COVID-19 apps include mobile-software applications for digital contact-tracing—i.e. the process of identifying persons ("contacts") who may have been in contact with an infected individual—deployed during the COVID-19 pandemic. Numerous tracing applications have been developed or proposed, with official government support in some territories and jurisdictions. Several frameworks for building contact-tracing apps have been developed. Privacy concerns have been raised, especially about systems that are based on tracking the geographical location of app users. Less overtly intrusive alternatives include the co-option of Bluetooth signals to log a user's proximity to other cellphones. (Bluetooth technology has form in tracking cell-phones' locations.)) On 10 April 2020, Google and Apple jointly announced that they would integrate functionality to support such Bluetooth-based apps directly into their Android and iOS operating systems. India's COVID-19 tracking app Aarogya Setu became the world's fastest growing application—beating Pokémon Go—with 50 million users in the first 13 days of its release. == Rationale == Contact tracing is an important tool in infectious disease control, but as the number of cases rises time constraints make it more challenging to effectively control transmission. Digital contact tracing, especially if widely deployed, may be more effective than traditional methods of contact tracing. In a March 2020 model by the University of Oxford Big Data Institute's Christophe Fraser's team, a coronavirus outbreak in a city of one million people is halted if 80% of all smartphone users take part in a tracking system; in the model, the elderly are still expected to self-isolate en masse, but individuals who are neither symptomatic nor elderly are exempt from isolation unless they receive an alert that they are at risk of carrying the disease. Some proponents advocate for legislation exempting certain COVID-19 apps from general privacy restrictions. == Issues == === Uptake === Ross Anderson, professor of security engineering at Cambridge University, listed a number of potential practical problems with app-based systems, including false positives and the potential lack of effectiveness if takeup of the app is limited to only a small fraction of the population. In Singapore, only one person in three had downloaded the TraceTogether app by the end of June 2020, despite legal requirements for most workers; the app was also underused, as it required users to keep it open at all times on iOS. A team at the University of Oxford simulated the effect of a contact tracing app on a city of 1 million. They estimated that if the app was used in conjunction with the shielding of over-70s, then 56% of the population would have to be using the app for it to suppress the virus. This would be equivalent to 80% of smartphone users in the United Kingdom. They found that the app could still slow the spread of the virus if fewer people downloaded it, with one infection being prevented for every one or two users. In August 2020, the American Civil Liberties Union (ACLU) argued that there were disparities in smartphone use between demographics and minority groups, and that "even the most comprehensive, all-seeing contact tracing system is of little use without social and medical systems in place to help those who may have the virus — including access to medical care, testing, and support for those who are quarantined." === App store restrictions === Addressing concerns about the spread of misleading or harmful apps, Apple, Google and Amazon set limits on which types of organizations could add coronavirus-related apps to its App Store, limiting them to only "official" or otherwise reputable organizations. === Ethical principles of mass surveillance using COVID-19 contact tracing apps === The advent of COVID-19 contact tracing apps has led to concerns around privacy, the rights of app users, and governmental authority. The European Convention on Human Rights, the International Covenant on Civil and Political Rights (ICCPR) and the United Nations and the Siracusa Principles have outlined 4 principles to consider when looking at the ethical principles of mass surveillance with COVID-19 contact tracing apps. These are necessity, proportionality, scientific validity, and time boundedness. Necessity is defined as the idea that governments should only interfere with a person's rights when deemed essential for public health interests. The potential risks associated with infringements of personal privacy must be outweighed by the possibility of reducing significant harm to others. Potential benefits of contact-tracing apps that may be considered include allowing for blanket