AI Coding Godot

AI Coding Godot — independent reviews, comparisons, pricing and step-by-step guides on Aizhi.

Syman

SYMAN is an artificial intelligence technology that uses data from social media profiles to identify trends in the job market. SYMAN is designed to organize actionable data for products and services including recruiting, human capital management, CRM, and marketing. SYMAN was developed with a $21 million series B financing round secured by Identified, which was led by VantagePoint Capital Partners and Capricorn Investment Group.
Read more →
RFPolicy

The RFPolicy outlines a method for contacting vendors about security vulnerabilities found in their products. It was initially written in 2000 by hacker and security consultant Rain Forest Puppy. It was perhaps the second disclosure policy, following Simple Nomad's. The policy gives the vendor five working days to respond to the reporter of the bug. If the vendor fails to contact the reporter within those five days, the issue is recommended to be disclosed to the general community. The reporter should help the vendor reproduce the bug and work out a fix. The reporter should delay notifying the general community about the bug if the vendor provides feasible reasons for requiring so. If the vendor fails to respond or shuts down communication with the reporter of the problem within five working days, the reporter should disclose the issue to the general community. When issuing an alert or fix, the vendor should give the reporter proper credit for reporting the bug. Context for the history of vulnerability disclosure is available in a history article.
Read more →
Blanking (video)

In analog video, blanking occurs between horizontal lines and between frames. In raster scan equipment, an image is built up by scanning an electron beam from left to right across a screen to produce a visible trace of one scan line, reducing the brightness of the beam to zero (horizontal blanking), moving it back as fast as possible to the left of the screen at a slightly lower position (the next scan line), restoring the brightness, and continuing until all the lines have been displayed and the beam is at the bottom right of the screen. Its intensity is then reduced to zero again (vertical blanking), and it is rapidly moved to the top left to start again, creating the next frame. In television, in particular, the vertical blanking interval is long to accommodate the slow equipment available at the time the standard was set. Fast modern electronics allows digital information to be encoded into the signal during the vertical blanking interval; it is not displayed on screen as the beam is blanked, but can be processed by appropriate circuitry.
Read more →
BeyondCorp

BeyondCorp is an implementation of zero-trust computer security concepts creating a zero trust network. It is created by Google. == Background == It was created in response to the 2009 Operation Aurora. An open source implementation inspired by Google's research paper on an access proxy is known as "transcend". Google documented its Zero Trust journey from 2014 to 2018 through a series of articles in the journal ;login:. Google called their ZT network "BeyondCorp". Google implemented a Zero Trust architecture on a large scale, and relied on user and device credentials, regardless of location. Data was encrypted and protected from managed devices. Unmanaged devices, such as BYOD, were not given access to the BeyondCorp resources. == Design and technology == BeyondCorp utilized a zero trust security model, which is a relatively new security model that it assumes that all devices and users are potentially compromised. This is in contrast to traditional security models, which rely on firewalls and other perimeter defenses to protect sensitive data. === Trust === The corporate network grants no inherent trust, and all internal apps are accessed via the BeyondCorp system, regardless of whether the user is in a Google office or working remotely. BeyondCorp is related to Zero Trust architecture as it implements a true Zero Trust network, where all access is granted on identity, device, and authentication, based on robust underlying device and identity data sources. BeyondCorp works by using a number of security policies including authentication, authorization, and access control to ensure that only authorized users can access corporate resources. Authentication verifies the identity of the user, authorization determines whether the user has permission to access the requested resource, and access control policies restrict what the user can do with the resource. ==== Trust Inferrer ==== One of the main components in BeyondCorp's implementation is the Trust Inferrer. The Trust Inferrer is a security component (typically software) that looks at information about a user's device, like a computer or phone, to decide how much it can be trusted to access certain resources like important company documents. The Trust Inferrer checks things like the security of the device, whether it has the right software installed, and if it belongs to an authorized user. Based on all this information, the Trust Inferrer decides what the device can access and what it can't. === Security mechanisms === Unlike traditional VPNs, BeyondCorp's access policies are based on information about a device, its state, and its associated user. BeyondCorp considers both internal networks and external networks to be completely untrusted, and gates access to applications by dynamically asserting and enforcing levels, or “tiers,” of access. === Device Inventory Database === BeyondCorp utilized a Device Inventory Database and Device Identity that uniquely identifies a device through a digital certificate. Any changes to the device are recorded in the Device Inventory Database. The certificate is used to uniquely identify a device; however, additional information is required to grant access privileges to a resource. === Access Control Engine === Another important component of BeyondCorp's implementation is the Access Control Engine. Think of this as the brain of the Zero Trust architecture. The Access Control Engine is like a traffic cop standing at an intersection. Its job is to make sure that only authorized devices and users are allowed to access specific resources (like files or applications) on the network. It checks the access policy (the rules that say who can access what), the device's state (like whether it has the right software updates or security settings), and the resources being requested. Then it makes a decision on whether to grant or deny access based on all of this information. It helps ensure that only the right people and devices are allowed access to the network, which helps keep things secure. The Access Control Engine utilizes the output from the Trust Inferrer and other data that is fed into its system. == Usage == One of the first things Google did to implement a Zero Trust architecture was to capture and analyze network traffic. The purpose of analyzing the traffic was to build a baseline of what typical network traffic looked like. In doing so, BeyondCorp also discovered unusual, unexpected, and unauthorized traffic. This was very useful because it gave the BeyondCorp engineers critical information that assisted them in reengineering the system in a secure manner. Some of the benefits BeyondCorp realized by adopting a Zero Trust architecture include the ability to allow their employees to work securely from any location. It reduces the risk of data breaches since data and applications are protected and users and devices are constantly being verified. The Zero Trust architecture is scalable and can be adapted to the changing needs of the businesses and their users. Especially relevant in today's work-from-home era, BeyondCorp allows employees to access enterprise resources securely from any location, without the need for traditional VPNs.
Read more →
Digital supply chain security

