AI Chatbot Social Network

AI Chatbot Social Network — independent reviews, comparisons, pricing and step-by-step guides on Aizhi.

Affinity (software)

Affinity is a graphics editor developed by Serif, a subsidiary of Canva. It is simultaneously a vector graphics editor, a raster graphics editor and a desktop publishing application. It was first released in 2025 as a successor to Serif's Affinity Designer, Affinity Photo and Affinity Publisher, uniting the three editors into one application. While the previous versions competed individually against Adobe's Illustrator, Photoshop, and InDesign, Affinity 3.0 integrates their functionality into a single application. It uses a freemium model monetized by AI features exclusive to Canva Pro subscribers. == Functionality == Affinity is divided into a number of workspaces ("studios"), which are equivalent to the previous suite of Affinity applications: "vector" for vector graphics (Designer), "pixel" for raster editing (Photo), and "layout" for desktop publishing (Publisher). Additionally, it introduces the ability to create custom workspaces. The application supports real-time previews and non-destructive editing, which are based on GPU acceleration. Supported file formats include Adobe Photoshop, InDesign and Illustrator files, PDF, SVG, and TIFF, as well as a custom .af file format. === Vector editing === === Raster editing === Affinity includes photo editing tools including adjustments, masks, blend modes, batch processing, and retouching facilities. Additionally, the application can develop RAW files, similar to Adobe Lightroom. === Desktop publishing === Publishing features include master pages, text styles, and advanced typography. === AI features === The application supports Canva's existing AI features, such as background removal and generative fill. This requires a Canva subscription. == Development == === Background and acquisition (2014–2024) === Serif launched the original Affinity suite starting with Affinity Designer in 2014, followed by Photo (2015) and Publisher (2019). The software gained popularity for its one-time purchase model, contrasting with Adobe's subscription-based Creative Cloud. In November 2022, Serif released Version 2 of the suite, introducing a "Universal License" that covered all three apps across all platforms. In March 2024, Canva acquired Serif for approximately A$580 million (£300 million). Following user backlash regarding a potential shift to subscriptions, Canva and Serif issued a joint "Pledge" committing to four key principles: fair pricing, no mandatory subscriptions, perpetual licenses for existing products, and continued development of Affinity as a standalone suite. === Unified release (2025) === In September 2025, Serif pulled all existing versions of Affinity Designer, Affinity Photo and Affinity Publisher from sale ahead an upcoming announcement on 30 October; also ahead of the announcement, the iPadOS versions of the Affinity suite became free on App Store. During a "Creative Freedom" keynote on 30 October 2025, Canva released a new version now simply branded as "Affinity" (also known as "Affinity by Canva"), and referred to internally as version 3.0. Version 3 drops the separate applications and integrates their functionality into a singular application, and adds the ability to export directly to the Canva platform. It also adds a Canva AI studio, including background removal, "Expand & Edit", and generative fill. As of version 3, Affinity has switched to a freemium model; it is now available at no charge to users, although access to Canva AI features are locked behind the existing Canva Pro subscription service. Serif stated that the perpetually-licensed version 2 will remain available to existing owners, although it will no longer be actively maintained. The new version is currently available for macOS and Windows only, with an iPadOS version to be released soon. == Reception == The change in business model by Canva in 2025 was met with mixed reception, including concerns about its incorporation of AI features. Some users were concerned that their projects would be used for machine learning purposes, or that future versions would suffer from a lack of maintenance or become adware. Additionally, some felt it turned Affinity into fundamentally subscription-based software, given the prevalence of these features in professional contexts. Affinity publicly stated on social media that it would remain "free forever", users' projects would not be used to train AI models, and that "Canva has built a sustainable business model that allows this kind of generosity. And when more professionals use Affinity, Canva can sell more seats into businesses."
Read more →
Webull

