ActivityPub is a protocol and open standard for decentralized social networking. It provides a client-to-server (C2S) API for creating and modifying content, as well as a federated server-to-server (S2S) protocol for delivering notifications and content to other servers. ActivityPub is the defining standard of the Fediverse, a decentralised social network of various social interaction models, and content types, which consists of independently managed instances of software such as Mastodon, Pixelfed and PeerTube, among others. ActivityPub is considered to be an update to the ActivityPump protocol used in pump.io, and the official W3C repository for ActivityPub is identified as a fork of ActivityPump. The creation of a new standard for decentralized social networking was prompted by the complexity of OStatus, the most commonly used protocol at the time. OStatus was built using a multitude of technologies (such as Atom, Salmon, WebSub and WebFinger), a product of the infrastructure used in GNU social (the originator and largest user of the OStatus protocol), which made it difficult to implement the protocol into new software. OStatus was also only designed to work with microblogging services, with little flexibility to the types of data that it could hold. The standard was first published by the World Wide Web Consortium (W3C) as a W3C Recommendation in January 2018 by the Social Web Working Group (SocialWG), a working group chartered to build the protocols and vocabularies needed to create a standard for social functionality. Shortly after, further development was moved to the Social Web Community Group (SocialCG), the successor to the SocialWG. == Design == ActivityPub uses the ActivityStreams 2.0 format for building its content, which itself uses JSON-LD. The three main data types used in ActivityPub are Objects, Activities and Actors. Objects are the most common data type, and can be images, videos, or more abstract items such as locations or events. Activities are actions that create and modify objects, for example a Create activity creates an object. Actors are representative of an individual, a group, an application or a service, and are the owners of objects. Every actor type contains an inbox and outbox stream, which sends and receives activities for a user. In order to publish data (for example liking an article), a user creates an activity that declares that they liked an Article object and publishes it to their outbox, where it is then delivered by the ActivityPub server via a POST request to the inboxes listed in the activity's to, bto, cc and bcc fields. The receiving servers then account for the newly received activity and update the article by adding the like action to it. === Example data === An example actor object that represents a user account: An example activity that likes an article object: An example article object: == Project status == The SocialCG previously organized a yearly free conference called ActivityPub Conf about the future of ActivityPub. Triages are held regularly to review issues pertaining to the ActivityPub and ActivityStreams 2.0 specifications as part of the SocialCG. In 2023, Germany's Sovereign Tech Fund donated €152,000 to socialweb.coop with the goal of building a new suite for testing various ActivityPub implementations and their compliance with the specification. === Adoption === The initial wave of adoption for ActivityPub (circa 2016–2018) came from software that was already using OStatus as their federation protocol, such as Mastodon, GNU social and Pleroma. Following the acquisition of Twitter by Elon Musk in 2022, many groups of users that were critical of the acquisition migrated to Mastodon, bringing new attention to the ActivityPub protocol with it. Various major social media platforms and corporations have since pledged to implement ActivityPub support, including Tumblr, Flipboard and Meta Platforms' Threads. Threads introduced crossposting to ActivityPub in 2024 for users outside of the European Economic Area, however full 2-way compatibility remains incomplete as of 2025. == Criticism == === Accidental denial-of-service attacks === Poorly optimized ActivityPub implementations can cause unintentional distributed denial-of-service (DDOS) attacks on other websites and servers, due to the decentralized nature of the network. An example would be Mastodon's implementation of OpenGraph link previews, wherein every instance that receives a post that contains a link with OpenGraph metadata will download the associated data, such as a thumbnail, in a very short timeframe, which can slow down or crash servers as a result of the sudden burst of requests. === Account migration === ActivityPub has been criticized for not natively supporting moving accounts from one server to another, forcing implementations to build their own solutions. While there has been work on building a standardized system for migrating accounts using the Move activity via the Fediverse Enhancement Proposal organization, the current proposal only allows for basic follower migration, with all other data remaining linked to the original account. === Missing content and data === ActivityPub implementations have been criticized for missing replies and parts of reply threads from remote posts, and presenting outdated statistics (e.g. likes and reposts) about remote posts. However, this isn't a problem with the ActivityPub protocol itself, but with implementations not refreshing their content for updated data when needed. == Software using ActivityPub == === Future implementations === Flarum, an internet forum software Forgejo, a Git forge and development platform === Uncertain future implementations === GitLab, a Git forge and development platform which had previously had an open issue discussing the topic, but was later closed due to the development team moving focus to other areas. Tumblr, a microblogging platform. Despite previous statements from Automattic CEO Matt Mullenweg, ActivityPub integration has been delayed indefinitely. The integration would have been implemented with its WordPress migration, as the first-party plugin for interoperability would have been used for federation. Flickr, an image and video hosting site.
