Huroof (Arabic: حروف, lit. 'letters') is an Android kids application produced by the Islamic State, specifically the Islamic States' Al-Himmah Library, which is targeted towards kids in order to teach kids the Arabic alphabet, and to also get kids to support the Islamic State and its practices. == Application == Huroof uses child-like appearances on the main menu, and throughout multiple of Huroof's in-game games for learning the alphabet, a lot of the games reference jihadist concepts, including imagery of weapons (such as missile, tank, cannon, sword,...), 'violent' images, as well as Islamic State imagery, including the flag of the Islamic State, Huroof uses nasheeds from Ajnad Media Foundation for audio production in the app. Reportedly, Huroof was released via Telegram channels of the Islamic State, as well as other file sharing websites. It is not the first moblie app released by Islamic State, but it is the first time they released a moblie application targeting children. === Nasheed game === In the Huroof app, there's a game where you listen to a radio, with the Al-Bayan logo on it, and learn the Arabic alphabet while the nasheed plays. === Writing game === In Huroof, there's a game where you can write out letters of the Arabic alphabet, as well as numbers while a small child tells you what they are. === Letter choosing game === In the app, there's a game they shows you images, and you choose which letter that image/item starts with.
Zero-day vulnerability
A zero-day (also known as a 0-day) is a vulnerability or security hole in a computer system unknown to its developers or anyone capable of mitigating it. Until the vulnerability is remedied, threat actors can exploit it in a zero-day exploit, or zero-day attack. The term "zero-day" originally referred to the number of days since a new piece of software was released to the public, so "zero-day software" was obtained by hacking into a developer's computer before release. Eventually the term was applied to the vulnerabilities that allowed this hacking, and to the number of days that the vendor has had to fix them. Vendors who discover the vulnerability may create patches or advise workarounds to mitigate it, though users need to deploy that mitigation to eliminate the vulnerability in their systems. Zero-day attacks are severe threats. == Definition == Despite developers' goal of delivering a product that works entirely as intended, virtually all products contain software and hardware bugs. If a bug creates a security risk, it is called a vulnerability. Vulnerabilities vary in their ability to be exploited by malicious actors. Some are not usable at all, while others can be used to disrupt the device with a denial of service attack. The most dangerous allow the attacker to inject and run their own code, without the user being aware of it. Although the term "zero-day" initially referred to the time since the vendor had become aware of the vulnerability, zero-day vulnerabilities can also be defined as the subset of vulnerabilities for which no patch or other fix is available. A zero-day exploit is any exploit that takes advantage of such a vulnerability. == Exploits == An exploit is the delivery mechanism that takes advantage of the vulnerability to penetrate the target's systems, for such purposes as disrupting operations, installing malware, or exfiltrating data. Researchers Lillian Ablon and Andy Bogart write that "little is known about the true extent, use, benefit, and harm of zero-day exploits". Exploits based on zero-day vulnerabilities are considered more dangerous than those that take advantage of a known vulnerability. However, it is likely that most cyberattacks use known vulnerabilities, not zero-days. Governments of states are the primary users of zero-day exploits, not only because of the high cost of finding or buying vulnerabilities, but also the significant cost of writing the attack software. Nevertheless, anyone can use a vulnerability, and according to research by the RAND Corporation, "any serious attacker can always get an affordable zero-day for almost any target". Many targeted attacks and most advanced persistent threats rely on zero-day vulnerabilities. In 2017, the average time to develop an exploit from a zero-day vulnerability was estimated at 22 days. The difficulty of developing exploits has been increasing over time due to increased anti-exploitation features in popular software. === Window of vulnerability === Zero-day vulnerabilities are often classified as alive—meaning that there is no public knowledge