AI Assistant Card

AI Assistant Card — independent reviews, comparisons, pricing and step-by-step guides on Aizhi.

Inpainting

Inpainting is a conservation process where damaged, deteriorated, or missing parts of an artwork are filled in to present a complete image. This process is commonly used in image restoration. It can be applied to both physical and digital art mediums such as oil or acrylic paintings, chemical photographic prints, sculptures, or digital images and video. With its roots in physical artwork, such as painting and sculpture, traditional inpainting is performed by a trained art conservator who has carefully studied the artwork to determine the mediums and techniques used in the piece, potential risks of treatments, and ethical appropriateness of treatment. == History == The modern use of inpainting can be traced back to Pietro Edwards (1744–1821), Director of the Restoration of the Public Pictures in Venice, Italy. Using a scientific approach, Edwards focused his restoration efforts on the intentions of the artist. It was during the 1930 International Conference for the Study of Scientific Methods for the Examination and Preservation of Works of Art, that the modern approach to inpainting was established. Helmut Ruhemann (1891–1973), a German restorer and conservator, led the discussions on the use of inpainting in conservation. Helmut Ruhemann was a leading figure in modernizing restoration and conservation. His greatest contribution to the field of conservation "was his insistence on following the methods of the original painter exactly, and on understanding the painter's artistic intention". After his career of over 40 years as a conservator, Ruhemann published his treatise The Cleaning of Paintings: Problems & Potentialities in 1968. In describing his method, Ruhemann states that "The surface [of the fill] should be slightly lower than that of the surrounding paint to allow for the thickness of the inpainting...Inpainting medium should look and behave like the original medium, but must not darken with age." Cesare Brandi (1906–1988) developed the teoria del restauro, the inpainting approach combining aesthetics and psychology. However, this approach was used primarily by Italian restorers and conservators, with the terminology becoming widespread in the 1990s. Technological advancements led to new applications of inpainting. Widespread use of digital techniques range from entirely automatic computerized inpainting to tools used to simulate the process manually. Since the mid-1990s, the process of inpainting has evolved to include digital media. More commonly known as image or video interpolation, a form of estimation, digital inpainting includes the use of computer software that relies on sophisticated algorithms to replace lost or corrupted parts of the image data. == Ethics == In order to preserve the integrity of an original artwork, any inpainting technique or treatment applied to physical or digital work should be reversible or distinguishable from the original content of the artwork. Prior to any treatments, conservators proceed according to the American Institute of Conservation of Historical and Artistic Works. There are several ethic considerations before Inpainting can be justified. Various deliberation decisions over the ethical appropriateness of the amount and type of inpainting done, resides on many factors. As most conservation treatments, inpainting's ethical questions rest mainly with authenticity, reversibility and documentation.Any intervention to compensate for loss should be documented in treatment records and reports and should be detectable by common examination methods. Such compensation should be reversible and should not falsely modify the known aesthetic, conceptual, and physical characteristics of the cultural property, especially by removing or obscuring original material.New technologies and the aesthetic demand for perfect images without imperfections challenge conservators' ethical practices to protect the integrity of originals. == Methods == Inpainting methods and techniques depend on the desired goal and type of image being treated. Treatments to fill in the gaps are different between physical and digital art. In inpainting, detailed records of the initial state of the images can help with the treatment and replicate the original closer. === Physical inpainting === Inpainting is rooted in the conservation and restoration of paintings. Inpainting can aim to make a visual improvement to the artwork as a whole by repairing missing or damaged parts using methods and materials equivalent to the original artist's work. ==== Application techniques ==== By studying the painting methods of various artists and the composition of paints used historically, conservators are able to restore works very closely to their original visual appearance. The picture as a whole determines how to fill in the gap. Helmut Ruhemann's inpainting techniques by Jessell have procedures to "preserve" the quality of oil and tempera paintings. === Digital inpainting === Many programs are able to reconstruct missing or damaged areas of digital photographs and videos. Most widely known for use with digital images is Adobe Photoshop. Given the various abilities of the digital camera and the digitization of old photos, inpainting has become an automatic process that can be performed on digital images. The inpainting techniques can be applied to object removal, text removal, and other automatic modifications of images and videos. In video special effects, inpainting is usually performed after video matting. They can also be observed in applications like image compression and super-resolution. In photography and cinema, it is used for film restoration to reverse, repair, or mitigate deterioration (e.g., physical damage such as cracks in photographs, scratches and dust spots in film, or chemical damage resulting in image loss; performed infrared cleaning). It can also be used for removing red-eye, the stamped date from photographs, and objects for creative effect. This technique can be used to replace any lost blocks in the coding and transmission of images, for example, in a streaming video. It can also be used to remove logos or watermarks in videos. Deep learning neural network-based inpainting can be used for decensoring images. Deep image prior-based techniques can be used for digital image inpainting, where a trained deep learning model is either unavailable or infeasible. Deep models for visual content generation, like text-to-image or text-to-video, learn complex priors over the distribution of visual content, and can be used to inpaint missing parts. For example, videos can be separated into layers, using a technique called omnimatte, which either pretrain an omnimatte model or without any training using an omnimatte-zero model. Three main groups of 2D image-inpainting algorithms can be found in the literature. The first one to be noted is structural (or geometric) inpainting, the second one is texture inpainting, the last one is a combination of these two techniques. They use the information of the known or non-destroyed image areas in order to fill the gap, similar to how physical images are restored. ==== Structural ==== Structural or geometric inpainting is used for smooth images that have strong, defined borders. There are many different approaches to geometric inpainting, but they all come from the idea that geometry can be recovered from similar areas or domains. Bertalmio proposed a method of structural inpainting that mimics how conservators address painting restoration. Bertalmio proposed that by progressively transferring similar information from the borders of an inpainting domain inwards, the gap can be filled. ==== Textural ==== While structural/geometric inpainting works to repair smooth images, textural inpainting works best with images that are heavily textured. Texture has a repetitive pattern which means that a missing portion cannot be restored by continuing the level lines into the gap; level lines provide a complete, stable representation of an image. To repair texture in an image, one can combine frequency and spatial domain information to fill in a selected area with a desired texture. This method, while the most simple and very effective, works well when selecting a texture to be in-painted. For a texture that covers a wider area or a larger frame one would have to go through the image segmenting the areas to be in-painted and selecting the corresponding textures from throughout the image; there are programs that can help find the corresponding areas that work in a similar way as 'find and replace' works in a word processor. ==== Combined structural and textural ==== Combined structural and textural inpainting approaches simultaneously try to perform texture- and structure-filling in regions of missing image information. Most parts of an image consist of texture and structure and the boundaries between image regions contain a large amount of structural information. This is the result when blending differ
Read more →
PGP word list