Differentiable imaging
Differentiable imaging is a method within computational imaging that incorporates differentiable programming to design imaging systems. It treats the entire imaging process - from light passing through optical components to the numerical reconstruction—as a differentiable programming problem. This approach links optical hardware with numerical reconstruction, enabling joint optimization of both parts through differentiable programming. Differentiable imaging additionally extends the scope of computational imaging beyond image reconstruction, such as by aiding in characterization of optical components. == Background == Computational imaging combines optical hardware and computational algorithms to capture and reconstruct information that conventional imaging system cannot. This is achieved from a combination of the imaging system and the software used in the image reconstruction. Since the captured information may not directly show the image of the target, these systems often rely on numerical models that describe how light encodes the target. In practice, such models may deviate from the physical systems due to uncertainties such as noise, misalignments, manufacturing imperfections, environmental variations, etc. These uncertainties can cause a mismatch between the physical system and its numerical model, which may degrade reconstruction quality and limit the effectiveness of the hardware–software co-design. Uncertainty quantification is also studied in other hybrid physical–numerical systems, such as digital twin. While numerical modeling imaging systems date back to the several decades, such as the multislice method in electron microscopy or X-Ray nanotomography, differentiable imaging emphasizes jointly modeling uncertainties and solving inverse problems with image reconstruction simultaneously. Differentiable imaging transforms the traditional encoding model y = f ( x ) {\textstyle y=f(x)} into a more comprehensive formulation y = f ( x , θ ) {\textstyle y=f(x,\theta )} , where θ {\displaystyle \theta } represents a parameter set of mismatches between physical systems and numerical models. The forward model captures the entire imaging pipeline through a series of interconnected component functions: y = f ( x , θ ) , f = f n o i s e ∘ f c ∘ f o c ∘ f x ∘ f o i ∘ f i , {\displaystyle y=f(x,\theta ),\qquad f=f_{noise}\circ f_{c}\circ f_{oc}\circ f_{x}\circ f_{oi}\circ f_{i},} where the function composition operator ∘ {\displaystyle \circ } connects each system component, and θ = { θ c , θ o c , … } {\displaystyle \theta =\{\theta _{c},\theta _{oc},\ldots \}} encompasses uncertainty system parameters. Each component corresponds to specific physical processes within the imaging system, from illumination through object interactions to sensor behavior and noises. This forward model enables the formulation of an inverse problem that simultaneously optimizes system parameters while reconstructing images: x ∗ , θ ∗ = argmin x , θ L ( f ( x , θ ) , y ) + ∑ n = 1 N β n R n ( x ) {\displaystyle x^{},\theta ^{}={\text{argmin}}_{x,\theta }{\mathcal {L}}(f(x,\theta ),y)+\sum _{n=1}^{N}\beta _{n}{\mathcal {R}}_{n}(x)} s . t . x ∈ Ω x , θ ∈ Ω θ {\displaystyle s.t.\quad x\in \Omega _{x},\theta \in \Omega _{\theta }} Here, L ( f ( x , θ ) , y ) {\displaystyle {\mathcal {L}}(f(x,\theta ),y)} represents the fidelity term that quantifies the discrepancy between the model predictions and measured data. The whole process of the y = f ( x , θ ) {\displaystyle y=f(x,\theta )} is constructed as a computer graph based on differentiable programming, and the inverse problem is solved with gradient based algorithm, while the gradient is calculated with automatic differentiation. == Applications == One application of differentiable imaging is uncertainty management, which seeks to quantify and mitigate the impact of factors induce reality-numerical mismatch. Explicitly accounting for uncertainties can improve reconstruction accuracy and system robustness. Examples include: Model-related uncertainties: unknown or unmeasurable variables—for instance, optical system quantities that differ from the design specifications Data and system uncertainties: artifacts introduced during image acquisition, such as low-quality data, noise, or hardware imperfections Manufacturing uncertainties: variability in the production of imaging hardware—such as slight deviations in lens curvature or sensor alignment—that alters the physical system's behavior
Plaintext