of the vulnerability—and dead—the vulnerability has been disclosed, but not patched. If the software's maintainers are actively searching for vulnerabilities, it is a living vulnerability; such vulnerabilities in unmaintained software are called immortal. Zombie vulnerabilities can be exploited in older versions of the software but have been patched in newer versions. Even publicly known and zombie vulnerabilities are often exploitable for an extended period. Security patches can take months to develop, or may never be developed. A patch can have negative effects on the functionality of software and users may need to test the patch to confirm functionality and compatibility. Larger organizations may fail to identify and patch all dependencies, while smaller enterprises and personal users may not install patches. Research suggests that risk of cyberattack increases if the vulnerability is made publicly known or a patch is released. Cybercriminals can reverse engineer the patch to find the underlying vulnerability and develop exploits, often faster than users install the patch. According to research by RAND Corporation published in 2017, zero-day exploits remain usable for 6.9 years on average, although those purchased from a third party only remain usable for 1.4 years on average. The researchers were unable to determine if any particular platform or software (such as open-source software) had any relationship to the life expectancy of a zero-day vulnerability. Although the RAND researchers found that 5.7 percent of a stockpile of secret zero-day vulnerabilities will have been discovered by someone else within a year, another study found a higher overlap rate, as high as 10.8 percent to 21.9 percent per year. == Countermeasures == Because, by definition, there is no patch that can block a zero-day exploit, all systems employing the software or hardware with the vulnerability are at risk. This includes secure systems such as banks and governments that have all patches up to date. Security systems are designed around known vulnerabilities, and repeated exploitations of a zero-day exploit could continue undetected for an extended period of time. Although there have been many proposals for a system that is effective at detecting zero-day exploits, this remains an active area of research in 2023. Many organizations have adopted defense-in-depth tactics so that attacks are likely to require breaching multiple levels of security, which makes it more difficult to achieve. Conventional cybersecurity measures such as training and access control — including multi-factor authentication, least-privilege access, and air-gapping makes it harder to compromise systems with a zero-day exploit. Since writing perfectly secure software is impossible, some researchers argue that driving up the cost of exploits is considered a good strategy to reduce the burden of cyberattacks. == Market == Zero-day exploits can fetch millions of dollars. There are three main types of buyers: White: the vendor, or to third parties such as the Zero Day Initiative that disclose to the vendor. Often such disclosure is in exchange for a bug bounty. Not all companies respond positively to disclosures, as they can cause legal liability and operational overhead. It is not uncommon to receive cease-and-desist letters from software vendors after disclosing a vulnerability for free. Gray: the largest and most lucrative. Government or intelligence agencies buy zero-days and may use it in an attack, stockpile the vulnerability, or notify the vendor. The United States federal government is one of the largest buyers. As of 2013, the Five Eyes (United States, United Kingdom, Canada, Australia, and New Zealand) captured the plurality of the market and other significant purchasers included Russia, India, Brazil, Malaysia, Singapore, North Korea, and Iran. Middle Eastern countries were poised to become the biggest spenders. Black: organized crime, which typically prefers exploit software rather than just knowledge of a vulnerability. These users are more likely to employ "half-days" where a patch is already available. In 2015, the markets for government and crime were estimated at least ten times larger than the white market. Sellers are often hacker groups that seek out vulnerabilities in widely used software for financial reward. Some will only sell to certain buyers, while others will sell to anyone. White market sellers are more likely to be motivated by non pecuniary rewards such as recognition and intellectual challenge. Selling zero-day