population-level quarantine measures to be lifted sooner and the minimization of people under quarantine. Hence, some contend that contact-tracing apps are justified as they may be less intrusive than blanket quarantine measures. Furthermore, the delay of an effective contact-tracing app with significant health and economic benefits may be considered unethical. Proportionality refers to the concept that a contact tracing app's potential negative impact on a person's rights should be justifiable by the severity of the health risks that are being addressed. Apps must use the most privacy-preserving options available to achieve their goals, and the selected option should not only be a logical option for achieving the goal but also an effective one. Scientific validity evaluates whether an app is effective, timely and accurate. Traditional manual contact-tracing procedures are not efficient enough for the COVID-19 pandemic, and do not consider asymptomatic transmission. Contact-tracing apps, on the other hand, can be effective COVID-19 contact-tracing tools that reduce R value to less than 1, leading to sustained epidemic suppression. However, for apps to be effective, there needs to be a minimum 56-60% uptake in the population. Apps should be continually modified to reflect current knowledge on the diseases being monitored. Some argue that contact-tracing apps should be considered societal experimental trials where results and adverse effects are evaluated according to the stringent guidelines of social experiments. Analyses should be conducted by independent research bodies and published for wide dissemination. Despite the current urgency of our pandemic situation, we should still adhere to the standard rigors of scientific evaluation. Time boundedness describe the need for establishing legal and technical sunset clauses so that they are only allowed to operate as long as necessary to address the pandemic situation. Apps should be withdrawn as soon as possible after the end of the pandemic. If the end of the pandemic cannot be predicted, the use of apps should be regularly reviewed and decisions about continued use should be made at each review. Collected data should only be retained by public health authorities for research purposes with clear stipulations on how long the data will be held for and who will be responsible for security, oversight, and ownership. === Privacy, discrimination and marginalisation concerns === The American Civil Liberties Union (ACLU) has published a set of principles for technology-assisted contact tracing and Amnesty International and over 100 other organizations issued a statement calling for limits on this kind of surveillance. The organisations declared eight conditions on governmental projects: surveillance would have to be "lawful, necessary and proportionate"; extensions of monitoring and surveillance would have to have sunset clauses; the use of data would have to be limited to COVID-19 purposes; data security and anonymity would have to be protected and shown to be protected based on evidence; digital surveillance would have to address the risk of exacerbating discrimination and marginalisation; any sharing of data with third parties would have to be defined in law; there would have to be safeguards against abuse and the rights of citizens to respond to abuses; "meaningful participation" by all "relevant stakeholders" would be required, including that of public health experts and marginalised groups. The German Chaos Computer Club (CCC) and Reporters Without Borders also issued checklists. The Exposure Notification service intends to address the problem of persistent surveillance by removing the tracing mechanism from their device operating systems once it is no longer needed. On 20 April 2020, it was reported that over 300 academics had signed a statement favouring decentralised proximity tracing applications over centralised models, given the difficulty in precluding centralised options being used "to enable unwarranted discrimination and surveillance." In a centralised model, a central database records the ID codes of meetings between users. In a decentralised model, this information is recorded on individual phones, with the role of the central
Deep Learning Indaba
The Deep Learning Indaba is an annual conference and educational event that aims to strengthen machine learning and artificial intelligence (AI) capacity across Africa. Launched in 2017, it brings together students, researchers, industry practitioners, and policymakers from across the African continent. == History == The Deep Learning Indaba began in 2017 at the University of the Witwatersrand with over 300 participants from 23 African countries, offering tutorials in advanced AI topics and featuring notable speakers like Nando de Freitas. In 2018, it expanded to 650 delegates at Stellenbosch University, introducing parallel sessions to encourage collaboration. The 2019 edition in Nairobi, Kenya, reflected further growth, with increasing sponsorship and support from major tech companies like Google and Microsoft. === Deep Learning IndabaX ===