Webull Corporation, often stylized as simply Webull, is a U.S.-based financial services holding company headquartered in St. Petersburg, Florida. It owns and operates the Webull electronic trading platform for self-directed retail investors. Depending on jurisdiction, the Webull platform offers trading in stocks, exchange-traded funds (ETFs), options, margin, bonds, cryptocurrency and futures, as well as market-data tools. Webull began operations in 2016 under Hunan Fumi Information Technology, a China-based financial technology company founded by Wang Anquan. It launched U.S. brokerage services through Webull Financial LLC in 2018 and expanded during the retail-trading boom of 2020 and 2021. In April 2025, Webull became a publicly traded company on the Nasdaq through a merger with special-purpose acquisition company SK Growth Opportunities Corporation. The company's U.S. brokerage revenue relies substantially on payment for order flow, with options trading accounting for the larger share of its order-flow rebates in 2025. Webull has faced regulatory actions related to options customer approvals, complaint handling, suspicious activity reporting, social-media marketing and customer disclosures. It has also faced scrutiny from U.S. lawmakers and state officials over its historical and operational ties to China and the handling of U.S. customer data. == History == === Founding === Webull was founded in 2016 under Hunan Fumi Information Technology, a China-based financial technology company, by Wang Anquan, a former employee of Alibaba Group and Xiaomi. Hunan Fumi Information Technology received backing from Xiaomi, Shunwei Capital, and other investors in China. Fumi Technology was a Hunan-based fintech start-up incubated by Xiaomi and raised about CNY200 million (approximately US$30 million) in a Series B financing round in 2018. On May 24, 2017, Webull Financial LLC was established as a Delaware limited liability company. It began offering brokerage services in the United States in May 2018. Wang hired Anthony Denier as CEO of the U.S. brokerage that year and the two mapped out their strategy on napkins at a Mexican restaurant in New York City. Webull Corporation was incorporated in the Cayman Islands in September 2019 as the group's holding company. === Retail trading boom === In May 2020, the company received SEC approval to launch a robo-advisor on its platform. By August 2020, the platform had over 11 million registered users, and in October 2020, it had 750,000 daily active users. Webull introduced options trading in 2020 and later added cryptocurrency trading through a separate digital-asset business. In November 2020, Webull began supporting cryptocurrency transactions. In December 2020, Webull launched trading services in Hong Kong. During the GameStop short squeeze in January 2021, Webull gained attention as some retail traders looked for alternatives to Robinhood. On January 27, 2021, Webull recorded its highest-ever number of active daily users, at 952,000, and the Webull app was downloaded across the Apple App and Google Play stores an estimated 100,000 times. That week, approximately 1.2 million people downloaded the Webull mobile app, which the company reported as a 1,548% week-over-week increase. On January 28, 2021, Webull was directed by its clearing house to temporarily halt buy orders for stocks affected by the GameStop short squeeze. In June 2021, Webull was reported to be considering a U.S. initial public offering that could raise up to $400 million. === Restructuring and expansion === Webull restructured its China-related corporate arrangements in 2022 and later stated that Hunan Fumi was no longer affiliated with the group. In 2022 and 2023, Webull expanded in several non-U.S. markets, including Singapore, Australia, South Africa, Japan, the United Kingdom and Indonesia. In June 2023, Webull moved cryptocurrency trading to a separate app called Webull Pay. By the end of 2023, Webull had 4.3 million funded accounts and US$8.2 billion in customer assets. In January 2024, Anthony Denier was promoted to group president of Webull Corporation. In November 2024, Webull launched overnight, or extended-hours, trading, expanding the trading window of U.S. stocks for users inside and outside the United States. === SPAC merger and Nasdaq listing === On February 28, 2024, Webull agreed to go public through a business combination with SK Growth Opportunities Corporation (NASDAQ: SKGR), a special-purpose acquisition company, in a deal that valued the company at approximately US$7.3 billion. The proposed valuation drew scrutiny because of Webull's limited financial disclosure at announcement, reliance on payment for order flow and small expected public float. SK Growth shareholders approved the business combination on March 30, 2025, and the transaction closed on April 10, 2025. Webull's Class A ordinary shares and warrants began trading on the Nasdaq on April 11, 2025 under the ticker symbols BULL and BULLW (incentive warrants traded under BULLZ until their redemption in June 2025). The merger brought Webull to the public market but generated little cash for the company: after shareholder redemptions, Webull disclosed net proceeds of US$430,066 from the transaction. After the listing, Webull's shares experienced extreme volatility, rising as much as 500% to US$79.56 on April 14, 2025, after closing at US$13.25 on the prior trading day. The initial post-listing surge increased the value of Webull holdings owned by earlier investors, including RIT Capital Partners, which had first invested in Webull in 2021. In April 2026, after Webull's shares had fallen about 70% over the previous year, the company authorized a US$100 million share repurchase program. == Business model and financials == Webull provides a self-directed electronic trading platform available through mobile, desktop and web applications. Depending on jurisdiction, the platform offers trading in stocks, exchange-traded funds, options, margin, futures, fixed income products, cryptocurrency, cash management features and market data tools. In the United States, Webull Financial LLC is a registered broker-dealer and member of FINRA and the Securities Investor Protection Corporation, while Webull operates in other markets through locally licensed brokerage subsidiaries. Webull operates a commission-free or low-cost brokerage model for self-directed retail investors. In the United States, a substantial part of its trading-related revenue comes from payment for order flow, while in some non-U.S. markets the company more commonly charges commissions directly to customers. The platform is aimed at more active retail investors, including users seeking options tools, extended-hours trading and real-time market data. For 2025, Webull reported total revenue of US$571.0 million, up from US$390.2 million in 2024. Equity and option order-flow rebates accounted for US$304.1 million, or 53.3% of revenue, making order-flow rebates the company's largest reported revenue category. Interest-related income accounted for US$154.3 million, handling charge income for US$87.3 million and other revenue for US$25.3 million. Options were the larger component of the company's order-flow rebates in 2025, generating US$210.0 million compared with US$94.2 million from equities. Webull also generates revenue from interest-related activities, including margin financing, customer bank deposits, stock lending and corporate bank deposits. The company has stated that its interest-related income is affected by interest rates, customer cash balances, margin balances and demand for stock lending. The company had approximately 20 million registered users worldwide as of February 2024. As of December 31, 2025, it reported 26.8 million registered users, 5.0 million funded accounts and US$24.6 billion in customer assets. As of March 2025, Webull operated in Hong Kong, Singapore, Australia, South Africa, Japan, the United Kingdom, the United States, Indonesia, Canada, Brazil, Thailand, Malaysia and Mexico. == Marketing and sponsorships == Webull has used paid digital advertising, referral incentives, free-stock promotions, affiliate marketing and sports sponsorships to acquire customers and promote its brand. In its 2025 annual filing, the company reported marketing and branding expenses of US$152.3 million in 2023, US$138.7 million in 2024 and US$135.9 million in 2025. Webull said most of its advertising and promotion costs were related to paid search and paid social advertising, and that it had reduced free-stock promotions while shifting toward deposit- and asset-transfer-based incentives. In September 2021, BSE Global, the parent company of the Brooklyn Nets and New York Liberty, entered into a global multi-year agreement with Webull. Under the agreement, Webull became an official sponsor and online brokerage partner of the teams, with branding that included a jersey patch on Brooklyn Nets uniforms. Spo
Read more →
Zardoz (computer security)

In computer security, the Security-Digest list, better known as the Zardoz list, was a semi-private full disclosure mailing list run by Neil Gorsuch from 1989 through 1991. It identified weaknesses in systems and gave directions on where to find them. It was a perennial target for computer hackers, who sought archives of the list for information on undisclosed software vulnerabilities. == Membership restrictions == Access to Zardoz was approved on a case-by-case basis by Gorsuch, principally by reference to the user account used to send subscription requests; requests were approved for root users, valid UUCP owners, or system administrators listed at the NIC. The openness of the list to users other than Unix system administrators was a regular topic of conversation, with participants expressing concern that vulnerabilities and exploitation details disclosed on the list were liable to spread to hackers. The circulation of Zardoz postings was an open secret among computer hackers, and mocked in a Phrack parody of an IRC channel populated by security experts. == Notable participants == Keith Bostic discussed BSD Sendmail vulnerabilities Chip Salzenberg discussed Peter Honeyman's posting of a UUCP worm, and shell script security Gene Spafford discussed VMS and Ultrix bugs, and relayed law enforcement enquiries about the Morris Worm Tom Christiansen discussed SUID shell scripts Chris Torek discussed devising exploits from general descriptions of vulnerabilities Henry Spencer discussed Unix security Brendan Kehoe discussed systems security Alec Muffett announced Crack, the Unix password cracker The majority of Zardoz participants were Unix systems administrators and C software developers. Neil Gorsuch and Gene Spafford were the most prolific contributors to the list.
Read more →
Retained mode

