Attack path management is a cybersecurity technique that involves the continuous discovery, mapping, and risk assessment of identity-based attack paths. Attack path management is distinct from other computer security mitigation strategies in that it does not rely on finding individual attack paths through vulnerabilities, exploits, or offensive testing. Rather, attack path management techniques analyze all attack paths present in an environment based on active identity management policies, authentication configurations, and active authenticated "sessions" between objects. == Overview == Attack path management relies on concepts such as mapping and removing attack paths, identifying attack path choke points, and remediation of attack paths. Identity-based attacks are present in most publicly disclosed breaches, whether through social engineering to gain initial access to Active Directories or lateral movement for privilege escalation. Attackers require privileges to attack an environment’s most sensitive segments. Attack path management often involves removing out-of-date privileges and privilege assignments given to overly large groups. In attack path management, attack graphs are used to represent how a network of machines’ security is vulnerable to attack. The nodes in an attack graph represent principals and other objects such as machines, accounts, and security groups. The edges in an attack graph represent the links and relationships between nodes. Some nodes are easy to penetrate due to short paths from regular users to domain admins, resulting in focal points of concentrated network traffic, which are known as attack path choke points. Attack graphs are often analyzed using algorithms and visualization. Attack path management also identifies tier 0 assets, which are considered the most vulnerable because they have direct or indirect control of an Active Directory or Microsoft Entra ID environment.
Galaksija BASIC
Galaksija BASIC was the BASIC interpreter of the Galaksija build-it-yourself home computer from Yugoslavia. While being partially based on code taken from TRS-80 Level 1 BASIC, which the creator believed to have been a Microsoft BASIC, the extensive modifications of Galaksija BASIC—such as to include rudimentary array support, video generation code (as the CPU itself did it in absence of dedicated video circuitry) and generally improvements to the programming language—is said to have left not much more than flow-control and floating point code remaining from the original. The core implementation of the interpreter was fully contained in the 4 KiB ROM "A" or "1". The computer's original mainboard had a reserved slot for an extension ROM "B" or "2" that added more commands and features such as a built-in Zilog Z80 assembler. == ROM "A"/"1" symbols and keywords == The core implementation, in ROM "A" or "1", contained 3 special symbols and 32 keywords: ! begins a comment (equivalent of standard BASIC REM command) # Equivalent of standard BASIC DATA statement & prefix for hex numbers ARR$(n) Allocates an array of strings, like DIM, but can allocate only array with name A$ BYTE serves as PEEK when used as a function (e.g. PRINT BYTE(11123)) and POKE when used as a command (e.g. BYTE 11123,123). CALL n Calls BASIC subroutine as GOSUB in most other BASICs (e.g. CALL 100+4X) CHR$(n) converts an ASCII numeric code into a corresponding character (string) DOT x, y draws (command) or inspects (function) a pixel at given coordinates (0<=x<=63, 0<=y<=47). DOT displays the clock or time controlled by content of Y$ variable. Not in standard ROM EDIT n causes specified program line to be edited ELSE standard part of IF-ELSE construct (Galaksija did not use THEN) EQ compare alphanumeric values X$ and Y$ FOR standard FOR loop GOTO standard GOTO command HOME equivalent of standard BASIC CLS command - clears the screen HOME n protects n characters from the top of the screen from being scrolled away IF standard part of IF-ELSE construct (Galaksija did not use THEN) INPUT user entry of variable INT(n) a function that returns the greatest integer value equal to or lesser than n KEY(n) test whether a particular keyboard key is pressed LIST lists the program. Optional numeric argument specifies the first line number to begin listing with. MEM returns memory consumption data (need details here) NEW clears the current BASIC program NEW n clears BASIC program and moves beginning of BASIC area NEXT standard terminator of FOR loop OLD loads a program from tape OLD n loads program to different address PTR Returns address of the variable PRINT Printing numeric or string expression. RETURN Return from BASIC subroutine RND function (takes no arguments) that returns a random number between 0 and 1. RUN runs (executes) BASIC program. Optional numeric argument specifies the line number to begin execution with. SAVE saves a program to tape. Optional two arguments specify memory range to be saved (need details here). STEP standard part of FOR loop STOP stops execution of BASIC program TAKE replacement for READ and RESTORE. If the parameter is variable name, acts as READ, if it is number, acts as RESTORE UNDOT x, y "undraws" (resets) at specified coordinates (see DOT) UNDOT Stops the clock, not part of ROM USR Calls machine code subroutine WORD Double byte PEEK and POKE == ROM "B"/"2" additional symbols and keywords == The extended BASIC features, in ROM "B" or "2", contained one extra reserved symbol and 22 extra keywords: % /LABEL ABS(x) ARCTG(x) COS(x) COSD(x) DEL DUMP EXP(x) INP(x) LDUMP LLIST LN(x) LPRINT OUT PI POW(x,y) REN SIN(x), SIND(x) SQR(x) TG(x) TGD(x)
