EDITOR’S NOTE

Facing the Wireless Challenge

W ireless technology is advancing on

a regular basis. For example, mobile
networks are faster and more reli-
able, enabling innovative new applications. And
devices, including smartphones and sensors, are
law enforcement officers want a forensically sound
methodology―like the one described in IEEE Cloud
Computing’s “A Cloud-Focused Mobile Forensics
Methodology”―to access such data remotely.
Computer’s “Tracking Cows Wirelessly” intro-
more capable. duces a prototype wireless network that a North Car-
However, new wireless capabilities have cre- olina State University student team designed and
ated new hurdles, with security being one of the built to monitor the milking and weighing of cows.
biggest. This ComputingEdge issue looks at some In “Concurrency in Mobile Browser Engines,”
of wireless technology’s most important new from IEEE Pervasive Computing, the authors dis-
developments, applications, and challenges. cuss advances in browsers―required to run
IEEE Pervasive Computing’s “Smartphone Secu- today’s Web apps―that exploit multicore process-
rity” presents a survey of smartphone issues, as ing by using concurrency at different levels.
well as tools that can help users better protect sen- ComputingEdge articles on other subjects
sitive data. include the following:
Smartphones’ and tablet computers’ owner-
ship model is more like that of game consoles than • Architectural considerations’ importance for
PCs. According to IEEE Security & Privacy’s “Pos- software developers is the focus of “Architec-
sessing Mobile Devices,” this leaves users vulner- ture from a Developer’s Perspective” from IEEE
able to significant security and privacy threats. Software.
“Toward Mobile-Friendly Web Browsing,” from • IEEE MultiMedia’s “The Rise of Multimedia
IEEE Internet Computing, reveals why achieving for Online Communication Startups” exam-
mobile-friendly Web browsing requires joint efforts ines how online multimedia communications
among organizations in the wireless ecosystem. helped some recent start-ups succeed.
IT Professional’s “Establishing and Maintain- • “Technical Debt in Computational Science,”
ing Trust in a Mobile Device” looks at MobileRoT, from Computing in Science & Engineering,
a US Department of Homeland Security project explores technical debt, a programming con-
investigating the use of trustworthy wireless-infra- cept reflecting the extra development work
structure components. that arises when code that’s easy to implement
Smartphones’ ubiquity means that criminal in the short run is used in a software project
suspects probably use such devices and that their instead of code that represents the best over-
handsets likely contain incriminating data. Thus, all solution.

2376-113X/16/$33.00 © 2016 IEEE Published by the IEEE Computer Society February 2016 7
 Smartphones Editor: Nayeem Islam n Qualcomm n [email protected]

Smartphone Security
Lori Flynn and Will Klieber, CERT

S martphones handle and store sensi-

tive data that should be protected.
The vast amount of private information
other abuses. Malware could surveil
the smartphone user with microphone,
video, and other sensors. Furthermore,
tools and strategies that can help us bet-
ter protect sensitive data.

stored on smartphones was even cited privacy threats to users can come from SECurIty ISSuES
by the US Supreme Court, in Riley v. many sources, including advertisers, Smartphones present a unique envi-
California (2014), as a factor in ruling hackers, and governments. Finally, ronment that comes with its own set
that searches of these devices require employees often use their smart- of security concerns (see the “Desktops
a warrant. Taint-flow analyzers use phones for both personal and business vs. Smartphones Security” sidebar for
static or dynamic analysis techniques more information).
to trace the flow of sensitive data to
undesired locations. Operating System Vulnerabilities
If a user’s location data,
If a user’s location data, such as Each smartphone operating system
GPS coordinates or Wi-Fi access point such as GPS coordinates (OS) has security vulnerabilities par-
information, is disclosed, it can com- or Wi-Fi access point ticular to its system. For example,
promise the user’s privacy and, in Apple and Microsoft have a mecha-
information, is disclosed, it
extreme cases, put the user’s physical nism to push out security updates
safety at risk. Medical information is can compromise the user’s to smartphones using their OSs, but
also increasingly an issue, given the privacy. Google can only push updates to
increased popularity of wearable com- pure-Android devices, such as Nexus
puting devices (such as health sensors) phones.
that communicate with users’ smart- purposes; accordingly, technological Google provides fixes to original
phones. In addition, data from the measures should ensure that the equipment manufacturers (OEMs)
phone’s sensors or stored on the device employee’s personal data is not leaked and service providers (SPs) that
(in emails, texts, or photos) could be to the employer and that proprietary provide specialized versions of the
used for theft (bank and credit card business data is kept secure. Android OS, but OEMs and SPs often
numbers), blackmail, stalking, unfair Here, we discuss in detail various don’t implement and distribute fixes,
competition, public humiliation, and smartphone security issues and present or take a long time to do so. Recent
studies show Android OS updates per-
meate extremely slowly over Android
DEsktops vs. smartphoNE sEcurIty phones. Only 0.7 percent of Android
phones use the latest OS version, while
under popular desktop operating systems (including Windows, mac os X, and widely fragmented large segments of
Linux), programs usually execute with all permissions of the user. smartphone apps Android users have old OS versions.1
are more tightly constrained. apps must request and be granted permission to do
things, such as reading from the microphone or accessing the phone’s general file
Missing security fixes hits lower-cost
system. apps are sandboxed from each other more tightly than on desktop oss. on Android phones the hardest: many
android, each app has private storage that other apps can’t read or write. unlike receive no updates and others only
desktop programs, which can be run with root privileges via the su command or the rarely. This issue recently has been
Windows user account control, third-party apps on android and ios smartphones
can’t be run as root unless the user has unlocked the phone’s bootloader. app stores
highlighted by the public disclosure
perform some checks on apps to try to prevent malicious apps from being released of Android Stagefright vulnerabilities,
on the app store. a severe problem that might allow a
remote attacker to execute code on

16 8PER
February 2016
VA SI V E computing Published by the IEEE Computer
PublishedSociety
by the IEEE CS n 2376-113X/16/$33.00
1536-1268/15/$31.00 © 2016 IEEE
© 2015 IEEE
Android devices. 2 An estimated 950 much thought to the choice. Further- small libraries unprotected by ASLR
million Android phones are still vul- more, the touchscreen might register a have been shown to offer sufficient gad-
nerable, 3 over three months after a tap for the malicious app that the user gets for return-oriented programming
security researcher disclosed the vul- did not intend. (ROP) exploits.6 Modern Android and
nerability to Google along with code Beyond inter-app communication, iOS versions use DEP on supporting
patches, even though Google applied intents are also used for intra-app hardware. ROP is a technique to exploit
the patches to internal code branches communication between different memory corruption even in the presence
within 48 hours. components of a single app. It is easy of DEP. Rather than writing new exe-
Additional OS-specific issues include for a developer to mistakenly make cutable code onto the stack, the exploit
the following. app interfaces public when they should takes advantage of existing gadgets
be private, allowing malicious apps (small sequences of machine code that
iOS security issues. Widespread vulner- to eavesdrop or hijack data. Epicc is typically end with a RET instruction) that
abilities have recently been shown in a static-analysis tool that analyzes can be effectively chained together. A
iOS app-to-app and app-to-operating- inter-component communication ROP exploit is used by the Evasi0n jail-
system communications, 4 involving vulnerabilities.5 breaking tool for iOS 6.0.
scheme hijacking and possibly Web-
Socket abuses. These vulnerabilities Memory Corruption Attacks ProtECtIvE MEaSurES (and
are due to a lack of authentication for Memory corruption attacks (such as SoME FaIlurES)
multiple reasons: iOS doesn’t provide buffer overflows) commonly exploited Just as each OS has its own vulnerabili-
some types of authentication APIs, on desktop systems are also applicable ties, each also has security measures
enforce some authentication, or advise specific to its system. Also, some pro-
developers to check for particular tective security measures need to be
authentications. The Xavus tool found applied (and researched), regardless of
It is easy for a developer
many of these exploitable vulnerabili- the OS.
ties in popular iOS apps.4 to mistakenly make app
interfaces public when they OS-Specific Security
Android security issues. Android has Different smartphone OSs allow vary-
should be private, allowing
a complex inter-app communication ing levels of user control (and pro-
system that can be used in attacks. An malicious apps to eavesdrop tection) over sensitive dataflow. The
intent is a message sent to a compo- or hijack data. smartphone OS with the largest world-
nent of an app. An intent might explic- wide market share, Android, currently
itly designate its recipient by name, or offers only limited control by users
it might rely on the OS to find a suit- to mobile devices. In Android, many over their data, requiring all permis-
able recipient by matching properties apps are written purely in Java, a sions requested to be granted before
of the intent to potential recipients’ memory-safe language, which limits an app is installed. The public release
intent filters. The latter type of intent, the attack surface to of the Android M software developer’s
an implicit intent, poses the greatest kit (SDK) is scheduled for the third
security concerns. • apps that employ native code; quarter of 2015 (https://developer.
Intents can be used to make it dif- • vulnerabilities in the Java virtual android.com/preview/overview.html),
ficult to statically analyze the flow of machine and the Java runtime envi- and it changes the Android permissions
sensitive data between apps in a precise ronment; and model, so permissions won’t need to be
manner (that is, with few false nega- • vulnerabilities in the underlying OS. requested during installation, can be
tives and few false positives). Intent asked for during use as needed, and can
hijacking occurs when a malicious app Mitigations include address-space lay- be revoked by users without removing
receives an intent that was intended out randomization (ASLR) and data the app.
for (but not explicitly designated for) execution protection (DEP). The M SDK also introduces App
another app. If two apps have activity DEP allows regions of memory (such Links, which enable a website to desig-
components that can handle an implicit as the stack) to be marked with a “non- nate an official app, which, if installed,
intent, then the user is presented with executable” (NX) bit, which the CPU will automatically be chosen as the
a choice of which app to use. A mali- checks before executing code from the default handler for links to that web-
cious app can try to trick the user into memory region. Partial ASLR support site. This helps mitigate intent hijack-
choosing it by using a confusing name. has been present on Android since 4.0 ing if a malicious third-party app
Also, an inattentive user might not give and on iOS since 4.3; however, even also tries to register itself to handle

PER VA SI V E computing9
www.computer.org/computingedge
octobEr–DEcEmbEr 2015 17
 SmartPhoneS

SmartPhoneS

in general (including encryption, dele-

tion, password handling, and commu-
Sensitive
nications protocols used). Systems with
data small market shares tend to have fewer
analytical tools. Figure 1 shows a high-
level view of taint-flow analysis, which
can be done with static tools (such as
DidFail13) and dynamic tools (such
TaintDroid11).

Smaller-Market Phones
CyanogenMod is an open-source
firmware distribution based on
Android that lets users install apps
Trusted without granting all requested per-
Untrusted
missions. It also lets users substi-
tute fake data instead of real data
(for example, in place of real loca-
tion data). Blackphone has an OS
Figure 1. Taint-flow analysis can be used in protecting against the flow of sensitive data to that is based on a fork of Android.
undesired locations. It uses peer-to-peer encrypted call-
ing and video, and it can use a pri-
vacy-focused enterprise management
system. Silent Circle (the maker of
those links. The M SDK will increase profiling and monitoring some behav- Blackphone) has a privacy-focused
Android security in additional ways, iors of apps, and researchers have cre- app store, including Android and iOS
including Wi-Fi, Android application ated some app analysis tools, but the apps with full call and text encryp-
package (APK) validation, camera use, Windows Phone lacks the number and tion (https://www.eff.org/secure-mes-
and more. depth of dynamic and static analysis saging-scorecard). Additional smart-
The second-highest market share frameworks and tools that exist for phone OSs with much smaller market
smartphone is iOS. In iOS 8, users Android and iOS apps. shares include Blackberry, Symbian,
can install apps and control permis- Ubuntu, and China Operating System
sions afterward, although with limited Analysis Tools (COS).
granularity. In contrast to the cur- Many Android app analysis tools
rent Android permissions model, iOS are built on the Soot7 and T.J. Wat- Vulnerability Coordination
prompts the user to grant permissions son Libraries for Analysis (WALA) Despite the Blackphone’s focus on
only when the app is actually about to static analysis frameworks, and there security, a data-type confusion vul-
use the permission. are many standard dynamic analyz- nerability in its code was disclosed
The worldwide third-highest-selling ers (such as DroidScope8) and fuzzers and fixed in January 2015. The vul-
smartphone OS consistently (from (such as DroidFuzzer9) for Android nerability could have allowed remote
2012 through 2015) is the Windows apps. There are many analysis tools for attackers to execute arbitrary code on
Phone, which in Q1 2015 is estimated iOS, including the PiOS10 and Xavus11 Blackphones. This is a good example
at almost three percent of worldwide static analyzers and the PSiOS policy of how difficult it can be to secure
smartphone sales (see www.idc.com/ enforcement framework.12 Static and smartphone communications and
prodserv/smartphone-os-market-share. dynamic (including fuzzing) analysis of data, and of the importance of vul-
jsp). As opposed to iOS and Android, potential dataflows and control flows nerability report management. Black-
Microsoft provides developers five dif- are vital for understanding potential phone’s website has a secure form for
ferent application models for build- security issues in each smartphone sys- reporting vulnerabilities. OS provid-
ing Windows Phone apps. This adds tem, including apps. ers and app creators should have a way
to the complexity of app analysis, as Moreover, vulnerabilities inher- for the public to report security vul-
well as to the analysis of dataflow and ent to programming languages used nerabilities and should work quickly
control (both app-to-app and app-to- for the systems should be examined, to address them. Bug bounties are
system). Microsoft provides a tool for along with the security of the system incentives to motivate vulnerability

18 10 ComputingEdge
PER VA SI V E computing February 2016
www.computer.org/pervasive
 SmartPhoneS

disclosures and coordination with due to officially undefined behaviors. adversaries might be able to recover
developers. The smartphone’s OS, drivers, appli- encryption keys from a powered-on
If the reporting method is insecure, a cation framework, virtual machine Android phone’s RAM19 by a method
report could be intercepted by a third environment, and apps can be written involving physically chilling the
party, who could use it to exploit in a variety of languages. For example, phone.
the vulnerability.14 Google Android, the Android OS is written mostly in USB power plugs could be abused
Apple iOS, and Microsoft Phone have C, runtime libraries are written in C/ as a data-channel attack vector
secure vulnerability reporting, coor- C++ except the Java Core libraries, against users who think they are sim-
dination, and rewards programs. App and Android apps are written in Java ply charging their phone; a mitiga-
developers might not respond to vul- but can incorporate native code (such tion is to use a USB condom when
nerability disclosures, so to protect as C or C++). connecting to an untrusted charg-
users, reporting should be coordinated ing outlet. All personal data in the
by the app stores. CERT also handles Hybrid Apps phone should be securely deleted
vulnerability coordination between Although hybrid Web/mobile appli- before a user disposes of their phone.
reporters and vendors/developers as a cation frameworks make develop- Backing up data by syncing it to a
free public service. ment of cross-platform apps possible, local machine or cloud protects the
recent research has shown serious vul- user’s access to data even if a device
App Permissions and Languages nerabilities that expose sensitive local is destroyed or lost, but privacy of
Most users do not understand the full resources to malicious Web domains,17 the backed-up data depends on the
implications of allowing app permis- affecting all hybrid frameworks and backup system’s privacy protections.
sions. A study in 2011 by Adrienne smartphone platforms that deploy the A cyber-hygiene campaign could
Porter Felt and her colleagues found frameworks. make more users aware of these risks
evidence that even many developers and mitigations.
don’t fully understand permissions.15 Women’s clothing in particular
They found that many apps request Although hybrid Web/mobile presents a smartphone security issue,
extraneous permissions that aren’t because most women’s slacks and
needed by any of the API calls that the application frameworks skirts do not come with front pock-
app makes. They also found that, in make development of cross- ets even close to large enough to fit a
many cases, the Android documenta- platform apps possible, smartphone. (However, you can have
tion about permissions was missing or a tailor extend your front pockets to
incorrect. recent research has shown securely carry a smartphone.) Carry-
User-experience researchers16 work serious vulnerabilities. ing a phone in a purse, backpack, or
to understand effective (and ineffec- jacket pocket increases the likelihood
tive) methods of conveying informa- of theft or loss, plus the risk of tam-
tion to users who are not technical Cyber-Hygiene pering (such as inserting a key log-
experts. Similar research projects strive Other factors in smartphone security ger), compared to carrying it in pants
to effectively support secure coding could be helped by public-education pockets.
of apps with integrated development programs similar to public-health edu-
environment (IDE) assistance, secure cation (such as campaigns to promote Encryption
coding standards, and other tools to covering your mouth when sneezing) SSL, if used correctly, promises to pro-
analyze and improve app security dur- but for cyber-hygiene. Some users do vide secure end-to-end communica-
ing development. Developer education not have a password login for their tion over an insecure channel. A com-
helps, including secure coding training phone or a timed lockout, much less prehensive research project, which
for particular programming languages security afforded by phone encryption. analyzed Google Play apps that use
and OSs. These basic data protections should be cryptographic APIs, showed that 88
Undefined behavior in program- used by everyone, given that devices are percent used SSL incorrectly.20 Tools
ming language standards leads to often lost or misplaced. such as mallodroid and CERT Tapi-
security vulnerabilities. Developers The above basic protections ade- oca find SSL vulnerabilities in apps.
should follow secure coding stan- quately protect data in many cases, Furthermore, a standard Android,
dards for the programming languages but they are not fool-proof. A pass- iOS, or Windows Phone and browser
and for the mobile OS, which impose word-locked phone can be attacked are vulnerable to a compelled certifi-
rules and recommendations for cod- by analyzing the smudges left when cate creation attack, in which gov-
ing securely that mitigate problems entering the password.18 Sophisticated ernment authorities would compel a

www.computer.org/computingedge
octobEr–DEcEmbEr 2015 11
PER VA SI V E computing 19
 SmartPhoneS

SmartPhoneS

certificate authority to issue false SSL

certificates for covertly intercept-
ing and hijacking secure Web-based
T he security landscape of mobile
devices is far from ideal, and there
are many problem areas ripe for fur-
9. H. Ye et al., “DroidFuzzer: Fuzzing the
Android Apps with Intent-Filter Tag,”
Proc. Int’l Conf. Advances in Mobile
Computing & Multimedia (MoMM),
communications.21 ther research. Exciting, high-impact 2013, p. 68; http://dl.acm.org/citation.
Cell phones encrypt voice data topics for research include better cfm?id=2536881.
using keys in SIM cards. However, if user interfaces, improved encryption, 10. M. Egele et al., “PiOS: Detecting Privacy
an attacker obtains these SIM keys, finding and securing baseband OS Leaks in iOS Applications,” Proc. 18th
decryption of phone communications vulnerabilities, and many more. Non- Ann. Network and Distributed System
Security Symp., 2011; https://iseclab.org/
using those SIMs is trivial. Gemalto, research work needed includes public papers/egele-ndss11.pdf.
which manufactures approximately 2 cyber-hygiene educational campaigns
billion SIM cards annually, was report- and improved distribution for security 11. W. Enck et al., “TaintDroid: An
edly hacked and its SIM cards’ encryp- updates. Information-Flow Tracking System
for Realtime Privacy Monitoring on
tion keys were stolen.22 Smartphones,” ACM Trans. Com-
puter Systems, vol. 32, no. 2, 2014,
Baseband REFEREnCES article no. 5; http://dl.acm.org/citation.
cfm?id=2619091.
The baseband OS provides another 1. L. Armasu, “Google Can’t Ignore the
attack surface. Most smartphones Android Update Problem Any Longer,” 12. T. Werthmann et al., “PSiOS: Bring
include two operating systems on Tom’s Hardware, 5 May 2015; www. Your Own Privacy & Security to iOS
tomshardware.com/news/google- Devices,” Proc. 8th ACM SIGSAC Symp.
two different processors: the general- android-update-problem-fix,29042. Information, Computer and Commu-
purpose applications processor runs html. nications Security (ASIA CCS), 2013,
the main OS (for example, Android or pp. 13–24; http://dl.acm.org/citation.
2. G. Wassermann, CERT Vulnerability cfm?id=2484316.
iOS) and a processor that executes a
Note VU#924951, Vulnerability Notes
proprietary real-time OS and manages Database, July 2015; www.kb.cert.org/ 13. W. Klieber et al., “Android Taint Flow
all radio functions (the baseband OS). vuls/id/924951#sthash.2Z6iNXBT. Analysis for App Sets,” Proc. 3rd ACM
Stingray technology uses vulnerabili- dpuf. SIGPLAN Int’l Workshop on the State
of the Art in Java Program Analysis
ties in baseband technologies, such as 3. J. Minor, “There’s (Almost) Nothing You (SOAP), 2014; http://dl.acm.org/citation.
knocking phones off a 3G network and Can Do About Stagefright,” PC Maga- cfm?id=2614633.
onto an insecure 2G network with a zine, 30 July 2015; www.pcmag.com/
article2/0,2817,2488772,00.asp. 14. A. Fishman and M. Marquis-Boire,
fake base station, to intercept cellphone “Popular Security Software Came under
communications.23 4. L. Xing et al., “Unauthorized Cross- Relentless NSA and GCHQ Attack,” The
Baseband software is currently App Resource Access on MAC OS Intercept, 22 June 2015; https://firstlook.
X and iOS,” 2015; http://arxiv.org/ org/theintercept/2015/06/22/nsa-gchq-
poorly understood, because it is closed- abs/1505.06836. targeted-kaspersky.
source. Tools available to the public
for analyzing baseband software are 5. D. Octeau et al., “Effective Inter- 15. A.P. Felt et al., “Android Permissions
Component Communication Mapping Demystified,” Proc. 18th ACM
limited, and baseband is a promising
in Android: An Essential Step Towards Conf. Computer and Communica-
area for vulnerability research and Holistic Security Analysis,” Proc. 22nd tions Security (CCS), 2011,
mitigation. OpenBTS, OsmoBTS, and USENIX Conf. Security (SEC), 2013, pp. 627–638; http://dl.acm.org/
pp. 543–558; http://dl.acm.org/citation. citation.cfm?id=2046779.
OpenLTE are open source software
cfm?id=2534813.
that enables software-defined radio 16. A.P. Felt et al. “Android Permissions:
communications, making research 6. E. Schwartz et al., “Q: Exploit Harden- User Attention, Comprehension, and
on mobile baseband security more ing Made Easy,” Proc. 20th USENIX Behavior,” Proc. Eighth Symp. Usable
Conf. Security (SEC), 2011, p. 25; http:// Privacy and Security (SOUPS), 2012,
affordable. Most baseband proces- dl.acm.org/citation.cfm?id=2028092. article no. 3; http://dl.acm.org/citation.
sors are ARM processors, which the cfm?id=2335360.
widely used IDA Pro disassembler 7. R. Vallée-Rai et al., “Soot—A Java Byte-
code Optimization Framework,” Proc. 17. M. Georgiev et al., “Breaking and Fixing
supports. Google’s BinDiff tool has Origin-Based Access Control in Hybrid
1999 Conf. Centre for Advanced Studies
also been used by baseband research- on Collaborative Research (CASCON), Web/Mobile Application Frameworks,”
ers to identify and match functions in 1999, p. 13; http://dl.acm.org/citation. Proc. Network and Distributed System
cfm?id=782008. Security (NDSS), 2014; https://www.
binaries. Increasingly, research pub- cs.utexas.edu/~shmat/shmat_
lications detail baseband vulnerabili- 8. L.K. Yan and H. Yin, “DroidScope: ndss14nofrak.pdf.
ties and potential attacks that have Seamlessly Reconstructing the OS and
been researched using OpenBTS with Dalvik Semantic Views for Dynamic 18. A. Aviv et al., “Smudge Attacks on
Android Malware Analysis,” Proc. 21st Smartphone Touch Screens,” Proc.
software-defined radios, IDA Pro, and USENIX Conf. Security Symp, 2012, 4th USENIX Workshop on Offensive
BinDiff. pp. 569–584. Technologies (WOOT), 2010,

20 12 ComputingEdge
PER VA SI V E computing February 2016
www.computer.org/pervasive
 SmartPhoneS

pp. 1–7; http://dl.acm.org/citation.

cfm?id=1925009.

19. S. Anthony, “How to Bypass an

Android Smartphone’s Encryption
and Security: Put It in the Freezer,”
Extreme Tech, 12 Mar. 2013; www.
extremetech.com/computing/150536-
how-to-bypass-an-android-smart-
phones-encryption-and-security-put-
it-in-the-freezer.

20. M. Egele et al., “An Empirical Study

of Cryptographic Misuse in Android
Applications,” Proc. 2013 ACM
SIGSAC Conf. Computer & Com-
munications Security (CCS), 2013,
pp. 73–84; http://dl.acm.org/citation.
cfm?id=2516693.

21. C. Soghoian and S. Stamm, “Certified

Lies: Detecting and Defeating Govern-
ment Interception Attacks Against SSL,”
Financial Cryptography and Data Secu-
rity, LNCS, Springer, vol. 7035, 2012,
pp 250–259.

22. J. Scahill and J. Begley, “The Great

SIM Heist,” The Intercept, 19 Feb.

Call for Articles

2015; https://firstlook.org/theinter-
cept/2015/02/19/great-sim-heist.

23. S. Pell and C. Soghoian, “Your Secret

Stingray’s No Secret Anymore: The Van-
ishing Government Monopoly over Cell
Phone Surveillance and Its Impact on
National Security and Consumer IEEE Software seeks practical, readable
Privacy,” Harvard J. Law and Technol-
articles that will appeal to experts and
ogy, vol. 28, no. 1, 2014.
nonexperts alike. The magazine aims
to deliver reliable, useful, leading-edge
information to software developers,

lori Flynn is a software engineers, and managers to help them

security researcher at cErt, stay on top of rapid technology change.
in the software Engineering
Topics include requirements, design,
Institute of carnegie mellon
university. contact her at construction, tools, project management,
[email protected]. process improvement, maintenance, testing,
education and training, quality, standards,
Will Klieber is a software
security researcher at cErt, and more. Submissions must be original and
in the software Engineering no more than 4,700 words, including 200
Institute of carnegie mellon
words for each table and figure.
university. contact him at
[email protected].