Digital supply chain security refers to efforts to enhance cyber security within the supply chain. It is a subset of supply chain security and is focused on the management of cyber security requirements for information technology systems, software and networks, which are driven by threats such as cyber-terrorism, malware, data theft and the advanced persistent threat (APT). Typical supply chain cyber security activities for minimizing risks include buying only from trusted vendors, disconnecting critical machines from outside networks, and educating users on the threats and protective measures they can take. The acting deputy undersecretary for the National Protection and Programs Directorate for the United States Department of Homeland Security, Greg Schaffer, stated at a hearing that he is aware that there are instances where malware has been found on imported electronic and computer devices sold within the United States. == Examples of supply chain cyber security threats == Network or computer hardware that is delivered with malware installed on it already. Malware that is inserted into software or hardware (by various means) Vulnerabilities in software applications and networks within the supply chain that are discovered by malicious hackers Counterfeit computer hardware == Related U.S. government efforts == Comprehensive National Cyber Initiative Defense Procurement Regulations: Noted in section 806 of the National Defense Authorization Act International Strategy for Cyberspace: White House lays out for the first time the U.S.’s vision for a secure and open Internet. The strategy outlines three main themes: diplomacy, development and defense. Diplomacy: The strategy sets out to “promote an open, interoperable, secure and reliable information and communication infrastructure” by establishing norms of acceptable state behavior built through consensus among nations. Development: Through this strategy the government seeks to “facilitate cybersecurity capacity-building abroad, bilaterally and through multilateral organizations.” The objective is to protect the global IT infrastructure and to build closer international partnerships to sustain open and secure networks. Defense: The strategy calls out that the government “will ensure that the risks associated with attacking or exploiting our networks vastly outweigh the potential benefits” and calls for all nations to investigate, apprehend and prosecute criminals and non-state actors who intrude and disrupt network systems. == Related government efforts around the world == Common Criteria offers with Evaluation Assurance Level(EAL) 4 an opportunity to evaluate all relevant aspects of the digital supply chain security like the product, the development environment, IT systems security, the processes in human resource, physical security and with the module ALC_FLR.3 (Systematic Flaw Remediation) also security update processes and methods even by physical site visits. EAL 4 is mutually recognized in countries that signed the SOGIS-MRA and up to ELA 2 in countries the signed the CCRA but including ALC_FRL.3. Russia: Russia has had non-disclosed functionality certification requirements for several years and has recently initiated the National Software Platform effort based on open-source software. This reflects the apparent desire for national autonomy, reducing dependence on foreign suppliers. India: Recognition of supply chain risk in its draft National Cybersecurity Strategy. Rather than targeting specific products for exclusion, it is considering Indigenous Innovation policies, giving preferences to domestic ITC suppliers in order to create a robust, globally competitive national presence in the sector. China: Deriving from goals in the 11th Five Year Plan (2006–2010), China introduced and pursued a mix of security-focused and aggressive Indigenous Innovation policies. China is requiring an indigenous innovation product catalog be used for its government procurement and implementing a Multi-level Protection Scheme (MLPS) which requires (among other things) product developers and manufacturers to be Chinese citizens or legal persons, and product core technology and key components must have independent Chinese or indigenous intellectual property rights. == Private sector efforts == SLSA (Supply-chain Levels for Software Artifacts) is an end-to-end framework for ensuring the integrity of software artifacts throughout the software supply chain. The requirements are inspired by Google’s internal "Binary Authorization for Borg" that has been in use for the past 8+ years and that is mandatory for all of Google's production workloads. The goal of SLSA is to improve the state of the industry, particularly open source, to defend against the most pressing integrity threats. With SLSA, consumers can make informed choices about the security posture of the software they consume. == Other references == Financial Sector Information Sharing and Analysis Center International Strategy for Cyberspace (from the White House) NSTIC SafeCode Whitepaper Archived 2013-10-21 at the Wayback Machine Trusted Technology Forum and the Open Trusted Technology Provider Standard (O-TTPS) Archived 2012-01-03 at the Wayback Machine Cyber Supply Chain Security Solution Malware Implants in Firmware Supply Chain in the Software Era INFORMATION AND COMMUNICATIONS TECHNOLOGY SUPPLY CHAIN RISK MANAGEMENT TASK FORCE: INTERIM REPORT
Read more →
Resilience week