In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted. == Overview == With the advent of computing, the term plaintext expanded beyond human-readable documents to mean any data, including binary files, in a form that can be viewed or used without requiring a key or other decryption device. Information—a message, document, file, etc.—if to be communicated or stored in an unencrypted form is referred to as plaintext. Plaintext is used as input to an encryption algorithm; the output is usually termed ciphertext, particularly when the algorithm is a cipher. Codetext is less often used, and almost always only when the algorithm involved is actually a code. Some systems use multiple layers of encryption, with the output of one encryption algorithm becoming "plaintext" input for the next. == Secure handling == Insecure handling of plaintext can introduce weaknesses into a cryptosystem by letting an attacker bypass the cryptography altogether. Plaintext is vulnerable in use and in storage, whether in electronic or paper format. Physical security means the securing of information and its storage media from physical, attack—for instance by someone entering a building to access papers, storage media, or computers. Discarded material, if not disposed of securely, may be a security risk. Even shredded documents and erased magnetic media might be reconstructed with sufficient effort. If plaintext is stored in a computer file, the storage media, the computer and its components, and all backups must be secure. Sensitive data is sometimes processed on computers whose mass storage is removable, in which case physical security of the removed disk is vital. In the case of securing a computer, useful (as opposed to handwaving) security must be physical (e.g., against burglary, brazen removal under cover of supposed repair, installation of covert monitoring devices, etc.), as well as virtual (e.g., operating system modification, illicit network access, Trojan programs). Wide availability of keydrives, which can plug into most modern computers and store large quantities of data, poses another severe security headache. A spy (perhaps posing as a cleaning person) could easily conceal one, and even swallow it if necessary. Discarded computers, disk drives and media are also a potential source of plaintexts. Most operating systems do not actually erase anything— they simply mark the disk space occupied by a deleted file as 'available for use', and remove its entry from the file system directory. The information in a file deleted in this way remains fully present until overwritten at some later time when the operating system reuses the disk space. With even low-end computers commonly sold with many gigabytes of disk space and rising monthly, this 'later time' may be months later, or never. Even overwriting the portion of a disk surface occupied by a deleted file is insufficient in many cases. Peter Gutmann of the University of Auckland wrote a celebrated 1996 paper on the recovery of overwritten information from magnetic disks; areal storage densities have gotten much higher since then, so this sort of recovery is likely to be more difficult than it was when Gutmann wrote. Modern hard drives automatically remap failing sectors, moving data to good sectors. This process makes information on those failing, excluded sectors invisible to the file system and normal applications. Special software, however, can still extract information from them. Some government agencies (e.g., US NSA) require that personnel physically pulverize discarded disk drives and, in some cases, treat them with chemical corrosives. This practice is not widespread outside government, however. Garfinkel and Shelat (2003) analyzed 158 second-hand hard drives they acquired at garage sales and the like, and found that less than 10% had been sufficiently sanitized. The others contained a wide variety of readable personal and confidential information. See data remanence. Physical loss is a serious problem. The US State Department, Department of Defense, and the British Secret Service have all had laptops with secret information, including in plaintext, lost or stolen. Appropriate disk encryption techniques can safeguard data on misappropriated computers or media. On occasion, even when data on host systems is encrypted, media that personnel use to transfer data between systems is plaintext because of poorly designed data policy. For example, in October 2007, HM Revenue and Customs lost CDs that contained the unencrypted records of 25 million child benefit recipients in the United Kingdom. Modern cryptographic systems resist known plaintext or even chosen plaintext attacks, and so may not be entirely compromised when plaintext is lost or stolen. Older systems resisted the effects of plaintext data loss on security with less effective techniques—such as padding and Russian copulation to obscure information in plaintext that could be easily guessed.