Retained mode in computer graphics is a major pattern of API design in graphics libraries, in which the graphics library, instead of the client, retains the scene (complete object model of the rendering primitives) to be rendered and the client calls into the graphics library do not directly cause actual rendering, but make use of extensive indirection to resources, managed – thus retained – by the graphics library. It does not preclude the use of double-buffering. Immediate mode is an alternative approach. Historically, retained mode has been the dominant style in GUI libraries; however, both can coexist in the same library and are not necessarily exclusionary in practice. == Overview == In retained mode the client calls do not directly cause actual rendering, but instead update an abstract internal model (typically a list of objects) which is maintained within the library's data space. This allows the library to optimize when actual rendering takes place along with the processing of related objects. Some techniques to optimize rendering include: managing double buffering treatment of hidden surfaces by backface culling/occlusion culling (Z-buffering) only transferring data that has changed from one frame to the next from the application to the library Example of coexistence with immediate mode in the same library is OpenGL. OpenGL has immediate mode functions that can use previously defined server side objects (textures, vertex buffers and index buffers, shaders, etc.) without resending unchanged data. Examples of retained mode rendering systems include Windows Presentation Foundation, SceneKit on macOS, and PHIGS.
Read more →
Spell checker

In software, a spell checker (or spelling checker or spell check) is a software feature that checks for misspellings in a text. Spell-checking features are often embedded in software or services, such as a word processor, email client, electronic dictionary, or search engine. == Design == A basic spell checker carries out the following processes: It scans the text and extracts the words contained in it. It then compares each word with a known list of correctly spelled words (i.e. a dictionary). This might contain just a list of words, or it might also contain additional information, such as hyphenation points or lexical and grammatical attributes. An additional step is a language-dependent algorithm for handling morphology. Even for a lightly inflected language like English, the spell checker will need to consider different forms of the same word, such as plurals, verbal forms, contractions, and possessives. For many other languages, such as those featuring agglutination and more complex declension and conjugation, this part of the process is more complicated. It is unclear whether morphological analysis—allowing for many forms of a word depending on its grammatical role—provides a significant benefit for English, though its benefits for highly synthetic languages such as German, Hungarian, or Turkish are clear. As an adjunct to these components, the program's user interface allows users to approve or reject replacements and modify the program's operation. Spell checkers can use approximate string matching algorithms such as Levenshtein distance to find correct spellings of misspelled words. An alternative type of spell checker uses solely statistical information, such as n-grams, to recognize errors instead of correctly-spelled words. This approach usually requires a lot of effort to obtain sufficient statistical information. Key advantages include needing less runtime storage and the ability to correct errors in words that are not included in a dictionary. In some cases, spell checkers use a fixed list of misspellings and suggestions for those misspellings; this less flexible approach is often used in paper-based correction methods, such as the see also entries of encyclopedias. Clustering algorithms have also been used for spell checking combined with phonetic information. == History == === Pre-PC === In 1961, Les Earnest, who headed the research on this budding technology, saw it necessary to include the first spell checker that accessed a list of 10,000 acceptable words. Ralph Gorin, a graduate student under Earnest at the time, created the first true spelling checker program written as an applications program (rather than research) for general English text: SPELL for the DEC PDP-10 at Stanford University's Artificial Intelligence Laboratory, in February 1971. Gorin wrote SPELL in assembly language, for faster action; he made the first spelling corrector by searching the word list for plausible correct spellings that differ by a single letter or adjacent letter transpositions and presenting them to the user. Gorin made SPELL publicly accessible, as was done with most SAIL (Stanford Artificial Intelligence Laboratory) programs, and it soon spread around the world via the new ARPAnet, about ten years before personal computers came into general use. SPELL, its algorithms and data structures inspired the Unix ispell program. The first spell checkers were widely available on mainframe computers in the late 1970s. A group of six linguists from Georgetown University developed the first spell-check system for the IBM corporation. Henry Kučera invented one for the VAX machines of Digital Equipment Corp in 1981. === Unix === The International Ispell program commonly used in Unix is based on R. E. Gorin's SPELL. It was converted to C by Pace Willisson at MIT. The GNU project has its spell checker GNU Aspell. Aspell's main improvement is that it can more accurately suggest correct alternatives for misspelled English words. Due to the inability of traditional spell checkers to check words in complex inflected languages, Hungarian László Németh developed Hunspell, a spell checker that supports agglutinative languages and complex compound words. Hunspell also uses Unicode in its dictionaries. Hunspell replaced the previous MySpell in OpenOffice.org in version 2.0.2. Enchant is another general spell checker, derived from AbiWord. Its goal is to combine programs supporting different languages such as Aspell, Hunspell, Nuspell, Hspell (Hebrew), Voikko (Finnish), Zemberek (Turkish) and AppleSpell under one interface. === PCs === The first spell checkers for personal computers appeared in 1980, such as "WordCheck" for Commodore systems which was released in late 1980 in time for advertisements to go to print in January 1981. Developers such as Maria Mariani and Random House rushed OEM packages or end-user products into the rapidly expanding software market. On the pre-Windows PCs, these spell checkers were standalone programs, many of which could be run in terminate-and-stay-resident mode from within word-processing packages on PCs with sufficient memory. However, the market for standalone packages was short-lived, as by the mid-1980s developers of popular word-processing packages like WordStar and WordPerfect had incorporated spell checkers in their packages, mostly licensed from the above companies, who quickly expanded support from just English to many European and eventually even Asian languages. However, this required increasing sophistication in the morphology routines of the software, particularly with regard to heavily-agglutinative languages like Hungarian and Finnish. Although the size of the word-processing market in a country like Iceland might not have justified the investment of implementing a spell checker, companies like WordPerfect nonetheless strove to localize their software for as many national markets as possible as part of their global marketing strategy. When Apple developed "a system-wide spelling checker" for Mac OS X so that "the operating system took over spelling fixes," it was a first: one "didn't have to maintain a separate spelling checker for each" program. Mac OS X's spellcheck coverage includes virtually all bundled and third party applications. Visual Tools' VT Speller, introduced in 1994, was "designed for developers of applications that support Windows." It came with a dictionary but had the ability to build and incorporate use of secondary dictionaries. === Browsers === Web browsers such as Firefox and Google Chrome offer spell checking support, using Hunspell. Prior to using Hunspell, Firefox and Chrome used MySpell and GNU Aspell, respectively. === Specialties === Some spell checkers have separate support for medical dictionaries to help prevent medical errors. == Functionality == The first spell checkers were "verifiers" instead of "correctors." They offered no suggestions for incorrectly spelled words. This was helpful for typos but it was not so helpful for logical or phonetic errors. The challenge the developers faced was the difficulty in offering useful suggestions for misspelled words. This requires reducing words to a skeletal form and applying pattern-matching algorithms. It might seem logical that where spell-checking dictionaries are concerned, "the bigger, the better," so that correct words are not marked as incorrect. In practice, however, an optimal size for English appears to be around 90,000 entries. If there are more than this, incorrectly spelled words may be skipped because they are mistaken for others. For example, a linguist might determine on the basis of corpus linguistics that the word baht is more frequently a misspelling of bath or bat than a reference to the Thai currency. Hence, it would typically be more useful if a few people who write about Thai currency were slightly inconvenienced than if the spelling errors of the many more people who discuss baths were overlooked. The first MS-DOS spell checkers were mostly used in proofing mode from within word processing packages. After preparing a document, a user scanned the text looking for misspellings. Later, however, batch processing was offered in such packages as Oracle's short-lived CoAuthor and allowed a user to view the results after a document was processed and correct only the words that were known to be wrong. When memory and processing power became abundant, spell checking was performed in the background in an interactive way, such as has been the case with the Sector Software produced Spellbound program released in 1987 and Microsoft Word since Word 95. Spell checkers became increasingly sophisticated; now capable of recognizing grammatical errors. However, even at their best, they rarely catch all the errors in a text (such as homophone errors) and will flag neologisms and foreign words as misspellings. Nonetheless, spell checkers can be considered as a type of foreign language writing aid that non-native language lea
Read more →
Noom