The PGP Word List ("Pretty Good Privacy word list", also called a biometric word list for reasons explained below) is a list of words for conveying data bytes in a clear unambiguous way via a voice channel. They are analogous in purpose to the NATO phonetic alphabet, except that a longer list of words is used, each word corresponding to one of the 256 distinct numeric byte values. == History and structure == The PGP Word List was designed in 1995 by Patrick Juola, a computational linguist, and Philip Zimmermann, creator of PGP. The words were carefully chosen for their phonetic distinctiveness, using genetic algorithms to select lists of words that had optimum separations in phoneme space. The candidate word lists were randomly drawn from Grady Ward's Moby Pronunciator list as raw material for the search, successively refined by the genetic algorithms. The automated search converged to an optimized solution in about 40 hours on a DEC Alpha, a particularly fast machine in that era. The Zimmermann–Juola list was originally designed to be used in PGPfone, a secure VoIP application, to allow the two parties to verbally compare a short authentication string to detect a man-in-the-middle attack (MiTM). It was called a biometric word list because the authentication depended on the two human users recognizing each other's distinct voices as they read and compared the words over the voice channel, binding the identity of the speaker with the words, which helped protect against the MiTM attack. The list can be used in many other situations where a biometric binding of identity is not needed, so calling it a biometric word list may be imprecise. Later, it was used in PGP to compare and verify PGP public key fingerprints over a voice channel. This is known in PGP applications as the "biometric" representation. When it was applied to PGP, the list of words was further refined, with contributions by Jon Callas. More recently, it has been used in Zfone and the ZRTP protocol, the successor to PGPfone. The list is actually composed of two lists, each containing 256 phonetically distinct words, in which each word represents a different byte value between 0 and 255. Two lists are used because reading aloud long random sequences of human words usually risks three kinds of errors: 1) transposition of two consecutive words, 2) duplicate words, or 3) omitted words. To detect all three kinds of errors, the two lists are used alternately for the even-offset bytes and the odd-offset bytes in the byte sequence. Each byte value is actually represented by two different words, depending on whether that byte appears at an odd or an even offset from the beginning of the byte sequence. The two lists are readily distinguished by the number of syllables; the odd list has words of three syllables, the even list has two. The two lists have a maximum word length of 11 and 9 letters, respectively. Using a two-list scheme was suggested by Zhahai Stewart. == Examples == Each byte in a bytestring is encoded as a single word. A sequence of bytes is rendered in network byte order, from left to right. For example, the leftmost (i.e. byte 0) is considered "even" and is encoded using the PGP Even Word table. The next byte to the right (i.e. byte 1) is considered "odd" and is encoded using the PGP Odd Word table. This process repeats until all bytes are encoded. Thus, "E582" produces "topmost Istanbul", whereas "82E5" produces "miser travesty". A PGP public key fingerprint that displayed in hexadecimal as E582 94F2 E9A2 2748 6E8B 061B 31CC 528F D7FA 3F19 would display in PGP Words (the "biometric" fingerprint) as topmost Istanbul Pluto vagabond treadmill Pacific brackish dictator goldfish Medusa afflict bravado chatter revolver Dupont midsummer stopwatch whimsical cowbell bottomless The order of bytes in a bytestring depends on endianness. == Other word lists for data == There are several other word lists for conveying data in a clear unambiguous way via a voice channel: the NATO phonetic alphabet maps individual letters and digits to individual words the S/KEY system maps 64 bit numbers to 6 short words of 1 to 4 characters each from a publicly accessible 2048-word dictionary. The same dictionary is used in RFC 1760 and RFC 2289. the Diceware system maps five base-6 random digits (almost 13 bits of entropy) to a word from a dictionary of 7,776 distinct words. the Electronic Frontier Foundation has published a set of improved word lists based on the same concept FIPS 181: Automated Password Generator converts random numbers into somewhat pronounceable "words". mnemonic encoding converts 32 bits of data into 3 words from a vocabulary of 1626 words. what3words encodes geographic coordinates in 3 dictionary words. the BIP39 standard permits encoding a cryptographic key of fixed size (128 or 256 bits, usually the unencrypted master key of a Cryptocurrency wallet) into a short sequence of readable words known as the seed phrase, for the purpose of storing the key offline. This is used in cryptocurrencies such as Bitcoin or Monero. Like the PGP word list, the Bytewords standard maps each possible byte to a word. There is only one list, rather than two. The words are uniformly four letters long and can be uniquely identified by their first and last letters
Read more →
IEBus