Circular thresholding
Circular thresholding is an algorithm for automatic image threshold selection in image processing. Most threshold selection algorithms assume that the values (e.g. intensities) lie on a linear scale. However, some quantities such as hue and orientation are a circular quantity, and therefore require circular thresholding algorithms. The example shows that the standard linear version of Otsu's method when applied to the hue channel of an image of blood cells fails to correctly segment the large white blood cells (leukocytes). In contrast the white blood cells are correctly segmented by the circular version of Otsu's method. == Methods == There are a relatively small number of circular image threshold selection algorithms. The following examples are all based on Otsu's method for linear histograms: (Tseng, Li and Tung 1995) smooth the circular histogram, and apply Otsu's method. The histogram is cyclically rotated so that the selected threshold is shifted to zero. Otsu's method and histogram rotation are applied iteratively until several heuristics involving class size, threshold location, and class variance are satisfied. (Wu et al. 2006) smooth the circular histogram until it contains only two peaks. The histogram is cyclically rotated so that the midpoint between the peaks is shifted to zero. Otsu's method and histogram rotation are applied iteratively until convergence of the threshold. (Lai and Rosin 2014) applied Otsu's method to the circular histogram. For the two class circular thresholding task they showed that, for a histogram with an even number of bins, the optimal solution for Otsu's criterion of within-class variance is obtained when the histogram is split into two halves. Therefore the optimal solution can be efficiently obtained in linear rather than quadratic time. == References and further reading == D.-C. Tseng, Y.-F. Li, and C.-T. Tung, Circular histogram thresholding for color image segmentation in Proc. Int. Conf. Document Anal. Recognit., 1995, pp. 673–676. J. Wu, P. Zeng, Y. Zhou, and C. Olivier, A novel color image segmentation method and its application to white blood cell image analysis in Proc. Int. Conf. Signal Process., vol. 2. 2006, pp. 16–20. Y.K. Lai, P.L. Rosin, Efficient Circular Thresholding, IEEE Trans. on Image Processing 23(3), 992–1001 (2014). doi:10.1109/TIP.2013.2297014
Color reproduction
Color reproduction is an aspect of color science concerned with producing light spectra that evoke a desired color, either through additive (light emitting) or subtractive (surface color) models. It converts physical correlates of color perception (CIE 1931 XYZ color space tristimulus values and related quantities) into light spectra that can be experienced by observers. In this way, it is the opposite of colorimetry. It is concerned with the faithful reproduction of a color in one medium, with a color in another, so it is a central concept in color management and relies heavily on color calibration. For example, food packaging must be able to faithfully reproduce the colors of the foods therein in order to appeal to a customer. This involves proper color calibration of at least four devices: Lighting, which must have a high color rendering index and not give a color cast to the object. Camera, which measures the reflected spectrum of the object and converts to a trichromatic color space (e.g. RGB). Screen, which reproduces color so a designer can proof the captured image and make color corrections as necessary. Printer, which reproduces the final color on paper.
Elements (toolchain)
RemObjects Elements is a toolchain for software development, comprising six programming languages: C#, Swift, Go, Java, Oxygene (a form of modern Object Pascal), and Visual Basic .NET. All languages interoperate, meaning a single project can use any combination of languages, and they can all be compiled to .NET, the JVM, native, or WebAssembly. Elements supports Microsoft Windows, all Apple Inc. platforms (including iOS, visionOS and watchOS), Android, and Linux. Elements also supports language conversion, allowing source code in one language to be rewritten in another. Elements is supported in Visual Studio, but RemObjects also makes their own IDEs, Fire (on MacOS) and Water (on Windows.) == Background == RemObjects began