Author guidelines:
This article originally appeared in www.computer.org/software/author.htm
IEEEselected
Pervasive Computing, Further details: [email protected]
cs articles and columns
vol. 14, no.available
are also 4, 2015. for free at www.computer.org/software
http://computingNow.computer.org.

www.computer.org/computingedge
octobEr–DEcEmbEr 2015 13
PER VA SI V E computing 21
 Smart SyStemS
eDItOr: Karen evans, Ke&t Partners, [email protected]

Establishing and
Maintaining Trust
in a Mobile Device
Kristopher Carver, BlueRISC
Vincent Sritapan, US Department of Homeland Security Science and Technology
Directorate
Cherita Corbett, SRI International

T
he mobile device market a foundation for building secu- measures and verifies a device’s
has grown tremendous- rity and trust for mobile devices. static and runtime state (for ex-
ly. Individuals, business- RoT is usually provided as a spe- ample, boot loader, operating sys-
es, and governments rely cialized hardware chip (such as tem, apps, and runtime memory)
on mobile devices to access criti- a trusted platform module) on to enable trust and overall device
cal infrastructure and share vital desktop or laptop systems. How- security. It can be utilized to de-
information (banking, medical ever, mobile devices are resource- tect malicious system changes or
data, intellectual property, and so constrained and lack dedicated activity and to ensure that access
on). This growth in adoption has hardware mechanisms for provid- to critical information and soft-
also brought about a parallel surge ing RoT. This leaves a single so- ware can only be performed in a
in attacks. Malware, ransomware, lution—namely, to provide RoT trusted state. MobileRoT requires
and spyware are targeting mobile in software. Unfortunately, this no modifications to the underly-
platforms to steal sensitive data, is challenging to realize given the ing operating system kernel, nor
access private networks, track us- sophistication of current threats any manufacturer or service pro-
ers, and do other nefarious activi- and the ease with which a mo- vider support for insertion, greatly
ties. Particularly for governments bile device’s state and informa- reducing hurdles to adoption.
using mobile technology, mobile tion can be extracted and altered.
attacks can disrupt life-saving Moreover, security specifications MobileRoT Architecture
operations, endanger personnel, such as the Trusted Computing To overcome the array of surface
and expose government systems Group’s Mobile Trusted Mod- attacks targeting software-based
to exploitation. Securing mobile ule2 don’t address how to sup- systems, MobileRoT utilizes a
devices is no small feat and is port mobile RoT requirements new architecture for enabling
therefore a forefront issue to the in software, nor do they address transitive trust based on the Core
US Department of Homeland Se- dynamic verification of device and Root of Trust for Measurement
curity Science and Technology software behavior while applica- (CRTM).2 The CRTM is hard-
Directorate’s (DHS S&T’s) cyber- tions are running. ened code that acts as the RoT
security R&D program.1 BlueRISC is developing Mo- for reliable integrity measure-
bileRoT, a fully software-based ments and is the foundation for
Roots of Trust dynamic mobile trusted mod- additional trusted services. The
Mobile roots of trust (RoT) are ule technology under support MobileRoT architecture includes
highly trustworthy, tamper-evi- from the DHS S&T Cyber Secu- a layer of encrypted CRTM code
dent components that can provide rity Division (CSD). MobileRoT that is tied to a cryptographic key

14 February 2016 Published by the IEEE Computer Society  2376-113X/16/$33.00 © 2016 IEEE
66 IT Pro November/December 2015 Published by the IEEE Computer Society 1520-9202/15/$31.00 © 2015 IEEE
 generated at boot-time. With the
CRTM established, the resulting
system doesn’t require any sensi-

User
Applications Author/ownership PW
tive information to be stored per-
sistently in an unprotected state,
closely mimicking the level of
security achievable via dedicated
5 Android kernel
hardware. A secure cryptographic
sealing and unsealing procedure 4 3
tied to the boot-time and run-
time measurements performed by MobileRoT
the solution enables application microkernel
and data protection. Because all
Privileged
protected data and applications 2
are sealed, they remain protected MobileRoT
even in cases in which an attacker loader
attempts to alter or bypass the
MobileRoT technology.
1
Figure 1 shows an example L2 boot loader
measurement and verification
flow, which illustrates the boot
process of an Android mobile de- L1 boot loader
vice and gives an example of how
an RoT can be established within
it. In this example, the MobileRoT Boot ROM
sits logically between the boot
loaders and the Android kernel.
Here, it can establish the CRTM
Figure 1. An example measurement and verification flow for an Android
and perform backward verifica-
mobile device. MobileRoT can perform (1) backward verification,
tion (1), self-verification (2), and
(2) self-verification, (3) forward verification, and (4) and (5) runtime
forward verification (3) of both
measurement. MobileRoT supports this example flow as well as others
privileged components and user-
while transparently incorporating many additional features.
land applications.
Traditional solutions focus pri-
marily on boot-time validation, respond to a threat to the system in cooperation with the Mobile-
establishing the validity of each or the protection technology itself. RoT and persistently protected.
component prior to a complete MobileRoT reliably allows all To view a secure event, proper
boot, while providing only mini- levels of software, including user authorization and authentication
mal support for runtime activities. applications, to have access to its is required, and the system state
Unfortunately, it is widely known trusted services through an open must be verified.
that sophisticated attacks can tar- API. This enables the creation of
get applications that are already secure, off-the-shelf, third-party

A
running, and devices these days and proprietary applications and lthough cybercrime tar-
are rarely rebooted. To address data, and strengthens key man- geting mobile devices is
the shortcomings of one-time agement and policy enforcement becoming pervasive, mo-
static verification, MobileROT technology, such as mobile device bile RoT can preserve and confirm
provides dynamic verification and management (MDM). MobileRoT the integrity of the device while it’s
attestation by performing runtime also provides fine-grained protec- at rest or in use. BlueRISC’s Mo-
measurements of the system state tion integrated directly into an bileRoT technology has overcome
of the device (4 and 5 in Figure application. For example, a stan- barriers to bring RoT to a mobile
1). These runtime agents harden dard Android Calendar applica- platform, providing a foundation
themselves from attack and modi- tion can be modified to support of security features to accelerate
fication by creating a self-validat- the concept of a “secure event.” the development of secure mobile
ing network, which can instantly This secure event is established devices.

www.computer.org/computingedge 15
computer.org/ITPro 67
 Smart SyStemS

Acknowledgments 2010; www.trustedcomputinggroup. roots of trust, mobile device protection,

The views and conclusions contained herein org/resources/mobile_phone_work_ access control, and continuous automated
are the authors’ and should not be interpreted group_mobile_trusted_module_ assurance for mobile apps. Sritapan is
as necessarily representing the official policies specification. also an information professional officer
or endorsements, either expressed or implied, in the US Navy Reserves. Contact him
of the US Department of Homeland Security Kristopher Carver is the technical at [email protected].
(DHS) or the US government. The work by director at BlueRISC, and principal
BlueRISC was sponsored by the DHS Home- investigator on the MobileRoT proj- Cherita Corbett is a senior computer
land Security Advanced Research Projects ect sponsored by the US Department of scientist at SRI International. Her re-
Agency (HSARPA), Cyber Security Divi- Homeland Security Science and Tech- search interests include mobile security,
sion (CSD), via the Small Business Innova- nology Directorate. He leads the techni- self-healing cellular networks, and cyber-
tion Research Program under contract number cal direction of BlueRISC and its system physical systems security. Corbett pro-
D14PC00178. The work by SRI Interna- assurance and cybersecurity products vides subject matter expertise and project
tional was funded by the DHS S&T under and technologies. Carver has more than management for the US Department of
contract number HSHQDC-10-C-00144. 10 years of experience in software and Homeland Security Science and Tech-
hardware protection solutions. He is co- nology Directorate’s cybersecurity R&D
References inventor of seven patents. Contact him at program. Contact her at cherita.corbett@
1. D. Maughan et al., “Government- [email protected]. sri.com.
Funded R&D to Drive Cybersecu-
rity Technologies,” IT Professional, Vincent Sritapan is a program man-
vol. 17, no. 4, 2015, pp. 62–65. ager in the US Department of Homeland
2. Mobile Phone Work Group Mobile Security Science and Technology Direc- ThisSelected
article CS
originally
articles appeared
and in
Trusted Module Specification version torate’s Cyber Security Division. His IT Professional, vol. 17, for
columns are available no.free
6, 2015.
at
1.0, Trusted Computing Group, Apr. projects focus on mobile software-based http://ComputingNow.computer.org.

stay connected.
Keep up with the latest

Call for artiCles IEEE Computer Society

publications and activities
IT Professional seeks original submissions on technology wherever you are.
solutions for the enterprise. Topics include
• emerging technologies, • social software,
• cloud computing, • data management and mining,
• Web 2.0 and services, • systems integration,
• cybersecurity, • communication networks,
• mobile computing, • data center operations,
• green IT, • IT asset management, and
• RFID, • health information technology.
We welcome articles accompanied by Web-based demos.
For more information, see our author guidelines at
www.computer.org/itpro/author.htm.

www.Computer.org/itpro
| @ComputerSociety
| @ComputingNow
| facebook.com/IEEEComputerSociety
| facebook.com/ComputingNow

| IEEE Computer Society | youtube.com/ieeecomputersociety

| Computing Now

16 ComputingEdge February 2016

68 IT Pro November/December 2015
 IN OUR ORBIT
Editors: Angela Sasse, [email protected] | Alessandro Acquisti, [email protected]

Possessing Mobile Devices

A.A. Adams | Meiji University

A lthough modern smart-

phones and tablet computers
are at least as powerful as the PCs of
devices containing so much of their
personal, sensitive information.
In this article, I explore these
a decade or so ago, they’re viewed as ownership issues—their origins;
primarily media consumption and their security, privacy, and auton-
communication devices. As such— omy implications for users; and
and despite the fact that their asso- their economic and ecological
ciated hardware, such as built-in implications. In particular, I argue
cameras, microphones, accelerom- that the current smartphone and
eters, and GPS and other location tablet ownership model violates
sensors, pose significant privacy users’ reasonable expectations
risks—such devices’ ownership and fundamental rights without
model owes more to home gam- giving them sufficient recompense.
ing consoles than PCs. According Although users buy and therefore
to International Data Corporation supposedly own the devices, the
and Strategy Analytics, more than manufacturers or software system
1 billion smartphones running the integrators, retailers, and network
Android OS were shipped in 2014 connection providers retain con-
(that is, sent out from manufactur- siderable control, prohibiting users
ers but not necessarily sold to or from both protecting their privacy
used by consumers), accounting and making use of the device’s full
for more than 80 percent of the capabilities. I also argue that the
year’s market.1,2 Combined with claim that such external control
the more than 192 million iPhones improves users’ security is false in
shipped (approximately 15 percent multiple ways.
of the market), Android and iOS
phones accounted for 96 percent of Ownership
the smartphones shipped in 2014. Ownership is not as simple a con-
These figures consider only smart- cept as it might first appear. There
phone shipments, not tablets. In are legal concepts of ownership
addition, 2014 reports concluded that confer both rights and respon-
that most online information sibilities to the owners. There are
exchange in the US now occurs via psychological elements such that
mobile devices.3,4 Users pay signifi- individuals might feel that their
cant amounts of money for these rights—or even their person—have
devices and use them to conduct been violated when their legal rights
much of their social and business or technical control over their pos-
lives. But despite users having paid sessions don’t match their expecta-
for the devices, their owners’ rights tions. There are economic issues
are limited unless they bypass the driving the market that restrict
built-in software restrictions and device owners’ actions. In the end,
root their Android device or jail- what we think of as ownership is
break their iOS device. So, it appears simply shorthand for a bundle of
that owners don’t truly own these rights in an object. Ownership
2376-113X/16/$33.00 © 2016 IEEE Published by the IEEE Computer Society February 2016 17
1540-7993/15/$31.00 © 2015 IEEE Copublished by the IEEE Computer and Reliability Societies November/December 2015 89
IN OUR ORBIT

rights usually include the right to to prevent damage to the network, to the phone’s firmware (that is,
decide who can use an object, and although as the US Carterfone case downloading an updated core OS
something owned can usually be demonstrated, this was at least partly via the mobile network) weren’t
sold to another. a spurious claim; in fact, the preser- generally supported. Many phones
However in most countries, we vation of sales or rental income on ran highly customized OSs, and few
can’t sell our body organs, even monopoly-provided equipment systems were used by more than
those without which we could sur- was the primary reason.7,8 Pre- one manufacturer.
vive (such as one kidney or part smartphone mobile phones in the Firmware-installed OS upgrades,
of a liver)—despite most people developed world quickly became if possible at all, were generally
considering themselves restricted to special-
owners of their own bod- In the case of smartphones and tablets, purpose hardware at ser-
ies.5 Such restrictions are vice centers. Some later
ownership restrictions seem far
often justified by appeal phones allowed users to
to a general social ben- from justified when we consider the update by downloading
efit, such as avoiding new firmware to a PC over
privacy and security costs to users.
exploitation of the poor the Internet: they had to
as a resource for body connect the phone to the
parts by the rich. In the PC and run an update
case of smartphones and tablets, objects of deep emotional attach- program on the PC to rewrite the
however, these ownership restric- ment for their owners.9 phone’s software. (This was also the
tions seem far from justified when Given the intense and intimate update process for iPhones until iOS
we consider the privacy and secu- usage of modern mobile devices, 5, which introduced OTA updates.)
rity costs to users. it’s unsurprising that users develop The road from digital mobile
strong positive feelings, including handset to smartphone had many
Psychological Attachment trust, toward their devices. How- dead ends, byways, and failed high-
to Personal Devices ever, this trust is misplaced because way projects. The smartphone basi-
Smartphones are both phones and they actually give up a great deal of cally combines a digital mobile
computers. Therefore, to understand control to the real “owners” of the phone handset and a PDA. The
user expectations of ownership, we devices: the providers (primarily degree of openness of many early
must consider the background of manufacturers and mobile phone smartphones reflected the creators’
ownership rights for both. I focus operating companies). route—whether they started with
on the PC era for computers and a phone and tried to give it PDA
(mostly) the mobile phone era for Technical Ownership functionality and Internet access,
telephones. PCs allowed people to (Control) of Mobile Phones or started with a PDA and tried
have computers not only in their Early digital mobile phones had to give it phone functionality and
homes but also in their individual very limited capabilities beyond Internet access. For example, Nokia
office spaces; despite these office making phone calls and sending and Microsoft started from the PDA
PCs being owned by the organiza- and receiving short text messages. concept, with Nokia creating envi-
tion, many people described and As their capabilities expanded to ronments such as the S60 platform
felt them to be personal devices. As include digital cameras and con- and the Symbian system (which
Byron Reeves and Clifford Nass nections to networked information superseded S60 at Nokia and was
note, people’s emotional and psy- services, the hardware and operat- based on the EPOC OS from the
chological attachments to devices ing systems became more compli- UK’s Psion PDA maker). Microsoft
are often quite illogical, such as cated, and interoperability issues developed the Windows CE and
distinguishing between completely between networks and phones and Windows Mobile systems, both of
fungible devices (identical specifi- between phones and other devices which had open application devel-
cation, all data stored on a network) (particularly PCs) arose. Early fea- opment layers and allowed user
based simply on prior usage of a par- ture phones containing information installation of applications.
ticular machine.6 services ran various OSs with differ- In Japan, NTT, the former state
In many countries, early fixed- ent openness levels. fixed-line phone monopoly pro-
line phone networks only allowed Most early feature phones vider, developed Mobile-Oriented
devices supplied by the network included limited or no ability to Applications Platform (MOAP)
operator to connect to the net- update the system software. In par- systems—one based on a Symbian
work. They claimed that this was ticular, over-the-air (OTA) updates kernel and the other on a Linux
18 ComputingEdge February 2016
90 IEEE Security & Privacy November/December 2015
kernel—which had neither open these devices aren’t intended as devices with bloatware—(often
third-party development options platforms on which to develop apps unwanted) apps that aren’t delet-
nor user-installable applications. to run on them. Most development able on a nonrooted phone. Many
These systems used NTT’s propri- happens on other, more powerful of these apps are set to start on boot,
etary i-mode system to provide computers running suitable devel- requiring users to manually turn
Internet-like services, including opment tools. them off after every reboot—the
translating suitable webpages into There have been and remain option to not run on boot is usually
a form viewable on the grayscale many levels of openness in these locked in the user settings.
phone screen and using the keypad systems with regard to user control. Interestingly, the Shanghai
for interaction. As with computer iOS devices generally only allow Consumer Council, a small con-
gaming consoles, MOAP systems applications to be installed from the sumer protection group in China,
had application development plat- Apple App Store. Android vendors recently launched a lawsuit against
forms. To access them, development can preset application sources to be Samsung and Chinese vendor
companies were required to enter allowed or disallowed. Some distrib- Oppo for violating consumers’
into contracts with NTT. Applica- uted versions allow users to switch rights by selling them devices with
tion development for these systems on other sources, whereas other undeletable bloatware.14
was typically done by or under con- distributed versions limit applica- Regulators such as the US Federal
tract to the hardware manufacturer, tion sources to those they have pre- Communications Commission are
who sought to compete in the mar- set. RIM’s BlackBerry OS before reluctant to require manufacturers
ket by offering built-in applications. version 10 (which was a complete and network operators to grant users
Japanese rivals au by KDDI and rewrite based on the QNX kernel) full control over their own devices.
SoftBank Mobile developed phones restricted application installation to They’re concerned that users might
supporting the Wireless Applica- only RIM’s repository. The Black- misuse software-defined radio capa-
tion Protocol (WAP) standard that Berry 10 system, however, supports bilities to interfere with other mobile
allowed access to websites through Android applications including the phones and radio communications.
a stylesheet-like approach. Interac- ability to install applications from However, neither the US Copy-
tive applications running locally alternative sources like the Amazon right Office’s exemption of iPhone
on the device, however, could be Appstore for Android. Only apps jailbreaking and Android rooting11
produced only using proprietary from the Windows App store can be from the Digital Millennium Copy-
software development kits. For installed on Window Phone devices. right Act’s (DMCA’s) anticircum-
example, email on these Japanese Anyone with physical access to vention rules nor the prevalence of
phones was available only through a device can, with enough effort, these practices by users have per-
dedicated apps using the service control that device. Physical suaded telecom regulators to insist
provider’s mail server, or through a access restrictions are a standard that users be given real ownership of
WAP-enabled webmail service. part of security engineering.10 and control over their devices.
Systems with open application- However, most people don’t have
development environments such the expertise or equipment to Security and Privacy
as PalmOS, its successor WebOS, work around devices’ built-in con- on Possessed Devices
Symbian, BlackBerry OS, iOS, and trol restrictions. Sometimes there Smartphones and tablets are
Android have gradually taken much are legal restrictions on doing so primarily used for communica-
of the market share for mobile that make it illegal11 or more dif- tion (social networking services,
devices, including not just smart- ficult to obtain the required hard- photo sharing, messaging, and
phones but also larger tablets. ware,12 or that place the user in voice and video calls), although
Again, devices running these sys- breach of contract.13 media consumption (games, vid-
tems are really general-purpose Although manufacturers such as eos, audio, and text) and informa-
computing devices with mobile net- Sony and Asus provide instructions tion processing (note-taking and
working and integration with POTS and options for users to access full self-quantification) are also signif-
(plain old telephone service) via a administrative rights (root user or icant uses. The locked-down model
“phone” app. They’re designed to be superuser) on some Android-based of previous generations’ media con-
devices with which software is used, devices, they do so only with the sumption devices—whereby the
rather than on which software is mobile network provider’s agree- manufacturer or other upstream
developed. Although programs can ment, which is often withheld. retailer significantly controls the
be developed in some applications Many manufacturers and mobile device—seems a poor deal for con-
(such as TerminalIDE for Android), network operators preload Android sumers. Bruce Schneier called this
www.computer.org/computingedge 19
www.computer.org/security 91
IN OUR ORBIT

the “feudal security” model (http:// and UK Government Communi- be encouraged, any more than car
tinyurl.com/b7s2fq4; http://tinyurl cations Headquarters (and prob- owners should be encouraged to
.com/k8x5de4). As in the feudal ably many other signals intelligence install updates to their cars’ onboard
social model, the overlords aren’t agencies) is condemned by security systems using a USB stick delivered
trustworthy, and the moral hazards professionals as putting everyone’s to their address without verifying its
of their position without strong security at risk by decreasing the source as the manufacturer.22
external regulation lead them to abu- chances that project management
sive practices such as secretly spying becomes aware of vulnerabilities Security Risks of Not
on users’ locations (see for example, and takes steps to fix them.21 Simi- Rooting and Jailbreaking
Google and Apple15,16). Meanwhile, larly, because jailbreaking an iOS Without administrative control of
device manufacturers are constantly device or rooting many Android a device, checking the integrity of
tweaking proprietary device driv- devices requires breaking their system files and monitoring the
ers for their Android presence and activity of
phones,17 shipping binary Preventing users from controlling their installed applications
blobs for attachment to are very difficult. On
own devices encourages them to try to
Android’s Free Software both iOS and Android,
Linux kernel, all with too follow instructions on bypassing their in fact, ordinary user-
little appreciation of the space applications aren’t
devices’ security from dubious sources.
security risks of these supposed to monitor
often hastily programmed or interfere with other
hardware interfaces. apps. Google and Apple
security model, users (particularly enforce such policies in their
Direct Security Risks of highly skilled white hat hackers) respective app stores, although for
Rooting and Jailbreaking have an incentive to prevent system most Android devices, you can
Steffen Liebergeld and Matthias developers from knowing about the install apps from other sources.
Lange discuss the risks users run if vulnerabilities they exploit. These Even when such monitoring can
they root their Android devices,18 vulnerabilities, in addition to being be installed as a user-space app, its
and Kevin Rogers provides a simi- used by users to gain control over access to other software’s activities
lar discussion of the dangers of jail- their devices, can also be used by is limited.
breaking iOS devices.19 Because attackers to elevate their privileges Lack of administrative control
neither Android nor iOS is designed as part of a malicious attack. becomes increasingly problematic
to run administration accounts, In addition, preventing users as smartphone providers (manu-
despite both being based on Unix- from controlling their own devices facturers, system integrators, telcos,
related kernels (Linux and XNU [X encourages them to try to fol- and so on) apparently want users to
is Not Unix], respectively), once the low instructions on bypassing upgrade their devices more often
systems are hacked to expose these their devices’ security from dubi- than some might want to. With
administrator-level accounts, they’re ous sources. Although most online the rapid development of iOS,
more vulnerable to external hack- directions about jailbreaking and Android, and new models, system
ing. Although users’ privacy and, to rooting devices are what they appear, providers (typically manufactur-
some extent, security are always at most users don’t have the techni- ers) aren’t providing older devices
risk from any application they install cal expertise to know whether the with updates. Even if manufactur-
(and from other vectors), once directions will actually help them ers support these older devices,
they’ve rooted or jailbroken their achieve their goals or, instead (or in updates are being rolled out far
device, the applications they install addition), install malware or open too infrequently. Daniel Thomas
can request root access, which many up a security hole in their device. and his colleagues recently showed
users will likely grant—just as they Such attacks often target Face- that even though Google is patch-
grant privacy-invasive privileges to book users; Facebook calls this the ing the base Android system, many
apps such as those to use the camera self-cross-site-scripting attack (www manufacturers are very slow to
flash like a flashlight.20 .facebook.com/notes/facebook feed such patches through to users’
- s e c u r i t y / d o n t - b e - a - s e l f - x s s devices: 87 percent of the Android
Indirect Security Risks of -victim/10152054702905766). machines in their study had known
Rooting and Jailbreaking Users’ willingness to follow some- unpatched vulnerabilities.23
The hoarding of vulnerabilities by what random online advice on break- Once updates for the core iOS
the US National Security Agency ing their devices’ security shouldn’t or Android system stop appearing,
20 ComputingEdge February 2016
92 IEEE Security & Privacy November/December 2015
devices often can’t run updated ver- similar situation, with their reason- company, hardware manufacturer,
sions of various apps, leaving them ably recent devices (sometimes and system integrator are these
vulnerable to security problems in less than two-years old) being left devices’ practical owners.
the apps’ older versions as well as in out of the OS upgrade cycle; thus, This lack of ownership requires,
the OS itself. A very serious version they’re forced to upgrade their hard- at the very least, significantly
of this problem appeared in Janu- ware or remain vulnerable. Even for improved consumer rights and pri-
ary 2015, when Google announced a jailbroken iPhone, there appears vacy protections. As Thomas and
it wouldn’t be providing a security to be no alternative OS that can be his colleagues showed, Android
fix for a known vulner- smartphone manufac-
ability in the WebKit turers are leaving their
Web browser app, a key Limitations should be clearly justified users’ software vulner-
element of Android 4.1 as in the public interest, not simply in able by not providing
to 4.3.24 (Google did regular updates.23 In
say it would accept and the providers’ commercial interest. the PC world, patch-
push a patch if offered ing has become one of
by a reliable third party). the standard backbones
Although it’s possible of ensuring security.
to use alternative browsers such as installed to compensate for the lack System administrators who don’t
Mozilla’s Firefox, which is updated of an Apple-provided, security- patch their systems are regarded as
and available even on the older updated iOS. unprofessional at best, and crimi-
Android versions, many apps use nally negligent at worst. Home
the WebKit rendering engine for Privacy Risks of Not users are exhorted to keep their
their own HTML parsing and pre- Rooting and Jailbreaking systems up to date; in fact, in an
sentation. As I noted, users find Security and privacy are often rep- effort to preserve the ecosystem’s
it difficult or impossible to know resented as oppositional duals: one security, Windows 10 Home Edi-
which apps interoperate with which must give up some privacy to gain tion no longer allows users to defer
other elements of the system, par- some security. Although this might security updates.
ticularly core elements such as the be true in some circumstances, However, there is a long history
Web rendering engine. the security of the devices we use of software being provided “without
Unlike, for example, PCs run- is a prerequisite for privacy, not in warranty.” Consumer goods such as
ning Windows XP—which Micro- opposition to it. Being able to see cars and drinks used to be outside
soft supported with security patches whether unauthorized software such negligence claims in most cir-
for more than a decade—Android is running requires administrator cumstances, but seminal court cases
4.3.1 was only released in October access, as does monitoring and con- in the early 20th century estab-
2013. Users are completely at the trolling apps’ provision of private lished a duty of care for manufac-
hardware manufacturer’s mercy information. Android applications turers to not sell dangerous goods
to compile and release a new ver- such as Android Privacy Guard into the supply chain, such as cars
sion of Android for their hardware. require root access to provide such with faulty brakes (US: MacPher-
So, the manufacturer likely hasn’t facilities to users. son v. Buick Motor Co.)25 or drinks
updated phones released in mid- contaminated with slugs (Scot-
2013 beyond 4.3.1, which less than So, Who Owns My Device? land: Donoghue v. Stevenson).26 The
18 months after release, had secu- So, ownership isn’t a single abso- implications of MacPherson v. Buick
rity vulnerabilities in a core service lute concept granting all possible Motor Co. are likely to gain impor-
app that Google decided not to rights to an item. However, smart- tance as cars become further infor-
patch and which, even if patched phones—whose hardware, such as matized and, even without being
by Google, would probably not be microphones, cameras, accelerom- driverless, increasingly vulnerable
offered as a downstream update by eters, and GPS, and software and to external hacking.27 Although
other manufacturers. data, such as contact listings, pho- not usually as physically danger-
Without administrative access, tos, social network posts, email, ous, smartphones and tablets are
which smartphone providers are communications, and media con- so embedded in our lives that their
reluctant to grant, Android users sumption, make them so useful but information is vital to our personal
can’t even install an alternative also so risky in terms of privacy and infrastructure, and manufacturers’,
compatible OS such as Cyano- security—aren’t primarily owned telcos’, and retailers’ lack of liability
genMod. iOS device users face a by their users. Instead, the phone is hard to defend.
www.computer.org/computingedge 21
www.computer.org/security 93
IN OUR ORBIT

At best, the US Copyright that could bypass digital rights man- 10. R. Anderson, Security Engineering,
Office’s exemption of iOS jail- agement on music, books, or video 2nd ed., John Wiley & Sons, 2008.
breaking and Android rooting from files would be subject to confiscation 11. T.B. Lee, “Jailbreaking Now Legal
illegalization under the DMCA19 and destruction.29 under DMCA for Smartphones,
should be extended in the US and but Not Tablets,” Ars Technica,
adopted elsewhere as a clear right Acknowledgments 25 Oct. 2012; http://tinyurl
of device owners to opt out of exter- This work was funded by the follow- .com/8os3qn5.
nal controls by others (whether a ing grants: JSPS Kaken (B) 24330127 12. B.F. Fitzgerald, “The PlayStation
person or an organization) on any Organisational and Individual Behaviour, Mod Chip: A Technological Guar-
device; hardware owners should and Personal Information Protection in antee of the Digital Consumer’s
have full visibility of their device’s the Age of Social Media; and JSPS Kaken Liberty or Copyright Menace/Cir-
operation and a much greater level (B) 15H03385 Easy Security and Privacy. cumvention Device?,” Media and
of control—that is to say, proper Arts Law Rev., vol. 10, no. 1, 2005,
ownership of the device. References pp. 85–98.
Remaining limitations should 1. “Android and iOS Squeeze the 13. M.H. Wolk, “The iPhone Jail-
be clearly justified as in the public Competition, Swelling to 96.3% of breaking Exemption and the Issue
interest, not simply in the providers’ the Smartphone Operating System of Openness,” Cornell J. Law and
commercial interest (such as reduc- Market for Both 4Q14 and CY14, Public Policy, vol. 19, no. 3, 2009,
ing costs by not issuing security According to IDC,” International pp. 795–828.
updates, charging users for permis- Data Corp., 24 Feb. 2015; http:// 14. M. Kan, “Samsung Faces Lawsuit in
sion to use devices’ innate capabili- tinyurl.com/p5mltv4. China over Bloatware on Phones,”
ties, or profiting from the invasion 2. N. Mawston, “Android Shipped 1 PCWorld, 3 July 2015; http://
of users’ privacy). If support for Billion Smartphones Worldwide in tinyurl.com/pqqddke.
security updates on a device is no 2014. Strategy Analytics Report,” 15. R. Chow. “Why-Spy: An Analysis
longer offered, then restrictions on 29 Jan. 2015; http://tinyurl.com of Privacy and Geolocation in the
user access to full control of the /om9etpe. Wake of the 2010 Google Wi-Spy
device aren’t justified. Perhaps at 3. S. Perez, “Majority of Digital Media Controversy,” Rutgers Computers
this point, legal liability for failures Consumption Now Takes Place and Technology Law J., vol. 39, 2013,
might shift from providers to users, in Mobile Apps,” TechCrunch, pp. 56–93.
much as it already does with PCs. 21 Aug. 2014; http://tinyurl.com 16. V. Kumpu, “Privacy and the Emer-
Those still running Windows XP /mlvo5el. gence of the ‘Ubiquitous Comput-
have only themselves to blame if 4. A. Lella and A. Lipsman, “The US ing Society’: The Struggle over the
their devices invade their privacy or Mobile App Report.comScore Meaning of ‘Privacy’ in the Case of
are used as zombies in a botnet. White Paper,” comScore, 21 Aug. the Apple Location Tracking Scan-
2014; http://tinyurl.com/pokl2uf. dal,” Technology in Society, vol. 34,
5. J.W. Harris, “Who Owns My Body,” no. 4, 2012, pp. 303–310.

U nfortunately, events don’t

appear to be traveling in this
direction. In 2012, the US Copy-
Oxford J. Legal Studies, vol. 16, no. 1,
1996, pp. 55–84.
6. B. Reeves and C. Nass, The Media
17. X. Zhou et al., “The Peril of Frag-
mentation: Security Hazards in
Android Device Driver Custom-
right Office demurred from extend- Equation, 2nd ed., CSLI, 2002. izations,” Proc. 2014 IEEE Symp.
ing their “right to jailbreak” from 7. M.T. Hoeker, “From Carterfone to Security and Privacy (SP 14), 2014,
iPhones and Android phones to the iPhone: Consumer Choice in pp. 409–423.
iPads and Android tablets.28 The the Wireless Telecommunications 18. S. Liebergeld and M. Lange,
latest leaks about the controversial Marketplace,” CommLaw Conspec- “Android Security, Pitfalls and Les-
and secretly negotiated Trans-Pacific tus, vol. 17, no. 1, 2008, p. 187. sons Learned,” Proc. 28th Int’l Symp.
Partnership include requirements 8. T. Wu, “Wireless Carterphone,” Computer and Information Sciences
to further lock down devices and to Int’l J. Communication, vol. 1, 2007, (ISCIS 13), 2013, pp. 409–417.
impose harsh penalties—including pp. 389–426. 19. K. Rogers, “Jailbroken: Examining
destruction of the machine—on 9. J. Vincent, “Emotional Attachment the Policy and Legal Implications
anyone found circumventing techni- to Mobile Phones: An Extraordi- of iPhone Jailbreaking,” J. Technol-
cal protection measures. If this agree- nary Relationship,” L. Hamill, A. ogy and Law and Policy, vol. 13, no.
ment is adopted, in places like the Lasen, and D. Diaper, eds., Mobile 2, 2013; http://dx.doi.org/10.5195
US, Australia, and Japan, a rooted World, Springer London, 2005, /tlp.2013.118.
Android or jailbroken iOS device pp. 93–104. 20. “Flashlight Apps Threat Assessment

22 ComputingEdge February 2016

94 IEEE Security & Privacy November/December 2015
 Report,” SnoopWall, 2014; http://
tinyurl.com/pvj3oh3.
21. M.D. Cavelty, “Breaking the
Cyber-Security Dilemma: Align-

for Articles
Call
ing Security Needs and Removing
Vulnerabilities,” Science and Engi-
neering Ethics, vol. 20, no. 3, 2014,
pp. 701–715.
22. N. Ford, “Hacked Jeep USB Soft-
ware Patch Criticized,” IT Gover-
nance, 8 Sept. 2015; http://tinyurl

23.
.com/qy82237.
D.R. Thomas, A.R. Beresford, and
Be on the Cutting Edge of Artificial Intelligence!
A. Rice, “Security Metrics for the
Android Ecosystem,” Proc. 5th
Ann. ACM CCS Workshop Security
and Privacy in Smartphones and Publish Your Paper
Mobile Devices (SPSM 15), 2015,
pp. 87–98. in IEEE Intelligent Systems
24. P. Bright, “Google Won’t Fix Bug
Hitting 60 Percent of Android
Phones,” Ars Technica, 13 Jan. 2015;
http://tinyurl.com/o2d5hho.
IEEE Intelligent Systems
25. J.W. Wade, “Strict Tort Liability of seeks papers on all aspects
Manufacturers,” Southwestern Law J.,
vol. 19, 1965, p. 5. of artificial intelligence,
26. R.F.V. Heuston, “Donoghue v. Ste-
venson in Retrospect,” Modern Law focusing on the development
Rev., vol. 20, 1957, p. 1.
27. A. Greenberg, “Hackers Remotely
of the latest research into
Kill a Jeep on the Highway—With practical, fielded applications.
Me in It,” Wired, 21 July 2015;
http://tinyurl.com/oaabx46.
28. “Exemption to Prohibition on Cir-
cumvention of Copyright Protec- For guidelines, see
tion Systems for Access Control
Technologies,” Copyright Office of
www.computer.org/mc/
the US Library of Congress, 2012; intelligent/author.htm.
http://tinyurl.com/ngewrn2.
29. J. Pearson, “White Hat Hack-
ers Would Have Their Devices
Destroyed under the TPP,” Mother-
board, 9 Oct. 2015; http://tinyurl
.com/o3bm553.