Tokenization (data security)
Tokenization, when applied to data security, is the process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token, that has no intrinsic or exploitable meaning or value. The token is a reference (i.e. identifier) that maps back to the sensitive data through a tokenization system. The mapping from original data to a token uses methods that render tokens infeasible to reverse in the absence of the tokenization system, for example using tokens created from random numbers. A one-way cryptographic function is used to convert the original data into tokens, making it difficult to recreate the original data without obtaining entry to the tokenization system's resources. To deliver such services, the system maintains a vault database of tokens that are connected to the corresponding sensitive data. Protecting the system vault is vital to the system, and improved processes must be put in place to offer database integrity and physical security. The tokenization system must be secured and validated using security best practices applicable to sensitive data protection, secure storage, audit, authentication and authorization. The tokenization system provides data processing applications with the authority and interfaces to request tokens, or detokenize back to sensitive data. The security and risk reduction benefits of tokenization require that the tokenization system is logically isolated and segmented from data processing systems and applications that previously processed or stored sensitive data replaced by tokens. Only the tokenization system can tokenize data to create tokens, or detokenize back to redeem sensitive data under strict security controls. The token generation method must be proven to have the property that there is no feasible means through direct attack, cryptanalysis, side channel analysis, token mapping table exposure or brute force techniques to reverse tokens back to live data. Replacing live data with tokens in systems is intended to minimize exposure of sensitive data to those applications, stores, people and processes, reducing risk of compromise or accidental exposure and unauthorized access to sensitive data. Applications can operate using tokens instead of live data, with the exception of a small number of trusted applications explicitly permitted to detokenize when strictly necessary for an approved business purpose. Tokenization systems may be operated in-house within a secure isolated segment of the data center, or as a service from a secure service provider. Tokenization may be used to safeguard sensitive data involving, for example, bank accounts, financial statements, medical records, criminal records, driver's licenses, loan applications, stock trades, voter registrations, and other types of personally identifiable information (PII). Tokenization is often used in credit card processing. The PCI Council defines tokenization as "a process by which the primary account number (PAN) is replaced with a surrogate value called a token. A PAN may be linked to a reference number through the tokenization process. In this case, the merchant simply has to retain the token and a reliable third party controls the relationship and holds the PAN. The token may be created independently of the PAN, or the PAN can be used as part of the data input to the tokenization technique. The communication between the merchant and the third-party supplier must be secure to prevent an attacker from intercepting to gain the PAN and the token. De-tokenization is the reverse process of redeeming a token for its associated PAN value. The security of an individual token relies predominantly on the infeasibility of determining the original PAN knowing only the surrogate value". The choice of tokenization as an alternative to other techniques such as encryption will depend on varying regulatory requirements, interpretation, and acceptance by respective auditing or assessment entities. This is in addition to any technical, architectural or operational constraint that tokenization imposes in practical use. == Concepts and origins == The concept of tokenization, as adopted by the industry today, has existed since the first currency systems emerged centuries ago as a means to reduce risk in handling high value financial instruments by replacing them with surrogate equivalents. In the physical world, coin tokens have a long history of use replacing the financial instrument of minted coins and banknotes. In more recent history, subway tokens and casino chips found adoption for their respective