AI Coding Nyt

AI Coding Nyt — independent reviews, comparisons, pricing and step-by-step guides on Aizhi.

Sentence embedding

In natural language processing, a sentence embedding is a representation of a sentence as a vector of numbers which encodes meaningful semantic information. State of the art embeddings are based on the learned hidden layer representation of dedicated sentence transformer models. BERT pioneered an approach involving the use of a dedicated [CLS] token prepended to the beginning of each sentence inputted into the model; the final hidden state vector of this token encodes information about the sentence and can be fine-tuned for use in sentence classification tasks. In practice however, BERT's sentence embedding with the [CLS] token achieves poor performance, often worse than simply averaging non-contextual word embeddings. SBERT later achieved superior sentence embedding performance by fine tuning BERT's [CLS] token embeddings through the usage of a siamese neural network architecture on the SNLI dataset. Other approaches are loosely based on the idea of distributional semantics applied to sentences. Skip-Thought trains an encoder-decoder structure for the task of neighboring sentences predictions; this has been shown to achieve worse performance than approaches such as InferSent or SBERT. An alternative direction is to aggregate word embeddings, such as those returned by Word2vec, into sentence embeddings. The most straightforward approach is to simply compute the average of word vectors, known as continuous bag-of-words (CBOW). However, more elaborate solutions based on word vector quantization have also been proposed. One such approach is the vector of locally aggregated word embeddings (VLAWE), which demonstrated performance improvements in downstream text classification tasks. == Applications == In recent years, sentence embedding has seen a growing level of interest due to its applications in natural language queryable knowledge bases through the usage of vector indexing for semantic search. LangChain for instance utilizes sentence transformers for purposes of indexing documents. In particular, an indexing is generated by generating embeddings for chunks of documents and storing (document chunk, embedding) tuples. Then given a query in natural language, the embedding for the query can be generated. A top k similarity search algorithm is then used between the query embedding and the document chunk embeddings to retrieve the most relevant document chunks as context information for question answering tasks. This approach is also known formally as retrieval-augmented generation. Though not as predominant as BERTScore, sentence embeddings are commonly used for sentence similarity evaluation which sees common use for the task of optimizing a Large language model's generation parameters is often performed via comparing candidate sentences against reference sentences. By using the cosine-similarity of the sentence embeddings of candidate and reference sentences as the evaluation function, a grid-search algorithm can be utilized to automate hyperparameter optimization. == Evaluation == A way of testing sentence encodings is to apply them on Sentences Involving Compositional Knowledge (SICK) corpus for both entailment (SICK-E) and relatedness (SICK-R). In the best results are obtained using a BiLSTM network trained on the Stanford Natural Language Inference (SNLI) Corpus. The Pearson correlation coefficient for SICK-R is 0.885 and the result for SICK-E is 86.3. A slight improvement over previous scores is presented in: SICK-R: 0.888 and SICK-E: 87.8 using a concatenation of bidirectional Gated recurrent unit.
Read more →
JustWatch