Resilience week is an annual symposium established to enable cross-disciplinary and role based discussions to advance strategies and research that engenders resilience in critical infrastructure systems and communities. Damaging storms, cyber attack and the interconnection of critical infrastructure systems can lead to cascading events that not only affect local but also across regions. However, many of these interdependencies are not easily recognized and obscure and complicate the mitigation of risk. The purpose of the symposia series is hence to facilitate best practice in managing critical infrastructure risks, by bringing together businesses, government and researchers. == Background == Originally organized in 2008 as a focus on the new research area of resilient control systems, including the disciplinary areas of control system, cyber-security, cognitive psychology and any number of critical infrastructure domains. Resilience has long been recognized as an area that requires not only the contributions of multiple disciplines or multidisciplinary participation, but interdisciplinary interaction where there is a common language and familiarity of the contributors to what other disciplines (and roles) contribute. The resulting interactions developed by Resilience Week and associated activities are intended to culture this sharing environment as a safe zone for inclusion; more importantly, an environment that lends to developing the new science and practice. As the attributes of resilience are complex, the contributions and topics for the event have included both the disciplinary and the project considerations, in keynotes, panels and research presentations. Keynotes have included senior leadership in the Department of Energy, Department of Defense, Department of Homeland Security, the National Science Foundation, and other agencies in addition to National Academy and professional organization fellows and senior industry leaders. Project panels and research presentations include emergent topics in resilience to climate change, cyber attack, damaging storms and the energy assurance. Topics Areas of focus have included: Control Systems Cyber Systems Cognitive Systems Communications Systems Communities and Infrastructure Project Focus Areas have included: Dependencies and Interdependencies Cyber Resilience for Operating Technology Commercializing Research and Development Building Critical Infrastructure Resilience through Distributed Energy Resources Energy Equity and Community Resilience Proceedings are developed for each year of the event, documenting the diversity of the research and engagements within these topical areas. == Impacts for the future == Since its inception, the Resilience Week community has evolved from one that primarily included only university researchers to one that includes many government laboratories, universities and private industries in the US and internationally. This type of collaboration forms a feedback loop that informs the research with the current needs and hones best practices. The future of the event is to further advance discussions that advance investment, recognize priorities and expedite technologies and tools to proactively address our energy future, in light of the natural and manmade challenges, and rationalizing the complex relationships that exist in critical infrastructure.
Read more →
Scenery generator

A scenery generator (or terrain generator) is a software used to create landscape images, 3D models, and animations. These programs often use procedural generation to generate the landscapes, or sometimes created and rendered by a 3D artist. These programs are often used in video games or movies. Basic elements of landscapes created by scenery generators include terrain, water, foliage, and clouds. The process for basic random generation uses a diamond square algorithm. == Common features == Most scenery generators can create basic heightmaps to simulate the variation of elevation in basic terrain. Common techniques include Simplex noise, fractals, or the diamond-square algorithm, which can generate 2-dimensional heightmaps. A version of scenery generator can be very simplistic. Using a diamond-square algorithm with some extra steps involving fractals, an algorithm for random generation of terrain can be made with only 120 lines of code. The program in example takes a grid and then divides the grid repeatedly. Each smaller grid is then split into squares and diamonds and the algorithm then makes the randomized terrain for each square and diamond. Most programs for creating landscapes also allow for adjustment and editing of the landscape. For example, World Creator allows for terrain sculpting, which uses a similar brush system as Photoshop, and allows for additional terrain enhancement with its procedural techniques such as erosion, sediments, and more. Other tools in the World Creator program include terrain stamping, which allows you to import elevation maps and use them as a base. The programs tend to also allow for additional placement of rocks, trees, etc. These can be done procedurally or by hand depending on the program. Typically the models used for the placement objects are the same as to lessen the amount of work that would be done if the user was to create a multitude of different trees. The terrain generated the computer does a generation of multifractals then integrates them until finally rendering them onto the screen. These techniques are typically done “on-the-fly” which typically for a 128 × 128 resolution terrain would mean 1.5 seconds on a CPU from the early 1990s. == Applications == Scenery generators are commonly used in movies, animations, 3D rendering, and video games. For example, Industrial Light & Magic used E-on Vue to create the fictional environments for Pirates of the Caribbean: Dead Man's Chest. In such live-action cases, a 3D model of the generated environment is rendered and blended with live-action footage. Scenery generated by the software may also be used to create completely computer-generated scenes. In the case of animated movies such as Kung Fu Panda, the raw generation is assisted by hand-painting to accentuate subtle details. Environmental elements not commonly associated with landscapes, such as ocean waves, have also been handled by the software. Scenery generation is used in most 3D based video-games. These typically use either custom or purchased engines that contain their own scenery generators. For some games they tend to use a procedurally generated terrain. These typically use a form of height mapping and use of Perlin noise. This will create a grid that with one point in a 2D coordinate will create the same heightmap as it is pseudorandom, meaning it will result in the same output with the same input. This can then easily be translated into the product 3D image. These can then be changed from the editor tools in most engines if the terrain will be custom built. With recent developments neural networks can be built to create or texture the terrain based on previously suggested artwork or heightmap data. These would be generated using algorithms that have been able to identify images and similarities between them. With the info the machine can take other heightmaps and render a very similar looking image to the style image. This can be used to create similar images in example a Studio Ghibli or Van Gogh art-style. == Software == Most game engines, whether custom or proprietary, will have terrain generation built in. Some terrain generator programs include, Terragen, which can create terrain, water, atmosphere and lighting; L3DT, which provides similar functions to Terragen, and has a 2048 × 2048 resolution limit; and World Creator, which can create terrain, and is fully GPU powered. === List of 3D terrain generation software ===
Read more →
Function representation