A.A. Adams is a professor of infor-

mation ethics at Meiji University.
Contact him at [email protected].
The #1 AI Magazine
IEEE

This article originally appeared in

Selected CS articles and columns
IEEE Security & Privacy, vol. 13,
www.computer.org/intelligent
are also available for free at
no. 6, 2015.
http://ComputingNow.computer.org.

www.computer.org/computingedge 23
www.computer.org/security 95
 Smartphones Editor: Nayeem Islam n Qualcomm n [email protected]

Concurrency in Mobile Browser

Engines
Cǎlin Caşcaval, Pablo Montesinos Ortego, Behnam Robatmili, and Darío Suárez
Gracia, Qualcomm Research Silicon Valley

W eb browsers are our main win-

dow into the wealth of infor-
mation available on the Internet. All
power and clock gating, dynamic volt-
age and frequency scaling, and offload-
ing work to specialized cores. On the
JavaScript) that create the Document
Object Model (DOM), a Cascading
Style Sheets (CSS) engine to format and
consumer computing platforms, network side, Long-Term Evolution style the DOM, a layout engine to pro-
including smartphones and tablets, (LTE) offers 100 Mbps bandwidth, yet duce the image that will be displayed to
rely on a browser to provide news, network latency continues to be high. the user, a rendering engine to display the
entertainment, and services. We use the Web browsers must exploit all avail- page, and a JavaScript engine to enable
term Web apps to refer to applications able capabilities to address perfor- interactivity and dynamic behavior.
designed and implemented using Web mance and energy challenges. Figure 1 shows the breakdown of
technologies. Some Web apps require Here, we focus in particular on how execution time by component, exclud-
users to launch their Web browsers, Web browsers can use concurrency ing the network time. Our measure-
while others appear to the user as to improve per-tab (or per-page) pro- ments, similar to other work, 3 show
native applications, even though they cessing. We use the Zoomm browser that the network time is 30–50 per-
are just an API layer on top of a browser engine1 and its MuscalietJS JavaScript cent of the total execution time. As the
engine. Using Web technologies as the engine2 to illustrate how parallel pro- Web evolves, we’re seeing remarkable
application back end is a convenient cessing improves performance and changes in complexity and dynamic
way of building portable applications hides network latency for faster page behavior. For example, in 2010, Leo
across a variety of platforms. loads. Meyerovich and Rastislav Bodík mea-
However, this presents two main sured WebKit execution and observed
challenges. First, browsers must pro- ExPloItIng ConCurrEnCy that JavaScript took approximately 5
vide a smooth user experience—fast Desktop browsers, such as WebKit percent of the execution time.4 One
page load, satisfactory scroll and zoom (www.webkit.org) and Firefox (www. year later, the fraction of JavaScript
performance, and uniform behavior mozilla.org/firefox), typically exploit execution increased to 30 percent,
regardless of the underlying hardware. multiple cores by running each tab and for most webpages, it has since
The browsers’ JavaScript engines thus as a separate collection of processes plateaued.
must provide close-to-native applica- and relying on the OS scheduler to Even more significantly, we’re
tion performance. The second challenge place processes on different cores. observing a major trend to support
is that when running on mobile devices, The Zoomm browser architecture was application development using Web
browsers must adapt to the related designed with a different goal: take technologies such as HTML5, CSS,
energy and connectivity constraints. advantage of multicore processing for and JavaScript. Given this breakdown
As a result, browsers have been evolv- each browser tab. This is in line with of computation, it is clear that to opti-
ing to exploit the underlying hardware. typical mobile device usage, and it lets mize the browser execution using con-
Most current smartphones and tablets a more constrained platform meet its current processing, all major compo-
have systems on a chip (SoCs), with performance and energy goals. nents must be addressed, because the
two to eight cores and powerful GPUs, gains from optimizing the components
and they rely on a plethora of tech- A Parallel Browser Architecture in isolation are bounded.
niques to maximize the performance/ A Web browser has several major Our goal is to exploit concurrency
power ratio. Such techniques include components: parsers (HTML, CSS, at multiple levels: parallel algorithms

14 24
PER February 2016
VA SI V E computing Published by the IEEE Computer
PublishedSociety
by the IEEE CS n 2376-113X/16/$33.00
1536-1268/15/$31.00 © 2016 IEEE
© 2015 IEEE
for individual passes to speed up the In our first implementation, all
processing of each component, and resources are fetched in the order in Parsing
Others Rendering
overlapping of passes to speed up the which they appear, without imposing 4%
5%
total execution time. In addition, we any priorities. In addition, the resource 19%
must respect the HTML and JavaScript manager includes other components, CSS 20%
semantics, even during concurrent exe- such as the HTML prescanner and
cution. The main data structure used image decoder. The HTML prescan-
31%
by all browser passes is the DOM. The ner quickly determines all external
21%
DOM is a tree representing all HTML resources in an HTML document,
elements, including their content, rela- requests their downloading, and, Layout JavaScript
tionships, styles, and positions. Web depending on the type of resources,
programmers use JavaScript to manip- requests further processing. The image
Figure 1. Browser processing times by
ulate the DOM, producing interactive decoder component consists of a thread
component, excluding network load
webpages and Web apps. Most com- pool that decodes images for later use
time. Profiling results obtained using
munication between browser passes as the resource manager receives them.
the WebKit browser on a four-way ARM
and components happens through the These operations are fully concurrent,
Cortex-A9 processor. Results are an
DOM. Unfortunately, even in a con- because each image decode is an inde-
aggregate of the top Alexa 30 sites as of
current browser, access to the DOM pendent task.
March 2010.
tree (constructed by the HTML5
parser) must be serialized to conform DOM engine. In Zoomm, each page (tab)
to the HTML5 specification (see http:// instantiates a DOM engine that consists
whatwg.org/html). of the DOM dispatcher, HTML parser, Rendering engine. Whenever the DOM
This is the biggest limitation Zoomm CSS parsing and styling, and timers and or CSS stylesheets change—because
must contend with, and it significantly events. The DOM dispatcher thread the fetcher delivered new resources, the
influenced the design. In our architec- schedules DOM updates and serves as HTML parser updated the DOM, or as
ture, we manage access to the DOM the page event loop. It serializes access a result of JavaScript computations—
through a dispatcher. Most passes to the DOM and manages the interac- this change needs to be reflected on the
have their own private concurrent data tion between components. screen so that the user can view and
structures to allow for greater paral- The rest of the browser infrastructure interact with it. The layout engine is
lelism inside components, and they dispatches work items to the concurrent responsible for transforming the styled
send asynchronous DOM updates to DOM dispatcher queue, and the items DOM tree into geometry and content,
the dispatcher for processing. Figure 2 are then handled one at a time. Work which the rendering engine can turn
shows the architecture’s high-level com- items represent browser passes as well into a bitmap. Ultimately, this bitmap
ponents, discussed in more detail next. as events from timers and the user inter- is displayed on the screen by the user
face. The HTML parser receives incom- interface as a viewable webpage. Nor-
Zoomm Browser Components ing (partial) data chunks for an HTML mally, the layout and rendering engine
The Zoomm browser consists of a num- document via a DOM dispatcher work takes a snapshot of the DOM informa-
ber of loosely coupled subsystems, all of item and constructs the DOM tree tion it needs and performs the rest of the
which were designed with concurrency by executing the HTML5 parsing work asynchronously; however, it can
in mind. With the exception of the algorithm. The parser adds external also be invoked synchronously when
browser global resource manager and resources (referenced from the HTML JavaScript use APIs that query layout
the rendering engine, all subsystems are document) to the resource manager’s information.
instantiated once for each page (shown fetch queue. The parser also initiates
as a separate tab in the user interface). the execution of JavaScript code by call- JavaScript engine. The Zoomm employs
ing the JavaScript engine at appropriate a novel JavaScript engine, MuscalietJS,
Resource manager. The resource man- times during parsing. The CSS engine for executing all JavaScript code. The
ager is responsible for managing and calculates the look and feel of the DOM engine’s design is presented in detail
preprocessing all network resources, elements for the later layout and render- elsewhere (http://github.com/mcjs/mcjs.
including fetching resources from the ing stages. Similar to image decoding, git).2 In particular, our engine exploits
network, providing cache management the resource manager hands off CSS concurrency by compiling multiple
for fetched resources, and notifying stylesheets to the CSS engine for pars- scripts in parallel, as well as compiling
other browser components when data ing and for discovering new resources scripts asynchronously with the rest of
from the network arrives. to request. the browser passes.

www.computer.org/computingedge
july–sEptEmbEr 2015 25
PER VA SI V E computing 15
 SmartPhoneS

SmartPhoneS

User interface
URL Events

Resource manager Per-page Document Object Model (DOM) engine

Prefetching HTML parsing

Image decoding HTML code CSS parsing

Timers

CSS parsing Events Styling

de
p t co
cri
aS
Jav

JavaScript code Layout tree

Per-page JavaScript engine Rendering engine

Execution Compilation Layout Render

Figure 2. The Zoomm browser architecture. Concurrency is exploited both across components and within each component.

To achieve this, the JavaScript engine execution engine. When the number C++. For concurrency, we use a custom
uses a thread pool and the just-in-time of times a function has been executed asynchronous task library (Qualcomm
compiler uses a separate state stored exceeds a certain threshold (in other Multicore Asynchronous Runtime Envi-
in the metadata of each script. Due to words, it’s “hot”), the engine will pro- ronment; http://developer.qualcomm.
JavaScript semantics, the execution of mote the function and recompile it at com/mare), optimized for mobile execu-
scripts is performed sequentially in the a higher optimization tier. Different tion. On Android, a thin Java wrapper
main engine thread. When the HTML tiers include an interpreter, a baseline is used to create the user interface. User
parser or DOM dispatcher (for exam- compiler, and a full compiler. The interactions, such as touching a link
ple, for user interface events) requests baseline compiler generates suboptimal on the display, are translated into Java
the execution of a JavaScript script that code quickly. The full compiler, on the Native Interface method calls, which
has not been compiled already, com- other hand, generates more optimized ultimately create work items in the
pilation is initiated. In either case, the code for hot functions by performing DOM dispatcher. Drawing to the dis-
engine waits for the compiled result and adaptive JavaScript-specific optimiza- play is performed using the Android
then executes the script. The goal of the tions, including hidden classes, prop- Native Development Kit, which pro-
engine is to use available resources on erty lookup, type specialization, and vides direct access to Android bitmaps.
the platform to improve the generated restricted dataflow analysis. On Linux and Mac OS X, a similar
code for JavaScript execution. wrapper is implemented in C++ using
Similar to other modern JavaScript User interface. The Zoomm browser the Qt interface toolkit (www.qt.io/
engines, MuscalietJS is a multitier is implemented in platform-agnostic developers). Although our deployment

16 26 ComputingEdge
PER VA SI V E computing February 2016
www.computer.org/pervasive
 SmartPhoneS

TABLE 1
Combined HTML and CSS prefetching initiates the download of most external resources ahead of their discovery by the HTML
and CSS parsers with high accuracy (“correct prefetch”) and small error (“missed/mistaken prefetch”). “Total resources” denotes
the number of referenced resources in a webpage.

Correct prefetch Mistaken prefetch

htMl CSS Missed prefetch htMl CSS total resources
Website* files Bytes files Bytes files Bytes files Bytes files Bytes files Bytes
cnn.com 34 979,695 52 409,377 2 372 0 0 5 3,371 93 1,392,815
bbc.co.uk/news 54 610,479 24 407,819 16 468,371 0 0 1 1,277 95 1,487,946
yahoo.com 44 672,595 13 264,603 2 2,016 1 0 0 0 60 939,214
guardian.co.uk 49 1,018,738 14 92,997 7 102,087 1 0 3 11,305 74 1,225,127
nytimes.com 73 1,046,636 9 73,487 13 228,162 1 10,837 1 89 97 1,359,211
engadget.com 128 2,023,135 84 651,030 5 104,320 0 0 9 34,824 226 2,813,309
qq.com 45 485,264 22 167,078 7 39,361 0 0 0 0 74 691,703
*The websites are from the Vellamo benchmark.

targets are Android devices, the Qt document.write() API.) Once resources are for the execution of <script> blocks to
implementation allows much easier discovered, network latency can be finish.
debugging and testing on desktop- masked by requesting multiple resources The processing of prefetched
based machines, and the ability to eval- to be fetched in parallel. This strategy resources works as follows. Images
uate concurrency beyond what Android also helps use all available bandwidth, are fetched concurrently with the rest
devices currently offer. and it reduces the overall time spent of the page processing. Once down-
waiting for resources to arrive. loaded, image data is given to a thread
ParallEl ExECutIon for In Zoomm, we favor concurrency pool for decoding concurrently. The
rESourCE PrEfEtChIng to achieve the same goal by running decoded image is added to the DOM
Mobile devices commonly experi- an HTML prescanning component dispatcher queue, which updates the
ence high latency when requesting the in parallel with a (nonspeculative) corresponding img tree node. Then the
resources that form an HTML docu- HTML parser. The main objective of image is removed from the set of pend-
ment. To reduce the overall time taken the HTML prescanner is to quickly ing images.
to load a page, fetching all of the depen- determine all external resources in an
dencies from the network as early as HTML document and trigger their CSS Prefetching
possible is very important. fetching from the network. The most CSS stylesheets are dispatched to a
commonly referenced resources are thread pool responsible for parsing
HTML Prescanning images, CSS stylesheets, and Java- CSS concurrently. If a CSS rule con-
Due to idiosyncrasies in the HTML5 Script sources. In addition, stylesheets tains additional external resources,
specification, the HTML5 parser must and JavaScript sources can themselves the parser decides whether to initiate
wait for <script> blocks to finish execut- reference further external resources. prefetching for them, based on the like-
ing before it can continue parsing. So, Furthermore, the prescanner obtains lihood that they’re actually referenced
if a webpage references an external all id, class, and style attributes used in the in the HTML document.
resource after a script element, fetching document. It’s crucial to download just enough
the resource can’t be overlapped with As network packets of an HTML of the referenced resources. Down-
the waiting. This could delay the com- document arrive, they are given to loading too little means that new
pletion of page loading. the prescanner and the actual HTML resources are discovered only when
The Mozilla Firefox browser miti- parser independently. The prescanner styling the DOM tree later on, which
gates such situations by speculatively can run ahead of the HTML parser incurs additional latency penalties. It’s
parsing ahead of script blocks to dis- because it only has to approximately common practice among websites to
cover new resources. (It might then parse HTML to find resources, thus reference many more resources than
be forced to throw away some of that skipping the complex DOM tree con- are actually needed for any given doc-
work if, for example, JavaScript inserts struction phase. More importantly, ument—for example, by using a site-
new content into the DOM tree via the the prescanner doesn’t have to wait wide common style file. Downloading

www.computer.org/computingedge
july–sEptEmbEr 2015 27
PER VA SI V E computing 17
 SmartPhoneS

SmartPhoneS

processing of scripts. When the HTML

14,000,000 parser encounters one of these attri-
Zoomm butes, it can farm out its compilation
12,000,000 WebKit and execution to the JavaScript engine
Zoomm no JavaScript immediately. MuscalietJS takes advan-
10,000,000
WebKit no JavaScript tage of the asynchronous semantics and
8,000,000
compiles and executes these scripts in
Time (u s)

parallel.
6,000,000 Another technique for exploiting
multicore processing for JavaScript is
4,000,000 parallel compilation. Almost all cur-
User experience threshold
rent browsers use parallel compilation
2,000,000 to either compile multiple scripts con-
currently or run an enhanced compiler
0 in a separate thread.5–7
C n
s

M t
ey
RD
BC

Ya r
Go o
le

Ti N
es

Am ki
on

ay
Overall, using these parallelization
N ee

k
Th ew
BB gto

ho

NY MS

i
ic

og
on

eB
W
az
SN
BA
CN Str

Fl
N
n

techniques, Zoomm loads pages about

ffi

M
e
Hu

twice as fast as WebKit, as shown in

Figure 3.
Figure 3. Page load time for several popular sites. Note that users typically expect
pages to load in less than 3 seconds.

E xploiting parallelism in browsers

promises performance and power
savings. We believe that Zoomm is
all resources invariably consumes too always fast enough to finish much ear- just a first step in that direction, and
much bandwidth and slows down lier than the parsers. hiding network latency using ahead-
page loading. Despite the heuristic nature of some of-time processing removes a bottle-
In Zoomm, the CSS parser employs of the prefetching decisions, they’re neck in loading webpages that is
the id and class attributes discovered by quite accurate. In our experiments, beyond the control of browser clients,
the HTML prescanner to determine 80–95 percent of all externally refer- thus improving the user experience.
if a rule is likely to be matched. If all enced resources in a document were Optimizations explored in Zoomm
attribute values referenced in a CSS prefetched correctly, with only a small and the MuscalietJS engine are being
rule selector have been seen by the error rate. Due to bandwidth and power adopted by commercial browsers:
HTML prescanner, we assume that the considerations, our heuristics were still the Mozilla Servo project (https://
rule will match at least one DOM tree conservative—that is, they tend to github.com/servo/servo) is using a
element and initiate downloading its prefetch too little rather than too much. parallel language (RUST) to imple-
resources. This heuristic is simple but The “missed prefetch” (not prefetched, ment a concurrent browser architec-
effective (see Table 1). Note that wrong but needed for rendering the webpage) ture similar to Zoomm’s. That project
decisions don’t affect correctness; any numbers were higher than “mistaken puts a larger emphasis on the layout
missed resources will be discovered prefetch” (prefetched, but not needed engine to handle all the corner cases
during the styling phase, at the cost of for rendering) numbers. of the HTML5 specification, which
additional latency. presents a significant challenge and
Table 1 shows the number of JavaSCrIPt ParallEl opportunity.
resources that are successfully ProCESSIng Browsers such as Chrome and Inter-
requested by the prefetching stage, In modern pages, a significant number net Explorer are implementing paral-
and the number of resources are of resources (style sheets, images, and lel JavaScript processing, and recently
missed due to use of JavaScript. Note other scripts) are dynamically con- Chrome has decoupled JavaScript pars-
that resources would also count as structed using JavaScript. It’s advanta- ing into a concurrent thread. 5 Other
“missed” if the prefetching algorithms geous to discover these resources ahead researchers are looking at architectural
would fall behind the actual HTML of time, such that their download aspects of enabling more concurrency
and CSS parsers. However, this was doesn’t block the page load. HTML5 in the browser.
never the case in all our experiments. introduces two attributes for scripts: Finally, Web standards are evolving
The prefetching components were async and defer to allow out-of-order to allow webpage designers to exploit

18 28 ComputingEdge
PER VA SI V E computing February 2016
www.computer.org/pervasive
 SmartPhoneS

This article originally appeared in

IEEE Pervasive Computing, vol. 14, no. 3, 2015.

concurrency. These include asynchro- SIGOPS Int’l Conf. Virtual Execution

nous and deferred script processing Environments (VEE), 2014, pp. 77–88. Cǎlin Caşcaval is a senior
directives in HTML, Web workers, and director at Qualcomm
3. Z. Wang et al., “Why Are Web Browsers
several efforts to express concurrency in Slow on Smartphones?” Proc. ACM Int’l research silicon Valley.
JavaScript. In addition, the declarative Workshop on Mobile Computing Sys- Contact him at cascaval@
nature of CSS makes it ripe for exploit- tems and Applications, 2011, pp. 91–96. qti.qualcomm.com.
ing parallelism through concurrent
4. L.A. Meyerovich and R. Bodík, “Fast
implementations. and Parallel Webpage Layout,” Proc.
Int’l Conf. World Wide Web, 2010, Pablo Montesinos ortego
pp. 711–720. is a senior staff engineer/
ACKNoWLEdgMENTS manager at Qualcomm re-
5. M. Hölttä and D. Vogelheim, “New
JavaScript Techniques for Rapid Page search silicon Valley. Con-
We thank Nayeem Islam and the Qualcomm
Loads,” blog, 18 Mar. 2015; http://blog. tact him at pablom@qti.
research Executive team for the opportunity to
chromium.org/2015/03/new-javascript- qualcomm.com.
build the Zoomm and muscalietjs engines. We techniques-for-rapid.html.
thank mehrdad reshadi, michael Weber, Wayne
Behnam robatmili is a
piekarski, seth Fowler, Vrajesh bhavsar, Alex shye, 6. J.-D. Dalton, G. Seth, and L. Lafre-
niere, “Announcing Key Advances to staff research engineer at
and madhukar Kedlaya for their contributions.
Javascript Performance in Windows Qualcomm research sili-
10 Technical Preview,” blog, Oct.
con Valley. Contact him at
2014; http://blogs.msdn.com/b/ie/
archive/2014/10/09/announcing- [email protected].
REFERENCES
key-advances-to-javascript-perfor- com.
mance-in-windows-10-technical-
1. C. Caşcaval et al., “ZOOMM: A Parallel
preview.aspx.
Web Browser Engine for Multicore Mobile Darío Suárez gracia is a
Devices,” Proc. 18th ACM SIGPLAN
Symp. Principles and Practice of Parallel
IEEE_half_horizontal_Q6:Layout 1 7.4/21/11
J. Ha et al.,4:21
“A Concurrent
PM PageTrace-Based
1 staff engineer at Qualcomm
Programming (PPoPP), 2013, pp. 271–280. Just-in-Time Compiler for Single- research silicon Valley.
Threaded JavaScript,” Workshop on Contact him at dgracia@qti.
2. B. Robatmili et al., “MuscalietJS: Parallel Execution of Sequential Pro-
Rethinking Layered Dynamic Web Run- grams on Multi-Core Architectures qualcomm.com.
times,” Proc. 10th ACM SIGPLAN/ (PESPMA), 2009, pp. 47–54.

Experimenting with your hiring process?

Finding the best computing job or hire shouldn’t be left to chance.
IEEE Computer Society Jobs is your ideal recruitment resource, targeting
over 85,000 expert researchers and qualified top-level managers in software
engineering, robotics, programming, artificial intelligence, networking and
communications, consulting, modeling, data structures, and other computer
science-related fields worldwide. Whether you’re looking to hire or be hired,
IEEE Computer Society Jobs provides real results by matching hundreds of
relevant jobs with this hard-to-reach audience each month, in Computer
IEEE Pervasive Computing
magazineexplores the many facets of pervasive and ubiquitous
and/or online-only!
computing with research articles, case studies, product reviews, conference reports,
departments covering wearable and mobile technologies, and much more.

http://www.computer.org/jobs
Keep abreast of rapid technology change by subscribing today!

www.computer.org/pervasive
The IEEE Computer Society is a partner in the AIP Career Network, a collection of online job sites for scientists, engineers, and
computing professionals. Other partners include Physics Today, the American Association of Physicists in Medicine (AAPM), American
Association of Physics Teachers (AAPT), American Physical Society (APS), AVS Science and Technology, and the Society of Physics
Students (SPS) and Sigma Pi Sigma.

www.computer.org/computingedge
july–sEptEmbEr 2015 29
PER VA SI V E computing 19
 STUDENT DESIGN SHOWCASE

Tracking Cows
Wirelessly
Greg Byrd, North Carolina State University

A student team from NC State designed and address the cost and convenience
factors, a team of students in the De-
built a prototype wireless network to monitor partment of Electrical and Computer
the milking and weighing of cows. Engineering (ECE) at North Carolina
State University (Figure 2) designed
and built a prototype wireless net-
work that combines long-range

T
ultra-high-frequency (UHF) RFID
o successfully operate any farm, effective tags with low-cost wireless and computing components.
livestock management is crucial. Efficient, af- The long-range RFID allows unmanned scans of multiple
fordable, and scalable livestock management tags, and the wireless network provides scalable data col-
solutions play an increasingly important role lection without costly infrastructure.
in modern farming, as the number of dairy farms in
the US decreases, but the number of dairy cows on each NETWORK OVERVIEW
increases. Dairy cows require careful monitoring for Figure 1 shows an overview of the prototype network using
milking, weighing, and other activities, so the ability to the ZigBee wireless protocol to communicate. The RFID
reliably track these animals in large numbers is partic- reader is connected to the ZigBee wireless networking
ularly important. node, so when a new RFID tag is detected, the ZigBee node
Dairy cows are typically identified by visible ear tags. Al- sends a data packet to the controller node. As cows enter
though tags with embedded RFID devices have been avail- and exit the milking station, an RFID reader identifies the
able—allowing them to be scanned electronically—because cows by their long-range RFID tags, and when the RFID tag
of cost, most tags use low-frequency (LF) RFID, so the scanner is no longer in range, the ZigBee node sends a data packet
must be within a few inches of the tag. Consequently, farm- indicating that the cow left the milking station. (Multiple
workers need to be “up close and personal” with each and ev- cows may enter the milking stalls at the same time, so the
ery cow for reliable scanning. prototype system can monitor the entry and exit times of
Although RFID tagging of cattle has been widely ad- up to eight cows simultaneously.)
opted in Europe, US dairy farms are more reluctant to do As the cows leave the milking station, they pass
so because of costs and the lack of national standards. To through a weighing station. A floor scale and an RFID

30 February 2016 Published by the IEEE Computer Society  2376-113X/16/$33.00 © 2016 IEEE
60 CO M PUTE R PUBLISHED BY THE IEEE COMPUTER SOCIET Y 0018-9162/15/$31.00 © 2015 IEEE
 EDITOR GREG BYRD
North Carolina State University; [email protected]

reader are attached to a microproces-

sor. The cow’s weight and identity are Controller node
PC running Windows 7
passed to a ZigBee node, which sends with CC2531 Dongle
this information to the controller
node, collects the milking and weigh-
ing information and the amount of ZigBee
network
time each cow spends in the milking
ZigBee Node ZigBee Node
station, displays it on a user interface, TI CC2538 TI CC2538
and records it in a spreadsheet.
UART UART
RFID interrogator RFID interrogator
TAGS, READERS, SkyeTek Nova SkyeTek Nova
AND SENSORS UART
The passive UHF RFID tag is the en-
abling technology for this project. In
a passive RFID system, the reader an- RFID ear tag, RFID ear tag,
RFID Sensor RFID Sensor
tenna sends a radio signal at a particu- Systems Systems
lar frequency. The RFID tag (also called
an RFID transponder) contains an an- Load cell
tenna tuned to the same frequency FC23
and a microchip. The received signal Milking station Weighing station
powers the chip, which modulates a
signal that is transmitted back to the Figure 1. Overview of a prototype wireless network for tracking dairy cows. RFID tags
reader, and the reader then translates indicate when a cow enters and leaves the milking or weighing station. Timestamps
the modulated signal into digital data. and weight are delivered to the controller node via the wireless mesh network. UART,
Developed by RFID Sensor Systems, universal asynchronous receiver/transmitter.
the project’s sponsor, the prototype
tags have been demonstrated to work
from distances of up to 150 feet (45
meters). RFID tags measure approx-
imately 6 inches by 0.75 inches and
are mounted to the back of a standard
plastic ear tag.
The RFID reader is SkyeTek’s Nova
module, which includes an ARM Cor-
tex CPU and a UHF transceiver. Skye-
Tek Protocol software runs on the
microprocessor, providing an API for
standard RFID-read operations. A se-
rial communications link connects the
SkyeTek module to the ZigBee node,
which is described in the next section.
For the milking station, the proto-
type system includes a separate short-
range antenna for each stall; multiple
antennae can be multiplexed into a
single reader. Certain techniques can
use a single antenna to distinguish
signals from multiple tags, which Figure 2. The Department of Electrical and Computer Engineering (ECE) at North Car-
would be an interesting benefit of olina State University design team. Left to right: Bryan Campbell, André Ramos, Youn
the long-range tags provided by RFID Chu, and Anthony Laws.

www.computer.org/computingedge 31
JUNE 2015 61
STUDENT DESIGN SHOWCASE

Upper-layer protocols add routing

and other features to create a mesh
PROJECT DETAILS network so that a device can relay in-
formation through multiple ZigBee
nodes to a remote destination node.
» Name: Howling Cow Wireless Network Other protocol features include secu-
» School: North Carolina State University rity, device discovery, and messaging.
» Department: Electrical and Computer Engineering (ECE) The ZigBee node chosen for this
» Student Participants: Bryan Campbell, Youn Chu, Anthony Laws, André Ramos prototype is the Texas Instruments
» Faculty Mentor: Dr. Rachana Gupta CC2538 system on chip. The chip in-
» Sponsors: Dr. William Carr, RFID Sensor Systems cludes an ARM Cortex-M3 processor, a
» Special Thanks: Jim Carlson (ECE), Dr. Jake Adams (ECE), Dr. Dan Poole 2.4-GHz radio transceiver, embedded
(Animal Science) RAM and flash memories, and a hard-
ware cryptographic accelerator. Like
the MSP430 and SkyeModule Nova,
the CC2538 features low-power operat-
ing modes.
ZigBee is a good match for this ap-
2015 IEEE/IBM WATSON STUDENT plication because only a small amount
of data is sent per event. The latency
SHOWCASE also isn’t critical. What’s needed is a
reliable, low-power, inexpensive, and

I EEE and IBM are in search of creative, forward-thinking students to participate

in an exciting team-based showcase. Do you want an opportunity to work
with IBM’s Watson to develop an innovative app? Do you want to develop your
secure network that’s scalable to larger
farms with multiple milking and sen-
sor stations. An extensive ZigBee
cognitive computing skills while earning a chance to win cash prizes? Winning mesh network can be deployed, with
entries will also be featured in this column. The deadline for submitting com- transmission distances of up to a mile
pleted entries has been extended to 30 September 2015, but register your intent long for a single link.
to participate now at http://goo.gl/52WU1h so you don’t miss this opportunity.
CONTROLLER NODE
SOFTWARE
The controller node is a standard lap-
top or desktop system equipped with
Sensor Systems but was beyond the special sleep modes when the CPU a ZigBee network node. The choice
scope of this project. is inactive. In addition, the MSP430 for this prototype is the Texas Instru-
For the weighing station, both an FR5738 microprocessor includes 16 ments CC2531 USB Dongle. It includes
RFID reader and a weight (load) sensor Kbytes of integrated ferroelectric non- an 8051 microcontroller, which runs
are needed. The load sensor is incor- volatile RAM (FRAM), which offers packet-sniffing software and deliv-
porated into a floor-mounted plate and lower energy consumption than flash ers packets to the host through the
connected to a low-power Texas Instru- memory for storing instructions and USB interface.
ments MSP430 microprocessor. When constant data. Although milking sta- As described above, the controller
the RFID reader detects a cow entering tion components are likely to have ac- receives data packets from the milk-
the weighing area, it sends a signal to cess to electricity, the weighing station ing and weighing station nodes. A Java
the microprocessor via the serial port. and other future sensor stations may application displays the information
The microprocessor uses an integrated require solar power or other energy for each event (such as when a cow en-
analog-to-digital converter to read the harvesting and storage solutions. ters or leaves a station) on a user inter-
weight from the load sensor. Both the face window. Events are also recorded
identification and the weight are sent WIRELESS RADIO in a spreadsheet-compatible file for
over a serial connection to a ZigBee ZigBee is a collection of protocols postprocessing.
node, which sends the appropriate data designed for low-power wireless net-
packet to the controller node. works, such as smart homes and sen- DEPLOYMENT
Both the MSP430 microprocessor sor networks. The physical layer is ENVIRONMENT
and SkyeModule Nova utilize low- based on the IEEE 802.15.4 standard The target deployment environment
power processing cores that have for low-rate wireless networking. for the wireless network is the dairy

32 ComputingEdge February 2016

62 COMPUTER W W W.CO M P U T E R .O R G /CO M P U T E R
 This article originally appeared in
Computer, vol. 48, no. 6, 2015.

research and teaching farm at NC State.