exploits is legal. Despite calls for more regulation, law professor Mailyn Fidler says there is little chance of an international agreement because key players such as Russia and Israel are not interested. The sellers and buyers that trade in zero-days tend to be secretive, relying on non-disclosure agreements and classified information laws to keep the exploits secret. If the vulnerability becomes known, it can be patched and its value consequently crashes. Because the market lacks transparency, it can be hard for parties to find a fair price. Sellers might not be paid if the vulnerability was disclosed before it was verified, or if the buyer declined to purchase it but used it anyway. With the proliferation of middlemen, sellers could never know to what use the exploits could be put. Buyers could not guarantee that the exploit was not sold to another party. Both buyers and sellers advertise on the dark web. Research published in 2022 based on maximum prices paid as quoted by a single exploit broker found a 44 percent annualized inflation rate in exploit pricing. Remote zero-click exploits could fetch the highest price, while those that require local access to the device are much cheaper. Vulnerabilities in widely used software are also more expensive. They estimated that around 400 to 1,500 people sold exploits to th
Acquisition of DirecTV by AT&T
AT&T Inc. announced an agreement with the DirecTV Group on May 18, 2014, to acquire the company for $48.5 billion in a joint cash-stock transaction and assumed debts of $18.6 billion for a total offer of $67.1 billion. Due to stalling growth in the wireless sector, AT&T began diversifying into mass media to expand its consumer offerings. After regulatory agencies approved the purchase on July 24, 2015, AT&T briefly became the largest Pay-TV provider. DirecTV was brought under AT&T's communication segment and DirecTV Now was launched on November 30, 2016, as an alternative to cord-cutting. In the years following the purchase, DirecTV lost millions of subscribers across its satellite and streaming services and by 2019, calls grew for AT&T to divest itself off the business. Initially, AT&T rejected these calls and defended the acquisition, but by February 2021, it reached a deal with TPG Inc. to transfer ownership of DirecTV. Under the terms of the agreement, AT&T would retain a 70% majority stake in DirecTV but would no longer oversee its daily operations. The deal was finalized by August 2, 2021, with AT&T receiving $7.1 billion. By July 3, 2025, AT&T sold its majority stake to TPG, ending any ties of involvement. == Background and Development == === AT&T's history === The company to bear the name "AT&T" was founded on March 3, 1885, as American Telephone and Telegraph Company (or AT&T Corporation) by Theodore Newton Vail as a long-distance subsidiary of the Bell Telephone Company. By December 1899, the Bell Telephone's assets were transferred to AT&T, with the latter gaining control of the Bell System, a regional network of local telecom companies. Theodore Vail became AT&T's President in 1907 and under his leadership, AT&T gained a monopoly over the telephone sector in the United States. This near century dominance earned AT&T the nickname of "Ma Bell." In 1974, the U.S. Department of Justice sued AT&T on accounts of antitrust violations. AT&T challenged the lawsuit, but in 1982, it reached a settlement with the DOJ to break apart its Bell System monopoly into seven regional companies. On January 1, 1984, the Bell System came to an end and led to a reshaped telecom industry. One of these regional companies, Southwestern Bell, emerged as the smallest, but after the passage of the 1996 Telecom Act, deregulated telecom rules allowed SBC to become a major telecom company. AT&T briefly became the largest cable and broadband company by the end of the 20th Century, but later deconsolidated to exit those industries. In 2005, SBC acquired its former parent, AT&T, and took on its branding as AT&T Inc, while retaining its previous business history. The newly reincorporated AT&T acquired BellSouth in 2006 and reconstituted much of its former Bell System. === DirecTV's history === == Acquisition Timeline == == Managing DirecTV == == Divestment and Spinoff ==
Web3D