IEBus (Inter Equipment Bus) is a communication bus specification "between equipments within a vehicle or a chassis" of Renesas Electronics. It defines OSI model layer 1 and layer 2 specification. IEBus is mainly used for car audio and car navigations, which established de facto standard in Japan, though SAE J1850 is major in United States. IEBus is also used in some vending machines, which major customer is Fuji Electric. Each button on the vending machine has an IEBus ID, i.e. has a controller. Detailed specification is disclosed to licensees only, but protocol analyzers are provided from some test equipment vendors. Its modulation method is PWM (Pulse-Width Modulation) with 6.00 MHz base clock originally, but most of automotive customers use 6.291 MHz, and physical layer is a pair of differential signalling harness. Its physical layer adopts half-duplex, asynchronous, and multi-master communication with carrier-sense multiple access with collision detection (CSMA/CD) for medium access control. It allows for up to fifty units on one bus over a maximum length of 150 meters. Two differential signalling lines are used with Bus+ / Bus− naming, sometimes labeled as Data(+) / Data(−). It is sometimes described as "IE-BUS", "IE-Bus," or "IE Bus," but these are incorrect. In formal, it is "IEBus." IEBus® and Inter Equipment Bus® are registered trademark symbols of Renesas Electronics Corporation, formerly NEC Electronics Corporation, (JPO: Reg. No.2552418 and 2552419, respectively). == History == In the middle of '80s, semiconductor unit of NEC Corporation, currently Renesas Electronics, started the study for increasing demands for automotive audio systems. IEBus is introduced as a solution for the distributed control system. In the late 1980s, several similar specifications, including the Domestic Digital Bus (D2B), the Japanese Home Bus (HBS), and the European Home System (EHS) are proposed by different companies or organizations. These were once discussed as IEC 61030, but it was withdrawn in 2006. IEBus is also a similar specification (refer to "Transfer signal format" section), but not listed in these criteria. As the result, IEBus becomes a de facto standard of car audio in Japan. Regarding the Domestic Digital Bus (D2B), it is re-defined as D2B Optical by Mercedes-Benz independently. As for Japanese Home Bus System (HBS), it is defined in 1988 as Home Bus System Standard Specification, ET-2101 by JEITA and REEA (Radio Engineering & Electronics Assiation) in Japan. It is being used by several Japanese air conditioner manufacturers (for example, M-Net from Mitsubishi and the P1/P2 or F1/F2 bus from Daikin). Fujitsu provided HBPC (Home Bus Protocol Controller) chip as MB86046B. But it is unclear whether Fujitsu (currently, Cypress) still manufactures this HBPC LSI as of 2018. Mitsumi Electric provides the MM1007 and MM1192 driver ICs for HBS. The HBS specification is also discussed in the Echonet Consortium. In 2014, a utility model patent for protocol converter from HBS to RS-485 is granted in China as "CN204006496U." Regarding the replacement of IEBus, a paper by Hyundai Autonet, currently Hyundai Mobis, describes as follows. "In communication methods for digital input capable amplifiers, Inter Equipment Bus (IEBus) was used in early times, but for now, Controller Area Network (CAN) is mainly used." == Protocol overview == A master talks to a slave. Each unit has a master and a slave address register. Only one device can talk on the bus at any given time. There is a pecking order for the types of communications which will take precedence over another. Each communication from master to slave must be replied to by the slave going back to the master with acknowledge bits each of those show ACK or NAK. If the master does not receive the ACK within a predefined time allowance for a mode, it drops the communication and returns to its standby (listen) mode. Detailed specification of OSI model layer 2 is disclosed to licensees only, but protocol analyzers are provided from some test equipment vendors. In 2012, one of Chinese manufacturer's patent is granted as "CN202841169U". An open-source software emulator called "IEBus Studio" exists on a repository of SourceForge, but the last update was on 2008-02-24. Another open-source analyzer software called "IEBusAnalyzer" is available on GitHub repository. Some hobbyist made some tools also. === Physical layer (OSI model layer 1) specification overview === From μPD6708 data sheet. and μPD78098B Subseries user's manual, hardware. Communication system Half-duplex asynchronous communication Multi-master system All the units connected to the IEBus can transfer data to the other units. Broadcast communication function (communication between one unit and multiple units) Normally, communication is individually carried out from one unit to another. By using the broadcast communication function, however, communication can be executed from one unit to plural units as follows: Group broadcast communication: Broadcast communication to group units Simultaneous broadcast communication: Broadcast communication to all units Effective transmission rate The effective transmission rate can be selected from the following three communication modes: Mixture of the plural of modes in the same bus line is not allowed. Correct communication between different base clock is not possible. Access control CSMA/CD (Carrier Sense Multiple Access with Collision Detection) The priority of occupying IEBus is as follows: «1» Broadcast communication takes precedence over individual communication. «2» The lower the master address, the higher the priority. Communication scale Number of units: 50 MAX. Cable length: 150 m MAX. (when a twisted pair cable is used) Load capacity: MAX. 8000 pF; between Bus+ and Bus−, (6.000000 MHz base clock) MAX. 7100 pF; between Bus+ and Bus−, (6.291456 MHz base clock) Terminating resistor: 120 Ω Logic level Logic 1: Low level. Voltage difference between Bus+ and Bus− is under 20mV Logic 0: High Level. Voltage difference between Bus+ and Bus− is over 120mV In-phase input voltage high: Bus+ ≤ (VDD-1.0) V, Bus− ≥ 1.0 V === Transfer signal format === From μPD6708 data sheet. and μPD78098B Subseries user's manual, hardware. This frame format is much similar to that of Domestic Digital Bus (D2B). All fields are MSB first. ==== Functions of Control bits ==== === Bit format === Each IEBus bit consists of four periods. Preparation period: The first or subsequent low-level (logic "1") period Synchronization period: Next high-level (logic "0") period Data period: Period indicating value of bit; ether low-level (logic "1") or high-level (logic "0") Stop period: The last low-level (logic "1") period Synchronization is done by each bit. Time lengths of the synchronization period and data period are almost the same. The time of the entire bits' and each bit's specification, related to the time of each period allocated to it, differ depending both on the type of the transmit bit and on whether the unit is the master or a slave unit. == Automotive manufacturers using IEBus == Each manufacturer has its own name, but it is not an alias of IEBus. Those are specifications of wire harness which comprise control cables based on IEBus, OSI model layer 3 and above communication protocol, audio cables, interconnection couplers, and so on. === Pioneer === Pioneer Corporation employed IEBus for its original branded car audio in early '90s. In its earlier stage, it was used just for control bus between the head unit in dashboard and the CD changer usually placed in trunk room. Nowadays, the specification includes connection between head units, navigation systems, rear speaker systems, and so on. IP-Bus: Wire harness specification. === Toyota === Pioneer Corporation pushed Toyota Motor Corporation to adopt IEBus as the genuine parts. In 1994, Toyota decided to employ IEBus for its genuine specification, but it is slightly different from that of Pioneer. It is named as AVC-LAN. AVC-LAN: Wire harness specification, based on mode 2. === Honda/Acura === Pioneer Corporation also pushed Honda Motor. Honda also decided to adopt IEBus as its genuine parts specification just after Toyota do so. GA-NET II: Wire harness specification. Honda Music Link: Honda genuine gadget to connect Apple Inc. products. A hobbyist made touch screen controller on Acura TSX for a Car PC installed in the trunk. === Sirius XM Satellite Radio === Sirius XM Satellite Radio is a satellite broadcasting radio operator in US. Its digital media receiver equipment utilizes IEBus. == Evaluation boards == === SAKURA board === GR-SAKUKRA board and GR-SAKURA-FULL board are Renesas official promotion boards of RX63N chip, which enables IEBus mode 0 and 1, but not mode 2, i.e. not available for Toyota AVC-LAN. They are an Arduino pin compatible low-price ones, suitable for hobbyists. Their color of printed circuit board is SAKURA in Japanese, which means cherry blossom. To e
Read more →
Unknown key-share attack

As defined by Blake-Wilson & Menezes (1999), an unknown key-share (UKS) attack on an authenticated key agreement (AK) or authenticated key agreement with key confirmation (AKC) protocol is an attack whereby an entity A {\displaystyle A} ends up believing she shares a key with B {\displaystyle B} , and although this is in fact the case, B {\displaystyle B} mistakenly believes the key is instead shared with an entity E ≠ A {\displaystyle E\neq A} . In other words, in a UKS, an opponent, say Eve, coerces honest parties Alice and Bob into establishing a secret key where at least one of Alice and Bob does not know that the secret key is shared with the other. For example, Eve may coerce Bob into believing he shares the key with Eve, while he actually shares the key with Alice. The “key share” with Alice is thus unknown to Bob.
Read more →
Kuki AI

Kuki is an embodied AI bot designed for usage in the metaverse. Formerly known as Mitsuku, Kuki is a chatbot created from the Pandorabots framework. The bot has won the Loebner Prize 5 times. == Features == Kuki claims to be an 18-year-old female chatbot from the Metaverse, and the developers have stated she has been worked on since 2005. Early work by one of the company's co-founders inspired the Spike Jonze movie Her. As of 2015, she conversed, on average, in excess of a quarter of a million times daily, and it was estimated 5 million unique users had interacted with her between 2016 and 2020. == Virtual talent, model, and influencer == Kuki has appeared as a Virtual Model in Vogue Business and at Crypto Fashion Week where she modelled NFTs and spoke about the future of digital fashion. In 2021, Kuki modelled five digital looks from emerging Vogue Talents designers for Italian Vogue, that sold out as NFTs in under an hour. Kuki has also modeled for H&M on Instagram in a digital campaign that resulted in an "11x increase in ad recall" per a case study by Meta. == Awards == As of 2019, Kuki had been awarded the Loebner Prize five times, more than any other entrant. In 2020, Kuki competed against Facebook AI's Blenderbot in a 24/7 verbal sparring match called "Bot Battle", winning 79% of the audience vote.
Read more →
Content management