The farm spans 389 acres, supports a
herd of 300 cows, and includes a 20-stall SUBMIT A PROJECT
milking station, visitor’s center, class-
room, and museum. The farm’s milk
is used in Howling Cow dairy prod-
ucts—including ice cream, milk, and
A s much as I enjoy writing about our students at North Carolina State Uni-
versity, I’m really interested in hearing about interesting student-led design
projects in computer science and engineering everywhere. If you would like to
heavy cream—and is processed at the see your project featured in this column, fill out the submission form at: www
Feldmeier Dairy Processing Lab, which .computer.org/student-showcase.
is operated by the Department of Food,
Bioprocessing, and Nutrition Science.
Howling Cow products are sold at var-
ious locations on campus.
The project plan also included an RFID tags would allow multiple cows to drones for crop and livestock monitor-
on-the-farm demonstration. Unfortu- be scanned at the milking station with ing (where the long-range RFID tags
nately, logistical challenges associated a single reader and antenna. Also, the will be critical), self-driving tractors,
with working with live animals have computational requirements for the 3D printing of replacement parts, and
delayed the demonstration. Nonethe- load sensor, RFID reader, and ZigBee precision agriculture driven by data an-
less, the components were success- communication could be consolidated alytics. Pilot projects like this one will
fully tested together in the lab. onto a single processor. lead the way to show how high-tech can
When deployed at the farm, re- be affordable for farmers in North Caro-
searchers and students will use the lina and around the world.

O
ur goal was to create a low- Howling Cow network to demonstrate
cost proof-of-concept system. how RFID, wireless, and other informa-
GREG BYRD is associate head of
The retail cost of the system tion technologies can improve the effi-
the Department of Electrical and
components is around $1,200. With ciency and productivity of the farm as Computer Engineering at North
additional development and higher well as the health of the animals. The Carolina State University. Contact
volumes, the cost can be further re- farm of the future will employ many him at [email protected].
duced. For example, the long-range emerging technologies: unmanned

Newsletters
Stay Informed on Hot Topics

computer.org/newsletters

www.computer.org/computingedge 33
JUNE 2015 63
 CLOUD AND THE LAW

A Cloud- their far less portable cousins: desktop and laptop

computers. As technology progresses, smartphones
will only increase in functionality and adoption rates.
In fact, in 2014, more than 1.2 billion smartphones

Focused Mobile were sold worldwide, with a little over 80 percent of

these smartphones running the Android operating
system.1 With the rapid growth of inexpensive smart-
phones from Chinese vendors, the number of devices

Forensics sold, and the number of users harnessing the power

of the smartphone, will only increase.
Chances are most criminals will have, and heav-
ily utilize, smartphones during the course of their

Methodology illicit activities. Nielsen found that the average smart-

phone user spends 30 hours on more than 25 apps
each month.2 Each app might have a specific purpose
(for example, cloud storage, communication, or pho-
tography) or a general purpose (such as Web brows-
ing), and each app stores its data in specific locations.
Because these apps store and transmit sensitive data,
THE MODERN SMARTPHONE HAS BECOME along with the innate communicative capabilities of
THE PRIMARY COMPUTING DEVICE FOR smartphones, mobile forensics—the collection of evi-
MANY PEOPLE . These devices are used to per- dential data from a mobile device—has become an
form phone-specific tasks, such as texting and mak- important part of many criminal investigations.
ing phone calls, as well as other tasks, such as Web Because the number of mobile devices (with dif-
browsing and Internet banking, once relegated to ferent models, makes, and firmware) is immense,
and these devices might be running different mobile
operating systems, it’s infeasible for a forensic prac-
titioner to be familiar with every device. Mobile fo-
rensic toolkits that can analyze the attached device,
Quang Do recover digital evidence, and present it in a human-
University of South Australia
readable way have become the contemporary solu-
tion to this challenge. The main drawback is that a
forensic practitioner who relies primarily on general-
purpose mobile forensic toolkits might find that the
product can’t obtain all of the relevant evidential
Ben Martini data from an offender’s smartphone. Furthermore,
University of South Australia with the popularity of cloud-based apps, much of
this evidential information might never have been
present on the device. Thus, there’s a need for a fo-
rensically sound process that can obtain all eviden-
tial data from a smartphone, as well as analyze this
Kim-Kwang Raymond Choo data for authentication credentials and other details
University of South Australia to obtain cloud-based evidential data.

Snapshot of Existing Mobile

Forensic Techniques
Current data collection methodologies for Android
devices rely heavily on either flashing an existing

34 February 2016 Published by the IEEE Computer Society  2376-113X/16/$33.00 © 2016 IEEE
60 I EEE CLO U D CO M P U T I N G P U B L I S H ED BY T H E I EEE CO M P U T ER S O CI E T Y 2325-6095/14
5/$31.00 © 2015 IEEE
partition on the device or exploiting
the device to obtain operating system Evidence identification and preservation Evidence identification and analysis
root privileges. Timothy Vidas and his (per local procedures) For all apps on the device:
colleagues proposed using customized Examine files in private storage
recovery images containing forensic
Evidence collection
tools, which are flashed over the An- Examine files on external storage
droid device’s “recovery” partition.3 Setup bootloader for live OS
This gives forensic practitioners access Examine databases
to the device, letting them extract all Boot live OS in memory
the data. The major downside to this Examine/analyze accounts data
method is that flashing any image on a Collect physical image of device partitions
modern Android device requires sign- Analyze/decompile app
ing the image with the vendor’s key. To
flash images signed with other keys, the
bootloader must be unlocked. Unlock-
Evidence reporting and presentation
ing the bootloader triggers a wipe of the
(per local procedures)
data on the device. In a similar vein,
Namheun Son and his colleagues used
custom images flashed onto the device’s FIGURE 1. An evidence collection and analysis methodology for Android devices
“boot” partition, which allowed the re- (adapted from earlier work7). The physical image of the evidential data, obtained via the
searchers to obtain most of the data on evidence collection process, is collected via a live OS and then analyzed externally in
the device.4 Jeff Lessard and Gary Kes- order to preserve forensic integrity.
sler described a process for collecting
a bit-for-bit copy of a device’s NAND
flash storage that required the device or recovery partitions) becomes com- A Cloud-Focused Mobile
be rooted and have a secure digital (SD) mon in forensic procedures, suspects Forensics Methodology
memory card.5 Sheng-Wen Chen and might begin to hide sensitive data in Figure 1 presents our evidence col-
his colleagues also used an SD memory these partitions. When talking about lection and analysis methodology for
card in their data acquisition process.6 a forensically sound process, rooting a Android devices that allows for the re-
They loaded the SD memory card with device presents an even greater prob- trieval and analysis of cloud-based evi-
their own patch for the phone’s recovery lem: the vast majority of root exploits dential data.7 The first major step after
mode to install. are released as closed-source and heav- identifying and physically preserving
This approach has two major prob- ily obfuscated packages, one justifica- any evidential devices (for example,
lems. It requires that the phone be run- tion being that smartphone vendors Faraday bags and radio-suppressed en-
ning a third-party recovery that allows might patch out these exploits. The vironments) is evidence collection. This
for the installation of nonvendor signed exploit would have unrestricted access involves exploiting a flaw in the device’s
patches, and it requires that the de- to the exploited device’s storage and bootloader to allow for booting a live op-
vice accept an SD memory card. With be capable of performing any number erating system. In our experiments, we
flagship phones now abandoning SD of destructive or incriminating tasks. undertook evidence collection and anal-
memory card storage in favor of greater In a forensic investigation using un- ysis on a Nexus 4 phone. We discovered
on-board storage, and popular phones documented root exploits, the evidence a flaw wherein unlocking the bootloader
once known for allowing additional stor- could be determined to be tainted or and then booting our image into RAM
age (such as the Samsung Galaxy S6) even inadmissible in a court of law. without rebooting the device let us ac-
following suit, SD memory card–based Based on these factors and our review cess all data on the device without the
data collection techniques will likely of the literature,7 we noted a need for a usual device wipe that typically occurs
soon become obsolete. forensically sound methodology to col- when the bootloader is unlocked. Be-
Another risk is that if flashing an lect cloud-based evidential data from cause the custom image is loaded into
existing partition (for example, the boot Android devices. the device’s volatile RAM, the device’s

www.computer.org/computingedge 35
J U LY/ A U G U S T 2 0 1 5 I EEE CLO U D CO M P U T I N G 61
 CLOUD AND THE LAW

Dropbox app vice’s internal storage, we located an

XML configuration file and a SQLite
format database of interest. Figure
2 shows these items in the context of
their locations.
External storage Internal storage
Dropbox stores three values of in-
terest within its “dropbox-credentials.
xml” shared preferences file. First is the
app’s consumer key, which is used in
shared_prefs databases files
Folder Folder Folder the header of the URL request to Drop-
box’s servers to authenticate the user.
This is a static key that represents the
dropbox- [userId] app that’s communicating with the serv-
credentials [userId].db Folder er rather than the user. The “userToken”
.xml directive in this XML file contains the
current user’s OAuth token and half of
scratch a secret key used during authentication.
app_key userToken userId Folder In addition to these items of interest,
this XML file also contains a numeri-
FIGURE 2. Locations where Dropbox stores items of interest. Dropbox primarily utilizes cal string that uniquely identifies the
the device’s external storage to store files downloaded by the user and the internal user. This unique identifier is known
storage for user settings and metadata. All of these files are stored unencrypted. as the “userId” and represents the user
on Android’s file system and Dropbox’s
databases.
internal partitions aren’t modified, so it that include data such as OAuth access/ Dropbox’s “[userId].db” database file
doesn’t violate the principles of forensic refresh tokens and account informa- contains a significant amount of inter-
soundness. tion. Apps often stored cached copies of esting data. Inside this database is a ta-
A physical image of the device par- files retrieved from cloud-based services ble containing records for all files stored
titions is then collected via the custom on the external storage. in the user’s Dropbox, including the files’
boot image and transferred to the fo- We briefly describe some findings of sizes, modification times, and filenames.
rensic practitioner’s PC. This bit-for-bit our study of three of the cloud storage Also stored within this database is infor-
copy is then analyzed in the evidence apps.8 mation pertaining to the user’s albums,
examination and analysis stage. The camera uploads, pending uploads, pho-
practitioner must determine what apps Dropbox tos uploaded, and cached thumbnails.
are installed on the device, and which Using our evidence collection and On the device’s external storage,
apps are of interest in the investigation. analysis methodology, we found that Dropbox stores a “scratch” folder (see
In our experiments, we focused on apps Dropbox stores a significant amount of Figure 2), which contains the local
providing access to cloud-based servic- information that might be of general cache of files downloaded by the user
es, which included Box, Dropbox, One- forensic interest in the device’s exter- through the Dropbox app. The files in
Drive, and OneNote.8 We determined nal and internal storage. On Android this directory are unmodified and retain
the locations where an app could store devices, internal storage refers to an their original file names.
data of interest to a forensic practitio- app’s private directory and external After analyzing the information ob-
ner: an app’s private storage (internal storage refers to a shared storage space tained from the forensic copy, we moved
storage), the device’s external storage, that might be removable (such as an SD onto the analysis of Dropbox’s account
and the phone’s account data (using the memory card) or internal (that is, non- information stored on the device. We
Android AccountManager API). The removable storage). noted that, because Dropbox stores the
app’s private storage directory often In the Dropbox app’s private app majority of its authentication data in its
contains user preferences and databases storage directory, located on the de- private directory on the internal stor-

36 ComputingEdge February 2016

62 I EEE CLO U D CO M P U T I N G W W W.CO M P U T ER .O RG /CLO U D CO M P U T I N G
 Box app

Internal storage External storage

shared_prefs databases [id]

Folder Folder Folder

cache
GLOBAL.xml my Preference PREVIEW DOWNLOAD Folder
[id].xml _SALTS[id].xml _SALTS[id].xml

com.box.android.encryptionKey
dl_cache dl_offline
BoxSQLiteDB Folder Folder
_[id]

id userAuthToken userRefreshToken userName

FIGURE 3. Locations where Box stores items of interest. Similar to Dropbox, Box also stores downloaded files on the device’s
external storage. Unlike Dropbox, however, Box encrypts these files and stores the encryption key in the internal storage.

age, it doesn’t store interesting data in sumer key and the missing half of the file contains the user’s current access to-
the device’s accounts. Dropbox stores OAuth signature we required. Using the ken, refresh token, and email address,
the user’s email address in this location. obtained information, a forensic prac- which are all used for authentication.
Based on our analysis and Drop- titioner could authenticate as the user The “myPreference[id].xml” file contains,
box’s developer guide,9 we observed that and access their files. among other things, the 512-bit encryp-
to authenticate as the device user on tion key that Box uses to encrypt files
Dropbox’s servers, we would require the Box stored on the device’s external storage.
OAuth consumer key, the user’s OAuth Box is a well-known file-syncing stor- Lastly, the “PREVIEW_SALTS[id].xml”
token, and the OAuth signature. From age service often used by organizations. file contains the salts of each encrypted
the analysis of the data contained with- Box uses a device’s internal and exter- preview file stored on the external stor-
in the app’s directories and device’s ac- nal storage to store its data, as Figure age, and the “DOWNLOAD_SALTS[id]
counts, we had already obtained all of 3 illustrates. .xml” file contains the salts of each en-
this information, with the exception of On the device’s internal storage, Box crypted file that has been cached on the
half of the OAuth signature. Because stores data of interest in the “shared_ external storage.
we were unable to obtain this informa- prefs” and “databases” directories. With- The “BoxSQLiteDB_[id]” data-
tion from the device or Dropbox files, in its shared preferences directory are base file contains a table (“BoxEvent”)
we determined that this string would four important XML files. “GLOBAL listing all actions that have been per-
most likely be statically defined. .xml” contains the user’s unique numeri- formed by the app on the user’s files.
Located within Dropbox’s heavily cal identifier (listed as “id” in the file), This includes copying a file from one
obfuscated decompiled code was a func- which the Box servers, Android file sys- location to another, previewing a file,
tion that was entirely self-contained and tem, and Box’s databases use to uniquely sharing a file, creating a file, moving
generated two strings: the OAuth con- identify the user. In addition, this XML a file, and downloading and uploading

www.computer.org/computingedge 37
J U LY/ A U G U S T 2 0 1 5 I EEE CLO U D CO M P U T I N G 63
 CLOUD AND THE LAW

a file. Furthermore, this database con- token and obtain all of the user’s files, A further analysis of the memory of
tains records for each file created by the given that 60 days hadn’t yet passed the OneDrive app provided us with the
user (in the “BoxFile” table), each folder since the refresh token was generated URLs for user authentication and access
created by the user (in the “BoxFolder” by Box’s servers. token generation for the user. From our
table), and files the user has recently ac- earlier analysis, we found that access to-
cessed (in the “BoxRecentFile” table). OneDrive kens expire after 24 hours. This means
Box uses the device’s external stor- Microsoft OneDrive is another popular that in a general forensic scenario, a
age to store a cache of previews and file-syncing storage app that also stores forensic practitioner would need to gen-
downloaded files. It stores each file pre- a significant amount of data of inter- erate a new access token. To generate
viewed by the user in the “dl_cache” est. Within its private app directory, we a new access token, the valid refresh
folder, and stores each file downloaded found several SQLite databases. One of token, user ID, and scope would be re-
by the user in the “dl_offline” folder. these databases (“metadata”) contains quired, and we were able to locate these
The contents of these files are encrypted information pertaining to each of the us- items on the device.
using “Box Crypto.” To decrypt these er’s OneDrive files, including filenames,
files, the 512-bit encryption key obtained sizes, and the URL used to download
from Box’s “GLOBAL.xml” file must be the file (which requires authentication). PASSWORDS AND USERNAMES
used with the file’s salt (obtained from Another SQLite database file (“cached_ WERE ONCE THE DE FACTO
the respective SALTS XML file). Bouncy files_md.db”) contains metadata relating STANDARD FOR USER AUTHENTI-
Castle’s AES CBC cipher (using PKC- to the files the user has accessed and the CATION. Today, few services, especially
S5Padding) is used as Box’s encryption OneDrive app has cached. cloud-based services, store usernames
cipher. Because Box doesn’t use the Ac- On the device’s external storage, and passwords on devices, in an effort
countManager service, it doesn’t store we located several items. For example, to enhance user security. Instead they
any data within the device’s accounts. the “cache” folder within OneDrive’s store a time-limited token and/or a num-
Further memory-based analysis de- external storage data path contained a ber of separate tokens. This makes it sig-
termined that authenticating as the user cache of each of the files downloaded nificantly more difficult for practitioners
to Box’s servers only requires a valid ac- by the user. These files were unmodi- undertaking a forensic investigation due
cess token. Because Box’s access tokens fied from the original file stored on not only to the time-critical nature of
expire after 60 minutes, to practically the OneDrive servers (as evidenced by these tokens, but also to the number of
authenticate as the user, we would need the identical hashes for the original varied authentication implementations.
to be able to generate new access tokens. and files stored in this directory) and Our evidence collection and analysis
We therefore also require a valid refresh were named with the following conven- methodology aims to at least partially
token. Box’s refresh tokens expire after tion: “SkyDriveCacheFile_[item’s ID] mitigate these issues and provide foren-
60 days, so it’s much more likely that a .cachedata,” with the item’s ID being sic practitioners with a clear and forensi-
forensic practitioner could obtain a valid the ID within the “cached_files_md.db” cally sound method to obtain cloud data,
refresh token. Obtaining a new access database. both remote and physically present on
token requires a valid refresh token, the Following this analysis of the One- the seized device. As more and more ser-
client ID, and the client secret. Drive app, we obtained the data that vices become cloud-based, most eviden-
From the analysis of the internal OneDrive stores in its AccountManager tial data might, in fact, be present only
storage, we already had a refresh token account on the device. OneDrive stores a on remote servers.
from the “GLOBAL.xml” shared pref- significant amount of information in this
erences file. Because the client ID and location. This likely explains the lack References
secret weren’t on the device, we con- of authentication details stored in One- 1. Gartner, “Gartner Says Smartphone
cluded that they must be defined stati- Drive’s internal and external storage data Sales Surpassed One Billion Units
cally. We found that these strings were locations. OneDrive stores, in the One- in 2014,” Gartner press release,
stored within the app’s strings resources Drive AccountManager account on the 2015; www.gartner.com/newsroom/
file. With this information, we believe device, a refresh token, an access token, id/2996817.
it would be possible for a forensic prac- a scope, an account type, the user’s ID, 2. Nielsen, “Smartphones: So Many
titioner to generate a new valid access and the access token’s expiry timestamp. Apps, So Much Time,” Newswire, 1

38 ComputingEdge February 2016

64 I EEE CLO U D CO M P U T I N G W W W.CO M P U T ER .O RG /CLO U D CO M P U T I N G
 NEW
IN 2015

July 2014, www.nielsen.com/us/en/ privacy, forensics, and security. Do has a

insights/news/2014/smartphones-so bachelor of computer science (hons.) from IEEE TRANSACTIONS ON
-many-apps--so-much-time.html.
3. T. Vidas, C. Zhang, and N. Christin,
the University of South Australia. Contact
him at [email protected]. BIG DATA
“Toward a General Collection Meth-
odology for Android Devices,” Digi- SUBSCRIBE
tal Investigation, vol. 8, supplement, BEN MARTINI is a research associate in
2011, pp. S14–S24. the School of Information Technology and
AND SUBMIT
4. N. Son et al., “A Study of User Data Mathematical Sciences at the University
Integrity During Acquisition of An- of South Australia. His research interests For more information
droid Devices,” Digital Investiga- include cybersecurity and digital foren- on paper submission,
tion, vol. 10, supplement, 2013, pp. sics, focusing on contemporary technolo- featured articles, call-for-
papers, and subscription
S3–S11. gies such as cloud computing and mobile
links visit:
5. J. Lessard and G. Kessler, “Android devices. Martini has a PhD in computer
Forensics: Simplifying Cell Phone and information science from the Uni-
Examinations,” Digital Device Foren- versity of South Australia. Contact him at www.computer.org/tbd
sics J., vol. 4, no. 1, 2010, pp. 1–12. [email protected].
6. S.-W. Chen, C.-H. Yang, and C.-T.

It’s already
Liu, “Design and Implementation of
Live SD Acquisition Tool in Android KIM-KWANG RAYMOND CHOO is

at your
Smart Phone,” Proc. 5th Int’l Conf. a senior lecturer in the School of Informa-
Genetic and Evolutionary Comput- tion Technology and Mathematical Sci-
ing, 2011, pp. 157–162. ences at the University of South Australia.

fingertips
7. B. Martini, Q. Do, and K.-K.R. His research interests include cyber and
Choo, “Conceptual Evidence Col- information security and digital forensics.
lection and Analysis Methodology Choo has a PhD in information security
for Android Devices,” R. Ko and from Queensland University of Technol-
K.-K.R. Choo, eds., Cloud Secu- ogy, Australia. Contact him at raymond Computing in Science &
rity Ecosystem, Syngress, 2015, pp. [email protected]. Engineering (CiSE) appears
285–307. in theTBDIEEE Xplore
is financially and AIP
cosponsored
by IEEE Computer Society, IEEE
8. B. Martini, Q. Do, and K.-K.R Choo, library packages,
Communications so IEEE
Society, your
“Mobile Cloud Forensics: An Analy- Computational Intelligence Society,
institution is bound to have it.
IEEE Sensors Council, IEEE Consumer
sis of Seven Popular Android Apps,” Electronics Society, IEEE Signal
Processing Society, IEEE Systems,
R. Ko and K.-K.R. Choo, eds., Cloud Man & Cybernetics Society, IEEE
Systems Council, IEEE Vehicular
Security Ecosystem, Syngress, 2015, Technology Society
pp. 309–345. TBD is technically cosponsored by
9. K. Goundan, “Using OAuth 1.0 IEEE Control Systems Society, IEEE
Photonics Society, IEEE Engineering
in the ‘PLAINTEXT’ Signature in Medicine & Biology Society, IEEE
Power & Energy Society, and IEEE
Method,” blog, 13 July 2012; https:// Biometics Council
blo g s.d r opb ox .com /de velop er s /
2012/07/using-oauth-1-0-with-the This article originally appeared in
-plaintext-signature-method. IEEE Cloud Computing, vol. 2,
no. 4, 2015.

QUANG DO is a PhD candidate in the

Information Assurance Research Group Selected CS articles and columns
are also available for free at http://
at the University of South Australia. His ComputingNow.computer.org.
research interests include Android user

www.computer.org/computingedge 39
J U LY/ A U G U S T 2 0 1 5 I EEE CLO U D CO M P U T I N G 65
 Beyond Wires
Editor: Yih-Farn Robin Chen • [email protected]

Toward Mobile-Friendly Web

Browsing
Feng Qian • Indiana University Bloomington

Smartphones’ and tablets’ rapid proliferation makes content providers publish

mobile versions of webpages. But are they indeed mobile-friendly? This article
takes a cross-layer investigation of the mobile Web, and reveals why joint efforts
in the mobile ecosystem are needed to achieve mobile-friendly Web browsing.