Web3D, also called 3D Web, is a group of technologies to display and navigate websites using 3D computer graphics. These technologies enable applications such as online games, virtual reality experiences, interactive product demonstrations, and 3D data visualization directly within web browsers. The emergence of Web3D dates back to 1994, with the advent of VRML, a file format designed to store and display 3D graphical data on the World Wide Web. Modern Web3D is primarily powered by WebGL, a JavaScript API that enables hardware-accelerated 3D graphics rendering in web browsers without requiring plug-ins. == Pre-WebGL era == The emergence of Web3D dates back to 1994, with the advent of VRML, a file format designed to store and display 3D graphical data on the World Wide Web. In October 1995, at Internet World, Template Graphics Software demonstrated a 3D/VRML plug-in for the beta release of Netscape 2.0 by Netscape Communications. The Web3D Consortium was formed to further the collective development of the format. VRML and its successor, X3D, have been accepted as international standards by the International Organization for Standardization and the International Electrotechnical Commission. The main drawback of the technology was the requirement to use third-party browser plug-ins to perform 3D rendering, which slowed the adoption of the standard. Between 2000 and 2010, one of these plug-ins, Adobe Flash Player, was widely installed on desktop computers and was used to display interactive web pages and online games and to play video and audio content. Several Flash-based frameworks appeared that used software rendering and ActionScript 3 to perform 3D computations such as transformations, lighting, and texturing. Most notable among them were Papervision3D and Away3D. Eventually, Adobe developed Stage3D, an API for rendering interactive 3D graphics with GPU-acceleration for its Flash player and AIR products, which was adopted by software vendors. In 2009, an open-source 3D web technology called O3D was introduced by Google. It also required a browser plug-in, but contrary to Flash/Stage3D, was based on JavaScript API. O3D was geared not only for games but also for advertisements, 3D model viewers, product demos, simulations, engineering applications, control and monitoring systems. == WebGL and glTF == WebGL (short for "Web Graphics Library") evolved out of the Canvas 3D experiments started by Vladimir Vukićević at Mozilla Foundation. Vukićević first demonstrated a Canvas 3D prototype in 2006. By the end of 2007, both Mozilla and Opera had made their own separate implementations. In early 2009, the nonprofit technology consortium Khronos Group started the WebGL Working Group, with initial participation from Apple, Google, Mozilla, Opera, and others. Version 1.0 of the WebGL specification was released in March 2011. Major advantages of the new technology include conformity with web standards and near-native 3D performance without the use of any browser plug-ins. Since WebGL is based on OpenGL ES, it works on mobile devices without any additional abstraction layers. For other platforms, WebGL implementations leverage ANGLE to translate OpenGL ES calls to DirectX, OpenGL, or Vulkan API calls. Among notable WebGL frameworks are A-Frame, which uses HTML-based markup for building virtual reality experiences; PlayCanvas, an open-source engine alongside a proprietary cloud-hosted creation platform for building browser games; Three.js, an MIT-licensed framework used to create demoscene from the early 2000s; Unity, which obtained a WebGL back-end in version 5; and Verge3D, which integrates with Blender, 3ds Max, and Maya to create 3D web content. With the rapid adoption of WebGL, a new problem arose—the lack of a 3D file format optimized for the Web. This issue was addressed by glTF, a format that was conceived in 2012 by members of the COLLADA working group. At SIGGRAPH 2012, Khronos presented a demo of glTF, which was then called WebGL Transmissions Format (WebGL TF). On 19 October 2015, the glTF 1.0 specification was released. Version 2.0 glTF uses a physically based rendering material model, proposed by Fraunhofer. Other upgrades include sparse accessors and morph targets for techniques such as facial animation, and schema tweaks and breaking changes for corner cases or performance, such as replacing top-level glTF object properties with arrays for faster index-based access. == Future == "WebGPU" is the working name for a potential web standard and JavaScript API for accelerated graphics and computing, aiming to provide "modern 3D graphics and computation capabilities". It is developed by the W3C "GPU for the Web" Community Group, with engineers from Apple, Mozilla, Microsoft, and Google, among others. WebGPU will not be based on any existing 3D API and will use Rust-like syntax for shaders.