Content management (CM) are a set of processes and technologies that support the collection, managing, and publishing of information in any form or medium. When stored and accessed via computers, this information may be more specifically referred to as digital content, or simply as content. Digital content may take the form of text (such as electronic documents), images, multimedia files (such as audio or video files), or any other file type that follows a content lifecycle requiring management. The process of content development and management is complex enough that various commercial software vendors (large and small), such as Interwoven and Microsoft, offer content management software to control and automate significant aspects of the content lifecycle. == Process == Content management practices and goals vary by mission and by organizational governance structure. News organizations, e-commerce websites, and educational institutions all use content management, but in different ways. This leads to differences in terminology and in the names and number of steps in the process. For example, some digital content is created by one or more authors. Over time that content may be edited. One or more individuals may provide some editorial oversight, approving the content for publication. Publishing may take many forms: it may be the act of "pushing" content out to others, or simply granting digital access rights to certain content to one or more individuals. Later that content may be superseded by another version of the content and thus retired or removed from use (as when this wiki page is modified). Content management is an inherently collaborative process. It often consists of the following basic roles and responsibilities: Creator – responsible for creating and editing content. Editor – responsible for tuning the content message and the style of delivery, including translation and localization. Publisher – responsible for releasing the content for use. Administrator – responsible for managing access permissions to folders, collections and files, usually accomplished by assigning access rights to user groups or roles. Admins may also assist and support users in various ways. Consumer, viewer or guest – the person who reads or otherwise consumes the content after it is published or shared. A critical aspect of content management is the ability to manage versions of content as it evolves (see also version control). Authors and editors often need to restore older versions of edited products due to a process failure or an undesirable series of edits. Time-sensitive content may also require updates as the subject matter evolves over time. Another equally important aspect of content management involves the creation, maintenance, and application of review standards. Each member of the content creation and review process has a unique role and set of responsibilities in the development or publication of the content. Each review team member requires clear and concise review standards. These must be maintained on an ongoing basis to ensure the long-term consistency and health of the knowledge base. A content management system is a set of automated processes that may support the following features: Import and creation of documents and multimedia material Identification of all key users and their roles The ability to assign roles and responsibilities to different instances of content categories or types Definition of workflow tasks often coupled with messaging so that content managers are alerted to changes in content The ability to track and manage multiple versions of a single instance of content The ability to publish the content to a repository to support access The ability to personalize content based on a set of rules Increasingly, the repository is an inherent part of the system, and incorporates enterprise search and retrieval. Content management systems take the following forms: Web content management system—software for web site management (often what content management implicitly means) Output of a newspaper editorial staff organization Workflow for article publication Document management systems Knowledge management software Single source content management system—content stored in chunks within a relational database Variant management system—where personnel tag source content (usually text and graphics) to represent variants stored as single source "master" content modules, resolved to the desired variant at publication (for example: automobile owners manual content for 12 model years stored as single master content files and "called" by model year as needed)—often used in concert with database chunk storage (see above) for large content objects == Governance structures == Content management expert Marc Feldman defines three primary content management governance structures: localized, centralized, and federated—each having its unique strengths and weaknesses. === Localized governance === By putting control in the hands of those closest to the content, the context experts, localized governance models empower and unleash creativity. These benefits come, however, at the cost of a partial-to-total loss of managerial control and oversight. === Centralized governance === When the levers of control are strongly centralized, content management systems are capable of delivering an exceptionally clear and unified brand message. Moreover, centralized content management governance structures allow for a large number of cost-savings opportunities in large enterprises, realized, for example, through (1) the avoidance of duplicated efforts in creating, editing, formatting, repurposing and archiving content; (2) process management and the streamlining of all content related labor; and/or (3) an orderly deployment or updating of the content management system. === Federated governance === Federated governance models potentially realize the benefits of both localized and centralized control while avoiding the weaknesses of both. While content management software systems are inherently structured to enable federated governance models, realizing these benefits can be difficult because it requires, for example, negotiating the boundaries of control with local managers and content creators. In the case of larger enterprises, in particular, the failure to fully implement or realize a federated governance structure equates to a failure to realize the full return on investment and cost savings that content management systems enable. == Implementation == Content management implementations must be able to manage content distributions and digital rights in content life cycle. Content management systems are usually involved with digital rights management in order to control user access and digital rights. In this step, the read-only structures of digital rights management systems force some limitations on content management, as they do not allow authors to change protected content in their life cycle. Creating new content using managed (protected) content is also an issue that gets protected contents out of management controlling systems. A few content management implementations cover all these issues.
Read more →
PitchYaGame

PitchYaGame or #PitchYaGame (sometimes abbreviated to PYG) is a volunteer movement hosted on the social media platform Twitter to showcase, and present awards for, independent video games from around the world. == Description == PitchYaGame is hosted on the social media platform Twitter to showcase independent video games from around the world. Video pitches are presented by developers in June and November each year, and use the hashtag #PitchYaGame to identify and reference news about the showcase and the individual pitches, and the presentation of awards. The showcase was founded in May 2020 by Liam Twose, with the mission of recognising independent video games, and "focused on empowering indie game developers to strengthen their position in the industry." Twose has made clear that PitchYaGame is a showcase and not a hardcore competition, with "[j]ust enough of a push to make sure people put their best pitch forward." The team now comprises Twose (@LiamTwose at Twitter), operations manager "Indie Game Lover" (@IndieGameLover), and host Sarah Clancy (@ImSarahNow). The pitches were originally made monthly, with entries split into a number of categories, but this proved unmanageable. PitchYaGame collaborator, Sarah Clancy reported that judging the many entries on a monthly basis was "difficult and unwieldy." Therefore, pitches were later switched to six monthly, "feature creep" was reduced, and awards streamlined into gold, silver, bronze, runners-up, and most viral. == Sponsorship == In June 2021, PitchYaGame prizes were sponsored by Xsolla, and in November 2021 by Aurora Punks and Cold Pixel. No cash prizes were available in 2022, as the organisers moved PitchYaGame into a less-competitive, "more showcase centric format". == Reception == In October 2020, Elijah Beahm at The Escapist wrote that "One of the greatest challenges for any game is landing a solid pitch. You have to sell people, maybe even a publisher, to take your idea seriously. Most of the time, it's an obfuscated process that leaves the average developer scratching their heads, but Liam Twose and his team behind #PitchYaGame, 'PYG' for short, are looking to change all that with some clever social engineering." In March 2021, Cameron Koch at GameSpot wrote that "Using the #PitchYaGame, thousands of indie developers tweeted out pitches for their games on November 2 as part of a social media contest, and the results are astounding." He went on to say that "There is no arguing with the results. According to Twose, around 1100-1300 games were shared with the hashtag, and some real gems look to have shined through." In November 2021, Stafano "Stef" Castelli at IGN Italia wrote that "I myself enjoyed 'browsing through' the competitors, discovering a handful of intriguing video games in development." (translated from Italian). In November 2022, Eric Bartelson at Premortem Games wrote that "It's a great way to get games noticed by fellow developers, but also publishers, investors and press." In June 2023, Mark Plunkett in Kotaku wrote about the impossibility of keeping up with all the video game releases, and described PitchYaGame, which has attracted over 10,000 pitches since 2020, as an "astoundingly simple idea" that has "become an increasingly useful spot to catch up on some excellent-looking games that we may have otherwise completely slept on."
Read more →
Social media use in education