Function Representation (FRep or F-Rep) is used in solid modeling, volume modeling and computer graphics. FRep was introduced in "Function representation in geometric modeling: concepts, implementation and applications" as a uniform representation of multidimensional geometric objects (shapes). An object as a point set in multidimensional space is defined by a single continuous real-valued function f ( X ) {\displaystyle f(X)} of point coordinates X [ x 1 , x 2 , . . . , x n ] {\displaystyle X[x_{1},x_{2},...,x_{n}]} which is evaluated at the given point by a procedure traversing a tree structure with primitives in the leaves and operations in the nodes of the tree. The points with f ( x 1 , x 2 , . . . , x n ) ≥ 0 {\displaystyle f(x_{1},x_{2},...,x_{n})\geq 0} belong to the object, and the points with f ( x 1 , x 2 , . . . , x n ) < 0 {\displaystyle f(x_{1},x_{2},...,x_{n})<0} are outside of the object. The point set with f ( x 1 , x 2 , . . . , x n ) = 0 {\displaystyle f(x_{1},x_{2},...,x_{n})=0} is called an isosurface. == Geometric domain == The geometric domain of FRep in 3D space includes solids with non-manifold models and lower-dimensional entities (surfaces, curves, points) defined by zero value of the function. A primitive can be defined by an equation or by a "black box" procedure converting point coordinates into the function value. Solids bounded by algebraic surfaces, skeleton-based implicit surfaces, and convolution surfaces, as well as procedural objects (such as solid noise), and voxel objects can be used as primitives (leaves of the construction tree). In the case of a voxel object (discrete field), it should be converted to a continuous real function, for example, by applying the trilinear or higher-order interpolation. Many operations such as set-theoretic, blending, offsetting, projection, non-linear deformations, metamorphosis, sweeping, hypertexturing, and others, have been formulated for this representation in such a manner that they yield continuous real-valued functions as output, thus guaranteeing the closure property of the representation. R-functions originally introduced in V.L. Rvachev's "On the analytical description of some geometric objects", provide C k {\displaystyle C^{k}} continuity for the functions exactly defining the set-theoretic operations (min/max functions are a particular case). Because of this property, the result of any supported operation can be treated as the input for a subsequent operation; thus very complex models can be created in this way from a single functional expression. FRep modeling is supported by the special-purpose language HyperFun. == Shape Models == FRep combines and generalizes different shape models like algebraic surfaces skeleton based "implicit" surfaces set-theoretic solids or CSG (Constructive Solid Geometry) sweeps volumetric objects parametric models procedural models A more general "constructive hypervolume" allows for modeling multidimensional point sets with attributes (volume models in 3D case). Point set geometry and attributes have independent representations but are treated uniformly. A point set in a geometric space of an arbitrary dimension is an FRep based geometric model of a real object. An attribute that is also represented by a real-valued function (not necessarily continuous) is a mathematical model of an object property of an arbitrary nature (material, photometric, physical, medicine, etc.). The concept of "implicit complex" proposed in "Cellular-functional modeling of heterogeneous objects" provides a framework for including geometric elements of different dimensionality by combining polygonal, parametric, and FRep components into a single cellular-functional model of a heterogeneous object.
Read more →
EasyChair