JustWatch is a website that provides information on the availability of films and TV shows on various streaming platforms such as Netflix, HBO Max, Disney+, Hulu, Peacock, Fandango at Home, Apple TV, and Amazon Prime Video, among others. It is also available as a mobile application and smart TV application. JustWatch provides a search engine that allows users to discover which digital platforms host a particular movie or TV series. As of November 2023, JustWatch is available to users in 139 countries. == Features == JustWatch functions as a search engine by aggregating information about the online availability of films and TV series from video-on-demand streaming services. It aggregates information from more than 100 video content libraries, as well providing information about video resolution quality, pricing, and purchase or rental options. The website includes various filters for searching, including genre, price, release date, rating, and popularity. Users are also able to create lists of shows and movies and to share these lists with other users. == History == JustWatch GmbH is an international database company that is privately held and headquartered in Berlin, Germany. The company specializes in the online availability of movies and TV series. In addition to its user-facing website, the company also has an advertising-focused arm, JustWatch Media, that works with corporate clients, using data about what people watch that it gleans from user behavior to help entertainment companies tailor their marketing strategies. Its clients include Universal Pictures, Paramount Pictures, and Sony Pictures, among others. Development of the website began in 2014, and it was launched in the U.S. and Germany in February 2015. In 2018, the company received funding to improve databases within the European Union. In December 2019, the company acquired a rival streaming aggregation service, GoWatchIt, from Plexus Entertainment. JustWatch also used the acquisition to open its first New York office. In 2019, JustWatch had over 30 million users across 38 countries. By 2020, the company's streaming aggregation service was available in over 45 countries. By November 2023, it was available in 139 countries, and had over 40 million monthly users. === Founding === JustWatch was co-founded in 2013 by David Croyé, Cristoph Hoyer, Kevin Hiller, Dominik Raute, Ingke Weimert, and Michael Wilken. In a company blog post from February 2017, Croyé described the group of co-founders as all having previously "worked in leading roles at successful international tech-startups in Berlin." Croyé, who currently holds the title of CEO at JustWatch GmbH, had previously worked as the chief marketing officer at kaufDA, a European location-based mobile coupon and promotion service, and the background of other co-founders included time at the adtech company Trademob and the streaming site MyVideo. Startup capital for the website initially came from the founders themselves. Croyé in particular was able to reinvest funds he had obtained from the sale of kaufDA to Axel Springer, a European media company, in March 2011. Since 2015, the company has had at least one additional round of seed funding, with investors including venture capital groups CG Partners and STS Ventures.
Read more →
Trigger list

Trigger list in its most general meaning refers to a list whose items are used to initiate ("trigger") certain actions. == United States: Private financial information == In the United States, when a person applies for a mortgage loan, the lender makes a credit inquiry about the potential borrower from the national credit bureaus, Equifax, Experian and TransUnion. Unless the borrower is opted out, the credit bureaus put the applicants onto a "trigger list" of "leads" about persons who are interested in new loans. These lists are sold to numerous lenders all over the United States, and soon after the application the applicant starts receiving offers from all parts of the country. The trigger lists contain a significant amount of personal financial information. Among the buyers of trigger lists are "lead generators" which resell filtered information to borrowers, e.g., of people who live in a certain area and have a certain credit score. While the Federal Trade Commission considers the market of "trigger lists" to be a legal business, many people and organizations (such as the National Association of Mortgage Brokers) consider this a serious breach of privacy and lobby for putting this practice under regulatory controls. As of now, American consumers may opt-out from "trigger lists" by calling 1-888-5-OPTOUT (1-888-567-8688). == Nuclear non-proliferation == The Zangger Committee and the Nuclear Suppliers Group maintain lists of items that may contribute to nuclear proliferation; The nuclear non-proliferation treaty forbids its members to export such items to non-treaty members. these items are said to trigger the countries' responsibilities under the NPT, hence the name.
Read more →
View synthesis

In computer graphics, view synthesis, or novel view synthesis, is a task which consists of generating images of a specific subject or scene from a specific point of view, when the only available information is pictures taken from different points of view. This task was only recently (late 2010s – early 2020s) tackled with significant success, mostly as a result of advances in machine learning. Notable successful methods are Neural radiance fields and 3D Gaussian Splatting. Applications of view synthesis are numerous, one of them being Free view point television. The technique has also been applied to real-estate marketing, where novel views of a listing's interior are generated from a limited set of photographs for use in virtual home staging.
Read more →
Dominant resource fairness