Social media in education is the use of social media to enhance education. Social media are "a group of Internet-based applications...that allow the creation and exchange of user-generated content". It is also known as the read/write web. As time went on and technology evolved, social media has been an integral part of people's lives, including students, scholars, and teachers. However, social media are controversial because, in addition to providing new means of connection, critics claim that they damage self-esteem, shorten attention spans, and increase mental health issues. A 2016 dissertation presented surveys that focused on the impact of social media. It reported that 54.6% of students believed that social media affected their studies positively (38% agree, 16.6% strongly agree). About 40% disagreed, and 4.7% of students strongly disagreed. 53% of female students reported that social media negatively impacted their studies. Among male students, 40% agreed that social media had a negative impact on studies, while 59% disagreed. A 2023 article dives deep into the rewards system of the brain in response to social media. This study compares the social rewards system in our brain to those from social media. From ages 10-12, most are receiving a cell phone, social rewards in the brain start to feel more satisfying. Leading to adulthood, the effects of social rewards are less likely to feel reliant on feedback from peers. Equivalent to a more mature prefrontal cortex, this enables a better management of their emotional reaction to these social rewards, meaning a more balanced and controlled reaction. == History == A survey from Cambridge International of nearly 20,000 teachers and students (ages 12–19) from 100 countries found that 48% of students use a desktop computer in class, 42% uses phones, 33% use interactive whiteboards and 20% use tablets. Desktop computers are more used than tablets. Teachers were abandoning the "no phones at school" rule. A 2024 research survey through Common Sense Education reported 54% of age 8-12 and 69% of ages 13-18 social media is an extensive distraction from homework. === United States === The long-running technology boom accelerated after the millennium. As of 2018, 95% of US teenage students had access to a smartphone and 45% said they were online almost constantly. In the early days of social media, access to technology was a significant issue as many students did not own not compatible devices and school budgets were often insufficient to purchase devices for student use. Despite backlash, Missouri passed a law that prohibited teachers from communicating privately with students over social media in 2011. Supporters were concerned that online communication between underage students and faculty could lead to inappropriate relationships. Some schools adopted a "Bring Your Own Device" (BYOD) policy, allowing students to bring Internet-accessing devices, such as phones or tablets to class. During the pandemic, the federal government offered funds that allowed more schools to purchase devices. Over time, more students acquired phones with social media access. Personal devices increased student satisfaction, but reduced teachers' ability to control device use in their classrooms. A 2018 Pew Research study reported that 95% of teenagers had a phone and used social media consistently. === Canada === The Peel District School Board (PDSB) in Ontario accepted the use of social media in the classroom. In 2013, the PDSB introduced BYOD and unblocked many social media sites. That was later replaced by a policy that dealt specifically with social media. == Uses == === Classroom === In the classroom, social media offers a way to systematically distribute and gather information from students. Teachers can supply documents, and audio/video media to students for immediate or later use. One study on higher education reported that devices and social media: created opportunities for interaction provided occasions for collaboration sped up information access offered more ways to learn situated learning. Frustrations included anti-technology instructors, device challenges, and devices as a distraction. Social media in classrooms can have a negative effect. A Yale University publication reported that students who used laptops in class for non-academic reasons had poorer performance. Students spent most of their time on social media, shopping, and other personal activities. Social media has helped many educators mentor their students more effectively. === Outside of class === Social media offer a venue for video calls, stories, feeds, and game playing that can enhance the learning process. Teachers can utilize social media to communicate with their students. Social media can provide students with resources that they can utilize in essays, projects, and presentations. Students can easily access comments made by teachers and peers and offer feedback to teachers. Social media can offer students the opportunity to collaborate by sharing information without requiring face to face meetings. Social media can allow students to more easily connect with experts, to go beyond course materials. Instructors in a 2010 study reported that online technologies (social media) can help students become comfortable having discussions outside the classroom better than traditional means. Teachers may face some risk when using social media outside the classroom, without appropriate work rules. Studies explores how college students' engagement with social media platforms influences their communication preferences and habits, particularly in relation to using school email for academic purposes. === Professional development === Social media can aid professional development, as teachers become students, enhancing knowledge transfer, skill master, and collaboration. === Non-academic uses === Schools can use social media to make public announcements. Teachers and administrators can communicate other important information to parents and students and to receive feedback from them. Families can keep up with school events and policies. === Ecology education === The potential of using social media in ecological, nature and forest education include: virtual nature groups can help promote good habits in forest tourism and recreation (nature ethics), by entering general rules in the regulations by administrators, e.g. "DO NOT PICK UP PLANTS UNKNOWN TO US", which is to protects rare species from pointless picking. social media activity motivates people to learn about nature in the field, allows them to gain knowledge, dispels popular myths, enables contact with scientists and practitioners, promotes valuable literature, websites, and at the same time reveals distortions and substantive errors in popular news services. contact is not only virtual. Despite financial barriers and distance, Internet users organize nature conventions. Such meetings are an opportunity not only to make friends, but also to learn about nature together and have fun. the possibility of contact between scientists and nature lovers via Facebook has become a source of cooperation in species inventory, e.g. the online campaign of the NATRIX Herpetological Society, which consists not only of collecting reports of observations of the smooth snake by Internet users, but also of drawing attention to the biology and threats to this species. Social media has become a place where ecology education quickly reaches people of different ages and social statuses. The nature groups that have been created, in which nature lovers, biologists, foresters and scientists participate, can have a real impact on the state of knowledge and data collection through citizen science. == Apps and services == Social media can allow students to participate in their field by working with organizations outside the classroom. By offering easier access to peers outside the classroom, students can broaden their perspectives and find support resources. Social media aided learning outside of the classroom through collaboration and innovation. One specific study, "Exploring education-related use of social media," called this "audience connectors". Audience connectors bring students together while studying with WhatsApp and Facebook. This study reported that "60 percent [of students in the study] agreed that technology changes education for the better." While social media can promote a beneficial education platform, downsides exist. Students may become skilled at "lifting material from the internet" rather than enhancing their personal understanding. Another downside is student attention spans decline. A concern raised by the students of this study showed how many use spell-check as a crutch and will see a trend of points taken off when spell-check is not an option. Apps like X allowed teachers to make classroom accounts where students can learn about social media in a controlled context. Teachers can post assignments on th
Read more →
Artificial general intelligence