Argument Web
The Argument Web is a large-scale Web of interconnected arguments created by individuals as they express their opinions and interact with the opinions of others. The Argument Web aims to make online debate intuitive for participants such as mediators, students, academics, broadcasters and bloggers, to create a Web infrastructure that allows for the storage, automatic retrieval and analysis of linked argument data, and to improve the quality of online argument and debate. The Argument Web can be described as a portion of a larger Semantic Web. == AIFdb == AIFdb is a database implementation or ‘reification’ of the Argument Interchange Format (AIF), which allows for the storage and retrieval of AIF compliant argument structures. This database solution was provided as a foundation for an open, integrated Argument Web. It offers an extensive range of web services for interacting with stored argument data, while also offering search and argument visualisation features that are all consistent with the formal ontology of AIF. At a basic level, the AIFdb web services allow for the insertion and querying of basic components of an AIF argument, such as nodes, edges and schemes. Building upon this basis, it also facilitates more complex interactions with these AIF argument structures. Such complex queries could make it possible, for example, to determine all the statements made by a particular person in support a given I-Node. While, at its highest level of interaction, AIFdb can handle the import and export of many standard file formats, including SVG, DOT, RDF/XML and other formats of argument theory tools, like Carneades, Rationale and Araucaria. == Argument blogging == ArguBlogging is software which allows its users to select portions of hypertext on webpages in their Web browsers and to agree or disagree with the selected content, posting their arguments to their blogs with linked argument data. It is implemented as a bookmarklet, adding functionality to Web browsers and interoperating with blogging platforms such as Blogger and Tumblr.
Death of Elaine Herzberg
The death of Elaine Herzberg (August 2, 1968 – March 18, 2018) was the first recorded case of a pedestrian fatality involving a self-driving car, after a collision that occurred late in the evening of March 18, 2018. Herzberg was pushing a bicycle across a four-lane road in Tempe, Arizona, United States, when she was struck by an Uber test vehicle, which was operating in self-drive mode with a human safety backup driver sitting in the driving seat. Herzberg was taken to the local hospital where she died of her injuries. Following the fatal incident, the National Transportation Safety Board (NTSB) issued a series of recommendations and sharply criticized Uber. The company suspended testing of self-driving vehicles in Arizona, where such testing had been approved since August 2016. Uber chose not to renew its permit for testing self-driving vehicles in California when it expired at the end of March 2018. Uber resumed testing in December 2018, starting in Pittsburgh, Pennsylvania. In March 2019, Arizona prosecutors ruled that Uber was not criminally responsible for the crash. The back-up driver of the vehicle was charged with negligent homicide, pled guilty to endangerment, and was sentenced to three years' probation. While Herzberg was the first pedestrian killed by a self-driving car, driver Gao Yaning died in a Tesla semi-autonomous car two years earlier. A reporter for The Washington Post compared Herzberg's fate with that of Bridget Driscoll who, in the United Kingdom in 1896, was the first pedestrian to be killed by an automobile. The Arizona incident has magnified the importance of collision avoidance systems for self-driving vehicles. == Collision summary == Herzberg was crossing Mill Avenue (North) from west to east, approximately 360 feet (110 m) south of the intersection with Curry Road, outside the designated pedestrian crosswalk, close to the Red Mountain Freeway. She was pushing a bicycle laden with shopping bags, and had crossed at least two lanes of traffic when she was struck at approximately 9:58 pm MST (UTC−07:00) by a prototype Uber self-driving car based on a Volvo XC90, which was traveling north on Mill. The vehicle had been operating in autonomous mode since 9:39 pm, nineteen minutes before it struck and killed Herzberg. The car's human safety backup driver, Rafaela Vasquez, did not intervene in time to prevent the collision. Vehicle telemetry obtained after the crash showed that the human operator responded by moving the steering wheel less