systems to replace physical currency and cash handling risks such as theft. Exonumia and scrip are terms synonymous with such tokens. In the digital world, similar substitution techniques have been used since the 1970s as a means to isolate real data elements from exposure to other data systems. In databases for example, surrogate key values have been used since 1976 to isolate data associated with the internal mechanisms of databases and their external equivalents for a variety of uses in data processing. More recently, these concepts have been extended to consider this isolation tactic to provide a security mechanism for the purposes of data protection. In the payment card industry, tokenization is one means of protecting sensitive cardholder data in order to comply with industry standards and government regulations. Tokenization was applied to payment card data by Shift4 Corporation and released to the public during an industry Security Summit in Las Vegas, Nevada in 2005. The technology is meant to prevent the theft of the credit card information in storage. Shift4 defines tokenization as: "The concept of using a non-decryptable piece of data to represent, by reference, sensitive or secret data. In payment card industry (PCI) context, tokens are used to reference cardholder data that is managed in a tokenization system, application or off-site secure facility." To protect data over its full lifecycle, tokenization is often combined with end-to-end encryption to secure data in transit to the tokenization system or service, with a token replacing the original data on return. For example, to avoid the risks of malware stealing data from low-trust systems such as point of sale (POS) systems, as in the Target breach of 2013, cardholder data encryption must take place prior to card data entering the POS and not after. Encryption takes place within the confines of a security hardened and validated card reading device and data remains encrypted until received by the processing host, an approach pioneered by Heartland Payment Systems as a means to secure payment data from advanced threats, now widely adopted by industry payment processing companies and technology companies. The PCI Council has also specified end-to-end encryption (certified point-to-point encryption—P2PE) for various service implementations in various PCI Council Point-to-point Encryption documents. == The tokenization process == The process of tokenization consists of the following steps: The application sends the tokenization data and authentication information to the tokenization system. It is stopped if authentication fails and the data is delivered to an event management system. As a result, administrators can discover problems and effectively manage the system. The system moves on to the next phase if authentication is successful. Using one-way cryptographic or random generation techniques, a token is generated and kept in a highly secure data vault. The new token is provided to the application for further use, replacing the sensitive data for processing and storage. Tokenization systems share several components according to established standards. Token generation is the process of producing a token using any means, such as one-way nonreversible cryptographic functions (e.g., a hash function with a strong, secret salt) or assignment via a randomly generated number. Random number generator (RNG) techniques are often the best choice for generating token values. Token mapping – this is the process of assigning the created token value to its original value. To enable permitted look-ups of the original value using the token as the index, a secure cross-reference database must be constructed. Token data store – this is a central repository for the token mapping process that holds the original sensitive values and their related token values. Sensitive data and token values must be securely kept in an encrypted format. Management of cryptographic keys. Strong key management procedures are required for sensitive data encryption on token data stores. == Difference from encryption == Tokenization and "classic" encryption effectively protect data if implemented properly, and a computer security system may use both. While similar in certain regards, tokenization and classic encryption differ in a few key aspects. Both are cryptographic data security methods and the
Memory-hard function