Noom is an American privately held digital health company that provides weight management and behavioral health services through a subscription-based mobile application. Founded in 2008, the company combines behavior change psychology with access to weight loss medications and dietary supplements. The platform incorporates elements of cognitive behavioral therapy (CBT) and goal-setting strategies, and its programs are designed to support users in developing healthier habits. In addition to its weight management services, Noom has expanded to offer products related to stress management and general wellness. Noom has received both praise and criticism. Supporters cite its focus on mental and behavioral aspects of health, while critics have raised concerns about the accuracy of its calorie goals, the use of algorithmically determined weight loss targets, and questions about the qualifications of some of its coaching staff. == History == Noom was founded in 2008 by friends Artem Petakov and Saeju Jeong. The company's mobile app officially launched in 2016. In 2025, Noom relocated its headquarters from New York City to Princeton, New Jersey. Petakov, a former software engineer at Google, currently leads Noom Ventures, while Jeong serves as Noom's Chairman. In 2023, Geoff Cook was appointed CEO of Noom. In 2019, Noom partnered with Novo Nordisk to offer patients prescribed the diabetes medication Saxenda one year of free access to the Noom platform. In 2020, Noom reported $400 million in revenue. As of April 2021, the company stated it employed approximately 3,000 people, including 2,700 coaches. == Services == === Noom App === The Noom app is the primary platform through which users engage with the company's services. Upon creating an account, users are prompted to provide physical information such as weight, height, and age, along with experiential data including lifestyle habits, personal goals, and perceived obstacles. Users log their meals and physical activity, and in return, the app delivers feedback through multiple channels: algorithmically generated insights, guidance from a human coach, peer interaction, educational articles, and interactive quizzes. The app has been reviewed by a range of media outlets, including newspapers such as the Chicago Tribune and USA Today; health information sources such as WebMD; and lifestyle magazines including Good Housekeeping. === Other services === In 2024, Noom launched Noom Vibe, a mobile application that encourages users to develop healthy habits by awarding "vibes"—a form of points—for activities such as walking or meeting step goals. That same year, Noom introduced a 3D body scanning feature within its app, designed to help users monitor physical changes and prevent muscle atrophy during weight loss. Also in 2024, Noom began offering a compounded GLP-1 medication as part of its weight management program. The formulation includes the same active ingredient found in the anti-obesity medications Wegovy and Ozempic. == Research == In 2016, a study published in Scientific Reports analyzed data from approximately 36,000 users of the Noom app, of whom 78% were female and 22% male. The data were collected between October 2012 and April 2014. To be included in the analysis, users had to log their weight at least twice per month over a period of six consecutive months. The study found that 78% of participants self-reported weight loss while using the app. The median duration of weight reporting was 267 days (approximately nine months). The frequency of data logging was positively correlated with weight loss. Additionally, male users had a higher average starting BMI and reported greater average weight loss compared to female users. In 2017, the Centers for Disease Control and Prevention (CDC) recognized Noom as a certified diabetes prevention program, making it the first mobile health application to receive such designation. == Criticisms == === Health programs === Noom has been criticized for promoting elements of diet culture in its advertising campaigns. The app has also faced criticism for setting calorie goals that some users and experts have deemed inappropriately low, and for employing coaches who may lack formal qualifications as registered dietitians. Coaching has been described as relying heavily on canned responses. Upon sign-up, users are prompted to complete a questionnaire consisting of over 50 questions, which is used to generate a personalized program. In 2021, the UK-based organization Privacy International alleged that Noom, along with other diet platforms, used such lengthy surveys to attract users but did not always tailor the resulting programs to the collected data. The organization claimed that many users received the same or highly similar programs regardless of their answers. It also raised concerns about the handling of potentially sensitive health data, alleging a lack of transparency regarding the sharing of such data with third parties, including Facebook, potentially in violation of the European General Data Protection Regulation (GDPR). In a follow-up investigation in 2023, Privacy International reported that Noom had made "significant positive changes" to its data handling practices. However, the organization noted that data was still being shared with Facebook and concluded that "there is still room for improvement." === Billing issues lawsuit === In August 2020, the Better Business Bureau (BBB) issued a warning to consumers regarding Noom's subscription practices. The BBB reported that numerous customers had filed complaints about difficulties canceling their subscriptions after the free trial period, as well as challenges in contacting the company to request refunds. In February 2022, Noom agreed to a $62 million settlement in a class-action lawsuit that alleged the company had used deceptive billing practices related to automatic subscription renewals. Qualifying claimants received approximately $167 each. During the case, a former senior software engineer at Noom testified that the cancellation process was intentionally designed to be difficult, with the goal of generating revenue from customers who failed to cancel in time. In response, Noom stated that it had taken steps to improve transparency around its pricing and policies, including the implementation of self-service cancellation tools.
Read more →
Confused deputy problem