Artificial general intelligence (AGI) is a hypothetical type of artificial intelligence that matches or surpasses human capabilities across virtually all cognitive tasks. Beyond AGI, artificial superintelligence (ASI) would outperform the best human abilities across every domain by a wide margin. Unlike artificial narrow intelligence (ANI), whose competence is confined to well‑defined tasks, an AGI system can generalise knowledge, transfer skills between domains, and solve novel problems without task‑specific reprogramming. Creating AGI is a stated goal of technology companies such as OpenAI, Google, xAI, and Meta. A 2020 survey identified 72 active AGI research and development projects across 37 countries. AGI is a common topic in science fiction and futures studies. Contention exists over whether AGI represents an existential risk. Some AI experts and industry figures have stated that mitigating the risk of human extinction posed by AGI should be a global priority. Others find the development of AGI to be in too remote a stage to present such a risk. == Terminology == AGI is also known as strong AI, full AI, human-level AI, human-level intelligent AI, or general intelligent action. The term "artificial general intelligence" was used in 1997 by Mark Gubrud in a discussion of the implications of fully automated military production and operations. A mathematical formalism of AGI named AIXI was proposed in 2000 by Marcus Hutter, who defines intelligence as "an agent’s ability to achieve goals or succeed in a wide range of environments". This type of AGI has also been called "universal artificial intelligence". The term AGI was re-introduced and popularized by Shane Legg and Ben Goertzel around 2002. Some academic sources reserve the term "strong AI" for computer programs that will experience sentience or consciousness. In contrast, weak AI (or narrow AI) can solve a specific problem but lacks general cognitive abilities. Some academic sources use "weak AI" to refer more broadly to any programs that neither experience consciousness nor have a mind in the same sense as humans. Related concepts include artificial superintelligence and transformative AI. An artificial superintelligence (ASI) is a hypothetical type of AGI that is much more generally intelligent than humans, while the notion of transformative AI relates to AI having a large impact on society, for example, similar to the agricultural or industrial revolution. A framework for classifying AGI was proposed in 2023 by Google DeepMind researchers. They define five performance levels of AGI: emerging, competent, expert, virtuoso, and superhuman. For example, a competent AGI is defined as an AI that outperforms 50% of skilled adults in a wide range of non-physical tasks, and a superhuman AGI (i.e., an artificial superintelligence) is similarly defined but with a threshold of 100%. They consider large language models like ChatGPT or LLaMA 2 to be instances of emerging AGI (comparable to unskilled humans). Regarding the autonomy of AGI and associated risks, they define five levels: tool (fully in human control), consultant, collaborator, expert, and agent (fully autonomous). == Characteristics == There is no single agreed-upon definition of intelligence as applied to computers. Computer scientist John McCarthy wrote in 2007: "We cannot yet characterize in general what kinds of computational procedures we want to call intelligent." === Intelligence traits === Researchers generally hold that a system is required to do all of the following to be regarded as an AGI: reason, use strategy, solve puzzles, and make judgments under uncertainty, represent knowledge, including common sense knowledge, plan, learn, communicate in natural language, if necessary, integrate these skills in completion of any given goal. Many interdisciplinary approaches (e.g. cognitive science, computational intelligence, and decision making) consider additional traits such as imagination (the ability to form novel mental images and concepts) and autonomy. Computer-based systems exhibiting these capabilities are now widespread, with modern large language models demonstrating computational creativity, automated reasoning, and decision support simultaneously across domains. === Physical traits === Other capabilities are considered desirable in intelligent systems, as they may affect intelligence or aid in its expression. These include: the ability to sense (e.g. see, hear, etc.), and the ability to act (e.g. move and manipulate objects, change location to explore, etc.) This includes the ability to detect and respond to hazard. === Tests for human-level AGI === Several tests meant to confirm human-level AGI have been considered. ==== Turing test ==== The Turing test was proposed by Alan Turing in his 1950 paper "Computing Machinery and Intelligence". This test involves a human judge engaging in natural language conversations with both a human and a machine designed to generate human-like responses. The machine passes the test if it can convince the judge that it is human a significant fraction of the time. Turing proposed this as a practical measure of machine intelligence, focusing on the ability to produce human-like responses rather than on the internal workings of the machine. The idea of the test is that the machine has to try and pretend to be a man, by answering questions put to it, and it will only pass if the pretence is reasonably convincing. A considerable portion of a jury, who should not be experts about machines, must be taken in by the pretence. In 2014, a chatbot named Eugene Goostman, designed to imitate a 13-year-old Ukrainian boy, reportedly passed a Turing Test event by convincing 33% of judges that it was human. However, this claim was met with significant skepticism from the AI research community, who questioned the test's implementation and its relevance to AGI. A 2025 pre‑registered, three‑party Turing‑test study by Cameron R. Jones and Benjamin K. Bergen showed that GPT-4.5 was judged to be the human in 73% of five‑minute text conversations—surpassing the 67% humanness rate of real confederates and meeting the researchers' criterion for having passed the test. ==== Ikea test ==== The "Ikea test", also known as the Flat Pack Furniture Test, involves an AI controlling a robot which attempts to assemble an Ikea flat-pack furniture product after having been shown the parts and instructions. As early as 2013, MIT's IkeaBot demonstrated fully autonomous multi-robot assembly of an IKEA Lack table in ten minutes, with no human intervention and no pre-programmed assembly instructions. The robots inferred the assembly sequence from the geometry of the parts alone. ==== Coffee test ==== Steve Wozniak proposed a test where a machine is required to enter an average American home and figure out how to make coffee. It must find the coffee machine, find the coffee, add water, find a mug, and brew the coffee by pushing the proper buttons. This test has been substantially approached across multiple systems. In January 2024, Figure AI's Figure 01 humanoid learned to operate a Keurig coffee machine autonomously after watching video demonstrations, using end-to-end neural networks to translate visual input into motor actions. In 2025, researchers at the University of Edinburgh published the ELLMER framework in Nature Machine Intelligence, demonstrating a robotic arm that interprets verbal instructions, analyses its surroundings, and autonomously makes coffee in dynamic kitchen environments — adapting to unforeseen obstacles in real time rather than following pre-programmed sequences. ==== Suleyman's test ==== Mustafa Suleyman's test proposes giving an AI model US$100,000 and asking it to obtain US$1 million. ==== Use of video-games ==== Adams, et al. propose that the ability to learn and succeed in a wide range of video games can be used to test AI intelligence. This range would include games unknown to the AGI developers before the test is administered. === AI-complete problems === A problem is informally called "AI-complete" or "AI-hard" if it is believed that AGI would be needed to solve it, because the solution is beyond the capabilities of a purpose-specific algorithm. == History == === Classical AI === Modern AI research began in the mid-1950s. The first generation of AI researchers were convinced that artificial general intelligence was possible and that it would exist in just a few decades. AI pioneer Herbert A. Simon wrote in 1965: "machines will be capable, within twenty years, of doing any work a man can do". Their predictions were the inspiration for Stanley Kubrick and Arthur C. Clarke's fictional character HAL 9000, who embodied what AI researchers believed they could create by the year 2001. AI pioneer Marvin Minsky was a consultant on the project of making HAL 9000 as realistic as possible according to the consensus predictions of the time. He said in 1967, "Within a generation... the problem of
Read more →
Data verification