Dominant resource fairness (DRF) is a rule for fair division. It is particularly useful for dividing computing resources in among users in cloud computing environments, where each user may require a different combination of resources. DRF was presented by Ali Ghodsi, Matei Zaharia, Benjamin Hindman, Andy Konwinski, Scott Shenker and Ion Stoica in 2011. == Motivation == In an environment with a single resource, a widely used criterion is max-min fairness, which aims to maximize the minimum amount of resource given to a user. But in cloud computing, it is required to share different types of resource, such as: memory, CPU, bandwidth and disk-space. Previous fair schedulers, such as in Apache Hadoop, reduced the multi-resource setting to a single-resource setting by defining nodes with a fixed amount of each resource (e.g. 4 CPU, 32 MB memory, etc.), and dividing slots which are fractions of nodes. But this method is inefficient, since not all users need the same ratio of resources. For example, some users need more CPU whereas other users need more memory. As a result, most tasks either under-utilize or over-utilize their resources. DRF solves the problem by maximizing the minimum amount of the dominant resource given to a user (then the second-minimum etc., in a leximin order). The dominant resource may be different for different users. For example, if user A runs CPU-heavy tasks and user B runs memory-heavy tasks, DRF will try to equalize the CPU share given to user A and the memory share given to user B. == Definition == There are m resources. The total capacities of the resources are r1,...,rm. There are n users. Each users runs individual tasks. Each task has a demand-vector (d1,..,dm), representing the amount it needs of each resource. It is implicitly assumed that the utility of a user equals the number of tasks he can perform. For example, if user A runs tasks with demand-vector [1 CPU, 4 GB RAM], and receives 3 CPU and 8 GB RAM, then his utility is 2, since he can perform only 2 tasks. More generally, the utility of a user receiving x1,...,xm resources is minj(xj/dj), that is, the users have Leontief utilities. The demand-vectors are normalized to fractions of the capacities. For example, if the system has 9 CPUs and 18 GB RAM, then the above demand-vector is normalized to [1/9 CPU, 2/9 GB]. For each user, the resource with the highest demand-fraction is called the dominant resource. In the above example, the dominant resource is memory, as 2/9 is the largest fraction. If user B runs a task with demand-vector [3 CPU, 1 GB], which is normalized to [1/3 CPU, 1/18 GB], then his dominant resource is CPU. DRF aims to find the maximum x such that all agents can receive at least x of their dominant resource. In the above example, this maximum x is 2/3: User A gets 3 tasks, which require 3/9 CPU and 2/3 GB. User B gets 2 tasks, which require 2/3 CPU and 1/9 GB. The maximum x can be found by solving a linear program; see Lexicographic max-min optimization. Alternatively, the DRF can be computed sequentially. The algorithm tracks the amount of dominant resource used by each user. At each round, it finds a user with the smallest allocated dominant resource so far, and allocates the next task of this user. Note that this procedure allows the same user to run tasks with different demand vectors. == Properties == DRF has several advantages over other policies for resource allocation. Proportionality: each user receives at least as much resources as they could get in a system in which all resources are partitioned equally among users (the authors call this condition "sharing incentive"). Strategyproofness: a user cannot get a larger allocation by lying about his needs. Strategyproofness is important, as evidence from cloud operators show that users try to manipulate the servers in order to get better allocations. Envy-freeness: no user would prefer the allocation of another user. Pareto efficiency: no other allocation is better for some users and not worse for anyone. Population monotonicity: when a user leaves the system, the allocations of remaining users do not decrease. When there is a single resource that is a bottleneck resource (highly demanded by all users), DRF reduces to max-min fairness. However, DRF violates resource monotonicity: when resources are added to the system, some allocations might decrease. == Extensions == Weighted DRF is an extension of DRF to settings in which different users have different weights (representing their different entitlements). Parkes, Procaccia and Shah formally extend weighted DRF to a setting in which some users do not need all resources (that is, they may have demand 0 to some resource). They prove that the extended version still satisfies proportionality, Pareto-efficiency, envy-freeness, strategyproofness, and even Group strategyproofness. On the other hand, they show that DRF may yield poor utilitarian social welfare, that is, the sum of utilities may be only 1/m of the optimum. However, they prove that any mechanism satisfying one of proportionality, envy-freeness or strategyproofness may suffers from the same low utilitarian welfare. They also extend DRF to the setting in which the users' demands are indivisible (as in fair item allocation). For the indivisible setting, they relax envy-freeness to EF1. They show that strategyproofness is incompatible with PO+EF1 or with PO+proportionality. However, a mechanism called SequentialMinMax satisfies efficiency, proportionality and EF1. Wang, Li and Liang present DRFH - an extension of DRF to a system with several heterogeneous servers. == Implementation == DRF was first implemented in Apache Mesos - a cluster resource manager, and it led to better throughput and fairness than previously used fair-sharing schemes.
Read more →
Color gradient