In information security, a confused deputy is a computer program that is tricked by another program (with fewer privileges or less rights) into misusing its authority on the system. It is a specific type of privilege escalation. The confused deputy problem is often cited as an example of why capability-based security is important. Capability systems protect against the confused deputy problem, whereas access-control list–based systems do not. Such systems can mitigate the confused deputy problem by eliminating ambient authority, allowing programs to act only on resources for which they hold explicit capabilities, whereas access-control list–based systems are more susceptible to it. However, this protection depends on correct implementation; in formally verified capability systems such as seL4, it can be shown that the kernel enforces capability constraints correctly, preventing such behavior at the system level. == Example == In the original example of a confused deputy, there was a compiler program provided on a commercial timesharing service. Users could run the compiler and optionally specify a filename where it would write debugging output, and the compiler would be able to write to that file if the user had permission to write there. The compiler also collected statistics about language feature usage. Those statistics were stored in a file called "(SYSX)STAT", in the directory "SYSX". To make this possible, the compiler program was given permission to write to files in SYSX. But there were other files in SYSX: in particular, the system's billing information was stored in a file "(SYSX)BILL". A user ran the compiler and named "(SYSX)BILL" as the desired debugging output file. This produced a confused deputy problem. The compiler made a request to the operating system to open (SYSX)BILL. Even though the user did not have access to that file, the compiler did, so the open succeeded. The compiler wrote the compilation output to the file (here "(SYSX)BILL") as normal, overwriting it, and the billing information was destroyed. === The confused deputy === In this example, the compiler program is the deputy because it is acting at the request of the user. The program is seen as 'confused' because it was tricked into overwriting the system's billing file. Whenever a program tries to access a file, the operating system needs to know two things: which file the program is asking for, and whether the program has permission to access the file. In the example, the file is designated by its name, “(SYSX)BILL”. The program receives the file name from the user, but does not know whether the user had permission to write the file. When the program opens the file, the system uses the program's permission, not the user's. When the file name was passed from the user to the program, the permission did not go along with it; the permission was increased by the system silently and automatically. It is not essential to the attack that the billing file be designated by a name represented as a string. The essential points are that: the designator for the file does not carry the full authority needed to access the file; the program's own permission to access the file is used implicitly. == Other examples == A cross-site request forgery (CSRF) is an example of a confused deputy attack that uses the web browser to perform sensitive actions against a web application. A common form of this attack occurs when a web application uses a cookie to authenticate all requests transmitted by a browser. Using JavaScript, an attacker can force a browser into transmitting authenticated HTTP requests. The Samy computer worm used cross-site scripting (XSS) to turn the browser's authenticated MySpace session into a confused deputy. Using XSS the worm forced the browser into posting an executable copy of the worm as a MySpace message which was then viewed and executed by friends of the infected user. Clickjacking is an attack where the user acts as the confused deputy. In this attack a user thinks they are harmlessly browsing a website (an attacker-controlled website) but they are in fact tricked into performing sensitive actions on another website. An FTP bounce attack can allow an attacker to connect indirectly to TCP ports to which the attacker's machine has no access, using a remote FTP server as the confused deputy. Another example relates to personal firewall software. It can restrict Internet access for specific applications. Some applications circumvent this by starting a browser with instructions to access a specific URL. The browser has authority to open a network connection, even though the application does not. Firewall software can attempt to address this by prompting the user in cases where one program starts another which then accesses the network. However, the user frequently does not have sufficient information to determine whether such an access is legitimate—false positives are common, and there is a substantial risk that even sophisticated users will become habituated to clicking "OK" to these prompts. Not every program that misuses authority is a confused deputy. Sometimes misuse of authority is simply a result of a program error. The confused deputy problem occurs when the designation of an object is passed from one program to another, and the associated permission changes unintentionally, without any explicit action by either party. It is insidious because neither party did anything explicit to change the authority. Another example is when an administrator authorizes an AI agent to act on their behalf, and that AI subsequently delegates authority to another AI agent neither vetted nor authorized by the original administrator. The unvetted AI can then act without permissions or oversight from the original developer. == Solutions == In some systems it is possible to ask the operating system to open a file using the permissions of another client. This solution has some drawbacks: It requires explicit attention to security by the server. A naive or careless server might not take this extra step. It becomes more difficult to identify the correct permission if the server is in turn the client of another service and wants to pass along access to the file. It requires the client to trust the server to not abuse the borrowed permissions. Note that intersecting the server and client's permissions does not solve the problem either, because the server may then have to be given very wide permissions (all of the time, rather than those needed for a given request) in order to act for arbitrary clients. The simplest way to solve the confused deputy problem is to bundle together the designation of an object and the permission to access that object. This is exactly what a capability is. Using capability security in the compiler example, the client would pass to the server a capability to the output file, such as a file descriptor, rather than the name of the file. Since it lacks a capability to the billing file, it cannot designate that file for output. In the cross-site request forgery example, a URL supplied "cross"-site would include its own authority independent of that of the client of the web browser.
Read more →
Object Data Management Group