In cryptography, a memory-hard function (MHF) is a function that costs a significant amount of memory to efficiently evaluate. It differs from a memory-bound function, which incurs cost by slowing down computation through memory latency. MHFs have found use in key stretching and proof of work as their increased memory requirements significantly reduce the computational efficiency advantage of custom hardware over general-purpose hardware compared to non-MHFs. == Introduction == MHFs are designed to consume large amounts of memory on a computer in order to reduce the effectiveness of parallel computing. In order to evaluate the function using less memory, a significant time penalty is incurred. As each MHF computation requires a large amount of memory, the number of function computations that can occur simultaneously is limited by the amount of available memory. This reduces the efficiency of specialised hardware, such as application-specific integrated circuits and graphics processing units, which utilise parallelisation, in computing a MHF for a large number of inputs, such as when brute-forcing password hashes or mining cryptocurrency. == Motivation and examples == Bitcoin's proof-of-work uses repeated evaluation of the SHA-256 function, but modern general-purpose processors, such as off-the-shelf CPUs, are inefficient when computing a fixed function many times over. Specialized hardware, such as application-specific integrated circuits (ASICs) designed for Bitcoin mining, can use 30,000 times less energy per hash than x86 CPUs whilst having much greater hash rates. This led to concerns about the centralization of mining for Bitcoin and other cryptocurrencies. Because of this inequality between miners using ASICs and miners using CPUs or off-the shelf hardware, designers of later proof-of-work systems utilised hash functions for which it was difficult to construct ASICs that could evaluate the hash function significantly faster than a CPU. As memory cost is platform-independent, MHFs have found use in cryptocurrency mining, such as for Litecoin, which uses scrypt as its hash function. They are also useful in password hashing because they significantly increase the cost of trying many possible passwords against a leaked database of hashed passwords without significantly increasing the computation time for legitimate users. == Measuring memory hardness == There are various ways to measure the memory hardness of a function. One commonly seen measure is cumulative memory complexity (CMC). In a parallel model, CMC is the sum of the memory required to compute a function over every time step of the computation. Other viable measures include integrating memory usage against time and measuring memory bandwidth consumption on a memory bus. Functions requiring high memory bandwidth are sometimes referred to as "bandwidth-hard functions". == Variants == MHFs can be categorized into two different groups based on their evaluation patterns: data-dependent memory-hard functions (dMHF) and data-independent memory-hard functions (iMHF). As opposed to iMHFs, the memory access pattern of a dMHF depends on the function input, such as the password provided to a key derivation function. Examples of dMHFs are scrypt and Argon2d, while examples of iMHFs are Argon2i and catena. Many of these MHFs have been designed to be used as password hashing functions because of their memory hardness. A notable problem with dMHFs is that they are prone to side-channel attacks such as cache timing. This has resulted in a preference for using iMHFs when hashing passwords. However, iMHFs have been mathematically proven to have weaker memory hardness properties than dMHFs.
Mooky (app)
Mooky was a location-based social and dating application, designed to help its users to find the perfect match by providing a large scale of filters. Mooky was free of charge. The app made use of mobile devices' geolocation, a feature of smart phones and other devices which allows users to locate other users who are nearby. == History == Mooky was published on Google Play on April 17, 2016, by Mooky BV. The latest version of this application was version 1.0.6. == Overview == === How it works === Mooky used Facebook to build a user profile with photos and basic information, like the user's surname and age. From there on the user had to fill in their Mooky profile, which contains information about the user's height, posture, hair color, eye color, ethnicity and religion. After this the user could select its preferences to find matches nearby. === User verification === Mooky asked their users to take a selfie holding a piece of paper saying 'Mooky'. Mooky would then manually accept or decline the user verification.