Data verification is a process in which different types of data are checked for accuracy and inconsistencies after data migration is done. In some domains it is referred to Source Data Verification (SDV), such as in clinical trials. Data verification helps to determine whether data was accurately translated when data is transferred from one source to another, is complete, and supports processes in the new system. During verification, there may be a need for a parallel run of both systems to identify areas of disparity and forestall erroneous data loss. Methods for data verification include double data entry, proofreading and automated verification of data. Proofreading data involves someone checking the data entered against the original document. This is also time-consuming and costly. Automated verification of data can be achieved using one way hashes locally or through use of a SaaS based service such as Q by SoLVBL to provide immutable seals to allow verification of the original data.
Read more →
Private message

In computer networking, a private message (PM), or direct message (DM), refers to a private communication, often text-based, sent or received by a user of a private communication channel on any given platform. Unlike public posts, PMs are only viewable by the participants. Long a function present on IRCs and Internet forums, private channels for PMs have also been prevalent features on instant messaging (IM) and on social media networks. It may be either synchronous (e.g. on an IM) or asynchronous (e.g. on an Internet forum). The term private message (PM) originated as a feature on internet forums, while the term direct message (DM) originated as a feature on Twitter. Due to the popularity of the latter service, DM has since been appropriated by other platforms, such as Instagram, and is often genericized in popular usage. == Overview == There are two main types of private messages, and one obscure type: One type includes those found on IRCs and Internet forums, as well as on social media services like Twitter, Facebook, and Instagram, where the focus is public posting, PMs allow users to communicate privately without leaving the platform. The second type are those relayed through instant messaging platforms such as WhatsApp and Snapchat, where users join the networks primarily to exchange PMs. A third type, peer-to-peer messaging, occurs when users create and own the infrastructure used to transmit and store the messages; while features vary depending on application, they give the user full control over the data they transmit. An example of software that enables this kind of messaging is Classified-ads. Besides serving as a tool to connect privately with friends and family, PMs have gained momentum in the workplace. Working professionals use PMs to reach coworkers in other spaces and increase efficiency during meetings. Although useful, using PMs in the workplace may blur the boundary between work and private lives. Some common forms of private messaging today include Facebook messaging (sometimes referred to as "inboxing"), Twitter direct messaging, and Instagram direct messaging. These forms of private messaging provide a private space on a usually public site. For instance, most activity on Twitter is public, but Twitter DMs provide a private space for communication between two users. This differs from mediums like email, texting, and Snapchat, where most or all activity is always private. Modern forms of private messaging may include multimedia messages, such as pictures or videos. == History == Email was first developed to send messages between different computers on ARPANET in 1971. Access to ARPANET was primarily limited to universities and other research institutions. Starting in 1983 or 1984, FidoNet allowed home computer users to send and receive email via bulletin board systems. Information services such as CompuServe, America Online, and Prodigy also helped to popularizes online messaging. The advent of the public World Wide Web in 1993 increased access to email via internet service providers, and later via webmail. Instant messaging systems became popular in the mid 1990s, as Internet access improved and personal computers became more common. The introduction of Skype in 2003 popularized Internet-based voice and video messaging. Direct messaging is now a feature of all major social networking services. == Privacy concerns == In January 2014, Matthew Campbell and Michael Hurley filed a class-action lawsuit against Facebook for breaching the Electronic Communications Privacy Act. They alleged that private messages which contained URLs were being read and used to generate profit, through data mining and user profiling, and that it was misleading for Facebook to refer to the functionality as "private" with the implication that the communication was "free from surveillance". In 2012, some Facebook users misinterpreted a redesign of the Facebook wall as publicly sharing private messages from 2008–2009. These were found to be public wall posts from those years, made at a time when it was not possible to like or comment on a wall post, making the notes look like private messages.
Read more →
Rassd News Network

Rassd News Network, also known by its initials of RNN (Arabic:شبكة رصد الاخبارية), is an alternative media network based in Cairo, Egypt. RNN was launched as a Facebook-based news source launched on January 25, 2011. It quickly advanced to become a primary contributor of Egyptian revolution-related news that year. Applying the motto "From the people to the people," the citizen journalists who created RNN have since added a Twitter feed and launched an independent website dedicated to short news stories favored by an online audience. RNN is an organized citizen news network with four working committees; one for editing the news, another to support the correspondents covering Egypt, a third for managing the multimedia feeds and a fourth for staff functions such as development, training and public relations. RNN's Arabic name, Rassd, is an acronym that stands for Rakeb (observe), Sawwer (record) and Dawwen (blog). RNN created a Ustream channel on January 27, 2011, and a YouTube account a month later. The success of RNN and its new social media model is evidenced in its recent local network expansion into Libya, Morocco, Syria, Jerusalem and Turkey. Even so, one media scholar in the US (commenting in 2011) called the accuracy of RNN's reporting "fairly mediocre". RNN has endured closures of their Facebook profile and YouTube account as part of the attacks from private media, attempting to thwart their work and influence their content. == Use of RNN's news by international media == RNN has been a global source of Egyptian revolution-related news since its launch. During the early days of the citizen uprisings across the Middle East, major networks such as BBC, Reuters, Al Jazeera and Al Arabiya used some of Rassd's news and photos, and followed the network on Twitter. Three days after the online portal went live it was streaming video to MSNBC through its Facebook page. Then on February 5, 2011, Louisville's NBC-affiliate cited RNN, Cairo when it reported that President Hosni Mubarak had stepped down as head of Egypt's ruling party.
Read more →
Cuboid (computer vision)