In color science, a color gradient (also known as a color ramp or a color progression) specifies a range of position-dependent colors, usually used to fill a region. In assigning colors to a set of values, a gradient is a continuous colormap, a type of color scheme. In computer graphics, the term swatch has come to mean a palette of active colors. == Definitions == Color gradient is a set of colors arranged in a linear order (ordered) A continuous colormap is a curve through a colorspace === Strict definition === A colormap is a function which associate a real value r with point c in color space C {\displaystyle C} f : [ r m i n , r m a x ] ⊂ R → C {\displaystyle f:[r_{min},r_{max}]\subset \mathbf {R} \to C} which is defined by: a colorspace C an increasing sequence of sampling points r 0 < . . . < r m ∈ [ r m i n , r m a x ] {\displaystyle r_{0}<... Read more →
Unfold (app)

Unfold is a mobile application that allows users to create social media content using a variety of templates and other tools. It was founded in 2018 by Alfonso Cobo and Andy McCune. It enables users to add photos, video, and text with a variety of tools. In 2019, Unfold was acquired by Squarespace. == History == In January 2017, Alfonso Cobo was studying at Parsons School of Design when he realized there was no software or app that could create a portfolio of his work on an iPad. Cobo created an app called Portfolio, a basic version of a portfolio layout app, and the first one to exist for iPad. He launched it in 2017. After launching the first version of Portfolio, Cobo realized the more popular market and use case was on mobile. Around that time, Instagram was launching Stories. As a result, Cobo pivoted the app away from portfolios and instead focused on an app to showcase one's stories. Cobo later contacted Andy McCune, founder of social media account Earth, to collaborate with Unfold. Unfold also partnered with various companies to create custom templates. These include Equinox, Tommy Hilfiger, NARS, Billboard Music Awards, and Product Red. Unfold also launched a collection of Product Red templates to help eliminate HIV/AIDS in several African countries. In 2019, Squarespace acquired Unfold. The Unfold app has been downloaded over 60 million times and has been used to create over 1 billion Instagram stories. == Features == With Unfold, users can utilize hundreds of templates to make social content for social media platforms such as Instagram, Snapchat, and Facebook. The free app offers users basic templates and standard fonts, filters, and stickers, and there are also premium templates available for a monthly subscription. With Unfold+ and Unfold Pro (previously Unfold for Brands), users can access premium templates and tools, as well as upload custom brand assets and fonts. In 2020, Unfold launched Bio Sites, which allows users to link to multiple sites and platforms.
Read more →
Secure environment

In computing, a secure environment is any system which implements the controlled storage and use of information. In the event of computing data loss, a secure environment is used to protect personal or confidential data. It may also be known as a trusted execution environment (TEE). Often, secure environments employ cryptography as a means to protect information. This is typically used for processing confidential or restricted information. Some secure environments employ cryptographic hashing, simply to verify that the information has not been altered since it was last modified.
Read more →
Image subtraction

Image subtraction or pixel subtraction or difference imaging is an image processing technique whereby the digital numeric value of one pixel or whole image is subtracted from another image, and a new image generated from the result. This is primarily done for one of two reasons – levelling uneven sections of an image such as half an image having a shadow on it, or detecting changes between two images. This method can show things in the image that have changed position, brightness, color, or shape. For this technique to work, the two images must first be spatially aligned to match features between them, and their photometric values and point spread functions must be made compatible, either by careful calibration, or by post-processing (using color mapping). The complexity of the pre-processing needed before differencing varies with the type of image, but is essential to ensure good subtraction of static features. This is commonly used in fields such as time-domain astronomy (known primarily as difference imaging) to find objects that fluctuate in brightness or move. In automated searches for asteroids or Kuiper belt objects, the target moves and will be in one place in one image, and in another place in a reference image made an hour or day later. Thus, image processing algorithms can make the fixed stars in the background disappear, leaving only the target. Distinct families of astronomical image subtraction techniques have emerged, operating in both image space or frequency space, with distinct trade-offs in both quality of subtraction and computational cost. These algorithms lie at the heart of almost all modern (and upcoming) transient surveys, and can enable the detection of even faint supernovae embedded in bright galaxies. Nevertheless, in astronomical imaging, significant 'residuals' remain around bright, complex sources, necessitating further algorithmic steps to identify candidates (known as real-bogus classification) The Hutchinson metric can be used to "measure of the discrepancy between two images for use in fractal image processing".
Read more →
Secure coding