than a second before impact, and she engaged the brakes less than a second after impact. == Cause investigation == The county district attorney's office recused itself from the investigation, due to a prior joint partnership with Uber promoting their services as an alternative to driving under the influence of alcohol. Accounts differ on the speed limit at the place of the incident. According to Tempe police the car was traveling in a 35 mph (56 km/h) zone, but this is contradicted by a posted speed limit of 45 mph (72 km/h). The National Transportation Safety Board (NTSB) sent a team of federal investigators to gather data from vehicle instruments, and to examine vehicle condition along with the actions taken by the safety driver. Their preliminary findings were substantiated by multiple event data recorders and proved the vehicle was traveling 43 miles per hour (69 km/h) when Herzberg was first detected 6 seconds (378 feet (115 m)) before impact; during 4.7 seconds the self driving system did not infer that emergency braking was needed. A vehicle traveling 43 mph (69 km/h) can generally stop within 89 feet (27 m) once the brakes are applied. The machine needed to be 1.3 seconds (82 feet (25 m)) away prior to discerning that emergency braking was required, whereas at least that much distance was required to stop. The system failed to behave properly. A total stopping distance of 76 feet itself would imply a safe speed under 25 mph (40 km/h). Human intervention was still legally required. Computer perception–reaction time would have been a speed limiting factor had the technology been superior to humans in ambiguous situations; however, the nascent computerized braking technology was disabled the day of the crash, and the machine's apparent 4.7-second perception–reaction (alarm) time allowed the car to travel 250 feet (76 m). Video released by the police on March 21 showed the safety driver was not watching the road moments before the vehicle struck Herzberg. === Environment === In widely disseminated remarks that would shape the narrative about the crash, which were later seen as prejudicial and subsequently contradicted by her own department, Tempe Police Chief Sylvia Moir was quoted stating that the collision was "unavoidable" based on the initial police investigation, which included a review of the video captured by an onboard camera. Moir faulted Herzberg for crossing the road in an unsafe manner: "It is dangerous to cross roadways in the evening hour when well-illuminated, managed crosswalks are available." According to Uber, safety drivers were trained to keep their hands very close to the wheel all the time while driving the vehicle so they were ready to quickly take control if necessary. The driver said it was like a flash, the person walked out in front of them. His [sic] first alert to the collision was the sound of the collision. [...] it's very clear it would have been difficult to avoid this collision in any kind of mode (autonomous or human-driven) based on how she came from the shadows right into the roadway. Tempe police released video on March 21, 2018, showing footage recorded by two onboard cameras: one forward-looking, and one capturing the safety driver's actions. The forward-facing video shows that the self-driving car was traveling in the far right lane when it struck Herzberg. The driver-facing video shows the safety driver was looking down prior to the collision. The Uber operator is responsible for intervening and taking manual control when necessary as well as for monitoring diagnostic messages, which are displayed on a screen in the center console. In an interview conducted after the crash with NTSB, the driver stated she was monitoring the center stack at the time of the collision. After the Uber video was released, journalist Carolyn Said noted the police explanation of Herzberg's path meant she had already crossed two lanes of traffic before she was struck by the autonomous vehicle. The Marquee Theatre and Tempe Town Lake are west of Mill Avenue, and pedestrians commonly cross mid-street without detouring north to the crosswalk at Curry. According to reporting by the Phoenix New Times, Mill Avenue contains what appears to be a brick-paved path in the median between the northbound and southbound lanes; however, posted signs prohibit pedestrians from crossing in that location. When the second of the Mill Avenue bridges over the town lake was added in 1994 for northbound traffic, the X-shaped crossover in the median was installed to accommodate the potential closing of one of the two road bridges. The purpose of this brick-paved structure is purely to divert cars from one side to the other if a bridge is closed to traffic, and although it may look like a crosswalk for pedestrians, it is in fact a temporary roadway with vertical curbs and warning signs. === Software issues === Michael Ramsey, a self-driving car expert with Gartner, characterized the video as showing "a complete failure of the system to recognize an obviously seen person who is visible for quite some distance in the frame. Uber has some