Talim (textiles)
Talim (Kashmiri: تعليم, Kashmiri pronunciation: [t̪əːliːm], Urdu: تَعْلِیم, Arabic: تعليم, pronounced [taʕ.liːm] ) in textiles is a symbolic code and system of notation that facilitates the creation of intricate patterns in fabrics, such as shawls and carpets, and the written coded plans that include colour schemes and weaving instructions. The term is used in traditional hand-weaving in the Indian subcontinent. Talim was initially used to create certain types of patterns in Kashmiri shawls, and later came to be applied in the production of carpets. == Etymology and origin == The term talim, which refers to a symbolic code and system of notation used by shawl and carpet artisans in their weaving processes, came to the Urdu language from the Arabic noun taʻlim (تعليم), which means "authoritative instruction", "teaching", or "edification". It means the same in Urdu and Kashmiri. The Arabic noun originated from the second form of the Arabic root verb ʻalima (علم), which means "to know". According to a local belief in Kashmir, talim was introduced to them by Persian scholar and Sufi Muslim saint Mir Sayyid Ali Hamadani. The belief notwithstanding, talim might have originated from Kashmir; Amritsar was the only place outside of Srinagar where talim was used, by migrated Kashmiri artisans. == Technique == Whereas carpets are generally woven horizontally, providing weavers with a clear view of the progress they are making in creating designs, in Kashmir, carpets are woven vertically, so the weaver is reliant on the talim. The talim technique forms fabrics by passing the weft thread as per a given script that has design codes. Weavers use talim to weave the desired pattern with planned colours. Talim involves teamwork when applying the technique, as the process of creating intricate fabric designs in weaving begins with the Naqash (designer, who designs using pencils on graphs) meticulously crafting the design on a blank sheet of paper called a naska, and the master, Talim guru, making the colour codes and symbols for weft yarns that would interlace the warp to construct the desired design. He writes on a long strip of paper, in specific symbols, the colour codes, and the number of knots to be woven with each colour. Taraha guru collaborates with talim guru and is known as the artisan responsible for determining the colours. Talim uthana is a process or the act of "picking the codes" from the graph. A clerk called the Talim Navis would record the step-by-step instructions for these numbers and colours, and thousands of low-paid and interchangeable weavers would read or recite the record to carry out the design. Afterward, a talim copyist makes copies, which are needed when multiple looms weave the same product. The script, which has been encoded, is deciphered and translated according to the specific guidelines of weavers in order to incorporate the design that is included within it. Talim has been compared to "hieroglyphics" or as a "notational-cum-cryptographic system", as it is challenging to decipher and is unique to the shawls of Kashmir, which requires expertise to comprehend. According to researcher Gagan Deep Kaur, "The talim is widely held to be a trade secret of the community and has always been fiercely guarded by the owners." Those who use talim for shawl-making do not assign important tasks to women, because of the fear that the technique and knowledge may be divulged to other communities when the women are sent there to be married. The coded cards known as talim in the Kashmiri language were used for creating certain types of patterns in shawl weaving. The talim technique is employed in the creation of kani shawls, which originated from the Kanihama region of the Kashmir valley. Carpet weaving adapted the technique from shawl making. When Kashmiri artisans started to create carpets, they chose to continue using the talim rather than switching to a different method. The resurgence of the carpet industry in Amritsar during the last century resulted in the prevalent use of the talim technique among the local weavers, a majority of whom hailed from the region of Kashmir. === Recitation of codes === Talim was also communicated through recitation accompanied by a melodic chant or song. In traditional weaving practices, the use of chanting was common. The movement of the shuttles was synchronised with the song of the weaver, adding a musical rhythm to the instructions represented through hieroglyphics. The weaver's chant, "Two blue, one red, three yellow, two blue," served as a guide as they wove and replicated the designated pattern. == Usage == The first factories established in Amritsar around 1860 utilised Bokhara designs. However, Kashmiri weavers maintained their traditional techniques and employed the talim, instead of a cartoon, for tying knots. As a result, Amritsar became the second location in the Indian subcontinent to use the talim. The traditional weaving practices are still carried out in some parts of the Indian subcontinent. The exact date when talim was last used in the subcontinent varies depending on the region and the specific weaving community. Indian textile historian Jasleen Dhamija wrote in her 1989 book Handwoven Fabrics of India that there were still some weavers in the Kashmiri village of Kanihama who applied talim in weaving shawls. As of 2022, the carpet weavers in Kashmir were the only remaining users of talim in carpets, according to Zubair Ahmed, director of the Indian Institute of Carpet Technology. The institute aims to preserve traditional Kashmiri carpet designs by digitising talim and training weavers in the technique. == Gallery ==