EasyChair is a web-based conference management software system. It has been used since 2002 in the scientific community for tasks such as organising research paper submission and review. In 2012, EasyChair added an open access online publication service for conference proceedings. == Description == EasyChair is a paid web-based conference management software system used, among other tasks, to organize paper submission and review, similar to other event management system software such as OpenConf. EasyChair used to be run by the Department of Computer Science at the University of Manchester but now it is a commercial service, owned by EasyChair Ltd. in Stockport (established 2016). EasyChair used to be free, for standard service, but as of 2022, only minimal services are free. The EasyChair website also provides an open access online publication service for conference proceedings. When launched in 2012, the service was for computer science only, but in 2016 it was expanded to all sciences. == History == The EasyChair software has been in continuous development since 2002. As of 2015, the code base consists of nearly 300,000 lines of code, and it has been used by more than 41,000 conferences. More than two and a half million users in the scientific community reported using it in 2019.
Read more →
Mobile Passport Control

Mobile Passport Control (MPC) is a mobile app that enables eligible travelers entering the United States to submit their passport information and customs declaration form to Customs and Border Protection via smartphone or tablet and go through the inspections process using an expedited lane. It is available to "U.S. citizens, U.S. lawful permanent residents, Canadian B1/B2 citizen visitors and returning Visa Waiver Program travelers with approved ESTA". The app is available on iOS and Android devices and is operational at 34 US airports, 14 international airports offering preclearance facilities, and 4 seaports. The use of Mobile Passport Control operations have increased threefold from 2016 to 2017. == History == Mobile Passport Control operations were launched in Atlanta at the Hartsfield-Jackson International Airport in 2016 and is now available at 34 U.S. airports, 14 international airports that offer preclearance and 4 U.S. cruise ports. The Mobile Passport app is authorized by CBP and sponsored by the Airports Council International-North America, Boeing, and the Port of Everglades. Airside Mobile, Inc. secured a Series A funding of $6 million in the fall of 2017. == How it works == During the customs process at the Federal Inspection Service (FIS) area of a U.S. airport, travelers arriving from international locations typically wait in long lines before presenting passports and paperwork and verbally answering questions made by CBP officials. Eligible travelers who have downloaded the Mobile Passport app can expedite this process by submitting information regarding their passport and trip details, and a newly-taken selfie, via their mobile device to CBP officials, then access an expedited line. Mobile Passport Control users will be required to show their physical passport(s) and briefly talk to a CBP officer. == Locations == === US airports === Atlanta (ATL) Baltimore (BWI) Boston (BOS) Charlotte (CLT) Chicago (ORD) Dallas/Ft Worth (DFW) Denver (DEN) Detroit (DTW) as of 7/2024 Ft. Lauderdale (FLL) Honolulu (HNL) Houston (HOU and IAH) Kansas City (MCI) Las Vegas (LAS) Los Angeles (LAX) Miami (MIA) Minneapolis (MSP) New York (JFK) Newark (EWR) Oakland (OAK) Orlando (MCO) Palm Beach (PBI) Philadelphia (PHL) Phoenix (PHX) Pittsburgh (PIT) Portland (PDX) Sacramento (SMF) San Diego (SAN) San Francisco (SFO) San Jose (SJC) San Juan (SJU) Seattle (SEA) Tampa (TPA) Washington Dulles (IAD) === International Preclearance locations === Abu Dhabi (AUH) Aruba (AUA) Bermuda (BDA) Calgary (YYC) Dublin (DUB) Edmonton (YEG) Halifax (YHZ) Montreal (YUL) Nassau (NAS) Ottawa (YOW) Shannon (SNN) Toronto (YYZ) Vancouver (YVR) Winnipeg (YWG) Sepinggan (BPN) === Seaports === Fort Lauderdale (PEV) Miami (MSE) San Juan (PUE) West Palm Beach (WPB)
Read more →
Metadatabase

Metadatabase is a database model for (1) metadata management, (2) global query of independent databases, and (3) distributed data processing. The word metadatabase is an addition to the dictionary. Originally, metadata was only a common term referring simply to "data about data", such as tags, keywords, and markup headers. However, in this technology, the concept of metadata is extended to also include such data and knowledge representation as information models (e.g., relations, entities-relationships, and objects), application logic (e.g., production rules), and analytic models (e.g., simulation, optimization, and mathematical algorithms). In the case of analytic models, it is also referred to as a Modelbase. These classes of metadata are integrated with some modeling ontology to give rise to a stable set of meta-relations (tables of metadata). Individual models are interpreted as metadata and entered into these tables. As such, models are inserted, retrieved, updated, and deleted in the same manner as ordinary data do in an ordinary (relational) database. Users will also formulate global queries and requests for processing of local databases through the Metadatabase, using the globally integrated metadata. The Metadatabase structure can be implemented in any open technology for relational databases. == Significance == The Metadatabase technology is developed at Rensselaer Polytechnic Institute at Troy, New York, by a group of faculty and students (see the references at the end of the article), starting in late 1980s. Its main contribution includes the extension of the concept of metadata and metadata management, and the original approach of designing a database for metadata applications. These conceptual results continue to motivate new research and new applications. At the level of particular design, its openness and scalability is tied to that of the particular ontology proposed: It requires reverse-representation of the application models in order to save them into the meta-relations. In theory, the ontology is neutral, and it has been proven in some industrial applications. However, it needs more development to establish it for the field as an open technology. The requirement of reverse-representation is common to any global information integration technology. A way to facilitate it in the Metadatabase approach is to distribute a core portion of it at each local site, to allow for peer-to-peer translation on the fly.
Read more →
Joox