serious explaining to do about why this person wasn't seen and why the system didn't engage." The NTSB preliminary report, however, noted that the software did order the car to brake 1.3 seconds before the collision. A video shot from the vehicle's dashboard camera showed the safety driver looking down, away from the road. It also appeared that the driver's hands were not hovering above the steering wheel, which is what drivers are instructed to do so they can quickly retake control of the car. Uber had moved from two employees in every car to one. The paired employees had been splitting duties: one ready to take over if the autonomous system failed, and another to keep an eye on what the computers were detecting. The second person was responsible for keeping track of system performance as well as labeling data on a laptop computer. Mr. Kallman, the Uber spokesman, said the second person was in the car for purely data related tasks, not safety. When Uber moved to a single operator, some employees expressed safety concerns to managers, according to the two people familiar with Uber's operations. They were worried that going solo would make it harder to remain alert during hours of monotonous driving. The recorded telemetry showed the system had detected Herzberg six seconds before the crash, and classified her first as an unknown object, then as a
Argument mining
Argument mining, or argumentation mining, is a research area within the natural language processing field. The goal of argument mining is the automatic extraction and identification of argumentative structures from natural language text with the aid of computer programs. Such argumentative structures include the premise, conclusions, the argument scheme and the relationship between the main and subsidiary argument, or the main and counter-argument within discourse. The Argument Mining workshop series is the main research forum for argument mining related research. == Applications == Argument mining has been applied in many different genres including the qualitative assessment of social media content (e.g. Twitter, Facebook), where it provides a powerful tool for policy-makers and researchers in social and political sciences. Other domains include legal documents, product reviews, scientific articles, online debates, newspaper articles and dialogical domains. Transfer learning approaches have been successfully used to combine the different domains into a domain agnostic argumentation model. Argument mining has been used to provide students individual writing support by accessing and visualizing the argumentation discourse in their texts. The application of argument mining in a user-centered learning tool helped students to improve their argumentation skills significantly compared to traditional argumentation learning applications. == Challenges == Given the wide variety of text genres and the different research perspectives and approaches, it has been difficult to reach a common and objective evaluation scheme. Many annotated data sets have been proposed, with some gaining popularity, but a consensual data set is yet to be found. Annotating argumentative structures is a highly demanding task. There have been successful attempts to delegate such annotation tasks to the crowd but the process still requires a lot of effort and carries significant cost. Initial attempts to bypass this hurdle were made using the weak supervision approach.
Integrated writing environment
An integrated writing environment (IWE) is software that provides comprehensive writing and knowledge management functionality for writers and information workers. IWEs enable writers and information workers to perform a variety of tasks related to the document in the IWE in a single environment. This provides a distraction-free workspace and streamlined writing experience. IWEs provide similar efficiency and functionality benefits to writers and information professionals that integrated development environments (IDEs) provide to software developers. == Overview == IWEs are designed to maximize productivity and help improve the quality of written work by integrating together tools that allow users to work effectively in a single application. The IWE features may include integrated content search, reversion management, outlining, note management, and reference management, as may be suitable for the target field of use. == List of IWEs == Celtx This IWE is intended for screenplay writers and has screenplay writing and management tools. Celtex provides tools for the pre-production work phase, story development, storyboarding, script breakdowns, production scheduling, and reports. Scrivener This IWE targets novel, research paper, and script writing. Scrivener provides tools to organize notes and research documents for easy access and referencing. After completing the writing, Scrivener allows the user to export the document to formats supported by common word processors, such as Microsoft Word. TeXstudio This IWE targets LaTeX documents and provides interactive spelling checker, code folding, and syntax highlighting.