Secure coding is the practice of developing computer software in such a way that guards against the accidental introduction of security vulnerabilities. Defects, bugs and logic flaws are consistently the primary cause of commonly exploited software vulnerabilities. Through the analysis of thousands of reported vulnerabilities, security professionals have discovered that most vulnerabilities stem from a relatively small number of common software programming errors. By identifying the insecure coding practices that lead to these errors and educating developers on secure alternatives, organizations can take proactive steps to help significantly reduce or eliminate vulnerabilities in software before deployment. Some scholars have suggested that in order to effectively confront threats related to cybersecurity, proper security should be coded or "baked in" to the systems. With security being designed into the software, this ensures that there will be protection against insider attacks and reduces the threat to application security. Implementing secure coding practices is part of the secure by design approach to security engineering. == Buffer-overflow prevention == Buffer overflows, a common software security vulnerability, happen when a process tries to store data beyond a fixed-length buffer. For example, if there are 8 slots to store items in, there will be a problem if there is an attempt to store 9 items. In computer memory the overflowed data may overwrite data in the next location which can result in a security vulnerability (stack smashing) or program termination (segmentation fault). An example of a C program prone to a buffer overflow is If the user input is larger than the destination buffer, a buffer overflow will occur. To fix this unsafe program, use strncpy to prevent a possible buffer overflow. Another secure alternative is to dynamically allocate memory on the heap using malloc. In the above code snippet, the program attempts to copy the contents of src into dst, while also checking the return value of malloc() to ensure that enough memory was able to be allocated for the destination buffer. == Format-string attack prevention == A Format String Attack is when a malicious user supplies specific inputs that will eventually be entered as an argument to a function that performs formatting, such as printf(). The attack involves the adversary reading from or writing to the stack. The C printf function writes output to stdout. If the parameter of the printf function is not properly formatted, several security bugs can be introduced. Below is a program that is vulnerable to a format string attack. A malicious argument passed to the program could be "%s%s%s%s%s%s%s", which can crash the program from improper memory reads. == Integer-overflow prevention == Integer overflow occurs when an arithmetic operation results in an integer too large to be represented within the available space. A program which does not properly check for integer overflow introduces potential software bugs and exploits. Below is a function in C++ which attempts to confirm that the sum of x and y is less than or equal to a defined value MAX: The problem with the code is it does not check for integer overflow on the addition operation. If the sum of x and y is greater than the maximum possible value of an unsigned int, the addition operation will overflow and perhaps result in a value less than or equal to MAX, even though the sum of x and y is greater than MAX. Below is a function which checks for overflow by confirming the sum is greater than or equal to both x and y. If the sum did overflow, the sum would be less than x or less than y. == Path traversal prevention == Path traversal is a vulnerability whereby paths provided from an untrusted source are interpreted in such a way that unauthorised file access is possible. For example, consider a script that fetches an article by taking a filename, which is then read by the script and parsed. Such a script might use the following hypothetical URL to retrieve an article about dog food: https://www.example.net/cgi-bin/article.sh?name=dogfood.html If the script has no input checking, instead trusting that the filename is always valid, a malicious user could forge a URL to retrieve configuration files from the web server: https://www.example.net/cgi-bin/article.sh?name=../../../../../etc/passwd Depending on the script, this may expose the /etc/passwd file, which on Unix-like systems contains (among others) user IDs, their login names, home directory paths and shells. (See SQL injection for a similar attack.) == Regulatory drivers == Secure coding practices are increasingly mandated by regulatory frameworks governing the development and maintenance of software systems that process sensitive data. The Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires covered entities to protect the integrity of protected health information through technical safeguards under 45 CFR 164.312(c)(1) and to implement mechanisms to authenticate electronic protected health information under 45 CFR 164.312(c)(2). The Payment Card Industry Data Security Standard (PCI DSS) version 4.0 Requirement 6.2 mandates that custom software is developed securely, including training developers in secure coding techniques (6.2.2), reviewing custom code for vulnerabilities before release (6.2.3), and addressing common software attacks in development practices (6.2.4).
Read more →
Rejoyn