The Object Data Management Group (ODMG) was conceived in the summer of 1991 at a breakfast with object database vendors that was organized by Rick Cattell of Sun Microsystems. In 1998, the ODMG changed its name from the Object Database Management Group to reflect the expansion of its efforts to include specifications for both object database and object–relational mapping products. The primary goal of the ODMG was to put forward a set of specifications that allowed a developer to write portable applications for object database and object–relational mapping products. In order to do that, the data schema, programming language bindings, and data manipulation and query languages needed to be portable. Between 1993 and 2001, the ODMG published five revisions to its specification. The last revision was ODMG version 3.0, after which the group disbanded. == Major components of the ODMG 3.0 specification == Object Model. This was based on the Object Management Group's Object Model. The OMG core model was designed to be a common denominator for object request brokers, object database systems, object programming languages, etc. The ODMG designed a profile by adding components to the OMG core object model. Object Specification Languages. The ODMG Object Definition Language (ODL) was used to define the object types that conform to the ODMG Object Model. The ODMG Object Interchange Format (OIF) was used to dump and load the current state to or from a file or set of files. Object Query Language (OQL). The ODMG OQL was a declarative (nonprocedural) language for query and updating. It used SQL as a basis, where possible, though OQL supports more powerful object-oriented capabilities. C++ Language Binding. This defined a C++ binding of the ODMG ODL and a C++ Object Manipulation Language (OML). The C++ ODL was expressed as a library that provides classes and functions to implement the concepts defined in the ODMG Object Model. The C++ OML syntax and semantics are those of standard C++ in the context of the standard class library. The C++ binding also provided a mechanism to invoke OQL. Smalltalk Language Binding. This defined the mapping between the ODMG ODL and Smalltalk, which was based on the OMG Smalltalk binding for the OMG Interface Definition Language (IDL). The Smalltalk binding also provided a mechanism to invoke OQL. Java Language Binding. This defined the binding between the ODMG ODL and the Java programming language as defined by the Java 2 Platform. The Java binding also provided a mechanism to invoke OQL. == Status == ODMG 3.0 was published in book form in 2000.[1] By 2001, most of the major object database and object-relational mapping vendors claimed conformance to the ODMG Java Language Binding. Compliance to the other components of the specification was mixed.[2] In 2001, the ODMG Java Language Binding was submitted to the Java Community Process as a basis for the Java Data Objects specification. The ODMG member companies then decided to concentrate their efforts on the Java Data Objects specification. As a result, the ODMG disbanded in 2001. In 2004, the Object Management Group (OMG) was granted the right to revise the ODMG 3.0 specification as an OMG specification by the copyright holder, Morgan Kaufmann Publishers. In February 2006, the OMG announced the formation of the Object Database Technology Working Group (ODBT WG) and plans to work on the 4th generation of an object database standard. == ODMG Compliant DBMS == Orient ODBMS: http://www.OrienTechnologies.com Objectivity/DB C++, Java and Smalltalk interfaces.
Read more →
Supersampling

Supersampling or supersampling anti-aliasing (SSAA) is a spatial anti-aliasing method, i.e. a method used to remove aliasing (jagged and pixelated edges, colloquially known as "jaggies") from images rendered in computer games or other computer programs that generate imagery. Aliasing occurs because unlike real-world objects, which have continuous smooth curves and lines, a computer screen shows the viewer a large number of small squares. These pixels all have the same size, and each one has a single color. A line can only be shown as a collection of pixels, and therefore appears jagged unless it is perfectly horizontal or vertical. The aim of supersampling is to reduce this effect. Color samples are taken at several instances inside the pixel (not just at the center as normal)—hence the term "supersampling"—and an average color value is calculated. This can for example be achieved by rendering the image at a much higher resolution than the one being displayed, then shrinking it to the desired size, using the extra pixels for calculation, with the result being a downsampled image with smoother transitions from one line of pixels to another along the edges of objects, but each pixel could also be supersampled using other strategies (see the Supersampling patterns section). The number of samples determines the quality of the output. == Motivation == Aliasing is manifested in the case of 2D images as moiré pattern and pixelated edges, colloquially known as "jaggies". Common signal processing and image processing knowledge suggests that to achieve perfect elimination of aliasing, proper spatial sampling at the Nyquist rate (or higher) after applying a 2D Anti-aliasing filter is required. As this approach would require a forward and inverse fourier transformation, computationally less demanding approximations like supersampling were developed to avoid domain switches by staying in the spatial domain ("image domain"). == Method == === Computational cost and adaptive supersampling === Supersampling is computationally expensive because it requires much greater video card memory and memory bandwidth, since the amount of buffer used is several times larger. A way around this problem is to use a technique known as adaptive supersampling, where only pixels at the edges of objects are supersampled. Initially only a few samples are taken within each pixel. If these values are very similar, only these samples are used to determine the color. If not, more are used. The result of this method is that a higher number of samples are calculated only where necessary, thus improving performance. === Supersampling patterns === When taking samples within a pixel, the sample positions have to be determined in some way. Although the number of ways in which this can be done is infinite, there are a few ways which are commonly used. ==== Grid ==== The simplest algorithm. The pixel is split into several sub-pixels, and a sample is taken from the center of each. It is fast and easy to implement. Although, due to the regular nature of sampling, aliasing can still occur if a low number of sub-pixels is used. ==== Random ==== Also known as stochastic sampling, it avoids the regularity of grid supersampling. However, due to the irregularity of the pattern, samples end up being unnecessary in some areas of the pixel and lacking in others. ==== Poisson disk ==== The Poisson disk sampling algorithm places the samples randomly, but then checks that any two are not too close. The end result is an even but random distribution of samples. The naive "dart throwing" algorithm is extremely slow for large data sets, which once limited its applications for real-time rendering. However, many fast algorithms now exist to generate Poisson disk noise, even those with variable density. The Delone set provides a mathematical description of such sampling. ==== Jittered ==== A modification of the grid algorithm to approximate the Poisson disk. A pixel is split into several sub-pixels, but a sample is not taken from the center of each, but from a random point within the sub-pixel. Congregation can still occur, but to a lesser degree. ==== Rotated grid ==== A 2×2 grid layout is used but the sample pattern is rotated to avoid samples aligning on the horizontal or vertical axis, greatly improving antialiasing quality for the most commonly encountered cases. For an optimal pattern, the rotation angle is arctan (⁠1/2⁠) (about 26.6°) and the square is stretched by a factor of ⁠√5/2⁠, making it also a 4-queens solution.
Read more →
Public computer