Noise-based logic
Noise-based logic (NBL) is a class of multivalued deterministic logic schemes, developed in the twenty-first century, where the logic values and bits are represented by different realizations of a stochastic process. The concept of noise-based logic and its name was created by Laszlo B. Kish. In its foundation paper it is noted that the idea was inspired by the stochasticity of brain signals and by the unconventional noise-based communication schemes, such as the Kish cypher. == The noise-based logic space and hyperspace == The logic values are represented by multi-dimensional "vectors" (orthogonal functions) and their superposition, where the orthogonal basis vectors are independent noises. By the proper combination (products or set-theoretical products) of basis-noises, which are called noise-bit, a logic hyperspace can be constructed with D(N) = 2N number of dimensions, where N is the number of noise-bits. Thus N noise-bits in a single wire correspond to a system of 2N classical bits that can express 22N different logic values. Independent realizations of a stochastic process of zero mean have zero cross-correlation with each other and with other stochastic processes of zero mean. Thus the basis noise vectors are orthogonal not only to each other but they and all the noise-based logic states (superpositions) are orthogonal also to any background noises in the hardware. Therefore, the noise-based logic concept is robust against background noises, which is a property that can potentially offer a high energy-efficiency. == The types of signals used in noise-based logic == In the paper, where noise-based logic was first introduced, generic stochastic-processes with zero mean were proposed and a system of orthogonal sinusoidal signals were also proposed as a deterministic-signal version of the logic system. The mathematical analysis about statistical errors and signal energy was limited to the cases of Gaussian noises and superpositions as logic signals in the basic logic space and their products and superpositions of their products in the logic hyperspace (see also. In the subsequent brain logic scheme, the logic signals were (similarly to neural signals) unipolar spike sequences generated by a Poisson process, and set-theoretical unifications (superpositions) and intersections (products) of different spike sequences. Later, in the instantaneous noise-based logic schemes and computation works, random telegraph waves (periodic time, bipolar, with fixed absolute value of amplitude) were also utilized as one of the simplest stochastic processes available for NBL. With choosing unit amplitude and symmetric probabilities, the resulting random-telegraph wave has 0.5 probability to be in the +1 or in the −1 state which is held over the whole clock period. == The noise-based logic gates == Noise-based logic gates can be classified according to the method the input identifies the logic value at the input. The first gates analyzed the statistical correlations between the input signal and the reference noises. The advantage of these is the robustness against background noise. The disadvantage is the slow speed and higher hardware complexity. The instantaneous logic gates are fast, they have low complexity but they are not robust against background noises. With either neural spike type signals or with bipolar random-telegraph waves of unity absolute amplitude, and randomness only in the sign of the amplitude offer very simple instantaneous logic gates. Then linear or analog devices unnecessary and the scheme can operate in the digital domain. However, whenever instantaneous logic must be interfaced with classical logic schemes, the interface must use correlator-based logic gates for an error-free signal. == Universality of noise-based logic == All the noise-based logic schemes listed above have been proven universal. The papers typically produce the NOT and the AND gates to prove universality, because having both of them is a satisfactory condition for the universality of a Boolean logic. == Computation by noise-based logic == The string verification work over a slow communication channel shows a powerful computing application where the methods is inherently based on calculating the hash function. The scheme is based on random telegraph waves and it is mentioned in the paper that the authors intuitively conclude that the intelligence of the brain is using similar operations to make a reasonably good decision based on a limited amount of information. The superposition of the first D(N) = 2N integer numbers can be produced with only 2N operations, which the authors call "Achilles ankle operation" in the paper. == Computer chip realization of noise-based logic == Preliminary schemes have already been published to utilize noise-based logic in practical computers. However, it is obvious from these papers that this young field has yet a long way to go before it will be seen in everyday applications.