T
he unprecedented popularity of mobile processing capability of handheld devices. Sec-
devices and their ubiquitous access to cellular ond, battery life has long been an issue for mobile
data networks make surfing the World Wide devices. Over the past 15 years, the CPU perfor-
Web (WWW) on-the-go a common sight. Mobile mance has improved 250 times while the capacity
browsers have become one of the key entities in of the li-ion battery has only doubled.3 In par-
the smartphone ecosystem, with their generated ticular, the power-hungry cellular interface (3G
mobile traffic volume exceeding that of any other Universal Mobile Telecommunications System/
application except for video streaming. Moreover, High-Speed Packet Access, or UMTS/HSPA, and
as the standard Web interface, HTTP is used by 4G LTE) worsens the energy issue. Third, band-
millions of smartphone apps, and many apps are width is also a critical resource for cellular cus-
simply customized programmable browsers. tomers who are billed by their data plan usage.
The term mobile-friendly has been used in Therefore under the constraints of providing a
many contexts including, in particular, UI design satisfactory user experience, the bandwidth con-
of mobile apps and websites. Indeed, many web- sumption of mobile Web needs to be minimized.
sites do have their appearance tailored to mobile The remainder of this article discusses why
devices’ screens. A recent measurement study1 today’s mobile Web is often not mobile-friendly,
shows that 65 percent of the Alexa top 500 websites and proposes suggestions on improving the state-
have mobile versions that are specifically designed of-the-art. I will take a top-down approach by
for handheld devices. However, loading a webpage describing issues at each layer: website contents,
is a complex procedure involving many subsys- the Web protocol (HTTP), the Secure Sockets Layer/
tems: object downloading, CSS/JavaScript parsing, Transport Layer Security (SSL/TLS) encryption, and
content rendering, cache management, and so on. the transport protocol. In many cases, the ineffi-
Only changing the appearance of a mobile website ciencies aren’t caused by a single layer but instead
is therefore often superficial. by unexpected cross-layer interactions.
To achieve mobile-friendly Web browsing,
three factors must be optimized: performance, Website Content
energy usage, and bandwidth consumption. First, Despite its good looks, a professionally designed
Internet users are sensitive to webpage load time mobile website might consume an unexpectedly
(PLT). For example, with an extra delay of 500 large amount of resources on a mobile device. Typi-
milliseconds, Google will lose up to 20 percent cal issues include using unnecessarily high-resolu-
traffic. With a 100 millisecond extra delay, Ama- tion images, embedding within a single page too
zon will lose 1 percent in sales.2 In the mobile much content that few users will read due to having
world, achieving fast page loading speed is more to scroll down to the page’s bottom, employing com-
challenging due to unpredictable network condi- plex CSS and JavaScript, and using excessive redi-
tions (for example, due to mobility) and the limited rections that hurt the PLT. As a concrete example,

72 Published by the IEEE Computer Society 1089-7801/15/$31.00 © 2015 IEEE IEEE INTERNET COMPUTING
40 February 2016 Published by the IEEE Computer Society  2376-113X/16/$33.00 © 2016 IEEE
 Toward Mobile-Friendly Web Browsing

the height (that is, vertical dimension) State

consumption
Radio power
promotion
of some popular mobile websites’ land-
ing pages can reach up to 40 times of a Data
transfer Tail time Tail time Time
smartphone’s screen height, leading to
several megabytes of data being trans-
ferred during a page loading.1 Figure 1. An illustration of cellular radio state transitions. Having multiple
These issues aren’t difficult to com- transfers taking place intermittently keeps the radio on longer, leading to extra
prehend, detect, and fix. However, there battery drainage.
are trickier problems that can be easily
overlooked due to lack of awareness of
how cellular radio works. We know that small incremental loadings, which incur HTTP and Its Interplay
the power consumption characteristics a key tradeoff between bandwidth with TCP
of the cellular interface are quite differ- and energy consumption. JavaScript- Now we shift our focus from website
ent from those in Wi-Fi and wired net- triggered delayed or periodical trans- contents to the Web protocol. As the
works. In cellular networks, it’s much fers should be minimized unless they key protocol that supports the WWW,
more energy-efficient to transmit data are really necessary. For delay-tolerant HTTP has been stunningly successful.
in a single bundle, instead of sending transfers such as user tracking, there is Based on recent measurement studies,
them slowly and separately. This is usually some leeway in terms of when HTTP accounts for at least 52 per-
because after a data transfer, the radio to schedule them. Therefore, their trans- cent of Internet traffic,5 and 82 per-
interface isn’t turned off until a fixed missions can be shifted to overlap with cent of the traffic delivered to mobile
timer, called a tail timer, expires. There- delay sensitive data to reduce the impact devices.6 The percentages are increas-
fore, having multiple transfers taking of the tails. Similarly, multiple instances ing because more and more non-Web
place intermittently will significantly of delay-tolerant transfers can also be applications are using HTTP.
lengthen the radio-on time, leading batched together. Ideally, both optimi- HTTP functions as a request–
to extra battery drainage, as Figure 1 zations (called piggybacking and batch- response protocol. The client, such as
shows. ing, respectively) need to gain browser a Web browser, sends an HTTP request
The cellular tail effect has several support. message to the server asking for a par-
implications on mobile Web browsing. Caching is another effective mech- ticular resource object (for example,
As an example, copied from their desk- anism to reduce bandwidth consump- an HTML page or an image). The server
top versions, many mobile sites per- tion by eliminating redundant data then returns with an HTTP response
form infinite scrolling: when the user transfers. The effectiveness of caching containing the object data. HTTP runs
scrolls down to the bottom of a page, relies on two aspects: correct cach- above the Transmission Control Pro-
the browser will load and append more ing implementation (browsers must tocol (TCP), which ensures reliable and
content to the page. This behavior is strictly conform to the protocol speci- in-order delivery of the underlying byte
totally legitimate in wired networks. But fication) and good caching semantics stream over the network.
in cellular networks, this bursty traffic (content providers should properly HTTP has been evolving during
pattern (see Figure 1) can potentially set objects’ caching parameters, the past 25 years. The current HTTP
keep the radio interface always on as such as life time). Regarding caching version used by the vast majority of
the user slowly scrolls the page, leading implementation, prior measurement4 today’s Web servers is HTTP/1.1, which
to energy inefficiencies. Another rep- reveals that quite a few HTTP libraries was standardized in 1999.7 However,
resentative example is that many web- don’t perform any caching, and even HTTP/1.1 exhibits performance issues as
sites issue periodical pings for tracking some popular mobile browsers don’t webpages become rich and complex. A
users. These periodical pings are usually fully support HTTP/1.1 caching. For modern webpage might consist of hun-
triggered by third-party JavaScript (for caching semantics, many profession- dreds of objects, which are loaded by a
example, Chartbeat.com) that is embed- ally designed pages contain objects large number of short-lived TCP con-
ded in the main HTML page. Again with a short lifetime (for example, 1 nections in today’s HTTP/1.1 scheme.
due to the tail effect, these periodical hour), and such objects often belong For example, on a Samsung Galaxy S5
requests account for most of the radio to images, fonts, and CSS files, that are smartphone, I conducted an experiment
energy consumption of loading a page not expected to change frequently. A over a commercial LTE network by load-
although their sizes are small. similar situation happens with com- ing CNN.com, whose 240 objects (1.4
There are several fixes for these pression, which is often underused for Mbytes’ worth of data) from 70 domains
issues. Web designers should balance compressible textual objects such as were downloaded by 137 connections.
between a large initial loading and many HTML and JavaScript files. The total page load time is 7.7 seconds.

SEPTEMBER/OCTOBER 2015 73
www.computer.org/computingedge 41
Beyond Wires

Client
is used, the browser opens one TCP
Req

nse
connection and reuses it across mul-
spo
uest

tiple domains. This is a popular and

Re

Server ideal way to use SPDY (for example,

HTTP/1.1 HTTP/2
configurable in Chrome and used by
(a) (b)
the Amazon Silk browser). A similar
disparity exists in HTTP/2.
Figure 2. HTTP/1.1 versus HTTP/2. (a) HTTP/1.1 only supports one outstanding SPDY (and HTTP/2) is not without
request per connection. (b) HTTP/2 allows multiple outstanding requests by limitations. For example, one known
multiplexing. issue is that its performance degrades
under conditions of noncongestion
the data transfer paradigm of HTTP. packet loss due to the use of a single
Stream B frame The Internet Engineering Task Force TCP connection,9 which aggressively
1 8 2 9 3 10 4 5 11 12 (IETF) HTTP working group began slows down the sending rate upon a
working on HTTP/2 in 2012. In 2015, loss. In contrast, in HTTP/1.1, a packet
Stream A frame Frame with lost packet the HTTP/2 specification was finally loss only affects one of the parallel
approved by IETF for standardization, connections, and the performance of
Figure 3. An illustration of HTTP/2 and was published as RFC 7540. The other connections remains unaffected.
head-of-line blocking. Assume a design of HTTP/2 draws heavily from Furthermore, the connection-level in-
packet loss occurs in Frame 4 of SPDY,8 a recently proposed protocol order delivery guarantee provided by
Stream A.This not only prevents by Google for improving Web perfor- TCP is too strict for HTTP/2 where only
Frame 5 of Stream A from being mance. A distinct feature of HTTP/2 a stream-level in-order delivery guar-
delivered, but also blocks the delivery is its support for multiple outstand- antee is sufficient. This might cause
of Frames 11 and 12 belonging to ing requests on one TCP connection, head-of-line blocking when, for exam-
Stream B. as Figure 2 shows. HTTP/2 encapsu- ple, a packet loss in one stream pre-
lates HTTP transactions into streams, vents data belonging to another stream
However, using LTE to download a such that a stream carries one or from being delivered to the upper layer,
single file of 1.4 Mbytes takes less than more HTTP transactions sequentially, as Figure 3 shows.
1 second under the same network con- and multiple streams are multiplexed Despite the previously discussed
dition. The reasons for such a striking over one TCP connection. Because the limitations, in wired networks, SPDY
difference are multifold, but the HTTP number of concurrent connections has been shown to exceed HTTP/1.1
protocol itself and its interaction with is reduced from many to one, boot- in most cases with only a few excep-
TCP play an important role. In particu- strapping overheads of short-lived tions such as in high packet loss envi-
lar, using a large number of short-lived TCP connections in HTTP/1.1 are sig- ronments.9 Because cellular networks
TCP connections is inefficient because nificantly reduced, leading to more usually have low noncongestion loss
each connection incurs bootstrapping packed traffic on the multiplexed rates, in theory SPDY (and therefore
overheads of connection establishment, connection. HTTP/2 also supports HTTP/2) should also be a winner in
SSL/TLS initialization (if encryption request prioritization, header com- the mobile world. However, a recent
is used), and bandwidth probing. This pression, and server push. measurement10 revealed that in cellu-
leads to additional network latency and It’s worth mentioning that there lar networks, SPDY provides little per-
eventually long PLT. On the other hand, are two ways to deploy SPDY: directly formance boost, and sometimes might
using only one connection is inefficient connecting to a SPDY server, or using even underperform HTTP/1.1. This
too because HTTP/1.1 supports only one a SPDY proxy. In the former scenario, counterintuitive observation is attrib-
outstanding request per connection. the client usually establishes one uted to the complex interaction bet-
Several patches such as HTTP pipe- connection for each domain. Many ween TCP and the cellular radio
lining have been proposed to address sites today employ a large number of layer. More specifically, in cellular net-
HTTP/1.1’s limitations, but few were domains with many domains pointing works, when the radio interface state
widely deployed due to various reasons. to the same IP address (for example, is changed from idle mode to active
d1.cnn.com and d2.cnn.com). Known mode (as triggered by a packet to be
From HTTP/1.1 to HTTP/2 as hostname sharding, this makes transmitted to the base station), it
HTTP/2 is the next planned version SPDY behave similarly to HTTP, and incurs a latency that can last for up to
of HTTP. It aims at overcoming many is discouraged by the SPDY best prac- 2 seconds. During this period, which
limitations of HTTP/1.1 by redesigning tice. In contrast, when a SPDY proxy is called the state promotion delay11

74 www.computer.org/internet/ IEEE INTERNET COMPUTING

42 ComputingEdge February 2016
 Toward Mobile-Friendly Web Browsing

(illustrated in Figure 1), tens of control implemented CC employs a loss recov- of all HTTP connections. Today, even
messages are exchanged between the ery mechanism that’s more aggressive services such as YouTube use HTTPS.
mobile device and the base station for than that of the default TCP, thus mitigat- HTTPS’ cryptographic operations
establishing the data channel. How- ing the impact of loss on multiplexing. incur little energy cost on mobile
ever, at a higher layer, because TCP is Besides overcoming various limitations devices. However, the overheads intro-
not aware of the radio state change, in SPDY and HTTP/2, QUIC also intro- duced by the handshake phase are not
it might simply regard the delay as a duces several new features. For example, negligible. First, a full TLS handshake
signal of packet loss, and therefore it supports zero-round-trip-time con- takes at least two round trips. Assum-
retransmit the packet. Such spurious nection setup when the client revisits a ing the average round-trip time in LTE
retransmissions cause performance server (in contrast, TCP’s conventional is 70 milliseconds,15 which translates
degradation by cutting TCP’s slow- three-way handshake always takes one to 140 ms for a full handshake. Sec-
start threshold (ssthresh). They occur round trip); can optionally use forward ond, the bandwidth consumption of
frequently in 3G UMTS/HSPA net- error correction to better handle losses a TLS handshake is not trivial. A TLS
works, and even in LTE.10 by adding redundancy to its data trans- handshake consumes on average 4.4
After this discussion, readers might mission; and provides better support for Kbytes of data.1 This might sound small
want to know the final answer to the encryption and multipath, which is par- for a single handshake, but when hun-
query, shall we use HTTP/1.1 or HTTP/2 ticularly attractive for mobile devices dreds of connections are used to load
for mobile Web? Thoroughly answer- with multiple network interfaces (for a page in HTTP/1.1 (even SPDY might
ing this question requires more study example, Wi-Fi and cellular). issue a large number of connections
of HTTP/2’s behaviors in realistic Early measurement using synthetic due to domain sharding as mentioned
mobile settings. Nevertheless, given that webpages shows that QUIC outperforms before), the overall penalty could be
HTTP/2 is new, it’s a promising protocol SPDY in many scenarios.13 However, considerable. As a result, when loading
for high-performance mobile Web. Cur- because QUIC is still experimental, its mobile sites using a warm cache, the
rently, all main-stream mobile browsers, performance for mobile Web is unclear, average bandwidth overhead of TLS is
as well as top content providers such as and some of its features are poten- as high as 34 percent.
Google and Facebook, support SPDY tially not mobile friendly. For exam- Two strategies can be leveraged to
and/or HTTP/2. Flywheel,12 Google’s ple, enabling forward error correction mitigate the negative impacts incurred
mobile Web proxy that serves millions in QUIC consumes up to one-third of by TLS. First, content providers
of customers, also uses SPDY by default, available bandwidth even when there should make fewer HTTPS sessions
and is migrating to HTTP/2. is no loss. by, for example, upgrading to HTTP/2
and reducing the number of distinct
Beyond HTTP/2 HTTPS domains when possible. Doing so facil-
It might be too early to anticipate TLS is the de facto protocol for securing itates TLS session reuse and mitigates
what will happen beyond HTTP/2, but a TCP connection. Using TLS to transfer the impact of domain sharding. Sec-
researchers have already started work- data involves two phases: handshake ond, a Web server should be config-
ing on this issue. Among many propos- and data transmission. In the hand- ured to support TLS Session Identifier
als, it’s worth highlighting the Quick shake phase, TLS uses the Public Key or Session Ticket.16 These would allow
UDP Internet Connections (QUIC) pro- Infrastructure to authenticate the server lightweight TLS handshakes when the
tocol, which Google proposed recently. and to negotiate a symmetric session same client connects to the server
QUIC has already been deployed at key, which is subsequently used in the within a certain time window since its
some Google servers. data transmission phase for encryption last visit.
Similar to HTTP/2, QUIC also mul- and decryption. The use of HTTP over
tiplexes objects into a single transport TLS (or its predecessor, SSL) is referred
connection. However, the most nota-
ble feature of QUIC is that it works above
UDP instead of TCP, thus eliminating
to as HTTP Secure (HTTPS). Historically,
HTTPS was primarily used by Web ser-
vices involving exchanging sensitive
S o far we have discussed how vari-
ous aspects at different layers
affect mobile-friendly Web browsing.
the aforementioned head-of-line block- data (for example, a financial trans- At a high level, we see that achiev-
ing issue that is a side effect of TCP’s action). But it’s getting increasingly ing mobile-friendly Web browsing
connection-level ordering. Because popular, exhibiting a potential trend of is much more than merely tailor-
UDP has no built-in congestion control HTTPS everywhere. A recent measure- ing websites’ appearance for mobile
(CC), QUIC implements a flexible CC ment14 reports that as of 2014, more device screens. It instead requires
framework into which various CC algo- than 25 percent of server IPs accept optimizations on webpage content,
rithms can be plugged. QUIC’s currently HTTPS, which accounts for 50 percent Web protocols, transport layers, and

SEPTEMBER/OCTOBER 2015 75
www.computer.org/computingedge 43
Beyond Wires

wireless technology. Fueled by joint Proc. Int’l World Wide Web Conf. (WWW), 9. X.S. Wang et al., “How Speedy Is SPDY?”
efforts of all entities in the mobile eco- 2012, pp. 31–40. Proc. 11th Usenix Symp. Networked Systems
system, including content providers, 3. E. Cuervo et al., “MAUI: Making Smart- Design and Implementation, 2014; www.
Web browser developers, operating phones Last Longer with Code Offload,” Proc. usenix.org/system/files/conference/nsdi14/
system vendors, and mobile device Int’l Conf. Mobile Systems, Applications, and nsdi14-paper-wang_xiao_sophia.pdf.
manufacturers, mobile Web will Services (Mobisys), 2010, pp. 49–62. 10. J. Erman et al., “Towards a SPDY’ier Mobile
achieve good performance, a small 4. F. Qian et al., “Web Caching on Smart- Web,” Proc. Conf. Emerging Networking
energy footprint, and low bandwidth phones: Ideal vs. Reality,” Proc. Int’l Conf. EXperiments and Technologies (CoNEXT),
consumption. Mobile Systems, Applications, and Services 2013, pp. 303–314.
(Mobisys), 2012, pp. 127–140. 11. F. Qian et al., “Characterizing Radio
Acknowledgments 5. C. Labovitz et al., “Internet Inter-Domain Resource Allocation for 3G Networks,”
I thank Yih-Farn Robin Chen from AT&T Labs– Traffic,” Proc. ACM Sigcomm, 2010, pp. 75–86. Proc. 10th ACM Sigcomm Conf. Internet
Research for his valuable feedback. 6. J. Erman et al., “To Cache or Not to Cache: Measurement (IMC), 2010, pp. 137–150.
The 3G Case,” IEEE Internet Computing, 12. V. Agababov et al., “Flywheel: Google’s
References vol. 15, no. 2, 2011, pp. 27–34. Data Compression Proxy for the Mobile
1. F. Qian, S. Sen, and O. Spatscheck, “Char- 7. R. Fielding et al., Hypertext Transfer Proto- Web,” Proc. 12th Usenix Symp. Networked
acterizing Resource Usage for Mobile Web col-HTTP/1.1, World Wide Web Consortium Systems Design and Implementation, 2015;
Browsing,” Proc. Int’l Conf. Mobile Sys- (W3C) RFC 2616, 1999; www.w3.org/Proto- www.usenix.org/system/files/conference/
tems, Applications, and Services, 2014, cols/rfc2616/rfc2616.html. nsdi15/nsdi15-paper-agababov.pdf.
pp. 218–231. 8. SPDY Protocol-Draft 3.1, Chromium Proj- 13. G. Carlucci, L.D. Cicco, and S. Mascolo,
2. Z. Wang et al., “How Far Can Client-Only ect, 2015; www.chromium.org/spdy/spdy- “HTTP over UDP: An Experimental Investi-
Solutions Go for Mobile Browser Speed?” protocol/spdy-protocol-draft3-1. gation of QUIC,” Proc. ACM Symp. Applied
Computing, 2015, pp. 609–614.
14. D. Naylor et al., “The Cost of the ‘S’ in
HTTPS,” Proc. Conf. Emerging Networking
EXperiments and Technologies (CoNEXT),
2014, pp. 133–140.
15. J. Huang et al., “An In-Depth Study of LTE:
Effect of Network Protocol and Application
Behavior on Performance,” Proc. ACM Sig-
comm, 2013, pp. 363–374.
16. J. Salowey et al., TLS Session Resumption
without Server-Side State, IETF RFC 4507,
2006; https://tools.ietf.org/html/rfc5077.
From the analytical engine to the
supercomputer, from Pascal to von Feng Qian is an assistant professor in the
Computer Science Department, School of
Neumann—the IEEE Annals of the History Informatics and Computing at the Indiana
University Bloomington. His research inter-
of Computing covers the breadth of ests include computer networking, mobile
computer history. The quarterly publication systems, network measurement, and energy
efficiency. Qian has a PhD in computer sci-
is an active center for the collection and ence and engineering from the University

dissemination of information on historical of Michigan. Contact him at fengqian@

indiana.edu.
projects and organizations, oral history
activities, and international conferences.

www.computer.org/annals This article originally appeared in

IEEE InternetCSComputing, vol.columns
19,
Selected articles and
no. are
5, 2015.
also available for free at http://
ComputingNow.computer.org.

76 www.computer.org/internet/ IEEE INTERNET COMPUTING

44 ComputingEdge February 2016
Take the
CS Library
wherever
you go!
IEEE Computer Society magazines and Transactions
are available to subscribers in the portable ePub format.

Just download the articles from the IEEE Computer

Society Digital Library, and you can read them on any device
that supports ePub, including:

• Adobe Digital Editions (PC, MAC)

• iBooks (iPad, iPhone, iPod touch)
• Nook (Nook, PC, MAC, Android, iPad, iPhone, iPod, other devices)
• EPUBReader (FireFox Add-on)
• Stanza (iPad, iPhone, iPod touch)
• ibis Reader (Online)
• Sony Reader Library (Sony Reader devices, PC, Mac)
• Aldiko (Android)
• Bluefire Reader (iPad, iPhone, iPod touch)
• Calibre (PC, MAC, Linux)
(Can convert EPUB to MOBI format for Kindle)

www.computer.org/epub
 FROM
FROMTHE
THEEDITOR
EDITOR Editor in Chief: Diomidis Spinellis
Athens University of Economics
and Business, [email protected]

Architecture from a
Developer’s Perspective
Diomidis Spinellis

I CAN STILL remember when, back The Importance of Software tightly coded routines, graphics ker-
in 2003, a fellow FreeBSD developer Architecture … nels, and some game engines. How-
chastised me for an architectural The most obvious way that architec- ever, once the scale increases, the
misstep. I had proposed adding a ture affects quality is maintainabil- only hope to cope with rising de-
reference to a related C library func- ity. Code that lacks clear boundaries mand comes from parallelism ar-
tion in the documentation of a Unix and interfaces is difficult to analyze. chitectures. These let you split your
system call. “I believe this is bad It’s also brittle and, therefore, dif- work horizontally (along tasks) or
practice (a layering violation),” he ficult to change. A small addition vertically (across multiple clients).
They also guide you on how to shard
or partition your data. Through
such architectures, you increase both
your current service capacity and fu-
Architecture is difficult ture scalability. Similar approaches
can increase your service’s reliabil-
to learn and practice. ity. First, you can manage fault toler-
ance by distributing the work among
nodes that can step in to cover each
other in the event of a failure. Sec-
ond, the same nodes can then help
wrote to me. He was right; I hadn’t or fi x in one place can cause a cas- the more complex task of recovery.
thought carefully about that small cade of additional required work, Don’t even think about orchestrating
addition. The truth is that as a de- or worse, bugs. Also, you can’t eas- recoverability into your service with-
veloper you practice architecture ily test and debug such software be- out an architecture to guide the deli-
daily, but only rarely do you have cause it will lack obvious interfaces cate required dance.
time to reflect on your correspond- where you can apply test probes or Another quality aspect that soft-
ing decisions, actions, and their con- add logging functionality. ware architecture aids is portabil-
sequences. Software architecture af- Then comes performance. On a ity—a must in an age of rapid in-
fects the quality of what you build small scale, code jumbled together novation and shifting technology
and how you build it. can be famously efficient: think of alliances. Through clear layering,

IEEE Software To be the best source of reliable, useful, peer-reviewed information for leading software practitioners—
Mission Statement the developers and managers who want to keep up with rapid technology change.

464 I E E E S OFebruary
F T W A R2016 Published
E | PUBLISHED BY THE IEEE C O M P U Tby
E Rthe
SOIEEE
C I EComputer
TY Society  0 7 4 0 - 7 4 52376-113X/16/$33.00
9/15/$31.00 © 2015 © I 2016
E E E IEEE
 E DI T O R I AL
S TAFF
NEW
Lead Editor: Brian Brannon,
IN 2016
[email protected]
Content Editor: Dennis Taylor
SER&IP 15 BEST PAPER AWARD Staff Editors: Lee Garber, Meghan O’Dell,
and Rebecca Torres
The 2nd Annual Software Engineering Research & Industrial Practice 2015 Publications Coordinator:
IEEE TRANSACTIONS ON
(SER&IP 15) workshop, held in conjunction with the International Conference
on Software Engineering 2015 (ICSE 15), focused on the sometimes problem-
SUSTAINABLE
[email protected]
Editorial Designer: Jennie Zhu-Mai
atic interface between the academic and practitioner communities. COMPUTING
Production Specialist: Mark Bartosik
Given IEEE Software’s mandate to present the practical and impactful Webmaster: Brandi Ortega
work that can help bridge this gap, the magazine was pleased to sponsor the Multimedia Editor: Erica Hardison
Best Paper Award recognizing some of the outstanding work presented at the LEARN
Illustrators: Annie Jiu, Robert MORE
Stack,
workshop. IEEE Software editor in chief emeritus Forrest Shull served on the and Alex Torres
selection committee and helped select the best paper on the basis of the crite- Cover Artist: Peter Bollinger
For more information
Director, Products & Services:
ria of readability, rigor, and relevance. on paper submission,
Evan Butterfield
The selection committee chose “Principles and a Process for Successful featured articles, call-for-
Senior papers,
Manager, Editorial Services:
and subscription
Industry Cooperation— the Case of TUM and Munich Re,” by Maximilian Junk- Robin Baldwin
links visit:
er, Manfred Broy, Benedikt Hauptmann, Wolfgang Boehm, Henning Femmer, Manager, Editorial Services Content
Sebastian Eder, Elmar Juergens, Rainer Janßen, and Rudolf Vaas, for the Best Development:
www.computer.org/tsusc
Richard Park
Paper Award on the basis of the soundness of the lessons learned and the bal- Senior Business Development Manager:
anced treatment of both positive and negative aspects of tech transfer. IEEE Sandra Brown
Software editor in chief Diomidis Spinnellis presented the award on behalf of Senior Advertising Coordinators:
the magazine. (For more on this paper, see Practitioner’s Digest on p. 27.) Marian Anderson, [email protected]
Please join us in congratulating the authors for their excellent work and Debbie Sims, [email protected]
thank all of the authors for taking the time to share their experiences in such C S P U B L I C AT I O N S B OA R D
a forum.
Jean-Luc Gaudiot (VP for Publications), Alain
April, Alfredo Benso, Laxmi Bhuyan, Greg
Byrd, Robert Dupuis, David S. Ebert, Ming C.
Lin, Linda I. Shafer, Forrest Shull, H.J. Siegel
M AG A Z I N E O P E R AT I O N S
your software can quickly adapt to can allow you to tailor quality and COMMITTEE
new hardware platforms and soft- processes characteristics for diverse Forrest Shull (chair), M. Brian Blake, Maria
ware interfaces. Proper encapsula- software modules. Regarding test- Ebling, Lieven Eeckhout, Miguel Encarnação,
tion can also make your software ing processes, modern testing frame- Nathan Ensmenger,
T-SUSC Sumi
is Helal, San Murug-
financially
cosponsored
esan, Shari Lawrence byYong
Pfleeger, IEEERui, Dio-
easier to install and coexist with works are typically embodiments for Computer Society and IEEE
midis Spinellis, George K. Thiruvathukal, Mazin
other offerings. corresponding architectural styles. Communications Society
Yousif, Daniel Zeng
Software architecture also affects Finally, software architecture T-SUSC is technically cosponsored
your main development processes— is the key enabler for reusability— Editorial: Allby IEEE Council
submissions ontoElectronic
are subject editing for
clarity, style, and space.
DesignUnless otherwise stated, bylined
Automation
the way you can split the teams that processes that span many of your articles and departments, as well as product and service
descriptions, reflect the author’s or firm’s opinion.
develop the software, how you can organization’s products and ser- Inclusion in IEEE Software does not necessarily constitute
run it across countries and time vices. It can help you create mod- endorsement by IEEE or the IEEE Computer Society.

zones, and how you can maintain ules that can be reused within your To Submit: Access the IEEE Computer Society’s Web-
based system, ScholarOne, at http://mc.manuscriptcentral
it without disruptions. It also helps organization, and it can drive soft- .com/sw-cs. Be sure to select the right manuscript type
when submitting. Articles must be original and not exceed
your ancillary processes. A suitable ware product lines. 4,700 words including figures and tables, which count for
200 words each.
architecture goes hand-in-hand with
IEEE prohibits discrimination, harassment and bullying:
effective configuration management … And What to Do For more information, visit www.ieee.org/web/aboutus
tasks, such as versioning, branch- Given software architecture’s impor- /whatis/policies/p9-26.html.

ing, merging, and continuous inte- tance, what should you be doing as
gration. Software architecture can a developer? This is a tough ques-
provide clear boundaries to manage tion, because architecture is diffi-
quality efficiently. For instance, it cult to learn and practice (it’s been

www.computer.org/computingedge
SEPTEMBER/OCTOBER 2 0 15 | I E E E S O F T WA R E 5 47
 FROM THE EDITOR

described as an old man’s art), and of design patterns and other ele- Keep in mind that architecture
its mistakes can be hugely expensive. ments often misused as architectural is about more than software code.
My advice is to focus relentlessly crutches. Frameworks, design pat- Consider how your whole system (in
on the primary concerns. Smaller terns, and enterprise-scale platforms the widest possible sense) will be de-
ones are important, but the big are all useful, but applying them to composed into processes or services;
ones determine success or failure. the wrong area creates more prob- how data are stored, communicated,
Look at your software’s most com- lems than it solves. The cognitive and processed; and how all parts fit
mon, large, and critical functions; load of a needlessly complex soft- together to deliver the required func-
study your software’s future evolu- ware architecture is higher than that tionality, reliability, capacity, scal-
tion path, looking for things that are of a slightly simplistic one. There- ability, maintainability, and porta-
difficult to change; and determine fore, avoid designing structures bility. Your decisions here may affect
the key quality attributes. These when there isn’t a clear demand for which parts you can purchase, re-
elements will point toward the im- them, and choose the simplest solu- use, or outsource. Earlier this year,
portant things that your architec- tion that can do the work. a team I worked with faced the prob-
ture needs to address. Once you have This brings me to another prin- lem of maintaining a large set of
them, invest significant effort in de- ciple: be ready to refactor when the data that would slowly evolve over
veloping a matching architecture. need emerges. Your lean and mean time, changing through both daily
Consider other successful examples, software architecture will be pres- automated processes and human in-
ask around, look for already avail- sured as the system evolves, accu- teractions. All changes should be au-
able modules, prototype, and ex- mulating technical debt. In contrast ditable, and it should be possible to
periment. Be ready to toss out a so- to an overengineered system, the rerun the processing starting at an
lution if something better emerges. pressure will quickly become ap- arbitrary point in time.
Remember, this is what can make or parent and the pressure points will Initially, we considered as an ob-
break your software. reveal where refactoring is truly re- vious choice a complex relational da-
I recently withdrew a paper I had quired. Consider yourself lucky at tabase schema encompassing time-
submitted and started working al- that point: in contrast to green-field stamped records, user authorizations,
most from scratch on a two-year ef- development, you have a very clear processing chain identifiers, and an
fort when a much more experienced requirement of where to invest your event log. We also considered us-
ing file-system directories to imple-
ment part of this functionality. Both
approaches involved considerable
amounts of application code. It then
Focus relentlessly dawned on us that by using a revi-
sion control system such as Git to
on the primary concerns. version the data files, we could get
most of the required features “for
free.” As an added bonus, team mem-
bers could also employ user-friendly
Git interfaces to manipulate the data.
colleague suggested a drastic im- architectural and refactoring effort. This simple decision, which took us
provement in a design. Not all soft- Do it without stinginess or looking about a day of deliberation and dis-
ware deserves such sacrifices, but back. An interesting example is the cussions to agree on, saved us weeks
you should be ready to make them evolution of the pipes and fi lters ar- of development effort and debugging.
when you see the potential. chitecture under Unix. When pipes

F
Then, avoid the temptation to were introduced to Unix, Bell Labs
overengineer. The worst architec- researchers worked tirelessly to inally, when you develop
tural sins have been committed by convert all their existing programs your architecture, you
developers keen to demonstrate into fi lters that could be connected should adhere to sound soft-
their (often half-baked) knowledge through them. The rest is history. ware design principles:

48
6 ComputingEdge
I E E E S O F T W A R E | W W W. C O M P U T E R . O R G / S O F T W A R E | @ I E E E S O F T WA R E February 2016
 FROM THE EDITOR