Rejoyn is a prescription-only digital therapeutic smartphone app approved by the US FDA for the treatment of major depressive disorder (MDD) in adults ages 22 and up. It is prescribed in conjunction with standard antidepressant medication and professional guidance and support. Rejoyn was developed by Click Therapeutics and Otsuka America Pharmaceutical Inc., and gained FDA clearance as a "medical device" on March 30th, 2024. The smartphone app helps patients with depression using exercises based on cognitive behavioral therapy (CBT) along with timed notifications to keep the patient engaged and in treatment. Randomized controlled trials showed that the Rejoyn app was more effective at relieving depression symptoms compared to a "sham app", a placebo app that required similar effort but was not intended to be helpful. Dr. John Torous, MD, MBI,[a] a psychiatrist at the Beth Israel Deaconess Medical Center in Boston, said that the app seems to pose minimal risks, and is an important step forward in unlocking the power of smartphones in treating psychiatric disorders. Some experts have signaled that the claims should be taken with caution, since the app was "tested only in a narrow subset of patients." and its benefits are "not statistically significant," according to the study’s primary outcome."
Read more →
Jeremy Renner Official

Jeremy Renner Official (or Jeremy Renner on the Google Play Store) was a mobile app created by American actor Jeremy Renner. He created the app in March 2017 to hear the input and comments of his fans. The app was shut down in September 2019 in part due to the frequent bullying and trolling that the platform had experienced. The app featured optional microtransactions, with some ranging up to roughly US$400 despite the app itself being free. Upon shutting down the app, Renner issued a mass-refund for the collectible "stars" in the app for purchases made within the last ninety days, from the day the announcement was posted. He then posted an apology to the app itself, and the app was deleted from both the Google Play Store and the App Store shortly after. == Usage == Upon downloading the app, the user was faced with a video of Renner speaking about his fans and superfans, regular giveaways, and real-life updates. While the app was active, Renner posted regular questions and comments for fans. Renner occasionally livestreamed about his work and day-to-day life. The community developed to include memes, selfies, and a "Happy Rennsday" event on Wednesdays. == History == === 2017–2019 === The app launched in March 2017 with a promotional contest. Renner's fans were encouraged to download the app and create comments about being Renner's biggest fan; Renner would then choose a winner and transport the winner and a guest to have lunch with him at the Calgary Expo. In the first few months Renner teased behind-the-scenes of projects he was working on, which he now sporadically does on Instagram. The app was similarly designed to Instagram as well, with a near identically styled layout. Around midway through 2019, a hoax account of Renner was made to mock the celebrity, joking about masturbating to porn and defending another hoax account of Casey Anthony. FastCompany wrote extensively about Renner's app in April 2019, calling it "a surprising new kind of social media". The Ringer stated "Jeremy Renner's Jeremy Renner app is the Jeremy Renner of apps." === After deletion (2019–2020) === After the shutdown of the app, a comedy-based pseudo-app with modular endings was released, called "The Jeremy Renner App Experience", in which the player plays as Jeremy Renner on the day of the Jeremy Renner Official app's shutdown. The app details several different choices on how Renner handles the situation. A six-part podcast was also created to mock the app's deletion, called The Renner Files, featuring Carolyn Goldfarb and Sarah Ramos. == Controversies == === Marketing === One of the main controversies of Renner's app was its marketing. The app's developers, Escapex, specialized in and grew famous for making similar monetized apps for celebrities. The marketing campaign was based on direct contact with Renner, whose chances were increased with regular payments for "stars", although very few encounters seemed to happen with Renner himself. The multiple problems with the app led the CEO of Escapex, Sephi Shapira, to call the app a "freak situation", and added "Am I concerned about this? Not more than I'm concerned about 50 other things I'm dealing with as a startup company." Along with the marketing failures, the app was seen as misrepresenting itself as seemingly erotic with some advertisements featuring Renner suggestively staring at the camera, despite the actual app being initially considered safe for children. === Harassment === After its release in 2017, the app was met with waves of harassment and bullying by many users on the app, most frequently by using impersonation — referenced in Renner's apology/deletion notice. Some death threats were made across the app by fraud accounts pretending to be several controversial celebrities, including O. J. Simpson and Casey Anthony. As early as October 2017, there were claims of censorship, bullying, and "contest-rigging". In September 2019, comedian Stefan Heck publicized his discovery of the fact that replies through the app appeared as if they were sent by Renner himself in push notifications. After several users abused this feature, Renner asked Escapex to shut down the app.
Read more →
Yahoo Mail

