Featured Video
This Week in Quality Digest Live
Metrology Features
Mike Richman
Report from Hexagon Live 2017 and two great guests
Ryan E. Day
How earthbound manufacturers can benefit from aerospace manufacturing methods
Ryan E. Day
Zimmer Biomet uses PULSE and SmartQuality solutions for FDA compliance and continuous improvement

More Features

Metrology News
New unit uses wireless and controller-free laser tracker technology
Features faster measurement speed, onscreen averaging, and auto-rotating display
BYK-Gardner’s byko-spectra lite
Combines 3D scanner, touch probe, and software to reduce production times by 30%
Phillips Precision rounds out Inspection Arsenal quick-swap fixturing with Loc-N-Load plates
Provides even, shadow-free illumination; variable light control adds flexibility
Portable measurement experts urged to submit abstracts for presentation and publication opportunities
For measurement versatility on up to three orthogonal axes

More News

Robin Materese

Metrology

Ideas Whose Time Has Come (and Gone), v. 2017

NIST’s list for what’s out and what’s in this year

Published: Monday, January 30, 2017 - 13:02

A catchphrase from a popular reality show goes: “One day you’re in. And the next day, you’re out.” For the purposes of the show, the host is referencing fashion. But the same could be said about science. With each new discovery or advance, an old theory or idea often becomes obsolete—or at least less important.

We here in the NIST public affairs office thought it might be fun to list some of the NIST-relevant scientific ideas that we think are on their way in and out in 2017. Although the items on the list below may not be as monumental as the discoveries that led to this year’s Nobel Prizes, MacArthur Foundation “genius” grants, or Breakthrough Prizes, we still think they’re pretty important and could contribute to a better future.

Your opinion may vary.

Out: Elements 113, 115, 117, and 118
In:
nihonium (Nh), moscovium (Mc), tennessine (Ts), and oganesson (Og)

Someone needs to update the lyrics to the Periodic Table of the Elements song (This version contains ads. NIST doesn’t endorse any commercial products). In December 2016, the International Union of Pure and Applied Chemistry (IUPAC) officially named the four newest elements on the periodic table. The elements were named after the locations or individuals who discovered the elements. The names originally were proposed in June and then underwent a five-month waiting period before being approved by the IUPAC Bureau. While NISTonium may not exist yet (what’s up with that?), we’ve made it our business to study and publish exhaustive data on the properties of all the elements, named and unnamed. Check out our updated periodic table, and maybe take a moment to read NIST physicist Charles Clark’s take on the periodic table’s turnover.

The new NIST periodic table.
The new NIST periodic table (click here for larger image).

Out: Single atomic clock
In:
Dual atomic clocks

For atomic clocks, more is merrier. Physicists at NIST announced in November 2016 that they had set yet another world record for clock stability when they combined two experimental atomic clocks based on ytterbium atoms. The approach used by the scientists ultimately may lead to reduced atomic clock size and complexity at state-of-the-art performance, which means we may soon see extremely good portable atomic clocks. (Though probably not so portable that they can replace your wristwatch.) Why should you care? Portable optical atomic clocks could be used for geodesy, which could help to map Earth’s gravity or be carried on spacecraft for tests of general relativity.

Until now, forensic DNA profiles in the United States have been a series of 26 numbers that can be used to identify an individual. When DNA evidence yields only a partial profile, some of the numbers will be missing. In the case illustrated here, 13 numbers, represented by puzzle pieces, are missing. There may not be sufficient information to establish an identity. Credit: Natasha Hanacek/NIST

Until now, forensic DNA profiles in the United States have been a series of 26 numbers that can be used to identify an individual. When DNA evidence yields only a partial profile, some of the numbers will be missing. In the case illustrated here, 13 numbers, represented by puzzle pieces, are missing. There may not be sufficient information to establish an identity.

Credit: Natasha Hanacek/NIST

Out: Only using 13 DNA markers
In:
Using 20 DNA markers

Also in quantity-can-make-for-quality-related news, the number of DNA markers in a forensic DNA profile is going up. Currently, DNA profiles in the United States are created by looking at 13 specific regions of DNA, called markers. On January 1, 2017, the FBI started requiring that all DNA profiles entered into its Combined DNA Index System, or CODIS, be based on at least 20 markers. And three of those seven new markers were originally characterized here at NIST. This upgrade will greatly increase the power of DNA profiling as a crime-fighting tool. 

Out (almost): International Prototype Kilogram
In:
Watt Balance

OK, it’s not fully “out” yet, but it’s on its way there. NIST is part of an international effort to redefine the kilogram based on a fundamental constant of nature instead of a plum-sized cylinder of platinum-iridium alloy that currently serves as the world’s mass standard. The goal is to introduce the new measurement standard to the world in 2018. Who says we all can’t get along?