CALIFORNIA STATE UNIVERSITY, EAST BAY

FACULTY EMPLOYMENT OPPORTUNITY
DEPARTMENT OF COMPUTER SCIENCE
FULL-TIME TENURE-TRACK OAA Position No. 15-16 CS-DATA/CLOUD/CORE-TT ( 2 Positions)
THE UNIVERSITY: California State University, 4. Advise Computer Science students.
East Bay is known for award-winning programs, 5. Participate in departmental activities such as
• abstraction of processes, data, expert instruction, a diverse student body, and curriculum development, assessment, out-
and control structures; a choice of moreCOMPUTER
than 100 career-focused
SCIENCE fields reach, etc.
• low coupling and high of study. The ten major buildings of the Hayward 6. Develop and continue ongoing research ac-
Hills campus, on 342 acres, contain over 150
cohesion; tivities, service and leadership.
classrooms and teaching laboratories, over 177
• separation of concerns, decom- specialized instructional rooms, numerous com- RANK AND SALARY: Assistant Professor. Salary

SCIENCE
position, modularity, encapsu- puter labs and a library, which contains a collec- is dependent upon educational preparation and
tion of over one million items. The University also experience. Subject to budgetary authorization.
lation, and information hiding;
has campuses in Contra Costa County, Online, DATE OF APPOINTMENT: Fall Quarter, 2016
• separation of interfaces from ENGINEERING
and in Oakland, California. With an enrollment of
implementation and of policy approximately 13,000 students and 600 faculty, QUALIFICATIONS: Applicants must have a Ph.D. in
CSUEB is organized into four colleges: Letters, Computer Science by September 2016. Applicants
from mechanisms; and who can teach undergraduate and master’s level
Arts, and Social Sciences; Business and Eco-
• completeness, economy, and nomics; Education and Allied Studies; and Sci- courses in most or all of the core subject matter in
simplicity. ence. The University offers bachelor’s degrees in computer science. Candidates should demonstrate
50 fields, minors in 61 fields, master’s degrees experience in teaching, mentoring, research, or
in 37, and 1 doctoral degree program. http:// community service that has prepared them to con-
Adhering to all these tenets www20.csueastbay.edu/ tribute to our commitment to diversity and excel-
might sound like a tall order. But lence. Additionally, applicants must demonstrate a
THE DEPARTMENT: The Department of Computer record of scholarly activity. This University is fully
nobody ever said that architecture Science has over 20 full-time faculty members, committed to the rights of students, staff and fac-
is cheap; it’s a sound investment for with a wide range of backgrounds and interests. ulty with disabilities in accordance with applicable
your current needs and future evo- The faculty is committed to teaching its under- state and federal laws. For more information about

The Perfect
graduate and Master’s level students. In a typical the University’s program supporting the rights of
lution. As Brian Foote and Joseph quarter, the Department will offer over 30 under- our students with disabilities see: http://www20
Yoder once said, “If you think good graduate and about 20 graduate classes. Classes .csueastbay.edu/af/departments/as/
architecture is expensive, try bad are offered both in day and evening. Classes are
APPLICATION DEADLINE: The deadline for ap-
generally small, with many opportunities for

Blend
architecture.” faculty-student contact. The Department offers
plications is October 31, 2015; review of ap-
plications will begin November 1, 2015. The
a variety of degrees: B.S. in Computer Science
position, however, will be considered open un-
(with possible options in Networking and Data
til filled. Please submit a letter of application,
Communications, Software Engineering, or Com-
which addresses the qualifications noted in the
puter Engineering), and M.S. in both Computer
position announcement; a complete and current
Science and Computer Networks. Currently,
vita at https://my.csueastbay.edu/psp/pspdb1
thereAtarethe
moreintersection
than 350 undergraduate majors
of science, engineering,
/EMPLOYEE/HRMS/c/HRS_HRAM.HRS_CE.GBL
and over 350 students in the M.S. programs.
and computer science, ComputingAdditionally, in Science please email graduate tran-
DUTIES OF THE POSITION (2 positions currently scripts, 3 letters of recommendation, 3 refer-
& Engineering (CiSE) magazine is where
available): Teaching courses at B.S. and M.S. lev- ences, a statement of teaching philosophy, and
conversations
els, curriculum developmentstart and
at both innovations
levels, and evidencehappen.
of teaching and research abilities to
sustaining a research program. Please note that appears
CiSE the Computer inScience Search Committee to this
teaching assignments at California State Univer- email: [email protected].
IEEE
sity, East Bay include courses at the Hayward, Xplore and
AIPtolibrary A detailed
packages,position announcement is avail-
Concord and Online campuses. In addition
able at: http://www20.csueastbay.edu/about
teaching, all faculty have advising responsibili-
representing more
/career-opportunities/
ties, assist the department with administrative
This article originally appeared in than
and/or committee work, and are expected to as- 50
NOTE:scientifi cState University, East Bay hires
California
IEEE Software, vol. 32, no. 5, sume campus-wide committee responsibilities. and engineering
only individuals lawfully authorized to work in the
United States. All offers of employment are con-
societies.
2015. The ideal candidate for this position is able to:
tingent upon presentation of documents demon-
1. Teach a wide range of computer science strating the appointee’s identity and eligibility to
courses including most or all of the core sub- work, in accordance with the provisions of the
ject matter at both the undergraduate and Immigration Reform and Control Act. If you are
See www.computer.org/ graduate level. (considering all areas of com- considered as a finalist for the position, you may
software-multimedia puter science, capable of teaching in emerg- be subject to a background check.
for multimedia content ing areas). As an Equal Opportunity Employer, CSUEB
related to this article. 2. Support offerings for undergraduate C.S. stu- does not discriminate on the basis of any protect-
dents including teaching courses, developing ed categories: age, ancestry, citizenship, color,
the undergraduate curriculum, and engaging disability, gender, immigration status, marital
undergraduate students in research. status, national origin, race, religion, sexual ori-
Selected CS articles and columns 3. Support offerings for graduate C.S. students entation, or veteran’s status. The University is
are also available for free at – teaching courses, guiding M.S. theses, de- committed to the principles of diversity in em-
http://ComputingNow.computer.org. veloping the graduate comprehensive exami- ployment and to creating a stimulating learning
nation, etc. environment for its diverse student body.

www.computer.org/computingedge SEPTEMBER/OCTOBER 2015 | I E E E S O F T WA R E 7 49

Startups

The Rise of Multimedia for Online

Communication Startups
Rong Yan
Snapchat O nline messaging has been a hot topic in
the startup world lately. Last year, a new
breed of online messaging tools sprang up and
personal thoughts, feelings, and emotions with
as many people as possible. This user evolution
of online communication has enabled a new
experienced tremendous user growth. Accord- ecosystem of user-created content, supported
ing to a recent study by BI Intelligence, the top by multiple media types including video, audio,
four messaging apps grew their user numbers at and photos.
a quarterly rate of at least 15 percent in 2014, Arguably, multimedia offers the best medium
leading the study to suggest that “messaging is to faithfully deliver what users see, hear, and
poised to take over social networks within the experience in the real world. According to Min-
next few years.”1 tel’s March 2013 survey,2 31 percent of US adults
Although online messaging is similar to who use social networks capture video or images
text messaging, these next-generation apps specifically so they can share that content
usually offer more convenient communication online. Furthermore, 53 percent of networkers
features—in particular, tools for sharing more said they talk about things they see on social
media types, including images, videos, and media in face-to-face conversations.
voice messages. This is in line with the trend of The rise of multimedia adoption has also
social media users shifting away from tradi- been profoundly influenced by recent techno-
tional text-based communication and em- logical advances, which have changed our com-
bracing more multimedia-oriented platforms. munication behaviors. In particular, I’d like to
Popular social networks are also following this stress the following three trends.
trend to enhance their online-messaging serv-
ices to support new media types. Facebook’s
Internet Everywhere
purchase of Instagram and Twitter for Vine
Steve Jobs once said,
highlight the potential for social multimedia
sharing. When we were an agrarian nation, all cars
But why is this happening, and who is lead- were trucks. But as people moved more
ing the way? Here, I study the driving forces towards urban centers, people started to get
into cars. I think PCs are going to be like
behind the multimedia evolution of online
trucks.
communication and take a look at some recent
startups, exploring the reasons behind their Since the day this quote slipped off Jobs’s
success. lips, it has become increasingly clear that that
post-PC era everyone has been talking about
Evolution of Online Communication has arrived. In 2011, two important milestones
The newfound popularity of multimedia con- suggested that we had crossed that imaginary
tent in online messaging is not by accident. line from the PC era to the post-PC era: smart-
About a decade ago, when the first generation phone shipments outpaced PCs for the first
of social networks entered the Internet—such time ever,3 and Apple became the world’s larg-
as the LinkedIn profile or Facebook News est PC maker, counting iPads as PCs.4 These
Feed—most users only cared about sharing statistics speak volumes about the state of mod-
information. But as sharing became more of a ern-day computing.
communal experience, a relatively new trend of As noted by Chris Jones, a principal analyst
the “shared experience” began, with users at Canalys, the computer-in-your-pocket has
expressing a greater interest in sharing their moved from being “a niche product segment at

50 February 2016 Published by the IEEE Computer Society  2376-113X/16/$33.00 © 2016 IEEE
100 
1070-986X/15/$31.00 c 2015 IEEE Published by the IEEE Computer Society
the high end of the mobile phone market to
becoming a truly mass-market proposition.”3
With the prevalence of new smart mobile and Users are increasingly
wearable devices, such as Google Glass and
Apple Watch, it has become increasingly con-
demanding new forms of
venient for people to access the Internet every- cyber communication
where, propelling the growing popularity of
new media types as the management and that more closely
uploading of multimedia content becomes
simpler than ever. Users can now share their resemble the
experience anytime, anywhere, and unlike with
traditional social media, they do not have to characteristics of real
capture the offline world and recreate it online.
They simply record it live and communicate at in-person interaction.
the same time, which has laid the foundation
for the success of online messaging apps with
multimedia support.

Time Fragmentation dominance fundamentally redefined the com-

Smart devices and apps are now occupying munication style in the online space, where
every single corner of our lives. They are the over-sharing has become the default, and per-
first things we check in the morning and the sonal information is permanently stored pub-
last things we look at before going to bed. Many licly. Users are increasingly demanding new
young Internet users have grown accustomed forms of cyber communication that more
to instant gratification and to instantly reach- closely resemble the characteristics of “real” in-
ing their friends through social media or mes- person or over-the-phone interaction, which is
saging apps. They have much shorter attention by nature transient and private.
spans than before5 and are constantly dis- As a matter of fact, our daily communication
tracted by an incoming flow of notifications. A is largely comprised of fleeting moments—
report from Pew Internet and American Life uttered words are seldom recorded, and the
Project shows that more than half of us use our images we perceive with our eyes are rarely
cellphones while watching TV.6 As the adop- saved and replayed. This inspired the creation
tion of smartphones increases, I am sure we will of ephemeral messaging that no longer keeps
see more of this. the media content forever, and mobile stream-
Today’s successful apps must adapt to the ing that distributes video experience in real
increasing difficulties of drawing users’ atten- time. Moreover, to regain some sense of privacy,
tion and creating a convenient environment anonymous social networks are emerging that
for them to achieve their intentions within avoid revealing the sender’s identity when the
minutes or even seconds. Multimedia is a per- content is shared. This need to return to the
fect tool for this purpose. The success of short- basic form of communication and privacy pro-
video apps, such as Vine and Snapchat, has tection has created a valuable proposition in
exemplified this idea—these apps take only up this age of social technology.
to a few seconds to convey an idea, make us
laugh, or get us to think. Although it might Online Messaging Startups
seem as if this approach would be too brief, To meet with these newest user needs, online
October–December 2015

especially when compared to the longer-form communication startups are bubbling up with
videos hosted by YouTube, these apps make the an astonishing variety of services and products.
media-sharing process extremely simple and Fueling this new market are the higher-than-
convenient, and they fit perfectly with the ever inflow of venture capital investments and
growing fragmentation in user behavior. emergence of basic building blocks that make
nimble startup possible, including reusable
Back to the Basics open source modules made available on the
The advent of social networks has facilitated Internet; easy-to-learn programming frame-
conservation and information distribution works; along with cloud-based services that
across a large group of users. However, their can host startup offerings (Amazon’s cloud

www.computer.org/computingedge 51
101
Startups

The success of these startups can be traced

back to their nature in transmitting temporary,
These quick bursts of unrecorded, unaltered real-life interactions to
the digital world in various media forms.
powerful messages are Because the media content is not stored perma-
becoming widely nently, many users on these platforms are
highly engaging, posting tens of images/videos
accepted among users, on a daily basis without worrying about infor-
mation overload for their viewers. In addition,
catering to the dwindling similar to a phone call or in-person conversa-
tion, self-destruction means viewers need to
attention span of pay more attention to the media when watch-
ing their friends’ messages. This factor further
online users. adds up to the popularity of ephemeral messag-
ing apps.

Anonymous Messaging
Recent years have also seen the rise (and fall) of
computing), distribute them (Apple’s App a new type of social messaging apps called anon-
Store), and market them (Facebook, Twitter). To ymous messaging, such as Whisper, Secret, and
exemplify, I describe three categories of the lat- Yik Yak. These apps draw increasing attentions
est online messaging startups and explain how from users by allowing them to post public mes-
multimedia technology plays a vital role in sages without revealing their identities, while
their product offerings. their friends or friends of friends can respond
and search by popularity, topic, or location.
Ephemeral Messaging and Short Videos Consequently, these apps naturally provide a
Among the most promising directions for online communal experience among anonymity.
messaging are ephemeral messaging apps. Their For example, one of the most well-known
idea sounds extremely simple—users have only anonymous apps, Whisper, attracted 10 million
a limited amount of time (typically several sec- active users in 2015.8 On average, the Whisper
onds) to record their images or videos, and the app is opened 1 million times an hour, which
media content self-destructs after a certain means its users are highly engaging in this plat-
expiration time. This form of messaging has form. Similarly, Secret amassed 15 million users
achieved tremendous success in recent years. and raised $35 million in venture capital before
For example, Snapchat, the leading ephem- its demise.8 The popularity of these apps can
eral messaging app, has been on a serious largely be attributed to the so-called “identity
growth curve—in 2014, it had the fastest growing fatigue”—that is, Internet users’ growing weari-
audience.7 More impressively, a recent infographic ness with associating digital communications
(https://photoworld.com/how-big-is-snapchat) with their real-world personas, making them
has shown there are already more photos susceptible to public scrutiny. As Brooks Buf-
shared on Snapchat than on main-stream fington, CEO of Yik Yak, pointed out, “Once
social networks, such as Facebook and Twitter, you have a profile, you are expected to act a cer-
despite its smaller user base. tain way. People only post the best, most beau-
To compete in the same space, three other tiful parts of their life on Instagram … [For
ephemeral messaging startups raised over US$43 anonymous apps] you just put something out
million in 2014: Wickr, Frankly, and Cyber there, and if it doesn’t resonate with anyone,
Dust. Blink is another similar startup that was it’s not a reflection on you.”9
acquired by Yahoo for an undisclosed amount, It is worth noting that multimedia has been
and Facebook had its second attempt at an widely used in some of these services. For exam-
IEEE MultiMedia

ephemeral app called Slingshot. Short videos ple, Whisper and Secret often ask users to select
can be popular without being ephemeral. For a relevant picture to feature with the anony-
example, Vine lets users create mini videos up to mous text message. Users can use an image
six seconds long and has attracted 100 million from the movie Poltergeist to illustrate words
monthly active users after being acquired by such as “fear,” “ghosts,” and “dreams.” This is
Twitter in 2012. similar to how Google’s search engine shows

52 ComputingEdge February 2016

102
ads based on the search terms, and it opens up a
new research direction for multimedia research-
ers, where image-recommendation algorithms Mobile live streaming is
can be applied to improve the user engagement
rate.
still in its infancy.
However, anonymous messaging still faces a Periscope and Meerkat
lot of challenges. As a prime example, Secret
shut down after just 16 months because of might be media darlings
internal strife and uncertainty. A few key mis-
takes are likely what led to its failure. Its deci- right now, but that could
sion of targeting tech-savvy professionals did
not pan out as well as Whisper’s targeting of soon change.
teens. Some reports also suggest that Secret’s
CEO, David Byttow, closed the company parti-
ally because the way people were using the
app—to spread malicious rumors—was not
aligned with his original vision of the app. interacts with its users. For example, with these
Secret’s quick rise and fall taught us a lesson new tools, brand advertisers can deliver their
that founders have to be proactive in under- marketing messages across multimedia chan-
standing customer preferences and must adapt nels in real time. Also, these apps have created a
their strategy accordingly over time. new world of real-time user-generated content
available to news reporters. As a complementary
Mobile Live Streaming channel to other social media services, TV news-
Live video streaming is nothing new. These rooms are starting to experiment with monitor-
services have been around since the early ing these live mobile feeds. With the integrated
2000s, but the older live-streaming platforms live comment feed in such apps, producers can
(Ustream, Twitch) have been mostly focused on quickly communicate with content creators to
creating a niche segment or courting corporate ask for more context, getting more information
clients. The new generation of mobile live- sooner than with video sites like YouTube.
streaming apps, Periscope and Meerkat, pursue Despite all the hype, as both are also spawn-
a more consumer-oriented path by making it ing major disputes around alleged privacy
extremely simple to broadcast our lives on the violations or infringements on copyrighted
fly, shifting the appeal back to the mainstream content. In April 2015, HBO issued “takedown”
users. You can consider them as “live YouTube.” notices to Periscope after people streamed the
Both apps let users send live-streamed videos to season five premier of its “Game of Thrones”
their followers, such as a product demonstra- show.12 The nature of live broadcasting makes
tion or a video of taking the dog for a walk. it easier to pick up videos of private conversa-
The live streams on these platforms are tions and copyrighted material without being
ephemeral: Periscope’s streams stay visible for 24 noticed. Also, unlike the other video-sharing
hours, while Meerkat’s disappear when the sites, Meerkat and Periscope have very little
recording ends. Both were a breakout hit at this time to review footage before the content goes
year’s South by Southwest technology festival, out, making it difficult to discover and take
and both peaked in the highly anticipated down the policy-violated content in time. How
heavy-weighted Mayweather-Pacquiao fight in to address these concerns and land support
May 2015.10 Meerkat and Periscope are great from privacy professionals and regulators
October–December 2015

indications of the explosive growth in capturing remains to be a challenging topic for mobile
and sharing mobile videos, driven by recent live streaming.
technology advances and user behavior changes.
In fact, a 2015 Cisco report predicted that by
2017, video will account for 30 percent of Inter-
net traffic and 70 percent of traffic on mobile
A s more and more users can gain access to
Internet, have shorter attention spans,
and show an inclination to return to basic com-
devices,11 and these numbers are likely to grow munication patterns, a new breed of successful
down the road. online communication startups have emerged
The appearance of live-streaming apps has to meet with these needs. As multimedia tech-
already impacted the way the media industry nology continues to evolve, this disruptive

www.computer.org/computingedge 53
103
 Startups

trend will last in the foreseeable future, present- globalwebindex.net/blog/snapchat-was-the-fast-

ing a huge, uncharted opportunity for multime- est-growing-social-app-of-2014.
This article originally dia researchers and industrial participants. MM 8. P. Dave, “Whisper, App with 10 Million Young
appeared in Users, Attracting Advertisers,” Los Angeles Times,
IEEE MultiMedia, 30 Apr. 2015; www.latimes.com/business/technol-
References
vol. 22, no. 4, 2015. ogy/la-fi-tn-whisper-president-advertisers-
1. D. Smith, “Chart of the Day: Mobile Messaging Is 20150430-story.html.
Poised to Overtake Social Networks,” Business Intel- 9. J. McDermott, “Inside Yik Yak, An Anonymous
ligence, 14 Nov. 2014; www.businessinsider.com/ Sharing App Sweeping through Colleges,” Digiday,
chart-of-the-day-mobile-messaging-is-poised-to- 8 Dec. 2014; http://digiday.com/platforms/inside-
overtake-social-networks-2014–11. yik-yak-anonymous-sharing-app-sweeping-
2. B. Hulkower, “Digital Trends Spring—US—March colleges.
2013,” Mintel, 2013; http://store.mintel.com/dig- 10. J. Bracy, “Meerkat and Periscope: Are Privacy Pros
ital-trends-spring-us-march-2013. Ready for the Consequences of Live Streaming?”
3. “Smart Phones Overtake Client PCs in 2011,” IAPP, 2015; https://privacyassociation.org/news/a/
Canalys, Feb. 2012; www.canalys.com/news- meerkat-and-periscope-are-we-ready-for-the-con-
room/smart-phones-overtake-client-pcs-2011. sequences-of-live-streaming.
4. “Apple Storms Past HP to Lead Global PC Market,” 11. Cisco Visual Networking Index: Forecast and Method-
Canalys, Jan. 2012; www.canalys.com/newsroom/ ology, 2014–2019 White Paper, Cisco, 2015; www.
apple-storms-past-hp-lead-global-pc-market. cisco.com/c/en/us/solutions/collateral/service-
5. L. Watson, “Humans Have Shorter Attention Span provider/ip-ngn-ip-next-generation-network/
than Goldfish, Thanks to Smartphones,” The Tele- white paper c11-481360.html.
graph, 15 May 2015; www.telegraph.co.uk/news/ 12. N. Jarvey, “HBO Criticizes Periscope Over ‘Game of
science/science-news/11607315/Humans-have- Thrones’ Live Streams, Issues Takedown Notices,”
shorter-attention-span-than-goldfish-thanks-to- The Hollywood Reporter, 14 Apr. 2015; www.holly-
smartphones.html. woodreporter.com/news/hbo-criticizes-periscope-
6. A. Smith, “The Rise of the ‘Connected Viewer,’” game-thrones-788734.
Pew Research Center, July 2012; www.pewinternet.
org/2012/07/17/the-rise-of-the-connected-viewer.
7. J. Mander, “Snapchat Was the Fastest Growing Rong Yan is a director of engineering at Snapchat.
Social App of 2014,” blog, 27 Jan. 2105; www. Contact him at [email protected].

Keeping
YOU at the Stay Informed
Access to Computer Society books,

Center
technical magazines and research
journals arm you with Industry
intelligence to keep you ahead of the
learning curve.

of Technology
• 3,000 technical books included
with membership from books 24 x
7 and Safari Books Online
• 13 technical magazines

IEEE Computer Society • 20 research journals

IEEE MultiMedia

Learn something new. Check out

Publications Computer Society publications
today!

Stay relevant with the IEEE Computer Society

More at www.computer.org/publications
54 ComputingEdge February 2016
104
 Scientific Programming
Editors: Konrad Hinsen, [email protected] | Matthew Turk, [email protected]

Technical Debt in Computational Science

Konrad Hinsen | Centre de Biophysique Moléculaire in Orléans

T
echnical debt is a recent metaphor that the soft- before refactoring or rewriting, be it to fix bugs or quickly add
ware industry is rapidly adopting. First used by features, will require more effort than it would for well-written
Ward Cunningham in a 1992 report on a software code. It’s also probable that much of this work will have to
development project (http://c2.com/doc/oopsla92. be repeated after paying back the debt—the additional effort
html), the term refers to future obligations that are the con- is the equivalent of paying interest. Another useful analogy
sequence of technical choices made for a short-term benefit. is debt default: defaulting on a technical debt lowers quality
The standard example is writing suboptimal code under standards, indicating that an objective can’t be met because of
time pressure, knowing that the code will have to be refac- a bad technical choice in the past. For a company, it can mean
tored or rewritten later to make the software maintainable. the end of a product line or, worse, the company itself.
The additional effort for refactoring or rewriting, which But just like a financial debt, a technical debt isn’t
doesn’t improve the software’s utility for its users and there- necessarily a bad thing. There can be good reasons for
fore doesn’t add market value, serves to pay back the debt. cutting corners and fixing the resulting problems later.
Being the first company to propose a product on the market
Debt, Interest, Payback, and Default is a competitive advantage that can procure long-term
The word debt emphasizes an analogy to monetary debt: both benefits. Similarly, a scientist can derive a significant benefit
are future obligations incurred in exchange for a short-term from being the first to publish an important new result. The
benefit. But the analogy goes further: both generate interest. In point of the technical debt metaphor isn’t to reprehend such
the example of the hastily written code, any work done on it choices but to remind us of the long-term consequences.
2376-113X/16/$33.00 © 2016 IEEE Published by the IEEE Computer Society February 2016 55
November/December 2015 Copublished by the IEEE CS and the AIP 1521-9615/15/$31.00 © 2015 IEEE Computing in Science & Engineering 103
Scientific Programming

Like all analogies, the debt metaphor has its version backward compatible with earlier versions
limits. A financial debt is the result of a contract led to redundant features that made the language
between a borrower and a lender that describes the needlessly complicated. For example, old-style and
exact conditions of the debt. Unless you carelessly new-style classes exhibited subtly different behavior.
take a loan without reading the contract, you know Everyone agreed that new-style was better, but old-
what your future obligations are and what short- style was there before and existing code relied on it.
term benefits you get in return. Technical debt Similarly, the standard library acquired redundant
results from a contract with your future self, and modules, whereas other modules became obsolete in
its terms usually aren’t written down anywhere. An the sense that they relied on no longer maintained
experienced engineer will recognize having incurred libraries or were specific to computing platforms that
a technical debt but might not be able to give a had long since been transferred to museums.
precise estimate of the interest and the final payback. The reason the transition to Python 3 is partly
An inexperienced person can even incur technical a repayment and partly a default is that it preserves
debt without being aware of it at all, seeing the short- one objective while violating another. Python started
term benefit but not the long-term obligations. out with the goal of being a simple and easy-to-learn
language, an objective that was preserved with the
A Case Study: The Python Language general cleanup that led to Python 3. But publishing
A simple Web search yields many examples of and a programming language and encouraging people
discussions about technical debt in the context of to use it implies the promise of not breaking their
commercial software development. Much of this code in the future. This tacit promise was broken
applies to scientific software as well, especially to with Python 3, which is incompatible in many
larger and long-lived software projects with multiple details with earlier versions—the two objectives
developers and some form of project management. being contradictory, the only way to maintain both
However, both the nature of these software projects would have been to stop future evolution. Most
and of the organizations behind them is much more programming languages face this choice at some
diverse in scientific computing. In particular, much time, but most designers choose to continuously
software development happens in relatively small accumulate complexity rather than clean up the
research groups that have informal collaborations mess. In other words, they default on the technical
with other such groups, either on a common debt by giving up simplicity.
software package or on distinct but interdependent Looking at this from the viewpoint of the creators
software packages. In such an organization, anyone’s of scientific libraries written in Python, we see how
technical debt has an impact on everyone else. technical debt in Python’s development has a direct
I can illustrate this with examples from the impact on their work. With the Python development
scientific Python ecosystem, the term commonly community moving on to Python 3, it will eventually
used to describe the large set of scientific libraries have to abandon Python 2. Library authors thus
written in the Python language. It has an onion- have to choose: either migrate to Python 3 now or
like structure, with the Python language itself at keep the Python 2 platform alive by taking over its
the core. The next layer contains a small number maintenance. Both choices involve additional effort.
of scientific infrastructure libraries such as NumPy Doing nothing seems like a third option, but given
(array computations) and matplotlib (plotting). The the fast rate of change in computing platforms, today’s
third layer consists of domain-specific libraries that Python 2 will become effectively unusable within a
tend to depend on libraries in the infrastructure few years. Moreover, hardly any scientific library is
layer or on other items in the domain-specific layer. useful in isolation, so everyone’s choice depends on the
Outside of these three layers, we find “client code”: expected behavior of the authors of related libraries. At
scripts and workflows that are specific to a research this time, the core infrastructure libraries and many of
project but also highly domain-specific software the bigger domain-specific offerings have initiated or
tools with graphical user interfaces. even completed the transition to Python 3, while still
The transition from Python 2 to Python 3, which maintaining some level of compatibility with Python
started in 2008 and is still going on, is a nice example 2. Many libraries with a smaller developer base remain
of paying back technical debt with a partial default. in the Python 2 universe, lacking either the means or
The Python language had continuously evolved the motivation to move on.
over the years, acquiring both new features and new In terms of the technical debt metaphor, we can
modules in its standard library. The desire to keep each say that choosing the Python language, or in fact
56 ComputingEdge February 2016
104 November/December 2015
 choosing to base your work on any dependency or exception. We all work with immature technology
tool controlled by someone else, creates technical every day, and we know it. My computer crashes
debt. The short-term benefit is the immediate about once per month, requiring a reboot. It asks
availability of a useful software component. The me to install software updates, often labeled as
interest is the work required to adapt your own code security-critical, at least once a week. Broken Web
to changes in the dependencies or alternatively to links are a daily experience. It’s safe to assume
take on the responsibility of maintaining a version that scientific software is of no better quality, even
of those dependencies that remains compatible though the symptoms of bugs are usually more
with your own code. Paying back the debt would subtle and can go unnoticed. For scientists, who by
mean replacing the dependency with your own definition work at the frontiers of knowledge and
code, which is rarely done in practice. The technical technology, there’s really no way to avoid immature
debt resulting from dependencies is, in most cases, dependencies. We can, however, be aware of it and
perpetual. Moreover, such debts are practically try to anticipate the consequences, or at the very
inevitable because not depending on other people’s least, avoid pretending that there aren’t any.
work—that is, writing everything yourself—isn’t
a realistic option. After all, even the computer’s Debt in Research
operating system is a dependency. You can, however, The technical debt metaphor is most frequently
try to minimize risky dependencies as part of a applied in software development, but it applies
strategy for managing technical debt. Matthew Turk equally well elsewhere. An interesting example
recently wrote about this option in this department.1 is a recent exploration of the impact of data
The kind of technical debt involved here is dependencies in applications of machine learning
perhaps the most frequent one in computing, even techniques.2 Such a systems-level view of technical
before the standard example of cutting corners to debt is also useful in the context of scientific
terminate a project as early as possible. It can be research.
summarized as relying on immature technology. Science has long-established standards of quality
When you choose a programming language that’s that all scientists have the moral obligation to respect.
just a few years old, you should expect that nobody, In particular, they should make a serious effort to
not even its creator, has sufficient practical experience verify the results they obtain, actively searching
with it to have made all the right choices. Either the for potential mistakes to overcome confirmation
language will remain static and fade from popularity bias, the natural tendency of humans to search for
quickly, or it will change and become either messy confirmation rather than refutation of their own
or incompatible. In all these scenarios, you have a hypotheses. Moreover, scientists must publish
maintenance problem with your code that relies detailed accounts of their work to permit their
on it. If you want to avoid this, you should choose peers to verify it, attempt to reproduce the findings
a programming language that has been around for themselves, and build on it in future research. The
decades. Indeed, stability is one reason cited for respect of these obligations makes the difference
choosing Fortran. Of course, the same principle between a scientific result and anecdotal evidence.
applies to other dependencies such as libraries. It’s Verifying your own results and conclusions
probably safe to bet on BLAS being around for many implies first acquiring a sufficient understanding
more years without incompatible changes, but the of your methods and tools prior to using them, as
same can’t be expected of a recent implementation of well as ensuring that they’re adequate for the task.
today’s hottest algorithms. This well-known problem Computational scientists have traditionally been
of software becoming unusable because of changes in rather negligent about this. The few prominently
its dependencies is sometimes called software rot. This public cases of mistakes in scientific results due to bugs
isn’t a good metaphor, however—software doesn’t in software are probably just the tip of the iceberg,3
degrade in time. Rather, the foundations on which suggesting a widespread lack of testing. Moreover,
the software is built change—and not by decaying scientific software is often applied incorrectly, due to a
but as a side effect of improving. The software rot lack of understanding of the computational methods
metaphor has led to the equally misleading term that the software implements.4 This is partly the fault
software maintenance for keeping software usable by of scientists using software they don’t understand,
adapting it to evolving environments. but also partly the fault of scientific software authors
In a fast-moving field such as computing, providing insufficient documentation and neglecting
immature technology is the norm rather than the the readability of their source code.
www.computer.org/computingedge 57
www.computer.org/cise 105
Scientific Programming