in 2002, creating software for Delphi, but in 2005 in response to the growth of .NET and that Delphi was targeting only native Windows, they released Oxygene (known as Chrome at the time) as a new version of Object Pascal, with more modern syntax as well as being .NET-native. Since then, five other languages have been added to the suite, as well as compiling for the web via WebAssembly and to native architectures (eg Intel 32/64 or ARM64). Elements is primarily intended for developers who want to pull together libraries and codebases written in multiple languages, including legacy codebases in older languages while modernizing either with newer syntax and features or by adding in the use of newer or more popular languages. Because of the Oxygene flavour of Object Pascal, supporting Delphi apps is a primary focus, including allowing Pascal to be compiled for other architectures or providing language features that match other prominent languages. == Approach == New versions of the Elements come out approximately every week. RemObjects names its programming languages after chemical elements, sometimes with poetic or musical spelling, rather than referring to them directly. They are: C#: Hydrogene Object Pascal: Oxygene Java: Iodine Visual Basic: Mercury Go: Gold Swift: Silver == History == The Elements compiler was first introduced with version 1.0 in 2005 under the name "Chrome", with support for only the Oxygene language on the .NET platform, primarily as a response to the then-new and not well-received Delphi .NET compiler from Embarcadero. Chrome saw updates to version 1.5 'Floorshow' and Chrome 2.0 'Joyride' over the next few years, moving in parallel with major advancements on the .NET platform for .NET 2.0 (Generics) and .NET 3.x (LINQ), respectively. With the release of version 3.0 (code-named Oxygène after the Jean-Michel Jarre album of the same name) Chrome was rebranded to Oxygene in 2008, and also shipped co-branded by Embarcadero as Delphi Prism (later just Prism) as part of RAD Studio, replacing Embarcadero's own and now-defunct Delphi.NET compiler. 2010 saw the release of Oxygene 4 ("Echoes"), the last version to focus on just a single language and platform. With Oxygene 5 in 2011 and Oxygene 6 in 2013, RemObjects introduced new platform support for Java/Android (code-name "Cooper") and then Cocoa, the Apple development platform (code-name "Toffee"). Elements 7.0 was released at the beginning of 2014, adding the second programming language, C# to the compiler, and delegating Oxygene from the product name to merely branding the Object Pascal-based language. Over the subsequent years, Elements gained support for additional languages, with Apple Swift in 2015, Java in 2017, and subsequently Google's Go and Mercury, a revitalized Visual Basic.NET. Elements also gained support for its fourth target platform, "Island", for CPU-native compilation for Windows, Linux, and WebAssembly. In addition to the chemical elements-based names for the different languages, the "Elements" concept was carried on with the introduction of dedicated development environments alchemically named Fire (for the Mac, in 2015) and Water (for Windows, in 2018). == Fire and Water (IDEs) == Fire and Water are integrated development environments developed by RemObjects Software. They are designed specifically for use with the Elements Compiler. Fire is the version developed for macOS, while Water is intended for Microsoft Windows. Both IDEs are designed to work closely with the Elements compiler and are primarily intended for developers using the RemObjects language ecosystem. They support software development across multiple platforms, including .NET, Android, iOS, macOS, Windows, Linux, and WebAssembly. The IDEs include standard development tools such as syntax highlighting, code completion, debugging, and project navigation. Build operations are managed using a custom system known as EBuild, which is part of the broader Elements toolchain. The IDEs are distributed as part of the RemObjects Elements package and are updated in coordination with the compiler itself. == In media == Oxygene has been mentioned several times by Verity Stob in their Chronicles of Delphi series, currently living at The Register.
Pwnie Awards