Universal Plug and Play
UPnP (originally Universal Plug and Play) is a set of Internet Protocol-based networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices, to seamlessly discover each other's presence on the network and establish functional network services. UPnP is intended primarily for residential networks without enterprise-class devices. Officially, only the abbreviations UPnP and UPnP+ are trademarked. UPnP assumes the network runs IP, and then uses HTTP on top of IP to provide device/service description, actions, data transfer and event notification. Device search requests and advertisements are supported by running HTTP on top of UDP (port 1900) using multicast (known as HTTPMU). Responses to search requests are also sent over UDP, but are instead sent using unicast (known as HTTPU). Conceptually, UPnP extends plug and play—a technology for dynamically attaching devices directly to a computer—to zero-configuration networking for residential and SOHO wireless networks. UPnP devices are plug-and-play in that, when connected to a network, they automatically establish working configurations with other devices, removing the need for users to manually configure and add devices through IP addresses. UPnP is generally regarded as unsuitable for deployment in business settings for reasons of economy, complexity, and consistency: the multicast foundation makes it chatty, consuming too many network resources on networks with a large population of devices; the simplified access controls do not map well to complex environments. == Overview == The UPnP architecture allows device-to-device networking of consumer electronics, mobile devices, personal computers, and networked home appliances. It is a distributed, open architecture protocol based on established standards such as the Internet Protocol Suite (TCP/IP), HTTP, XML, and SOAP. UPnP control points (CPs) are devices which use UPnP protocols to control UPnP controlled devices (CDs). The UPnP architecture supports zero-configuration networking. A UPnP-compatible device from any vendor can dynamically join a network, obtain an IP address, announce its name, advertise or convey its capabilities upon request, and learn about the presence and capabilities of other devices. Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) servers are optional and are only used if they are available on the network. Devices can disconnect from the network automatically without leaving state information. UPnP was published as a 73-part international standard ISO/IEC 29341 in December 2008. Other UPnP features include: Media and device independence UPnP technology can run on many media that support IP, including Ethernet, FireWire, Infrared (IrDA), home wiring (G.hn) and Radiofrequency (Bluetooth, Wi-Fi). No special device driver support is necessary; common network protocols are used instead. User interface (UI) control Optionally, the UPnP architecture enables devices to present a user interface through a web browser (see Presentation below). Operating system and programming language independence Any operating system and any programming language can be used to build UPnP products. UPnP stacks are available for most platforms and operating systems in both closed- and open-source forms. Programmatic control UPnP architecture also enables conventional application programmatic control. Extensibility Each UPnP product can have device-specific services layered on top of the basic architecture. In addition to combining services defined by the UPnP Forum in various ways, vendors can define their own device and service types. They can extend standard devices and services with vendor-defined actions, state variables, data structure elements, and variable values. == Protocol == UPnP uses common Internet technologies. It assumes the network must run Internet Protocol (IP) and then uses HTTP, SOAP and XML on top of IP, to provide device/service description, actions, data transfer and eventing. Device search requests and advertisements are supported by running HTTP on top of UDP using multicast (known as HTTPMU). Responses to search requests are also sent over UDP, but are instead sent using unicast (known as HTTPU). UPnP uses UDP due to its lower overhead, as it does not require confirmation of received data and retransmission of corrupt packets. HTTPU and HTTPMU specifications were initially submitted as an Internet Draft, but it expired in 2001; These specifications have since been integrated into the actual UPnP specifications. UPnP uses UDP port 1900, and all used TCP ports are derived from the SSDP alive and response messages. === Addressing === The foundation for UPnP networking is IP addressing. Each device must implement a DHCP client and search for a DHCP server when the device is first connected to the network. If no DHCP server is available, the device must assign itself an address. The process by which a UPnP device assigns itself an address is known within the UPnP Device Architecture as AutoIP. In UPnP Device Architecture Version 1.0, AutoIP is defined within the specification itself; in UPnP Device Architecture Version 1.1, AutoIP references IETF RFC 3927. If during the DHCP transaction, the device obtains a domain name, for example, through a DNS server or via DNS forwarding, the device should use that name in subsequent network operations; otherwise, the device should use its IP address. === Discovery === Once a device has established an IP address, the next step in UPnP