In computer vision, the term cuboid is used to describe a small spatiotemporal volume extracted for purposes of behavior recognition. The cuboid is regarded as a basic geometric primitive type and is used to depict three-dimensional objects within a three dimensional representation of a flat, two dimensional image. == Production == Cuboids can be produced from both two-dimensional and three-dimensional images. One method used to produce cuboids utilizes scene understanding (SUN) primitive databases, which are collections of pictures that already contain cuboids. By sorting through SUN primitive databases with machine learning tools, computers observe the conditions in which cuboids are produced in images from SUN primitive databases and can learn to produce cuboids from other images. RGB-D images, which are RGB images that also record the depth of each pixel, are occasionally used to produce cuboids because computers no longer need to determine the depth of an object, as they typically do because depth is already recorded. Cuboid production is sensitive to changes in color and illumination, blockage, and background clutter. This means that it is difficult for computers to produce cuboids of objects that are multicolored, irregularly illuminated, or partially covered, or if there are many objects in the background. This is partially due to the fact that algorithms for producing cuboids are still relatively simple. == Usage == Cuboids are created for point cloud-based three-dimensional maps and can be utilized in various situations such as augmented reality, the automated control of cars, drones, and robots, and object detection. Cuboids allow for software to identify a scene through geometric descriptions in an “object-agnostic” fashion. Interest points, locations within images that are identified by a computer as essential to identifying the image, created from two-dimensional images can be used with cuboids for image matching, identifying a room or scene, and instance recognition. Interest points created from three dimensional images can be used with cuboids to recognize activities. This is possible because interest points aid software to focus on only the most important aspects of the images. RGB-D images and SLAM systems are used together in RGB-D SLAM systems, which are employed by Computer-aided design systems to generate point cloud-based three-dimensional maps. Most industrial multi-axis machining tools use computer-aided manufacturing and subsequently work in cuboid work spaces.
Read more →
Unknown key-share attack

As defined by Blake-Wilson & Menezes (1999), an unknown key-share (UKS) attack on an authenticated key agreement (AK) or authenticated key agreement with key confirmation (AKC) protocol is an attack whereby an entity A {\displaystyle A} ends up believing she shares a key with B {\displaystyle B} , and although this is in fact the case, B {\displaystyle B} mistakenly believes the key is instead shared with an entity E ≠ A {\displaystyle E\neq A} . In other words, in a UKS, an opponent, say Eve, coerces honest parties Alice and Bob into establishing a secret key where at least one of Alice and Bob does not know that the secret key is shared with the other. For example, Eve may coerce Bob into believing he shares the key with Eve, while he actually shares the key with Alice. The “key share” with Alice is thus unknown to Bob.
Read more →
Pepper (cryptography)

In cryptography, a pepper is a secret added to an input such as a password during hashing with a cryptographic hash function. This value differs from a salt in that it is not stored alongside a password hash, but rather the pepper is kept separate using another meachanism, such as a Hardware Security Module. Note that the National Institute of Standards and Technology refers to this value as a secret key rather than a pepper. A pepper is similar in concept to a salt or an encryption key. It is like a salt in that it is a randomized value that is added to a password hash, and it is similar to an encryption key in that it should be kept secret. A pepper performs a comparable role to a salt or an encryption key, but while a salt is not secret (merely unique) and can be stored alongside the hashed output, a pepper is secret and must not be stored with the output. The hash and salt are usually stored in a database, but, if stored, a pepper must be stored separately to prevent it from being obtained by the attacker in case of a database breach. == History == The idea of a site- or service-specific salt (in addition to a per-user salt) has a long history, with Steven M. Bellovin proposing a local parameter in a Bugtraq post in 1995. In 1996 Udi Manber also described the advantages of such a scheme, terming it a secret salt. However, he suggested not storing the value of the secret salt, but instead rediscovering it by trial and error at password verification time. The term pepper has been used, by analogy to salt, but with a variety of meanings. For example, when discussing a challenge-response scheme, pepper has been used for a salt-like quantity, though not used for password storage; it has been used for a data transmission technique where a pepper must be guessed; and even as a part of jokes. The term pepper was proposed for a secret or local parameter stored separately from the password in a discussion of protecting passwords from rainbow table attacks. This usage did not immediately catch on: for example, Fred Wenzel added support to Django password hashing for storage based on a combination of bcrypt and HMAC with separately stored nonces, without using the term. Usage has since become more common. == Types == There are multiple different types of pepper: A shared secret that is common to all users. A randomly-selected number that must be re-discovered on every password input. These mechanisms could be combined with password salting, iterated hashing or even one another. == Shared-secret pepper == Bellovin and Webster suggest prepend a shared secret to the password before hashing, which allows easy use of existing hash functions. For example, consider two users to be added to a database. This table contains two combinations of username and password. The password is not saved, and the 8-byte (64-bit) 44534C70C6883DE2 pepper is saved in a safe place separate from the output values of the hash, in this case SHA256. Unlike the salt, the pepper does not provide protection to users who use the same password, but protects against dictionary attacks, unless the attacker has the pepper value available. Since the same pepper is not shared between different applications, an attacker is unable to reuse the hashes of one compromised database to another. A complete scheme for saving passwords may include both salt and pepper use. For example, it has been suggested to combine the pepper by encrypting salted password hashes, which allows rotation of the pepper. In the case of a shared-secret pepper, a single compromised password (via password reuse or other attack) along with a user's salt can lead to an attack to discover the pepper, rendering it ineffective. If an attacker knows a plaintext password and a user's salt, as well as the algorithm used to hash the password, then discovering the pepper can be a matter of brute forcing the values of the pepper. This is why NIST recommends the secret value be at least 112 bits, so that discovering it by exhaustive search is prohibitively expensive. The pepper must be generated anew for every application it is deployed in, otherwise a breach of one application would result in lowered security of another application. Without knowledge of the pepper, other passwords in the database will be far more difficult to extract from their hashed values, as the attacker would need to guess the password as well as the pepper. A pepper adds security to a database of salts and hashes because unless the attacker is able to obtain the pepper, cracking even a single hash is intractable, no matter how weak the original password. Even with a list of (salt, hash) pairs, an attacker must also guess the secret pepper in order to find the password which produces the hash. The NIST specification for a secret salt suggests using a Password-Based Key Derivation Function (PBKDF) with an approved Pseudorandom Function such as HMAC with SHA-3 as the hash function of the HMAC. The NIST recommendation is also to perform at least 1000 iterations of the PBKDF, and a further minimum 1000 iterations using the secret salt in place of the non-secret salt. == Randomly-selected pepper that must be re-discovered == The aim of this mechanism is to slow down password the password verification step, thus slowing attacks. The aim is similar increasing the iteration count on bcrypt or Argon2, but the mechanism is different. The secret salt or pepper must be rediscovered by the verifier or attacker each time by guessing. In this situation, the password hashing function is calculated using both the password and the pepper. At password storage time, the pepper is chosen randomly from a range between 1 and R, the hash output is calculated using the password and the pepper. The hash output is stored with the username. The pepper is then discarded. At password verification time, the verifier is provided with a username and password to verify. The originally calculated hash is retrieved for the given username, and then the hash of the password and each value between 1 and R is calculated. If any of these hash values match the stored password hash, the password is considered valid. Note, the possible values of the pepper should not be tested in a fixed order known to an attacker, otherwise a timing attack may reveal the pepper. If the password is correct, the correct pepper will be found in R/2 hash evaluations on average. If the password is incorrect, all R values must be tested before the password can be rejected.
Read more →