A public computer (or public access computer) is any of various computers available in public areas. Some places where public computers may be available are libraries, schools, or dedicated facilities run by government. Public computers share similar hardware and software components to personal computers, however, the role and function of a public access computer is entirely different. A public access computer is used by many different untrusted individuals throughout the course of the day. The computer must be locked down and secure against both intentional and unintentional abuse. Users typically do not have authority to install software or change settings. A personal computer, in contrast, is typically used by a single responsible user, who can customize the machine's behavior to their preferences. Public access computers are often provided with tools such as a PC reservation system to regulate access. The world's first public access computer center was the Marin Computer Center in California, co-founded by David and Annie Fox in 1977. == Kiosks == A kiosk is a special type of public computer using software and hardware modifications to provide services only about the place the kiosk is in. For example, a movie ticket kiosk can be found at a movie theater. These kiosks are usually in a secure browser with zero access to the desktop. Many of these kiosks may run Linux, however, ATMs, a kiosk designed for depositing money, often run Windows XP. == Public computers in the United States == === Library computers === In the United States and Canada, almost all public libraries have computers available for the use of patrons, though some libraries will impose a time limit on users to ensure others will get a turn and keep the library less busy. Users are often allowed to print documents that they have created using these computers, though sometimes for a small fee. ==== Privacy ==== Privacy is an important part of the public library institution, since the libraries entitle the public to intellectual freedom. Use of any computer or network may create records of users' activities that can jeopardize their privacy. It is possible for a patron to jeopardize their privacy if they do not delete cache, clear cookies, or documents from the public computer. In order for a member of the public to remain private on a computer, the American Library Association (ALA) has guidelines. These give patrons an idea of the right way to keep using public library computers. In their provision of services to library users, librarians have an ethical responsibility, expressed in the ALA Code of Ethics, to preserve users' right to privacy. A librarian is also responsible for giving users an understanding of private patron use and access. Libraries must ensure that users have the following rights when browsing on public computers: the computer automatically will clear a users history; libraries should display privacy screens so users do not see another patron's screen; updating software for effective safety measures; restoration data software to clear documents that users may have left on their computers and to combat possible malware; security practices; and making users aware of any possible monitoring of their browsing activities. Users can also view the Library Privacy Checklist for Public Access Computers and Networks to better understand what libraries strive for when protecting privacy. === School computers === The U.S. government has given money to many school boards to purchase computers for educational applications. Schools may have multiple computer labs, which contain these computers for students to use. There is usually Internet access on these machines, but some schools will put up a blocking service to limit the websites that students are able to access to only include educational resources, such as Google. In addition to controlling the content students are viewing, putting up these blocks can also help to keep the computers safe by preventing students from downloading malware and other threats. However, the effectiveness of such content filtering systems is questionable since it can easily be circumvented by using proxy websites, Virtual Private Networks, and for some weak security systems, merely knowing the IP address of the intended website is enough to bypass the filter. School computers often have advanced operating system security to prevent tech-savvy students from inflicting damage (i.e. the Windows Registry Editor and Task Manager, etc.) are disabled on Microsoft Windows machines. Schools with very advanced tech services may also install a locked down BIOS/firmware or make kernel-level changes to the operating system, precluding the possibility of unauthorized activity.
Read more →
Split screen (computing)

Split screen is a display technique in computer graphics that consists of dividing graphics and/or text into non-overlapping adjacent parts, typically as two or four rectangular areas. This allows for the simultaneous presentation of (usually) related graphical and textual information on a computer display. TV sports adopted this presentation methodology in the 1960s for instant replay. Non-dynamic split screens differ from windowing systems in that the latter allowed overlapping and freely movable parts of the screen (the "windows") to present both related and unrelated application data to the user. In contrast, split-screen views are strictly limited to fixed positions. The split screen technique can also be used to run two instances of an application, potentially allowing another user to interact with the second instance. == In operating systems == Split screen modes are used by mobile operating systems to enable computer multitasking similar to the window interface present in desktop operating systems. Android supports split screen view of two apps natively on all devices, while certain devices, such as Samsung Galaxy Z TriFold, support three sumultaneous views. Split screen functionality is not supported on iOS, but a similar feature called Split View is present in iPadOS, first introduced in 2015 with the first generation of iPad Pro. == In video games == The split screen feature is commonly used in non-networked, also known as couch co-op, video games with multiplayer options. In its most easily understood form, a split screen for a multiplayer video game is an audiovisual output device (usually a standard television for video game consoles) where the display has been divided into 2-4 equally sized areas (depending on number of players) so that the players can explore different areas simultaneously without being close to each other. This has historically been remarkably popular on consoles, which until the 2000s did not have access to the Internet or any other network and is less common today with modern support for networked console-to-console multiplayer. In competitive split-screen games, it is customarily considered cheating to look at another player's screen section to gain an advantage. === History === Split screen gaming dates back to at least the 1970s, with games such Drag Race (1977) from Kee Games in the arcades being presented in this format. It has always been a common feature of two or more player home console and computer games too, with notable titles being Kikstart II for 8-bit systems, a number of 16-bit racing games (such as Lotus Esprit Turbo Challenge and Road Rash II), and action/strategy games (such as Toejam & Earl and Lemmings), all employing a vertical or horizontal screen split for two player games. Xenophobe is notable as a three-way split screen arcade title, although on home platforms it was reduced to one or two screens. The addition of four controller ports on home consoles also ushered in more four-way split screen games, with Mario Kart 64 and Goldeneye 007 on the Nintendo 64 being two well known examples. In arcades, machines tended to move towards having a whole screen for each player, or multiple connected machines, for multiplayer. On home machines, especially in the first and third person shooter genres, multiplayer is now more common over a network or the internet rather than locally with split screen. Starting from the late 2000s, the presence of split screen multiplayer has largely been declining due to the increasing prevalence of online multiplayer, though TechRadar reported a resurgence of split screen due to support from independent studios and increased interest from the players.
Read more →
Stop Motion Studio