The word negligence already suggests that CiSE has dedicated two theme issues to it (January/
basic human tendencies such as laziness are an February 2009 and July/August 2012). As with
important cause of these problems, but there’s also software bugs, there are both human and technical
a technical aspect to it. Scientists increasingly treat reasons, the latter being cases of technical debt again.
computational methods as similar to experimental One major reason for the widespread nonre-
ones and consider computers and software as the producibility of computational results is the use of
theoretician’s equivalent of experimental equipment. immature technology, which I’ve already discussed
This point of view is useful for simulation earlier in the context of software development. It
techniques, which produce data that’s analyzed and means that software must be actively maintained
evaluated in much the same way as experimental to be usable in the future, making software main-
measurements, with a strong emphasis on statistical tenance a requirement for reproducibility. Unfortu-
approaches. There is, however, a fundamental nately, active maintenance of all research software
difference between computers and instruments used down to the tiniest script used for data munging
in experiments. Lab instruments, like any physical requires more effort than the scientific community
devices, are subject to inevitable imperfections can afford to dedicate to such activities. This isn’t
in manufacture. They’re thus designed in such a only a question of affecting the means necessary
way that small imperfections can only cause small to do the work—in many cases, only the original
deviations in the results. Computers, on the other author of a script knows what it’s supposed to do
hand, are chaotic dynamical systems. Changing a exactly. If the original author is a PhD student who
single bit in a computer’s memory can change the leaves academic research after the thesis, no one is
result of a computation beyond any predictable left to do the maintenance. In practice, we most of-
bound. Computers are practically usable devices ten prefer to default on this kind of debt, all the
in spite of this sensitivity because of their extreme more because such a default is still socially accept-
reliability, compared to other technical artifacts. able today. The reproducible research movement
Although hardware errors can become a works toward paying back the debt in two ways:
problem with long-running computations on very ensuring the sustainability of widely used pieces of
large machines, for most applications of computers scientific software, and preserving more informa-
in scientific practice, it’s safe to assume that the tion about the computational environment of a
computer does precisely what the software tells it to particular research study, to be published alongside
do. However, errors in the software or in the input its results as essential documentation.
data are amplified with each computational step. Another technical reason for nonreproducibil-
Often, we can (and do) ensure that small errors in the ity is the sheer amount of information required for
input data translate to small deviations in the results fully specifying a computation. In theory, any com-
via a judicious choice of numerical methods. But we putation is defined by a single computer program.
don’t yet have good techniques for limiting the impact All we have to do is publish that program together
of software errors. We should therefore add the use of with a scientific article, and anyone could rerun it to
chaotic devices for computation to our technical debt verify the results. In practice, that program is a com-
account and accept the effort for carefully testing our plex assembly of a multitude of parts. Typically, we
software as an inevitable interest payment, hoping to have many libraries, and multiple programs that call
pay back the debt one day by a profound change in functions from these libraries. A compiler and linker
the way computers are used in research that limits the create a single unit for each of these programs, spe-
impact of chaotic behavior. Because most scientists cialized for a particular type of computer. We then
aren’t aware of this fundamental difference between combine several such programs with input data and
software and the physical devices used in experiments, an outer algorithmic layer often called a “workflow”
this particular debt resembles a loan taken without to obtain the result. To make it worse, we often
reading the contract. launch computational steps interactively, meaning
that part of the workflow exists only in our heads.
Reproducibility Tools for managing the assembly and execution of
The reproducibility requirement of science implies such complex computations have been around for a
the publication of a sufficiently detailed description long time—the well-known make utility for the Unix
of what was done. Computational science has family of operating systems was published in 1977.
performed very badly in this respect as well. This But they’ve been ignored by most computational
problem has received a lot of attention recently, and scientists until very recently, partly out of ignorance
58 ComputingEdge February 2016
106 November/December 2015
 and partly for not wanting to learn the use of such it. This includes systems software (operating systems,
tools. This debt is in the category of cutting corners compilers), programming languages, scientific librar-
for advancing more rapidly. We pay interest in the ies, and software development tools. For scientists
form of increased manual labor, and we tend to de- preparing a research project, all of these items repre-
fault on the reproducibility aspect. sent debt-laden dependencies. The more stable and
A final but frequent category of technical debt predictable the computational infrastructure is, the
in computational science results from an obsession less risky these dependencies are. This ought to be
with performance. This debt is particularly difficult sufficient motivation for science funders to invest in
to deal with because the interest can go unnoticed, infrastructure. Fortunately, this is starting to happen.
and the debt is almost never paid back. Its impor- Another good investment for the prevention
tance has nevertheless been recognized and is well of debt escalation is education and training. As
expressed by the famous D.E. Knuth quote remind- I’ve shown, much debt is the result of uninformed
ing us that “premature optimization is the root of choices. In the ideal world, computational scientists
all evil (or at least most of it) in programming.”5 would be better prepared to make technical choices,
Best practices in software engineering say that you either through better personal education about com-
should first write a clear and simple program, and puting technology or by close collaboration with
then validate it by extensive testing. In a second step, experts giving advice. Reading CiSE is, of course,
performance bottlenecks are identified by profiling a good way to improve your technical competence.
and eliminated by optimization. Computational We also see grassroots movements such as Software
scientists often rush for optimization, choosing low- Carpentry (http://software-carpentry.org), people
level programming languages for performance and who step in for the academic institutions that have
eliminating error checks perceived as too expensive failed so far to integrate computational education
before even having a validated program in which into the training of young scientists. With a bit of
they could look systematically for performance bot- luck, we could avoid a scientific debt crisis.
tlenecks. The consequences are a higher software de-
velopment effort and more mistakes, leading to less References
reliable scientific results. Both could be measured in 1. M. Turk, “Vertical Integration,” Computing in
principle, by comparing different software projects Science & Eng., vol. 17, no. 1, 2015, pp. 64–66.
using different approaches, but such an evaluation is 2. D. Sculley et al., “Machine Learning: The High
expensive and in practice almost never done. Interest Credit Card of Technical Debt,” Proc.
SE4ML: Software Eng. Machine Learning (NIPS
2014 Workshop), 2014; http://research.google.com/

A s I already mentioned, the main utility of the

technical debt metaphor is to remind scientists,
science managers, and funding agencies of the long-
3.
pubs/pub43146.html.
Z. Merali, “Computational Science: ...Error,”
Nature, vol. 467, 2010, pp. 775–777.
term consequences of technical choices. On closer 4. L.N. Joppa et al., “Troubling Trends in Scientific
inspection, almost every technical choice is associ- Software Use,” Science, vol. 340, 2013, pp.
ated with some kind of debt, especially when deal- 814–815.
ing with cutting-edge technology, which is frequent 5. D.E. Knuth, “Computer Programming as an Art,”
in research. It’s useful to analyze major choices in Comm. ACM, vol. 17, 1974, pp. 667–673.
terms of the debt metaphor: Is the debt perpetual,
or will it be paid back? What are the interest pay- Konrad Hinsen is a researcher at the Centre de Biophy-
ments? Is there a chance we’ll have to default on the sique Moléculaire in Orléans (France) and at the Syn-
debt? And if so, will we get away with it? The idea is chrotron Soleil in Saint Aubin (France). His research
to turn the tacit contract about technical debt with interests include protein structure and dynamics and
your future self into an explicit one. scientific computing. Hinsen has a PhD in theoretical
Any analysis of the technical debt involved in physics from RWTH Aachen University (Germany).
a typical research project makes the importance of Contact him at [email protected].
infrastructure evident. Infrastructure is everything
not specifically made for one research project. In
computational science, it includes shared equipment ThisSelected
articlearticles
originally appeared
and columns frominIEEE Computer
such as supercomputers but also software made for Computing in Scienceare
Society publications & Engineering,
also available for free at
facilitating research rather than directly conducting vol. 17, no. 6, 2015.
http://ComputingNow.computer.org.

www.computer.org/computingedge 59
www.computer.org/cise 107
COMPUTING CAREERS

High-Tech Careers:
Finding the Job You Want

A s an Intel enterprise architect and

technology strategist, Enrique G. Cas-
tro-Leon knows a thing or two about
computer technology careers. With research
interests that include cloud computing and IT-
manufacturing industries to services. Computer
technology reflects this as well. There are prob-
ably more opportunities for innovation―inte-
grating components and services that already
exist to create other services―than for creating
enabled enterprise service innovation, he recently the technology components in the first place. In
co-authored a guest editors’ introduction for the any case, even component creators will need to
November–December 2015 IT Professional special reach out to other stakeholders, which requires
issue on smart systems. networking skills.
We asked Castro-Leon several questions about
computer-related career opportunities, and he ComputingEdge: What do you consider to be the
shared insights into how to prepare for the rapid best strategies for professional networking, and
changes taking place in technology today. why?

ComputingEdge: What careers in computing Castro-Leon: Recent graduates may feel dis-
technology will see the most growth in the next couraged when starting to network. They might
several years, and why? think “I don’t know how to do it” or “Nothing ever
comes back.” However, this is only a short-term
Castro-Leon: Selecting a field because it’s in problem. Here’s a helpful analogy. Every leader is
demand or because it’s easy is not a formula for like a lighthouse beaming out light. Most of the
success. The student must select a general field light gets lost. That’s a reality of life. However,
she or he would love to work in, keeping in mind some can touch and transform lives. The sender
that society is moving from a product-oriented to never knows when a beam lands on a ship, but
a service-oriented paradigm. In economics, we when this happens, the ship uses the light to avoid
talk about societies moving from extractive and an accident. Even this is successful networking to

60 February 2016 Published by the IEEE Computer Society 2376-113X/16/$33.00 © 2016 IEEE
 me. Just a handful of ships’ crews might thank the I’m an electrical engineer and computer scientist
lighthouse keeper, but counting only these as suc- by training, but I spend quality time playing clas-
cesses constitutes a narrow view. There’s no right sical piano. I love it.
or wrong here. Ultimately it’s up to the individual
to decide what the networking goal should be. ComputingEdge: What should applicants keep in
There are two considerations: networking should mind when applying for computer tech jobs?
be multimodal, and it’s important to have a role
progression from observer to participant to leader. Castro-Leon: A primary consideration is to break
Multimodal means combining traditional personal the apparent chicken-and-egg problem of job
relationships with both writing and using various postings requiring experience but the applicant
social media. It’s important not to get discouraged.needing a job to get experience. For students, it’s
important to have reasonably good grades, but it’s
We get better with practice. These are useful skills.
not optimal to study to the exclusion of everything
ComputingEdge: What advice would you give else. Participating in certain extracurricular activi-
college students to provide them with an advan- ties, such as journalism, will provide good oppor-
tage over the competition? tunities to learn communication skills and earn
points on the résumé.
Castro-Leon: Profes- Seek people who are pos-
sionals with the best There is no negative in itive role models. Seek
chances of success are opportunities for giving.
T-shaped professionals.
changing careers, as long Giving could be helping
This is a well-known as the events are part of a a friend in true need or
term in service science. volunteering. Worrying
coherent strategy.
It refers to people who about the “me” part all
have deep expertise in the time clouds the mind.
one area but who also

C
have strong interdisciplinary skills and a level
of comfort collaborating with experts in other omputingEdge’s Lori Cameron inter-
areas. The lone inventor is I-shaped, does not viewed Castro-Leon for this article. Con-
fit well in an integration society, and is unable to tact her at [email protected] if you
build bridges to other people to make wonderful would like to contribute to a future ComputingEdge
things happen. article on computing careers. Contact Castro-Leon
at [email protected].
ComputingEdge: What advice would you give
people changing careers midstream?

Castro-Leon: There is no negative in changing

careers, as long as the events are part of a coherent
strategy. This change can be used as a strength.
Give some thought to finding complementary
angles. Music and engineering or law and engi-
neering are not necessarily incompatible. In fact,
I recommend that a T-shaped person engage in
a totally different activity. It brings a broader per-
spective that can only improve chances of success, Selected CS articles and columns are also available for
free at http://ComputingNow.computer.org.
even if it’s not done professionally. For instance,

www.computer.org/computingedge 61
 CAREER OPPORTUNITIES

CLOUDERA, INC. is recruiting for our review the feedback from developers & to: Recruiting, InnerWorkings, Inc., 600
Palo Alto, CA office: Build Technical testers, & deliver ongoing improvement. West Chicago Avenue, Suite 850, Chi-
Customer Success Manager: architect Mail resume w/job code #36907 to: cago, IL 60654.
enterprise data solutions for large or- Cloudera, Attn.: HR, 1001 Page Mill Rd.,
ganizations. Mail resume w/job code Bldg. 2, Palo Alto, CA 94304. CLOUDERA, INC. is recruiting for our
#36728 to: Cloudera, Attn.: HR, 1001 Palo Alto, CA office: Solutions Archi-
Page Mill Rd., Bldg. 2, Palo Alto, CA BLACKBOARD SYSTEM ADMINIS- tect: work on core products by contrib-
94304. TRATOR: devel. & maintain global LMS; uting code changes to those products.
LMS environ. configuration & modifica- Travel Required. Mail resume w/job
CLOUDERA, INC. is recruiting for our tion; customize LMS modules; use Ora- code #36996 to: Cloudera, Attn.: HR,
New York, NY office: Professional Ser- cle, SQL, Unix, JavaScript, and HTML. 1001 Page Mill Rd., Bldg. 2, Palo Alto, CA
vices Practice Director: manage sales MS in CS or related + 2 yrs of exp. OR 94304.
& delivery of professional srvcs (con- BS+5. Email [email protected] w/
sulting) to Cloudera customers for a de- Job#10786 in subj. line. Laureate Edu- PROGRAMMER ANALYST: Design and
fined regional territory. Recruit, retain, cation, Inc. 7080 Samuel Morse Dr., Co- develop advanced solutions for soft-
manage and mentor a team of technical lumbia, MD 21046. EOE. ware applications using knowledge in
consultants. Mail resume w/job code Apex, Visual Force, Data Loader, HTML,
#34478 to: Cloudera, Attn.: HR, 1001 JAVA DEVELOPER (E-COMMERCE). JavaScript, CSS, Workflow rules & Ap-
Page Mill Rd., Bldg. 2, Palo Alto, CA Des./dev./implement/test procure- provals, Reports, Custom Objects, Se-
94304. ment/e-commerce software. Bach. curity Controls, Sandbox data Loading,
degree (Computer Science) or higher Data Loader, Custom third party apps
CLOUDERA, INC. is recruiting for req’d. Min. 2 years’ exp. in programmer configuration and management, REST
our Palo Alto, CA office: Build and Re- analyst or software dev. posn’s req’d. API and SOAP API based integration.
lease Engineer: analyze build failures Prior exp. must incl. dev. using Java 6 Must be willing to travel & reloc to unan-
& reduce build failure occurring due to language & Hibernate framework. In- ticipated client locations throughout the
non-product code issues, periodically nerWorkings, Inc., Chicago, IL. Resumes US. Reqs MS in comp sci, eng or rel. Mail

Cisco Systems, Inc. is accepting resumes for the following positions:

BELLEVUE, WA: Technical Marketing Engineer (Ref.# BEL8): Product Manager (Ref.# RTP621): Create high level marketing
Responsible for enlarging company’s market and increasing revenue by strategies and concepts for company solutions for markets and segments
marketing, supporting, and promoting company’s technology to customers. worldwide. IT Manager (Ref.# RTP108): Design, architect and
Travel may be required to various unanticipated locations throughout the implement Data Center infrastructure. Software/QA Engineer (Ref.#
United States. RTP4): Debug software products through the use of systematic tests to
BOXBOROUGH, MA: Customer Support Engineer (Ref.# develop, apply, and maintain quality standards for company products.
BOX7): Responsible for providing technical support regarding the RICHARDSON, TX: Customer Support Engineer (Ref.#
company’s proprietary systems and software. Network Consulting RIC1): Responsible for providing technical support regarding the
Engineer (Ref.# BOX11): Responsible for the support and delivery of company’s proprietary systems and software. Manager, Technical
Advanced Services to company’s major accounts. Services (Ref.# RIC18): Responsible for leading a team in the delivery
COLUMBIA, MD: Software Engineer (Ref.# COLU1): of world-class customer support on a line of products or for a targeted
Responsible for the definition, design, development, test, debugging, group of customers. Telecommuting permitted. Product Manager,
release, enhancement or maintenance of networking software. Software Engineering (Ref.# RIC126): Responsible for managing the
Development Manager (Ref.# COLU4): Lead a team in the development and implementation of new product introduction engineering
design and development of company’s hardware or software products. activities to meet production launch schedules, quality and cost objectives.
FORT LAUDERDALE, FL: Software Engineer (Ref.# FL11): RICHFIELD, OH: Hardware Engineer (Ref.# RICH2):
Responsible for the definition, design, development, test, debugging, release, Responsible for the specification, design, development, test, enhancement,
enhancement or maintenance of networking software. Telecommuting and sustaining of networking hardware.
permitted. RICHMOND, VA: Network Consulting Engineer (Ref.#
ISELIN/EDISON, NJ: Network Consulting Engineer (Ref#: RIV21): Responsible for the support and delivery of Advanced Services to
ED9): Responsible for the support and delivery of Advanced Services to company’s major accounts. Telecommuting permitted.
company’s major accounts. Telecommuting permitted. SAN DIEGO, CA: Engineering Architect (Ref.# SD3): Work on
JACKSONVILLE, FL: Solutions Architect (Ref.# JAC1): the cutting edge of a wide range of innovative company’s WebEx uses cases.
Responsible for IT advisory and technical consulting services development SAN JOSE/MILPITAS/SANTA CLARA, CA: Engineering
and delivery. Architect (Ref.# SJ851): Responsible for understanding and
RESEARCH TRIANGLE PARK, NC: Systems Engineer (Ref.# translating customer requirements combined with state of the art for
RTP355): Provide business-level guidance to the account team or company’s technologies into innovative engineering solutions and products.
operation on technology trends and competitive threats, both at a technical Network Consulting Engineer (Ref.# SJ9): Responsible for the
and business level. Telecommuting permitted. Software Engineer support and delivery of Advanced Services to company’s major accounts.
(Ref.# RTP3): Responsible for the definition, design, development, test, PLEASE MAIL RESUMES WITH REFERENCE NUMBER TO CISCO
debugging, release, enhancement or maintenance of networking software. SYSTEMS, INC., ATTN: M51H, 170 W.Tasman Drive, Mail Stop: SJC 5/1/4,
Network Consulting Engineer (Ref.# RTP2): Responsible for the San Jose, CA 95134. No phone calls please. Must be legally authorized to
support and delivery of Advanced Services to company’s major accounts. work in the U.S. without sponsorship. EOE.

www.cisco.com
62 February 2016 Published by the IEEE Computer Society  2376-113X/16/$33.00 © 2016 IEEE
94 CO M PUTE R PUBLISHED BY THE IEEE COMPUTER SOCIET Y 0018-9162/16/$33.00 © 2016 IEEE
 CAREER OPPORTUNITIES

resumes to Keypixel Software Solutions

LLC, 777 Washington Rd Suite 1 Parlin
NJ 08859.
Juniper Networks is recruiting for our Sunnyvale, CA office:
Test Engineer #30272: Design, develop and tailed software functional and design
SR. TECHNICAL ANALYSTS L2 sought
implement testing methods to validate the specifications.
by IT firm in Herndon, VA. Qualified
implementation of the DWDM, Coherent ASIC Engineer #26133: Perform ASIC ver-
candidates will have Master degree
OTN Packet Optical functionality, with fo- ification for large, complex high-speed
in Comp. Sci. or related field and 36
months as Technical Analyst or similar cus on system architecture of the product ASICs for Juniper’s next generation of
position. Experience with Java, JEE, to fit Service Providers’ deployments and networking products.
Oracle, Conceptwave 4.1, Eclipse, We- equipment for all phases of product de- Software Engineer #29956: Review Soft-
blogic, RSA, Linux, Spring, SOAP Web- velopment and manufacturing. ware Functional specification and Unit
Services and Maven required. Send re- Resident Engineer Senior Staff #2432: Hold Tests. Develop Automation framework to
sumes to: Apptium Technologies, LLC. design and information gathering work- support smoke tests and unit test script-
12950 WorldGate Dr., Ste. 710, Herndon, shops with the customer to  understand ing infrastructure.
VA 20170. the customer’s existing network design Software Engineer #29427: Analyze, de-
and technical requirements. Assist ac- sign, develop, debug, and modify JUNOS
count and sales team with technical ac- features. Interact with PLM to refine re-
SR. DATA ANALYTICS DEVELOPER
tivities in new and existing opportunities. quirements. Work with Systest team to fix
(OBIEE). Ascension Health-IS, Inc. is
seeking a full-time Sr. Data Analytics May work at other undetermined loca- defects.
Developer (OBIEE) in St. Louis, Missouri tions throughout the U.S.
Software Engineer Staff #25168: Devel-
to work with users to define new appli- Software Engineer #31412: Design, de- op software for Juniper’s JUNOS packet
cation requirements and resolve project velop, troubleshoot and maintain net- forwarding engine. Capture customer
issues; code, design and develop data working, kernel, TCP and IP solutions on requirements and translate them to cus-
warehouse/analytics toolsets; support Junos, which is a flavor of the FreeBSD tomer visible features.
toolsets using OBIEE; troubleshoot ap- UNIX operating System.
Functional Sys Analyst Staff #35757: Part-
plications and datasets; monitor and Senior Systems Engineer #9050: Develop ners with business on FICO track. Under-
maintain installed systems; and re- and deliver detailed technical sales sup- stands SAP functionality to satisfy busi-
search solutions and technology. Con- port to customers and business partners. ness requirements and solve complex
tact Jenna Mihm, Vice President Legal Identify clients and conduct pre-sales business problems.
Services & Associate General Counsel, meetings and presentations with custom-
Solutions Architect #6172: Define, design,
Ascension Health, 4600 Edmundson ers and business partners to demonstrate
and develop solution architecture speci-
Road, St. Louis, MO 63134, 314-733- and showcase company’s product port-
fications and improvements that address
8692, Jenna.Mihm@ascensionhealth. folio, solutions and services. May work at
market and customer requirements and
org To apply for this position, please ref- other undetermined locations through-
be implemented using company prod-
erence Job Number 02. out the U.S. Travel required. Telecom-
ucts and solutions.
muting allowed. Fluent in Spanish and
English required. Technical Support Engineer #37046: Pro-
DATA WAREHOUSE AND ANALYTICS
vide technical support to large Internet
DEVELOPERS (ETL/INFORMATICA) Software Engineer Staff 19474: Design,
Service Providers and/or enterprise cus-
Ascension Health-IS, Inc. is seeking develop, troubleshoot, debug and im-
tomers using high level expertise of com-
two Data Warehouse and Analytics plement features and enhancements for
pany specific products.
Developers (ETL/Informatica) in St. Software Defined Network (SDN) solu-
Louis, Missouri to code design and tions in an agile, fast paced manner. Software Engineer #17501: Design, devel-
development on the data warehouse/ op, implement, troubleshoot, and debug
Software Engineer #30892: Design, devel-
analytics Extract Transform Load (ETL) application enhancements and function-
op, troubleshoot and debug new tools
toolset, Informatica PowerCenter; sup- ality in company’s server manager prod-
for mobility services, and software to test
port Informatica toolset; integrate and uct. Re-design and implement software
company routers.
develop other technologies. Research features and tools in support of the prod-
Software Engineer #27757: Design, develop uct’s infrastructure and platform. Assist
solutions and technology; participate and debug kernel networking features for JU- in field and customer support of server
in testing (e.g. user acceptance test- NOS. Work on high availability features.
ing, unit, system, regression, integra- manager product.
tion testing); develop test plans and Technical Support Engineer #35316: Pro- Test Engineer #14613: Responsible for de-
documentation; debug code. Contact vide tech support and deliver diagnostics veloping and supporting extended unit
Jenna Mihm, Vice President Legal Ser- and root-cause analysis for network im- testing frameworks, writing test plan and
vices & Associate General Counsel, pacting issues on Juniper routing prod- test cases to test the various features pro-
Ascension Health, 4600 Edmundson ucts to large ISPs & enterprise customers. vided by the operating system.
Road, St. Louis, MO 63134, 314-733- Software Engineer #29366: Develop de-
8692, Jenna.Mihm@ascensionhealth. Juniper Networks is recruiting for our Westford, MA office:
org To apply for this position, please
ASIC Engineer #35189: Author test plans Verilog and under Unified Verification
reference Job Number 03.
for ASIC block level designs. Design and Methodology (UV M).
code test bench and test suites in System
SENIOR SYSTEM ENGINEER LEAD
sought in San Diego, CA area. Master’s Mail single-sided resume with job code # to
deg in Comp Sci or related field, & 36 Juniper Networks
months of exp reqd. Mail resume to Vet- Attn: MS A.8.429A
erans EZ Info Inc, 1901 1st Ave, Ste 192, 1133 Innovation Way
San Diego, CA 92101. Sunnyvale, CA 94089

www.computer.org/computingedge 63
FEBRUARY 2016 95
CAREER OPPORTUNITIES

Apple Inc. has the following job opportunities in Cupertino, CA:

Hardware Development Engineer Human Interface Designer (REQ# next-gen Sensing Tech. Travel req’d:
(REQ#9CYU46). Dsgn & dev HW 9D6N27) Conceive, dsgn, & dvlp fu- 25%.
for iPhone. Sys intgrtn of analog & ture enhancements to Apple’s prdct & Senior Software Engineer Applica-
digital elctrncs from concept through UI experiences. tions (REQ#9J7MUX) Architect, Des
prdctn. Travel Reqd 25%. Hardware Development Engineer & dev web & iOS solutions for Apple
Localization Engineer (REQ# (REQ#9FM3RV) Research, dsgn, Retail, Sales and Marketing & wrk
9EZW5X). Respon for trans, proof, dvlp, & launch next-gen Sensor across multi proj’s.
& edit sw products, web content, Technlgys in Apple prdcts. Software Development Engineer
user interface elements & rel mate- Software Engineer Applications (REQ#9TD3H2). Deliver high qual-
rials from Eng to Danish. Fluency in (REQ#A2L3AT) Dsgn & implmnt ity, polished web apps. that are intui-
written & spoken Danish. SW & tools for eCommerce syss us- tive and easy to use.
Hardware Development Engineer ing the Spring app framework stack. ASIC Design Engineer (REQ#
(REQ#9PWUZ3) Dsgn & dvlp pwr Mechanical Design Engineering 9MWV5Y). Design complex CPU and
electronics & controls. Manager (REQ#9EH3UE) Set up SOC microprocessors.
Software Development Engineer & mnge supply chain to support new Product Design Engineer (REQ#9US-
(REQ#9A639A). Dev., debug and test prdct dvlpmnt & launch of Apple PEH). Design and optimize products
code using Object Oriented concepts. prdcts. Travel req. 35%. affected by air flow, liquid flow, con-
Software Engineer, Security & Com- Software Engineer Applications vective heat transfer, conductive heat,
pliance (REQ#9Q6PYK) Resp for the (REQ#9AYURM). Build and main- and radiative heat transfer using ana-
overall security & compliance of the tain content mgmt. sys. for iTunes lytical techniques and computational
SW apps. Content. fluid dynamics SW.
Software Development Engineer Hardware Development Engineer Software Engineer Applications
(REQ#9BFUZV) Work w/ a team (REQ#9GX2SK). Dev. new display (REQ#A5447A). Des & dev SW &
of cellular protocol test & dvlpmnt tech. and implement critical tech. tools for large-scale system op’s & de-
engineers to help deliver HQ prdct platforms to improve display optical ployment automation.
releases. performance. Hardware Development Engineer
Software Development Engineer Systems Design Engineer (REQ# (REQ#9E6374) Dsgn, dvlp, & launch
(REQ#9R6TC9) Dsgn & dvlp SW for 9FTSZA). Des instrumentation sys the nxt-gen display and panel dsgn
user mngmnt, workflow, and ticket- for input devices & sensors. Travel technglys for Apple prdcts. Travel req
ing syss. req’d 20%. 20%.
Hardware Development Engineer Software Engineer Applications Software Development Engineer
(REQ#9RGSDY). Desgn, dev & val- (REQ#9U229F) Dsgn & Dvlp web (REQ#9FE3WJ) Dsgn, dvlp, & debug
idate electrical HW for iPhone systs, service APIs for use by internal clients. SW for intelligent personal assistnt
w/ emphasis on Power Management Software Engineer Systems SW (Siri) on mobile dvices.
syst. Travel req’d: 15%. (REQ#9F23FW). Support res & dev Software Engineer Applications
Firmware Manager (REQ#9CYPMM) of comp vision for mobile devices. (REQ#9M4UB6) Run test automa-
Mnge an algorithms team in spprt of Firmware Engineer (REQ#9LUSCB) tion for UI as well as services.
nxt gen input devices. Des & dev firmware for wireless au- Software Development Manager
ASIC Design Engineer (REQ# dio products. (REQ#9V4U6W). Lead a team to
9M2PSZ). Create FPGA-based proto- Software Development Engineer test, assess, and improve perf. and
typing syst for bringup and verifica- (REQ#9FTNRY). Support new prod scalability of Siri.
tion/ validation tasks. intro test environ for factory test. ASIC Design Engineers (REQ#
Software Quality Assurance Engi- Travel req 35%. 9HCV9G) Dvlp DFT logic & insert
neer (REQ#9LM3CA). Test multi- Label Relations Specialist (REQ# Scan related logic in a SOC Dsgn flow.
ple srvcs in distrib envt using web & 9C33CE). Respons for managing rlt- Software Engineer Applications
srver-side test methods for the Apple shps & max sales w/ direct indep la- (REQ#9UNTUW) Contribute to
Online Store. bel partners & artist mgrs in the digi- building and maintaining REST APIs
Automation Software Engineer (REQ# tal music space. & implmnt security features.
9QJ39D). Des & dev SW tools for Fac- Hardware Development Engineer Systems Design Engineer (REQ#
tory Autom Sys to be used in Apple’s (REQ#9JFPC3). Des, dev, & launch 9EFUXM) [Multiple Positions Open].
Manuf process. Travel Req’d: 25%.