Yahoo! Mail (also written as Yahoo Mail) is a mailbox provider by Yahoo. It is one of the largest email services worldwide, with 225 million users. It is accessible via a web browser (webmail), mobile app, or through third-party email clients via the POP, SMTP, and IMAP protocols. Users can also connect non-Yahoo e-mail accounts to their Yahoo Mail inbox. The service was launched on October 8, 1997. The service is free for personal use, with an optional monthly fee for additional features. It is also available in several languages other than English. == History == === 1997–2002 === On October 8, 1997, Yahoo announced its acquisition of online communications company Four11 for $92 million in stock. As part of the purchase, Yahoo received Four11's RocketMail webmail service. Yahoo Mail, based on the RocketMail technology, launched at the same time. Yahoo! chose acquisition rather than internal platform development, because, as Healy said, "Hotmail was growing at thousands and thousands users per week. We did an analysis. For us to build, it would have taken four to six months, and by then, so many users would have taken an email account. The speed of the market was critical." On March 21, 2002, Yahoo! eliminated free software client access and introduced the $29.99 per year Mail Forwarding Service. Mary Osako, a Yahoo! Spokeswoman, told CNET, "For-pay services on Yahoo!, originally launched in February 1999, have experienced great acceptance from our base of active registered users, and we expect this adoption to continue to grow." === 2002–2010 === During 2002, the Yahoo network was gradually redesigned, including the company website, Yahoo Mail and other services. Along with the new design, new features were implemented, including drop-down menus in DHTML and keyboard shortcuts. On July 9, 2004, Yahoo! acquired Oddpost, a webmail service which simulated a desktop email client. Oddpost had features such as drag-and-drop support, right-click menus, RSS feeds, a preview pane, and increased speed using email caching to shorten response time. Many of the features were incorporated into an updated Yahoo! Mail service. ==== Competition ==== On April 1, 2004, Google announced its Gmail service with 1 GB of storage, although Gmail's invitation-only accounts kept the other webmail services at the forefront. Most major webmail providers, including Yahoo! Mail, increased their mailbox storage in response. Yahoo! first announced 100 MB of storage for basic accounts and 2 GB of storage for premium users. However, soon Yahoo Mail increased its free storage quota to 1 GB, before eventually allowing unlimited storage from March 27, 2007, until October 8, 2013. === 2011–2021 === In May 2011, Yahoo Mail rolled out a new interface. It included updated design, enhanced performance, and improved Facebook integration. In 2013, Yahoo! redesigned the site and removed several features, such as simultaneously opening multiple emails in tabs, sorting by sender name, and dragging mails to folders. The new email interface was geared to give an improved user-experience for mobile devices, but was criticized for having an inferior desktop interface. Many users objected to the unannounced nature of the changes through an online post asking Yahoo! to bring back mail tabs with one hundred thousand voting and nearly ten thousand commenting. The redesign produced a problem that caused an unknown number of users to lose access to their accounts for several weeks. In December 2013, Yahoo! Mail suffered a major outage where approximately one million users, one percent of the site's total users, could not access their emails for several days. Yahoo!'s then-CEO Marissa Mayer publicly apologized to the site's users. China Yahoo Mail announced in April 2013 that it would shut down that August as part of Yahoo ceasing services in China since acquiring a stake in Alibaba in 2005. Users with email address suffixes @yahoo.com.cn and @yahoo.cn could transfer their accounts to AliCloud to continue receiving messages through the end of 2014. In January 2014, an undisclosed number of usernames and passwords were released to hackers, following a security breach that Yahoo! believed had occurred through a third-party website. Yahoo! contacted affected users and requested that