Joox (stylised in all caps) is a music streaming service owned by Tencent, launched in January 2015. Joox is the biggest music streaming app in Asian markets such as Hong Kong, Macau, Indonesia, Malaysia, Myanmar, Thailand and also in South Africa before it was shut down in early 2022. Joox is a freemium service, providing most of its songs free, while some songs are only available for premium users, offered via paid subscriptions or by doing different tasks offered. In 2017, Joox launched their service in their first non-Asian market, South Africa, which for an unknown reason shut down five years later. The service now accounts for more than 50% of all music streaming app downloads in their Asian markets. The number of music-streaming users in Hong Kong, Macau, Malaysia, Thailand, Myanmar and Indonesia was expected to reach 87 million by 2020. == Background == Before the emergence of Joox, Tencent owned QQ Music, one of the largest music streaming and download service in China. In 2015, they introduced Joox as their expansion of music services to overseas market instead of mainland China, starting first in Hong Kong. Instead of providing free services by playing audio ads to users like Spotify, another major music service, Joox focused on banner ads, splash ads and other advertising methods such as category playlists and in-app skins. They claimed it as a success. Joox offered their premium VIP access to DStv subscribers free of charge. DStv is the sister company to Tencent and is the primary pay-TV provider in South Africa. In November 2021, it was announced that Joox will stop streaming in South Africa in March 2022.
Read more →
Phase congruency

Phase congruency is a measure of feature significance in computer images, a method of edge detection that is particularly robust against changes in illumination and contrast. == Foundations == Phase congruency reflects the behaviour of the image in the frequency domain. It has been noted that edgelike features have many of their frequency components in the same phase. The concept is similar to coherence, except that it applies to functions of different wavelength. For example, the Fourier decomposition of a square wave consists of sine functions, whose frequencies are odd multiples of the fundamental frequency. At the rising edges of the square wave, each sinusoidal component has a rising phase; the phases have maximal congruency at the edges. This corresponds to the human-perceived edges in an image where there are sharp changes between light and dark. == Definition == Phase congruency compares the weighted alignment of the Fourier components of a signal A n {\displaystyle A_{\rm {n}}} with the sum of the Fourier components. P C ( t ) = max ϕ ¯ ∑ n A n cos ⁡ ( ϕ n ( t ) − ϕ ¯ ) ∑ n A n {\displaystyle PC(t)=\max _{\bar {\phi }}{\frac {\sum _{\rm {n}}A_{\rm {n}}\cos(\phi _{\rm {n}}(t)-{\bar {\phi }})}{\sum _{\rm {n}}A_{n}}}} where ϕ n {\displaystyle \phi _{\rm {n}}} is the local or instantaneous phase as can be calculated using the Hilbert transform and A n {\displaystyle A_{\rm {n}}} are the local amplitude, or energy, of the signal. When all the phases are aligned, this is equal to 1. Several ways of implementing phase congruency have been developed, of which two versions are available in open source, one written for MATLAB and the other written in Java as a plugin for the ImageJ software. Given the different notations used for its formulation, a unified version has been recently presented, where a methodology for the parameter tuning is also presented. == Advantages == The square-wave example is naive in that most edge detection methods deal with it equally well. For example, the first derivative has a maximal magnitude at the edges. However, there are cases where the perceived edge does not have a sharp step or a large derivative. The method of phase congruency applies to many cases where other methods fail. A notable example is an image feature consisting of a single line, such as the letter "l". Many edge-detection algorithms will pick up two adjacent edges: the transitions from white to black, and black to white. On the other hand, the phase congruency map has a single line. A simple Fourier analogy of this case is a triangle wave. In each of its crests there is a congruency of crests from different sinusoidal functions. == Disadvantages == Calculating the phase congruency map of an image is very computationally intensive, and sensitive to image noise. Techniques of noise reduction are usually applied prior to the calculation.
Read more →
Truth discovery