The Pwnie Awards are an annual awards ceremony that recognizes both excellence and incompetence in the field of information security, described by SecurityWeek as an event that "recognizes excellence and mocks incompetence in cybersecurity." Winners are selected by a committee of security industry professionals from nominations collected from the information security community. Nominees are announced yearly at Summercon, and the awards themselves are presented at the Black Hat Security Conference. == Origins == The name Pwnie Award is based on the word "pwn", which is hacker slang meaning to "compromise" or "control" based on the previous usage of the word "own" (and it is pronounced similarly). The name "The Pwnie Awards," pronounced as "Pony," is meant to sound like the Tony Awards, an awards ceremony for Broadway theater in New York City. == History == The Pwnie Awards were founded in 2007 by Alexander Sotirov and Dino Dai Zovi following discussions regarding Dino's discovery of a cross-platform QuickTime vulnerability (CVE-2007-2175) and Alexander's discovery of an ANI file processing vulnerability (CVE-2007-0038) in Internet Explorer. == Winners == === 2024 === Most Epic Fail: Crowdstrike for 2024 CrowdStrike incident Best Mobile Bug: Operation Triangulation Lamest Vendor Response: Xiaomi for obstructing Pwn2Own researchers from using their services Best Cryptographic Attack: GoFetch Best Desktop Bug: forcing realtime WebAudio playback in Chrome (CVE-2023-5996) Best Song: Touch Some Grass by UwU Underground Best Privilege Escalation: Windows Streaming Service UAF (CVE-2024-30089) by Valentina Palmiotti (chompie) Best Remote Code Execution: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability (CVE-2024-30080) Most Epic Achievement: Discovery and reverse engineering of the XZ Utils backdoor Most Innovative Research: Let the Cache Cache and Let the WebAssembly Assemble: Knocking’ on Chrome’s Shell by Edouard Bochin, Tao Yan, and Bo Qu Most Underhyped Research: See No Eval: Runtime Dynamic Code Execution in Objective-C === 2023 === Best Desktop Bug: CountExposure! by RyeLv(@b2ahex) Best Cryptographic Attack: Video-based cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED by Ben Nassi, Etay Iluz, Or Cohen, Ofek Vayner, Dudi Nassi, Boris Zadov, Yuval Elovici Best Song: Clickin’ Most Innovative Research: Inside Apple’s Lightning: Jtagging the iPhone for Fuzzing and Profit Most Under-Hyped Research: Activation Context Cache Poisoning Best Privilege Escalation Bug: URB Excalibur: Slicing Through the Gordian Knot of VMware VM Escapes Best Remote Code Execution Bug: ClamAV RCE Lamest Vendor Response: Three Lessons From Threema: Analysis of a Secure Messenger Most Epic Fail: “Holy fucking bingle, we have the no fly list,” Epic Achievement: Clement Lecigne: 0-days hunter world champion Lifetime Achievement Award: Mudge === 2022 === Lamest Vendor Response: Google's "TAG" response team for "unilaterally shutting down a counterterrorism operation." Epic Achievement: Yuki Chen’s Windows Server-Side RCE Bugs Most Epic Fail: HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains Best Desktop Bug: Pietro Borrello, Andreas Kogler, Martin Schwarzl, Moritz Lipp, Daniel Gruss, Michael Schwarz for Architecturally Leaking Data from the Microarchitecture Most Innovative Research: Pietro Borrello, Martin Schwarzl, Moritz Lipp, Daniel Gruss, Michael Schwarz for Custom Processing Unit: Tracing and Patching Intel Atom Microcode Best Cryptographic Attack: Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86 by Yingchen Wang, Riccardo Paccagnella, Elizabeth Tang He, Hovav Shacham, Christopher Fletcher, David Kohlbrenner Best Remote Code Execution Bug: KunlunLab for Windows RPC Runtime Remote Code Execution (CVE-2022-26809) Best Privilege Escalation Bug: Qidan He of Dawnslab, for Mystique in the House: The Droid Vulnerability Chain That Owns All Your Userspace Best Mobile Bug: FORCEDENTRY Most Under-Hyped Research: Yannay Livneh for Spoofing IP with IPIP Best Song: Dialed Up by Project Mammoth === 2021 === Lamest Vendor Response: Cellebrite, for their response to Moxie, the creator of Signal, reverse-engineering their UFED and accompanying software and reporting a discovered exploit. Epic Achievement: Ilfak Guilfanov, in honor of IDA's 30th Anniversary. Best Privilege Escalation Bug: Baron Samedit of Qualys, for the discovery of a 10-year-old exploit in sudo. Best Song: The Ransomware Song by Forrest Brazeal Best Server-Side Bug: Orange Tsai, for his Microsoft Exchange Server ProxyLogon attack surface discoveries. Best Cryptographic Attack: The NSA for its disclosure of a bug in the verification of signatures in Windows which breaks the certificate trust chain. Most Innovative Research: Enes Göktaş, Kaveh Razavi, Georgios Portokalidis, Herbert Bos, and Cristiano Giuffrida at VUSec for their research on the "BlindSide" Attack. Most Epic Fail: Microsoft, for their failure to fix PrintNightmare. Best Client-Side Bug: Gunnar Alendal's discovery of a buffer overflow on the Samsung Galaxy S20's secure chip. Most Under-Hyped Research: The Qualys Research Team for 21Nails, 21 vulnerabilities in Exim, the Internet's