networking is discovery. The UPnP discovery protocol is known as the Simple Service Discovery Protocol (SSDP). When a device is added to the network, SSDP allows that device to advertise its services to control points on the network. This is achieved by sending SSDP alive messages. When a control point is added to the network, SSDP enables that control point to actively search for devices of interest on the network or listen passively to SSDP alive messages from devices. The fundamental exchange is a discovery message containing a few essential details about the device or one of its services, such as its type, identifier, and a pointer (network location) to more detailed information. === Description === After a control point has discovered a device, it still knows very little about the device. For the control point to learn more about the device and its capabilities, or to interact with the device, it must retrieve the device's description from the location (URL) provided by the device in the discovery message. The UPnP Device Description is expressed in XML. It includes vendor-specific manufacturer information like the model name and number, serial number, manufacturer name, (presentation) URLs to vendor-specific websites, etc. The description also includes a list of any embedded services. For each service, the Device Description document lists the URLs for control, eventing and service description. Each service description includes a list of the commands, or actions, to which the service responds, and parameters, or arguments, for each action; the description for a service also includes a list of variables; these variables model the state of the service at run time and are described in terms of their data type, range, and event characteristics. === Control === Having retrieved a description of the device, the control point can send actions to a device's service. To do this, a control point sends a suitable control message to the control URL for the service (provided in the device description). Control messages are also expressed in XML using the Simple Object Access Protocol (SOAP). Much like function calls, the service returns any action-specific values in response to the control message. The effects of the action, if any, are modeled by changes in the variables that describe the run-time state of the service. === Event notification === Another capability of UPnP networking is event notification, or eventing. The event notification protocol defined in the UPnP Device Architecture is known as General Event Notification Architecture (GENA). A UPnP description for a service includes a list of actions the service responds to and a list of variables that model the state of the service at runtime. The service publishes updates when these variables change, and a control point may subscribe to receive this information. The service publishes updates by sending event messages. Event messages contain the names of one or more state variables and their current values. These messages are also expressed in XML. A special initial event message is sent when a control point first subscribes; this event message contains the names and values for all evented variables and allows the subscriber to initialize its model of the state of the service. To support scenarios with multiple control points, eventing is designed to keep all control points equally informed
Cumulus (software)
Cumulus is a digital asset management software designed for client/server system which is developed by Canto Software. The product makes use of metadata for indexing, organizing, and searching. == History == Cumulus was first released as a Macintosh application in 1992, and was named by Apple Computer as the "Most Innovative Product of 1992". Cumulus introduced search capabilities beyond those available in the Macintosh at the time, particularly relating to thumbnails. Cumulus 1.0 was a single-user product with no network capabilities. Among the main features of Cumulus 1.0, the search function automatically generated previews and contained support for the included AppleTalk – Peer-to-Peer – network. Cumulus 2.5 was available in five different languages and received the 1993 MacUser magazine Eddy award for "Best Publishing & Graphics Utility". In 1995, Canto introduced the scanner software "Cirrus" to focus on the development of Cumulus. Cumulus 3, released in 1996, introduced a server version for the first time and contained the possibility to spread files over the Internet via the "Web Publisher". Since Apple offered Cumulus 3 with its "Workgroup Server" as a bundle, Cumulus became one of the leading digital asset management systems. Cumulus 4 was the first version that was network-ready, and was available for Macintosh, Windows and UNIX operating systems allowing for cross-platform file sharing. Released in 1998, the support of Solaris was discounted later. Cumulus 5 modified the software core to use an open architecture providing an API to external systems and databases. The open architecture of Cumulus 5 also enabled a more functional bridge between Cumulus and the Internet. Cumulus 6 introduced Embedded Java Plugin (EJP) which allowed system integrators to build custom Java plug-ins in order to extend the functionality of the Cumulus client. Cumulus 6.5 marked the end of the Cumulus Single User Edition product, which was licensed to MediaDex for further development and distribution. Cumulus 7 was introduced summer of 2006. Cumulus 8 was released in