Stop Motion Studio is a stop motion animation software developed by Cateater LLC. It is available as both an app for iOS and Android and as a software for Windows and Mac. Two versions of the software exist, the standard Stop Motion Studio for free, and the paid Stop Motion Studio Pro, which contains extra, more advanced features. The software is commonly used in brickfilming.
Read more →
Vismon

Vismon was the Bell Labs system which displayed authors' faces on one of their internal e-mail systems. The name was a pun on the sysmon program used at Bell to show the load on computer systems. It can also be interpreted as "visual monitor". The system inspired Rich Burridge to develop the similar but more widespread faces system, which spread with Unix distributions in the 1980s. This in turn inspired Steve Kinzler to develop the Picons, or personal icons, which have the goal of offering symbols and other images, as well as faces, to represent individuals and institutions in email messages. Other systems such as the faces available on the LAN email functions of the NeXTSTEP platform also seem to have been influenced by the original Vismon capabilities. The faces program in Plan 9 is the direct descendant of this system. Vismon was the work of Rob Pike and Dave Presotto. It was based on some early experiments by Luca Cardelli. Many other scientists and engineers of the Computing Science Research Center of the Murray Hill facility were also involved. All had been spurred by the introduction in 1983 of the new Blit graphics terminal developed by Pike and Bart Locanthi and marketed by Teletype Corporation of Skokie, Illinois as the DMD 5620. Pike was eager, along with his colleagues, to exploit the new graphic capabilities. Pike and company went around their Center, convincing everybody, from directors and administrative assistants to engineers and scientists, to pose as they got out a 4×5 view camera with a Polaroid back and took black-and-white photos (Polaroid type 52) of their faces. Their efforts yielded nearly 100 faces, which they digitised with a scanner from graphics colleagues. They wrote several programs to transform the faces, store them and serve them on several machines at the lab. As time went by, they added faces from outside their Center and outside Bell Labs. This database also led to the pico image editor (originally named zunk) which was used for image transformations, many of them with colleagues as the preferred target. The first programs built around vismon were used to announce incoming mail in a dedicated window, using the 48 by 48 pixel faces. Later on the faces were also used to decorate line printer banners.
Read more →
Sprite multiplexing

Sprite multiplexing is a computer graphics technique where additional sprites (moving images) can be drawn on the screen, beyond the nominal maximum. It is largely historical, applicable principally to older hardware, where limited resources (such as CPU speed and memory) meant only a relatively small number of sprites were supported. On the other hand, it is also true that without multiplexing, the sprite circuitry would be idle much of the time, and limited resources were wasted. == Description == The sprite multiplexing technique is based on the idea that while the hardware may only support a finite number of sprites, it is sometimes possible to re-use the same sprite "slots" more than once per frame or scan line. The program will first use the hardware to draw one or more sprite(s), as normal. Before the next frame (or next scanline) needs to be drawn, the software reprograms the hardware to display additional sprites, in other positions. For example, the Nintendo Entertainment System explicitly supports hardware sprite multiplexing, where it has 64 hardware sprites, but is only capable of rendering 8 of them per scanline. On the older Atari 2600, sprite multiplexing was not intentionally designed in, but programmers discovered they could reset the TIA graphics chip to draw additional sprites on the same scanline. The sprite multiplexing technique relies on the program being able to identify what part of the video screen is being drawn at the moment, or being triggered by the video hardware to run a subroutine at the crucial moment. The programmer must carefully consider the layout of the screen. If the video graphics hardware is not reprogrammed in time for the extra sprites to be displayed, they will not appear, or will be drawn incorrectly. Modern video graphics hardware typically does not use hardware sprites, since modern computer systems do not have the kind of limitations that sprite hardware is designed to circumvent. == Implementations == Systems that allow the programmer to employ the sprite multiplexing technique include: Atari 2600 Atari 8-bit computers Amiga Commodore 64 MSX Nintendo Entertainment System Super Nintendo Entertainment System Master System Sega Genesis/Mega Drive
Read more →
Retained mode

Retained mode in computer graphics is a major pattern of API design in graphics libraries, in which the graphics library, instead of the client, retains the scene (complete object model of the rendering primitives) to be rendered and the client calls into the graphics library do not directly cause actual rendering, but make use of extensive indirection to resources, managed – thus retained – by the graphics library. It does not preclude the use of double-buffering. Immediate mode is an alternative approach. Historically, retained mode has been the dominant style in GUI libraries; however, both can coexist in the same library and are not necessarily exclusionary in practice. == Overview == In retained mode the client calls do not directly cause actual rendering, but instead update an abstract internal model (typically a list of objects) which is maintained within the library's data space. This allows the library to optimize when actual rendering takes place along with the processing of related objects. Some techniques to optimize rendering include: managing double buffering treatment of hidden surfaces by backface culling/occlusion culling (Z-buffering) only transferring data that has changed from one frame to the next from the application to the library Example of coexistence with immediate mode in the same library is OpenGL. OpenGL has immediate mode functions that can use previously defined server side objects (textures, vertex buffers and index buffers, shaders, etc.) without resending unchanged data. Examples of retained mode rendering systems include Windows Presentation Foundation, SceneKit on macOS, and PHIGS.
Read more →