Out: Friction or viscosity between tiny particles
In:
Friction and viscosity between tiny particles

While we’re on the subject of everyone getting along, a favorite science fair experiment centers around examining the odd behavior of non-Newtonian substances. These shear-thickening fluids, such as “oobleck,” can go back and forth between liquid and solid based on how you treat them. Oobleck, which is a mix of cornstarch and water, goes from a gooey slurry to a thick, almost-solid substance just by pounding or squeezing it, and it reverts back to a slurry when you stop.

What causes the change in state—friction or viscosity between crowded tiny particles—has been long debated. As it turns out, it’s both. A NIST/Georgetown study found that both friction and viscous crowding of tiny particles play a role in the substance’s odd behavior. Although this may seem like scientific minutia, efforts are currently underway to use the properties of shear thickening to make better body armor for police and the military. And when that happens, NIST will help to test and develop standards for that, too.

Out: Crazy $%*#@ Passw0rd requir3ments!
In:
Free range passwords

It turns out you’re not the only one worn out by all the crazy password requirements. In May 2016, NIST offered the public a preview of the draft Digital Authentication Guideline document, which includes new guidance on password policies to be used by the U.S. government. Included in the (draft) recommendations: allowing for longer passwords; removing special character requirements (e.g., being told you must have at least one letter, one number, and one special character); allowing spaces and most other characters in passwords; doing away with password hints; and a few other changes that NIST believes will simultaneously improve usability and security. (The official public comment period will open in early 2017.) And for those of you looking for back up when talking to your IT department about how tired you are of mandatory password changes, check out this research from NIST’s Mary Theofanos.

First published December 20, 2016, on the Taking Measure blog.

Discuss

About The Author

Robin Materese’s picture

Robin Materese

Robin Materese is the Director of Web Content at NIST. An aspiring journalist in college, she fell into science communications when she took a job promoting general interest science books at the National Academy of Sciences. She has also worked for a literary agency, a small PR firm, Choice Hotels, Johns Hopkins University and the National Institutes of Health. Her love of fiction writing has led her to volunteering as the vice chair of the Gaithersburg Book Festival and to publishing three short stories in literary journals and anthologies and having a 10-minute play she wrote performed at the Source Theater in Washington, D.C.

Comments

electronic security

Why do we always over complicate the simple?

What’s this, passwords are being hacked? You have t0 u5e 0utrageou$ CoMb1NaT10N$ t0 stay ahead? Add more characters, lift that shift key, tote that $ymbol!

HALT!!!        Breathe….in, out..., in...., out... Ok we have lots of tools that can be employed here and many have additional benefits. 

Biometrics it’s at your finger tips (har har). The fact you employee has the same password for their home email, media service, and cute kittens daily website is no longer a problem. Also people normally don’t forget a fingerprint over a long weekend.

Put the already required ID badge to use.  You want to enter the building or use a computer? You need your ID badge. The password hint is even universal! “It’s around your neck”. You can even combine the badge AND your finger tip. If your badge is stolen or lost, we hope you maintained your fingers.

Stop taking the Rube Goldberg approach to computer security. *Porcupines would make for some interesting workplace safety policy* Besides the moment I see flaming hoops in front of my keyboard, I’m going to take a more serious look at self employment.

PW reuse, PW managers, Generate passphrases, Stanford policy

1,2   A bigger danger than PW cracking or keyloggers may be PW reuse.  Thus if the user uses the same PW on 'Suzie's House of Kittens' and (some secured site), a DB breach at Suzie's could compromise the 'more secure' site. Allowing password managers like KeePass dramatically reduces this problem.  The VA, eg, doesn't allow USBs or installing software on user machines, so this is a problem.  

3       Security experts know users are generally not able to choose good passphrases. With offline crackers now using expanded PW dictionaries, PWs like "givemelibertyorgivemedeath" are no longer secure.  Then there's Wordhound, which scours Twitter accounts, industry pubs, etc. for material relevant to just one breached company.  Users need help choosing good passphrases.

4       An 8 char random string, even including (UPPER, lower, numbers, specials) is probably too short.  Four truly random words is probably secure. As we know, longer is better.

**Suggested Change**:

1,2   Install OS password manager (eg KeePass) on all machines by default, and encourage its use. KP can addin Readable Passphrase Generator and others.

3      Install OS Passphrase Generator for use at the site a new password is needed, or better yet, auto generate a good memorable passphrase. "THE willing trowel PULLS a hinge" or "hinge trowel oxygen blue" are better than "MetsFan86"

4     Stanford's policy-"Which characters are required in my password? Answer: That depends on how long it is. The shorter it is, the more restrictions "