June 2009, with new indexing capabilities taking advantage of multicore/multiprocessor systems, and ability to manage a wider variety of file formats. Cumulus 8.5 was released in May 2011. Support was added for multilingual metadata, sometimes referred to as "World Metadata." Cumulus Sites was updated to support metadata editing and file uploads. Cumulus 8.6 was released in July 2012, and contains an updated user interface for the administration of Cumulus Sites and additional features for web-based administration of Cumulus. Other additions include features for collaboration links, multi-language support and automated version control. Cumulus 9 was released in September 2013 and introduced a new Web Client User Interface and the Cumulus Video Cloud. The Cumulus Web Client UI was redesigned to provide users with a modern, easy-to-use interface to support and guide the user while addressing modern business needs. The Cumulus Video Cloud extends the Cumulus video handling capabilities to add conversion and global streaming. Cumulus 9 also saw the addition of upload collection links which allow external collaborators to drag and drop files directly into Cumulus without needing a Cumulus account. Cumulus 9.1 was released in May 2014 and introduced the Adobe Drive Adapter for Cumulus which allows users to browse and search digital assets in Cumulus directly from Adobe work environments such as Photoshop, InDesign, Illustrator, Premier and other Adobe applications. Cumulus 10 (Cumulus X) was released July 2015 and introduced two mobile-friendly products: the Cumulus app and Portals. The Cumulus app on iOS was designed to allow users to collaborate either on an iPhone or iPad. Portals is the read-only version of the Cumulus Web Client where users can work with assets that admins allow. Cumulus 10.1 was introduced in January 2016 and included the InDesign Client integration where users can work with Adobe InDesign while accessing their assets from Cumulus. Cumulus 10.2 was introduced in September 2016 and brought the Media Delivery Cloud using Amazon Web Services (AWS). It allows users to manage their media rendition in a single source and distribute media files globally across different channels and devices. Cumulus 10.2.3 was released in February 2017 and came with a "crop and customize photos" feature for Portals and the Web Client. == Product overview == The cataloging of the file via upload into the archive is where Cumulus transfers maximum information about the file from the metadata. For image or photo files, this is typically Exif and IPTC data. The metadata is mainly used to search the archive. The use of embargo data supports license management for copyrighted material. The managed files can be cataloged and their usage can be set. The indexing is based on a predefined taxonomy, which is governed by the internal rules of the organization or by industry standards. You can specify whether files can only be used for specific purposes or only by certain groups of people. The production management system includes version management for files. Via the publication function, the files can be distributed directly via links or e-mails. It's also possible to access from the outside via the Cumulus Portals web interface, which allows a read access to released content from the catalog. There are different variants, starting with the "Workgroup archive server" up to the "Enterprise Business Server" for large companies. Both server and client are extensible through a Java-based plug-in architecture. Since version 7.0, there is a web application based on Ajax with a separate user interface. For access to the Cumulus catalog on mobile, there has been an application for Apple devices based on iOS since 2010. == Miscellaneous == In 2015, Cumulus developer Canto established the first Canto digital asset management (DAM) event. The event is held annually in Berlin. The Henry Stewart team has been hosting DAM conferences since 2006.
Link-richness
Link-richness is the quality, possessed by some websites, of having many hyperlinks. Classified advertising sites like Craigslist tend to be very link-rich, sometimes with hundreds of links on their main page. They help users find the links they are looking for by grouping links into clusters. Inadequate link richness has been described as frustrating to readers, as it reduces transparency of site content from the main page. Students new to wiki collaboration were found to need guidance in how to take full advantage of the medium's potential for creating link-rich content. Link-richness in some contexts can be distracting, as when an article is surrounded by extraneous links. Indeed, it is becoming accepted as a best practice for universities to have link-rich home pages that do not rely on user categorisation and exploration of long sequences of links and are not constrained by traditional boundaries between departments. Tools are sometimes needed to make the publishing of link-rich web sites tractable, and many people may lack the technical skills, time, or inclination to engage in hand- crafting new digital document forms. A link-rich site that is low on content is sometimes referred to as a "gateway site." Link-rich portals were popular on the Web in 2000. Yahoo! and other sites featuring categories with many links were heavily used and often required fewer than three clicks to reach the content. Web designers were creating flat sites with content positioned close to the top of pages.