64 ComputingEdge February 2016

96 COMPUTER W W W.CO M P U T E R .O R G /CO M P U T E R
 CAREER OPPORTUNITIES

ERICCSON INC. has an opening for

the position of: ENGINEER-RESEARCH
_opening in PLANO, TX to develop
and integrate Proof Of Concept (POC)
Test cell teleph. functionality of iOS 9VTP2P). Des, test & validate prod projects for the realization of ideas and
devices. Travel req’d: 30%. cooling systems. demonstrate feasibility of the concept.
Reference #: 15-TX-2617. APPLICA-
Software Development Engineer Software Engineer Applications TION SUPPORT ANALYST _opening in
(REQ#9GHU7V). Des & dev SW & (REQ#9EGQE9). Des & dev rich web OVERLAND PARK, KS to ensure that
FW for an 802.11 Wi-Fi stack run- apps. Define & architect app prog the application is performing adequately
ning on mbl pltfrm. interfaces. & enough capacity is available to meet
the business requirements & growth
Software Engineer Applications Software Development Engineer projections of the customer. Reference
(REQ#9T5UF2). Dev info security (REQ#9M2PRA) Resp for character- #: 15-KS-2573. DATABASE ANALYST
tools w/ a focus on infrastructure izing & evaluating the end-to-end in- _opening in ATLANTA, GA to support
security. frastrctre perfmnce in supporting of issues, outages, & debugging matters
of the production support in an Oracle
Technical Program Lead (Operations) newest prdct.
environment. Reference # 15-GA-3615.
(REQ#9D9PVR). Dev & spprt new Software Development Engineer ENGINEER - SERVICES SOFTWARE_
product intrdctns. Dev final assm- (REQ#9N5T7N) Dsgn & implmnt opening in ATLANTA, GA to conduct
bly processes for new prgrms incldng device drivers for peripheral devices data migration projects and develop and
design in accordance with customer re-
fixtures & automation. Travel Req’d across all iOS HW pltfrms. quirements. Reference #: 15-GA-3476.
30% Software Development Engineer ENGINEER - SOFTWARE _ opening in
Software Engineer Applications (REQ#9SS5DB) Dsgn & dvlp highly SAN JOSE, CA to perform system veri-
fication of developed & legacy function-
(REQ#9WY3KP) Dsgn & dev large scalable, performant & reliable Java/
ality on real equipment for IP routers.
scale distributed systms to support J2EE apps for consumer apps. Reference #: 15-CA-2908. ENGINEER
workflow engines that process & Engineering Project Manager (REQ# - SOFTWARE _ opening in SAN JOSE,
compute large amount of data in var- 9QF285) Display Module EPMs de- CA to develop IP Operating Systems
ious domains. routing software to meet the needs of
fine over proj plan & set the prog dis- a diverse set of platforms and applica-
Engineering Project Lead (REQ# play qual strategy. tions powering networks. Reference #:
9TU6N8). Respon for develop aspects 15-CA-3007. ENGINEER SOFTWARE
of sw projs for Fin & Admin Sys. SERVICES _ opening in BELLEVUE, WA
Software Development Engineer
Apple Inc. has to drive sales strategies and manage
solution design and delivery. Reference
(REQ#9ZM2F2). Des & dev a digi the following job #: 16-WA-2936. ENGINEER – SERVICES
prsnl asst for mobile dvcs. SOFTWARE _ opening in BELLEVUE,
opportunities WA to analyze, prepare, implement and
Software Development Engineer
(REQ#9F7TFL). Rsrch, dsgn, dvlp & in Culver City, CA: verify the configuration and integration
of a node, network or system. Reference
maintain Apple’s compiler tech. #: 16-WA-3497. ACCOUNT MANAGER
Mechanical Design Engineer (REQ# _ opening in HERNDON, VA to lead
ASIC Design Engineer (REQ# 9LUSCQ). Design & develop new sales team in lead generation, propos-
9TN2GT). Implement physical design consumer audio products. Travel als, commercial negotiations, & close of
of partitions for highly complex SOC req’d: 25%. sale. 30% domestic/international travel
utilizing state of the art process tech. required. Reference #: 15-VA-1433. To
apply, please mail resume & include
Information Systems Engineer applying for appropriate reference # to:
(REQ#9WEQ7U). Design and dev. Ericsson Inc. 6300 Legacy Dr., R1-C12,
scalable, high perf. portal solutions Plano, TX 75024.
using J2EE and other tech.
Senior Software Engineer (REQ# DATA SYSTEMS ANALYSTS. Multiple
positions available in Amherst, MA.
9ZTVTH). Dsgn, dev & maintain Build services from data to enable enter-
data ingest/export jobs between rela- prise-wide, data-driven decision mak-
tional DBs & hadoop dstrbtd file sys Refer to Req# ing. Participate in project setup, discus-
using Apache Sqoop. & mail resume to sion of approaches and methods, data
strategies, and extract transform and
ASIC Design Engineer (REQ#9F8T2J) Apple Inc., ATTN: L.J. load (ETL) processes. Carry out statisti-
Implmnt complex, high prfmnce & 1 Infinite Loop 104-1GM cal analysis and programming in R and
low power microprocessor (CPU) Cupertino, CA 95014. Python. Design and build visualizations
units using gate-lvl logic dsgn, P&R, and collaborate across functions and
Apple is an EOE/AA m/f/
and HDL synthsis. business units. Direct applications to:
disability/vets. ATTN: L. Sawtelle, MIP F105, Massachu-
Product Design Engineer (REQ# setts Mutual Life Insurance Company,
1295 State Street, Springfield, MA 01111;
Please Reference Job ID 708202100.

www.computer.org/computingedge 65
FEBRUARY 2016 97
CAREER OPPORTUNITIES

WYDE CORP. has multi openings at Sign On; CA Privileged Indentity Man- business case, modeling, & strategic
various levels for the following posi- ager. Frequent travel to unanticipated analysis on a variety of projects. Job ID:
tions at its office in Bloomington, MN client sites throughout the US; Work 15-TX-2620. PROJECT MANAGER _ for
& unanticipated client sites thr/o the from home anywhere in the US. Send scheduling, tracking, & implementation
US 1. Business Analyst* - Conduct Org. resume to: Althea Wilson, CA Technol- of projects supporting key customer
studies & recommend IT solutions. 2. ogies, One CA Plaza, Islandia, NY 11749, deliverables to the highest customer
SW Developer* - Design, develop & Refer to Requisition # 118862 satisfaction, while driving cost, quality,
modify s/w sys. 3. SW Developer Mgr & timeliness. Job ID: 16-TX-2659. To
– Manage s/w development project 4. ERICSSON INC. has openings for po- apply please mail resume to Ericsson
SW Architect* - Develop IT architecture sitions in Plano, TX: SOLUTIONS AR- Inc. 6300 Legacy Dr, R1-C12 Plano, TX
solution 5. SW Architect Mgr – Manage CHITECT _ to define, analyze & manage 75024 & indicate appropriate Job ID. To
IT architecture development projects 6. customer requirements utilizing Erics- apply please mail resume to Ericsson
Project Manager – Plan & manage proj- son’s OSS & BSS portfolio. Up to 20% Inc. 6300 Legacy Dr, R1-C12 Plano, TX
ect execution. Must have a Bachelor/ domestic travel required. Job ID: 16-TX- 75024 & indicate appropriate Job ID.
equiv and prior rel. exp, Master/equiv, or 3091. RF ENGINEER _ responsible for
Master/equiv and prior rel. exp. Edu/exp interaction & coordination with RF Eng, SENIOR SOFTWARE DEVELOPER:
req vary depending on position level/ Natl. RF Tech Team, Switch Operations, Design & develop new computer soft-
type. Managerial and *Lead positions Field Operations, Ntwk Development, & ware. Work with & supervise devel-
in this occupation must have Master/ Device Development. Telecommuting opers to ensure seamless integration
equiv+2yr or Bach/equiv+5yr progres- is available for this position from any- between backend application & the
sive exp. Travel/relo req. Send resume where in the US. Job ID: 16-TX-635. EN- foreground web application. Liaise with
& applied position to: Kristen Kaul, HR GINEER – SERVICES SOFTWARE _ to & supervise technical staff to explore
North America, Wyde Inc. 3600 Amer- participate in software loading, configu- & suggest strategic technical solu-
ican Blvd. W., Suite 330, Bloomington, ration, integration, verification, and trou- tions for the development of location
MN 55431. bleshooting of existing solutions. Re- & mapping technology. Supervise test
quires 20% of domestic & international & Operations teams to troubleshooting
SENIOR SERVICES SPECIALIST (NY, NY travel. Job ID: 16-TX-3571. ENGINEER- & resolve issues throughout the life-
and unanticipated client sites in US) Pro- RESEARCH _ to develop & integrate cycle. Use technologies being utilized
vide security & compliance & architec- Proof Of Concept (POC) projects for in product development such as Dart,
ture consulting. Architect & implement the realization of ideas & demonstrate JavaSCript, Java, HTMLS, CSS3 as well
security & compliance system controls. feasibility of the concept. Job ID: 15-TX- as client/server application processes
Collaborate with partners to distribute & 2617. BUSINESS CONSULTANT _ to and multi media and internet technol-
promote products & services. REQS: 5 support Ericsson business units bridge ogy. Use IOT and Building Intelligence
yrs exp in job &/or rel occup. Must have the gap betw’ strategy & implementa- Software and protocols such as hay-
exp w/ CA Data Protection; Collaborat- tion by driving the projects focused on stack, MQTT, BACnet. Bachelors de-
ing with channel partners; CA Single Ericsson growth initiatives & provide gree in Information Systems Engineer-
ing or Computer Science or Software
Engineering plus 5 yrs exp. req’d. 40
hrs/wk. Job Site & Itvu: Oakland, CA.
Send resume to Mr. Mazo at DGLogik,
Inc. at [email protected].
CLASSIFIED LINE AD SUBMISSION DETAILS: Rates are $425.00 per column
inch ($640 minimum). Eight lines per column inch and average five typeset SR. CONSULTANT/SYSTEMS ADMIN-
words per line. Send copy at least one month prior to publication date to: Debbie ISTRATOR F/T (Fishkill, NY) Position
Sims, Classified Advertising, Computer Magazine, 10662 Los Vaqueros Circle, involves travel to various unanticipated
worksites up to 100% of the time any-
Los Alamitos, CA 90720; (714) 816-2138; fax (714) 821-4010. Email: dsims@ where in the United States. Must have
computer.org. Bach deg or the foreign equiv in Elec-
tronic Engg, Engg, Electronics & Com-
In order to conform to the Age Discrimination in Employment Act and to dis- munication Engg, Comp Sci, or related
with five (5) years of progressive expe-
courage age discrimination, Computer may reject any advertisement containing rience Designing, Building or Fixing &
any of these phrases or similar ones: “…recent college grads…,” “…1–4 years Supporting integration interfaces that
maximum experience…,” “…up to 5 years experience,” or “…10 years maximum meets business requirements using
QTP. Configuring and managing VM-
experience.” Computer reserves the right to append to any advertisement with- ware on Dell, HP. Configuring & Manag-
out specific notice to the advertiser. Experience ranges are suggested minimum ing Vcenter server cluster with Vsphere
requirements, not maximums. Computer assumes that since advertisers have HA and DRSsenabled of VMotion,
VSwitch and VLAN’s in Vcenter server.
been notified of this policy in advance, they agree that any experience require- Managing snapshots, Clones, templates
ments, whether stated as ranges or otherwise, will be construed by the reader as during patch releases and new server
deployment. Provide leadership in rec-
minimum requirements only. Computer encourages employers to offer salaries ommending and implementing contin-
that are competitive, but occasionally a salary may be offered that is significantly uous process improvement, education
below currently acceptable levels. In such cases the reader may wish to inquire and training requirements to manage-
ment staff. Send resume: Novisync, Inc.,
of the employer whether extenuating circumstances apply. Recruiting (VC), 300 Westage Bus Ctr
Dr, Ste 350, Fishkill, NY 12524.

66 ComputingEdge February 2016

98 COMPUTER W W W.CO M P U T E R .O R G /CO M P U T E R
 CAREER OPPORTUNITIES

SR. HYPERION CONSULTANT. Job MANAGER. Job location: Miami, FL & 2 yrs. exp. in job offered or 2 yrs. exp.
location: Miami, FL & any other un- any other unanticipated locations in U.S. as a Consultant or Systems Analyst.
anticipated locations in U.S. Travel Travel Required. Duties: Participate in Concurrent exp. must incl.: 2 yrs. exp.
Required. Duties: Design & develop definition, develop., & implementation with design, develop. & deployment of
Hyperion forecasting/budgeting appls. of info systems based on client re- Hyperion Planning & Essbase appls. & 2
Develop hierarchies in Hyperion Data quirements. Assist in design, develop., yrs. exp. developing complex financial
Relationship Mgmt. (DRM). Resp. for & deployment of Hyperion Planning & reports using Financial Reporting Stu-
developing data processes for Hype- Essbase appls. Resp. for full systems dio. Send resume (no calls) to: Michelle
rion appls. & designing & developing develop. lifecycle (SDLC) from require- Ramirez, The Hackett Group, Inc., 1001
security processes for Hyperion appls. ments gathering through implement. of Brickell Bay Dr., Suite 3000, Miami, FL
Requires: M.S. degree in Comp. Sci., software arch. solutions. Develop com- 33131.
Eng. or related field & 3 yrs. exp. in the plex financial reports & budget books
job offered or 3 yrs. exp. as a Hyperion for clients using Financial Reporting SANDISK CORPORATION has open-
Developer or Hyperion Analyst. Will Studio & Oracle BI tools. Resp. for ad- ings in San Jose, California for Staff
accept B.S. (or foreign equiv.) & 5 yrs. ministering, automation, optimization & Systems Design Engineers to define
exp. in computer ind. in lieu of M.S. & 3 perform. tuning of Essbase appls., data/ processes for technical platforms, sys-
yrs. exp. Concurrent exp. must incl.: 3 metadata processing, upgrading, test- tem specifications, and input/output
yrs. exp. with forecasting & budgeting ing & migrating of cubes between differ- and working parameters for hardware
Hyperion appls.; 3 yrs. exp. with secu- ent server environs.Perform automating and software compatibility. Job code:
rity in Hyperion; & 3 yrs. exp. with DRM. loading of data in the system & writing SD582. To apply, reference job code #
Send resume (no calls) to: Michelle scripts to perform calcs. using calc. & mail resume to: SanDisk Corporation,
Ramirez, The Hackett Group, Inc., 1001 scripts, Load Rules, MaxL, MDX, batch & 951 SanDisk Drive, MS: HRGM, Milpitas,
Brickell Bay Dr., Suite 3000, Miami, FL shell scripting.Requires: M.S. degree in CA 95035. EOE.
33131. Comp. Sci, MIS, Eng. or related field &

ADVERTISER INFORMATION • FEBRUARY 2016

Advertising Personnel Phone: +1 508 394 4026

Fax: +1 508 394 1707
Debbie Sims: Advertising Coordinator
Email: [email protected] Southwest, California:
Phone: +1 714 816 2138 | Fax: +1 714 821 4010 Mike Hughes
Email: [email protected]
Chris Ruoff: Senior Sales Manager Phone: +1 805 529 6790
Email: [email protected]
Phone: +1 714 816 2168 | Fax: +1 714 821 4010
Advertising Sales Representative (Classifieds & Jobs Board)
Advertising Sales Representatives (display)
Heather Buonadies
Central, Northwest, Southeast, Far East: Email: [email protected]
Eric Kincaid Phone: +1 201 887 1703
Email: [email protected]
Phone: +1 214 673 3742
Fax: +1 888 886 8599

Northeast, Midwest, Europe, Middle East:

David Schissler
Email: [email protected]

www.computer.org/computingedge 67
FEBRUARY 2016 99
CAREER OPPORTUNITIES

Help build the next generation of systems behind Facebook's products.

Facebook, Inc.
currently has the following openings in Menlo Park, CA (various levels/types):
Solutions Engineer (SEJ) Combine technical & business skills to make our partners successful & improve Facebook platform. Data Engineer
(3584J) Build data solutions that help product & business teams at Facebook to make data driven decisions. UX Researcher (6450J) Oversee &
design the user experience component to generate actionable insights. Development Operations Engineer (DevOps) (4021J) Innovate,
develop, & operate the next generation of Facebook’s Internal Infrastructure serving the productivity needs of the entire company. Technology
Partner (3606J) Ability to understand revenue recognition rules & interpret & configure those in to revenue applications. Research Manager
(1602J) Drive the overall strategy & operations of the research team at Facebook, ensuring highly relevant, timely, & effective research. Security
Engineer (3499J) Research & develop internet security protocols/standards & get them adopted.
Mail resume to: Facebook, Inc. Attn: SB-GIM, 1 Hacker Way, Menlo Park, CA 94025. Must reference job title & job# shown above, when applying.

WhatsApp, Inc.
currently has the following openings in Mountain View, CA (various levels/types):
Mobile Software Developer (5758J) Design and develop software applications for mobile message products.
Mail resume to: WhatsApp, Inc. c/o Facebook Inc. Attn: SB-GMI, 1 Hacker Way, Menlo Park, CA 94025.
Must reference job title and job# shown above, when applying.

TECHNOLOGY
Intuit Inc.
has openings for the following positions in Santa Clara County, including Mountain View, California or any office within normal commuting distance:
Data Scientists (Job code: I-537): Provide guidance and support to Business leaders and stakeholders on how best to harness available data in
support of critical business needs and goals. Participate in the full cycle of iterative big data exploration, including hypothesis formulation, algorithm
development, data cleansing and testing. Staff Application Operations Engineers (Job code: I-1828): Design and develop new software applica-
tions, services, features and enhancements, and maintain existing software products. Product Managers (Job code: I-966): Gathering requirements,
use cases and functional specifications for data products for internal and external customers of Intuit. Prioritize customer needs, analyze landscape and
develop product roadmaps for products aligned with Quickbooks data strategy.

Positions located in San Diego, California: Senior Data Engineers (Job code: I-141): Design, develop, and implement data movement and integration
processes in preparation for analysis, data warehousing, and operational data stores, involving very large quantities of data. Managers, Development
(Job code: I-138): Apply a full understanding of the business, the customer, and the solutions that a business offers to effectively design, develop, and
implement operational capabilities, tools and processes that enable highly available, scalable & reliable customer experiences. Senior Systems
Engineers (Job code: I-124): Exercise senior level knowledge in selecting methods and techniques to design, implement, and maintain servers for
Intuit’s leading commercial software products. Work on problems of complex scope where analysis of data requires evaluation of multiple factors of the
overall product and service.

Positions located in Plano, Texas: Managers 3-Group Research & Analysis (Job code: I-103): Lead and develop an expanded team of business
analysts, technical data analysts and data scientists to provide timely and effective insights to business teams and act as a trusted business partner.

To apply, submit resume to Intuit Inc., Attn: Olivia Sawyer, J203-6, 2800 E. Commerce Center Place, Tucson, AZ 85706.
You must include the job code on your resume/cover letter. Intuit supports workforce diversity.

68 ComputingEdge February 2016

100 COMPUTER W W W.CO M P U T E R .O R G /CO M P U T E R
 CAREER OPPORTUNITIES

IEEE TRANSACTIONS ON

NEW
IN 2015
MULTI-SCALE
COMPUTING SYSTEMS
SCOPE
The IEEE Transactions on Multi-Scale Computing Systems (TMSCS) is a peer-reviewed publication
devoted to computing systems that exploit multi-scale and multi-functionality. These systems consist
of computational modules that utilize diverse implementation scales (from micro down to the nano
scale) and heterogeneous hardware and software functionalities; moreover, these modules can be
based on operating principles and models that are valid within but not necessarily across their
respective scales and computational domains. Contributions to TMSCS must address computation of
information and data at higher system-levels for processing by digital and emerging domains. These
computing systems can also rely on diverse frameworks based on paradigms at molecular, quantum
and other physical, chemical and biological levels. Innovative techniques such as inexact computing,
management/optimization of smart infrastructures and neuromorphic modules are also considered
within scope.

This publication covers pure research and applications within novel topics related to high performance
computing, computational sustainability, storage organization and efficient algorithmic information
distribution/processing; articles dealing with hardware/software implementations (functional units,
architectures and algorithms), multi-scale modeling and simulation, mathematical models and
designs across multiple scaling domains and functions are encouraged. Novel solutions based on
digital and non-traditional emerging paradigms are sought for improving performance and efficiency
in computation. Contributions on related topics would also be considered for publication.

SUBSCRIBE AND SUBMIT

For more information on paper submission, featured articles, call-for-papers,
and subscription links visit:

www.computer.org/tmscs

www.computer.org/computingedge 69
FEBRUARY 2016 101
CAREER OPPORTUNITIES

IEEE Cloud Computing

Call for Papers

A
lthough cloud technologies have been advanced and adopted at an astonishing
pace, much work remains. IEEE Cloud Computing seeks to foster the evolution of
cloud computing and provide a forum for reporting original research, exchanging
experiences, and developing best practices.

IEEE Cloud Computing magazine seeks accessible, useful papers on the latest peer-reviewed
developments in cloud computing. Topics include, but aren’t limited to:

• Cloud architectures (delivery models and deployments),

• Cloud management (balancing automation and robustness with monitoring and
maintenance),
• Cloud security and privacy (issues stemming from technology, process and governance,
international law, and legal frameworks),
• Cloud services (cloud services drive and are driven by consumer demand; as markets
change, so do the types of services being offered),
• Cloud experiences and adoption (deployment scenarios and consumer expectations),
• Cloud and adjacent technology trends (exploring trends in the market and impacts on
and influences of cloud computing),
• Cloud economics (direct and indirect costs of cloud computing on the consumer;
sustainable models for providers),
• Cloud standardization and compliance (facilitating the standardization of cloud tech and
test suites for compliance), and
• Cloud governance (transparency of processes, legal frameworks, and consumer
monitoring and reporting).

Submissions will be subject to IEEE Cloud Computing magazine’s peer-review process.

Articles should be at most 6,000 words, with a maximum of 15 references, and should be
understandable to a broad audience of people interested in cloud computing, big data, and
related application areas. The writing style should be down to earth, practical, and original.

All accepted articles will be edited according to the IEEE Computer Society style guide.
Submit your papers through Manuscript Central at https://mc.manuscriptcentral.com/ccm-cs.

If you have any questions, feel free to email lead editor Brian Brannon at [email protected].

www.computer.org/cloudcomputing
70 ComputingEdge February 2016
102 COMPUTER W W W.CO M P U T E R .O R G /CO M P U T E R
 CAREER OPPORTUNITIES

Analyzin

IEEE SEC
age
LeakBiometric g Archi
tecture
ng Data Spoofing Securing Healthcare Data Data Protection
Preventi License

URITY
■ ■
■
Legislation Creep
the IoT
■
Online
Securing

IEEE SECURITY & PRIVACY

■

Anonym

& PRIVA
unties ■
ity Law
of Bug Bo s
Benefits

CY
LESSONS
IEEE SEC

LEARN
URITY

ECONOMICS OF CYBERSECURITY, PART 1

ED FRO
& PRIVA

M
THE ED
CY

RIAL BO ITO
MULTIDIS

ARD
CIPLIN
ARY SEC
UR

VOLUME
ITY

13
VOLUME 13

NUMB
ER 6
NUMBER 5
VOLUME

NOVE MB
13

ER
NUMBER

/DECEM
SEPTEMBER/OCTOBER 2015

BER 201
4

WW W. 5

DIGITAL EDITION
JULY/AUG

COMP
ust 2015
July/Aug , No. 4
Vol. 13 UTER .OR
UST

WWW.COMPUTER .ORG/SECURITY

September/October 2015
2015

G/SECUR

Vol. 13, No. 5

Novem
be r/Decem
ber 2015
ITY

Vol. 13
, No. 6
WW W.C
OMPUTER
.ORG/S
ECURITY

c1.indd 1111

9/16/15 3:57 PM

SUBSCRIBE FOR $39

Protect your network
$69 Print Edition
Further your knowledge
with in-depth interviews $39 Digital Edition
with thought leaders for Computer Society and
Reliability Society members
Access the latest trends
and peer-reviewed research
$29.99 Qmags Edition
anywhere, anytime

www.qmags.com/SNP
www.computer.org/computingedge 71
FEBRUARY 2016 103
CONFERENCES
in the Palm of Your Hand

IEEE Computer Society’s Conference Publishing

Services (CPS) is now offering conference program
mobile apps! Let your attendees have their conference
schedule, conference information, and paper listings in
the palm of their hands.

The conference program mobile app works for

Android devices, iPhone, iPad, and the Kindle Fire.

For more information please contact [email protected]

 Learn What You Must Know
About Risk Assessment and Mitigation

12 April 2016 | Washington, DC Metro Area

100% Security Solution? Pipedream! Rock Star Speakers

Virtually every company will be hacked, and today,
experts accept that a 100% security solution is not
feasible. Advanced risk assessment and mitigation
is the order of the day.
Rock Stars of Risk-Based Security is the must
attend symposium of its kind in 2016 on this
critical new reality. What attacks can you expect?
How can you be prepared? On April 12, 2016 you’ll
learn the answers to those questions straight from
the people who are driving innovation in risk- Scott Borg Diana Kelly Jake Kouns
based security. Director (CEO) and Executive Security Chief Information
Chief Economist, Advisor, Security Officer,
U.S. Cyber IBM Risk Based Security
Consequences Unit

www.computer.org/rbseast
 The Fourteenth Annual IEEE International Conference on
Pervasive Computing and Communications, PerCom 2016
CALL FOR PARTICIPATION

IEEE PerCom, now in its fourteenth year, is established as the

Organizing Committee premier annual scholarly venue in the area of pervasive computing
General Co-Chairs and communications. Pervasive computing and communications has
Mohan Kumar, Rochester Institute of Technology, USA evolved into a highly active areas of research. Research outcomes
Aruna Seneviratne, DATA61,CSIRO, Australia have found their way to many current commercial systems, due to the
Program Chair
tremendous advances in a broad spectrum of technologies and topics
Christian Becker, Universität Mannheim, Germany including wireless networking, mobile and distributed computing,
privacy and security, sensor systems, context modeling and
Vice Program Co-Chairs reasoning, ambient intelligence, smart devices and others.
Frank Dürr, University of Stuttgart, Germany
Jamie Payton, University of North Carolina at Charlotte, USA PerCom 2016 will provide a leading edge, scholarly forum for
Daniele Ribboni, University of Milan, Italy researchers, engineers, and students alike to share their state-of-the
Workshops Co-Chairs art research and developmental work in the broad areas of pervasive
Chiara Boldrini, IIT-CNR, Italy computing and communications. The conference will feature a
Salil Kanhere, University of New South Wales, Australia diverse mixture of interactive forums: core technical sessions of high
quality cutting-edge research articles; targeted workshops on exciting
Steering Committee Chair
Jadwiga Indulska, The University of Queensland, Australia topics; live demonstrations of pervasive computing in action; inspiring
keynote speeches; insightful panel discussions from domain experts;
and posters representing emerging ideas.
This year, for the first time PerCom will be held during the summer in
Sydney, Australia. We invite you to join us to enjoy a stimulating
Best paper award conference in sunny Sydney.

The best paper for the prestigious Mark Weiser

Best Paper Award will be selected on March 16, 2016
Main Features
at the Best Paper Session.
• Two Keynotes
• 20 Full Papers
Papers of particular merit will be considered for a special
• Best paper Session
issue of the Elsevier journal of Pervasive and Mobile
• 5 Concise Contributions
Computing (PMC).
• 11 Workshops
• Thought Provoking Panel
• Work-in-Progress Session
Important Dates • Demonstration Session
Early Registration: February 19, 2016 • PhD Forum
Pre-Conference Workshops: March 14, 2016
Main Conference: March 15-17, 2016
Post-Conference Workshops: March 18, 2016

SPONSORS

For additional information, please visit the website  www.percom.org  or contact at [email protected]