Truth discovery (also known as truth finding) is the process of choosing the actual true value for a data item when different data sources provide conflicting information on it. Several algorithms have been proposed to tackle this problem, ranging from simple methods like majority voting to more complex ones able to estimate the trustworthiness of data sources. Truth discovery problems can be divided into two sub-classes: single-truth and multi-truth. In the first case only one true value is allowed for a data item (e.g birthday of a person, capital city of a country). While in the second case multiple true values are allowed (e.g. cast of a movie, authors of a book). Typically, truth discovery is the last step of a data integration pipeline, when the schemas of different data sources have been unified and the records referring to the same data item have been detected. == General principles == The abundance of data available on the web makes more and more probable to find that different sources provide (partially or completely) different values for the same data item. This, together with the fact that we are increasing our reliance on data to derive important decisions, motivates the need of developing good truth discovery algorithms. Many currently available methods rely on a voting strategy to define the true value of a data item. Nevertheless, recent studies, have shown that, if we rely only on majority voting, we could get wrong results even in 30% of the data items. The solution to this problem is to assess the trustworthiness of the sources and give more importance to votes coming from trusted sources. Ideally, supervised learning techniques could be exploited to assign a reliability score to sources after hand-crafted labeling of the provided values; unfortunately, this is not feasible since the number of needed labeled examples should be proportional to the number of sources, and in many applications the number of sources can be prohibitive. == Single-truth vs multi-truth discovery == Single-truth and multi-truth discovery are two very different problems. Single-truth discovery is characterized by the following properties: only one true value is allowed for each data item; different values provided for a given data item oppose to each other; values and sources can either be correct or erroneous. While in the multi-truth case the following properties hold: the truth is composed by a set of values; different values could provide a partial truth; claiming one value for a given data item does not imply opposing to all the other values; the number of true values for each data item is not known a priori. Multi-truth discovery has unique features that make the problem more complex and should be taken into consideration when developing truth-discovery solutions. The examples below point out the main differences of the two methods. Knowing that in both examples the truth is provided by source 1, in the single truth case (first table) we can say that sources 2 and 3 oppose to the truth and as a result provide wrong values. On the other hand, in the second case (second table), sources 2 and 3 are neither correct nor erroneous, they instead provide a subset of the true values and at the same time they do not oppose the truth. == Source trustworthiness == The vast majority of truth discovery methods are based on a voting approach: each source votes for a value of a certain data item and, at the end, the value with the highest vote is select as the true one. In the more sophisticated methods, votes do not have the same weight for all the data sources, more importance is indeed given to votes coming from trusted sources. Source trustworthiness usually is not known a priori but estimated with an iterative approach. At each step of the truth discovery algorithm the trustworthiness score of each data source is refined, improving the assessment of the true values that in turn leads to a better estimation of the trustworthiness of the sources. This process usually ends when all the values reach a convergence state. Source trustworthiness can be based on different metrics, such as accuracy of provided values, copying values from other sources and domain coverage. Detecting copying behaviors is very important, in fact, copy allows to spread false values easily making truth discovery very hard, since many sources would vote for the wrong values. Usually systems decrease the weight of votes associated to copied values or even don’t count them at all. == Single-truth methods == Most of the currently available truth discovery methods have been designed to work well only in the single-truth case. Below are reported some of the characteristics of the most relevant typologies of single-truth methods and how different systems model source trustworthiness. === Majority voting === Majority voting is the simplest method, the most popular value is selected as the true one. Majority voting is commonly used as a baseline when assessing the performances of more complex methods. === Web-link based === These methods estimate source trustworthiness exploiting a similar technique to the one used to measure authority of web pages based on web links. The vote assigned to a value is computed as the sum of the trustworthiness of the sources that provide that particular value, while the trustworthiness of a source is computed as the sum of the votes assigned to the values that the source provides. === Information-retrieval based === These methods estimate source trustworthiness using similarity measures typically used in information retrieval. Source trustworthiness is computed as the cosine similarity (or other similarity measures) between the set of values provided by the source and the set of values considered true (either selected in a probabilistic way or obtained from a ground truth). === Bayesian based === These methods use Bayesian inference to define the probability of a value being true conditioned on the values provided by all the sources. P ( v ∣ ψ ( o ) ) = P ( ψ ( o ) ∣ v ) ⋅ P ( v ) P ( ψ ( o ) ) {\displaystyle P(v\mid \psi (o))={\frac {P(\psi (o)\mid v)\cdot P(v)}{P(\psi (o))}}} where v {\displaystyle \textstyle v} is a value provided for a data item o {\displaystyle \textstyle o} and ψ ( o ) {\displaystyle \textstyle \psi (o)} is the set of the observed values provided by all the sources for that specific data item. The trustworthiness of a source is then computed based on the accuracy of the values that provides. Other more complex methods exploit Bayesian inference to detect copying behaviors and use these insights to better assess source trustworthiness. == Multi-truth methods == Due to its complexity, less attention has been devoted to the study of the multi-truth discovery Below are reported two typologies of multi-truth methods and their characteristics. === Bayesian based === These methods use Bayesian inference to define the probability of a group of values being true conditioned on the values provided by all the data sources. In this case, since there could be multiple true values for each data item, and sources can provide multiple values for a single data item, it is not possible to consider values individually. An alternative is to consider mappings and relations between set of provided values and sources providing them. The trustworthiness of a source is then computed based on the accuracy of the values that provides. More sophisticated methods also consider domain coverage and copying behaviors to better estimate source trustworthiness. === Probabilistic Graphical Models based === These methods use probabilistic graphical models to automatically define the set of true values of given data item and also to assess source quality without need of any supervision. == Applications == Many real-world applications can benefit from the use of truth discovery algorithms. Typical domains of application include: healthcare, crowd/social sensing, crowdsourcing aggregation, information extraction and knowledge base construction. Truth discovery algorithms could be also used to revolutionize the way in which web pages are ranked in search engines, going from current methods based on link analysis like PageRank, to procedures that rank web pages based on the accuracy of the information they provide.
Read more →
Seccomp