most popular mail server. === 2020 === Best Server-Side Bug: BraveStarr (CVE-2020-10188) – A Fedora 31 netkit telnetd remote exploit (Ronald Huizer') Best Privilege Escalation Bug: checkm8 – A permanent unpatchable USB bootrom exploit for a billion iOS devices. (axi0mX) Epic Achievement: "Remotely Rooting Modern Android Devices" (Guang Gong) Best Cryptographic Attack: Zerologon vulnerability (Tom Tervoort, CVE-2020-1472) Best Client-Side Bug: RCE on Samsung Phones via MMS (CVE-2020-8899 and -16747), a zero click remote execution attack. (Mateusz Jurczyk) Most Under-Hyped Research: Vulnerabilities in System Management Mode (SMM) and Trusted Execution Technology (TXT) (CVE-2019-0151 and -0152) (Gabriel Negreira Barbosa, Rodrigo Rubira Branco, Joe Cihula) Most Innovative Research: TRRespass: When Memory Vendors Tell You Their Chips Are Rowhammer-free, They Are Not. (Pietro Frigo, Emanuele Vannacci, Hasan Hassan, Victor van der Veen, Onur Mutlu, Cristiano Giuffrida, Herbert Bos, Kaveh Razavi) Most Epic Fail: Microsoft; for the implementation of Elliptic-curve signatures which allowed attackers to generate private pairs for public keys of any signer, allowing HTTPS and signed binary spoofing. (CVE-2020-0601) Best Song: Powertrace by Rebekka Aigner, Daniel Gruss, Manuel Weber, Moritz Lipp, Patrick Radkohl, Andreas Kogler, Maria Eichlseder, ElTonno, tunefish, Yuki and Kater Lamest Vendor Response: Daniel J. Bernstein (CVE-2005-1513) === 2019 === Best Server-Side Bug: Orange Tsai and Meh Chang, for their SSL VPN research. Most Innovative Research: Vectorized Emulation Brandon Falk Best Cryptographic Attack: \m/ Dr4g0nbl00d \m/ Mathy Vanhoef, Eyal Ronen Lamest Vendor Response: Bitfi Most Over-hyped Bug: Allegations of Supermicro hardware backdoors, Bloomberg Most Under-hyped Bug: Thrangrycat, (Jatin Kataria, Red Balloon Security) === 2018 === Most Innovative Research: Spectre/Meltdown (Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom) Best Privilege Escalation Bug: Spectre/Meltdown (Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom) Lifetime Achievement: Michał Zalewski Best Cryptographic Attack: ROBOT - Return Of Bleichenbacher’s Oracle Threat Hanno Böck, Juraj Somorovsky, Craig Young Lamest Vendor Response: Bitfi hardware crypto-wallet, after the "unhackable" device was hacked to extract the keys required to steal coins and rooted to play Doom. === 2017 === Epic Achievement: Federico Bento for Finally getting TIOCSTI ioctl attack fixed Most Innovative Research: ASLR on the line Ben Gras, Kaveh Razavi, Erik Bosman, Herbert Bos, Cristiano Giuffrida Best Privilege Escalation Bug: DRAMMER Victor van der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clementine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, Cristiano Giuffrida Best Cryptographic Attack: The first collision for full SHA-1 Marc Stevens, Elie Bursztein, Pierre Karpman, Ange Albertini, Yarik Markov Lamest Vendor Response: Lennart Poettering - for mishandling security vulnerabilities most spectacularly for multiple critical Systemd bugs Best Song: Hello (From the Other Side) - Manuel Weber, Michael Schwarz, Daniel Gruss, Moritz Lipp, Rebekka Aigner === 2016 === Most Innovative Research: Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector Erik Bosman, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida Lifetime Achievement: Peiter Zatko aka Mudge Best Cryptographic Attack: DROWN attack Nimrod Aviram et al. Best Song: Cyberlier - Katie Mous
Cobocards
CoboCards is a web application for creation, study and sharing of flashcards. They also provide mobile application for Android and iOS mobile devices, to help study of flashcards on the move. Based on the freemium model, CoboCards provides users a free account with two card sets compared to paid subscription with premium features such as unlimited card sets, Leitner system based trainer and collaborative learning. == History == CoboCards is a project of Jamil Soufan and Tamim Swaid. Tamim Swaid has developed the concept and interface of a collaboratively usable e-learning platform in his diploma thesis at the University of Applied Sciences in February 2007. In January 2010 they founded the CoboCards GmbH (limited company) together with Ali Yildirim. CoboCards is supported by its strategic partners Prof. Schroeder (RWTH Aachen University), Prof. Oliver Wrede (University for Applied Sciences Aachen) and Prof. Klaus Gasteier (University of Arts Berlin). With the idea of creating and studying flashcards online and offering an active control of learning progress they won the start2grow business idea competition in September 2009 (€25.000 ). Additionally CoboCards was funded by German Authorities with approximately €100.000 .