seccomp (short for secure computing) is a computer security facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will either just log the event or terminate the process with SIGKILL or SIGSYS. In this sense, it does not virtualize the system's resources but isolates the process from them entirely. seccomp mode is enabled via the prctl(2) system call using the PR_SET_SECCOMP argument, or (since Linux kernel 3.17) via the seccomp(2) system call. seccomp mode used to be enabled by writing to a file, /proc/self/seccomp, but this method was removed in favor of prctl(). In some kernel versions, seccomp disables the RDTSC x86 instruction, which returns the number of elapsed processor cycles since power-on, used for high-precision timing. seccomp-bpf is an extension to seccomp that allows filtering of system calls using a configurable policy implemented using Berkeley Packet Filter rules. It is used by OpenSSH and vsftpd as well as the Google Chrome/Chromium web browsers on ChromeOS and Linux. (In this regard seccomp-bpf achieves similar functionality, but with more flexibility and higher performance, to the older systrace—which seems to be no longer supported for Linux.) Some consider seccomp comparable to OpenBSD pledge(2) and FreeBSD capsicum(4). == History == seccomp was first devised by Andrea Arcangeli in January 2005 for use in public grid computing and was originally intended as a means of safely running untrusted compute-bound programs. It was merged into the Linux kernel mainline in kernel version 2.6.12, which was released on March 8, 2005. == Software using seccomp or seccomp-bpf == Android uses a seccomp-bpf filter in the zygote since Android 8.0 Oreo. systemd's sandboxing options are based on seccomp. QEMU, the Quick Emulator, the core component to the modern virtualization together with KVM uses seccomp on the parameter --sandbox Docker – software that allows applications to run inside of isolated containers. Docker can associate a seccomp profile with the container using the --security-opt parameter. Arcangeli's CPUShare was the only known user of seccomp for a while. Writing in February 2009, Linus Torvalds expresses doubt whether seccomp is actually used by anyone. However, a Google engineer replied that Google is exploring using seccomp for sandboxing its Chrome web browser. Firejail is an open source Linux sandbox program that utilizes Linux namespaces, Seccomp, and other kernel-level security features to sandbox Linux and Wine applications. As of Chrome version 20, seccomp-bpf is used to sandbox Adobe Flash Player. As of Chrome version 23, seccomp-bpf is used to sandbox the renderers. Snap specify the shape of their application sandbox using "interfaces" which snapd translates to seccomp, AppArmor and other security constructs vsftpd uses seccomp-bpf sandboxing as of version 3.0.0. OpenSSH has supported seccomp-bpf since version 6.0. Mbox uses ptrace along with seccomp-bpf to create a secure sandbox with less overhead than ptrace alone. LXD, a Ubuntu "hypervisor" for containers Firefox and Firefox OS, which use seccomp-bpf Tor supports seccomp since 0.2.5.1-alpha Lepton, a JPEG compression tool developed by Dropbox uses seccomp Kafel is a configuration language, which converts readable policies into seccompb-bpf bytecode Subgraph OS uses seccomp-bpf Flatpak uses seccomp for process isolation Bubblewrap is a lightweight sandbox application developed from Flatpak minijail uses seccomp for process isolation SydBox uses seccomp-bpf to improve the runtime and security of the ptrace sandboxing used to sandbox package builds on Exherbo Linux distribution. File, a Unix program to determine filetypes, uses seccomp to restrict its runtime environment Zathura, a minimalistic document viewer, uses seccomp filter to implement different sandbox modes Tracker, a indexing and preview application for the GNOME desktop environment, uses seccomp to prevent automatic exploitation of parsing vulnerabilities in media files
Read more →