passwords be changed. In October 2015, Yahoo! updated the mail service with a "more subtle" redesign, as well as improved mobile features. The same release introduced the Yahoo! Account Key, a smartphone-based replacement for password logins. The app also added support for third-party mail accounts. In 2017, Yahoo! again redesigned the web interface with a "more minimal" look, and introduced the option to customize it with different color themes and layouts. In 2019, Yahoo released a redesigned Yahoo Mail app to organize user inboxes, introducing features including a one-tap unsubscribe tool, package tracking, and travel updates. In 2020, Yahoo Mail users were able to fill Walmart shopping carts directly from their inboxes, an industry first. Yahoo! also added a feature to view NFL matches. === 2022–present === In 2022, updates to the Yahoo Mail mobile app added tools to help manage receipts, gift cards, and subscriptions. AI-based additions in 2023 included a feature that automates tracking coupon codes and credits for online shopping, as well as updates to search suggestions, message summaries and AI writing assistance. In 2024, updates to the desktop interface added more AI-based features, including a "priority inbox" tab with automatically generated summaries of important messages and automated suggestions of next actions based on message contents. In February 2025, Yahoo aired its first Super Bowl ad since 2002, in which Bill Murray invited viewers to contact him at his Yahoo Mail email address ([email protected]). The address received nearly 150,000 emails in the first two hours after broadcast. In June 2025, Yahoo Mail introduced a "Catch Up" feature that provides AI-generated summaries and email previews and prompts users to choose to delete or retain each one. As part of the feature's launch, Yahoo Mail collaborated with streetwear brand Anti Social Social Club on an apparel release. == User interface == As many as three web interfaces were available at any given time. The traditional "Yahoo! Mail Classic" preserved the availability of their original 1997 interface until July 2013 in North America. A 2005 version included a new Ajax interface, drag-and-drop, improved search, keyboard shortcuts, address auto-completion, and tabs. However, other features were removed, such as column widths and one click delete-move-to-next. In October 2010, Yahoo! released a beta version of Yahoo! Mail, which included improvements to performance, search, and Facebook integration. In May 2011, this became the default interface. Their current Webmail interface was introduced in 2017. == Spam policy == Yahoo! Mail is often used by spammers to provide a "remove me" email address. Often, these addresses are used to verify the recipient's address, thus opening the door for more spam. Yahoo! does not tolerate this practice and terminates accounts connected with spam-related activities without warning, causing spammers to lose access to any other Yahoo! services connected with their ID under the Terms of Service. Additionally, Yahoo! stresses that its servers are based in California and any spam-related activity which uses its servers could potentially violate that state's anti-spam laws. In February 2006, Yahoo! announced its decision (along with AOL) to give some organizations the option to "certify" mail by paying up to one cent for each outgoing message, allowing the mail in question to bypass inbound spam filters. Few mailers used it and, Goodmail, the company running the certification process, shut down in 2011. === Filters === In order to prevent abuse, in 2002 Yahoo! Mail activated filters which changed certain words (that could trigger unwanted JavaScript events) and word fragments into other words. "mocha" was changed to "espresso", "expression" became "statement", and "eval" (short for "evaluation") became "review". This resulted in many unintended corrections, such as "prevent" (prevalent), "revalidation" (evaluation) and "media review" (medieval). When asked about these changes, Yahoo! explained that the changed words were common terms used in their privacy dashboard and were blacklisted to prevent hackers from sending damaging commands via the program's HTML function. Starting before February 7, 2006, Yahoo! Mail ended the practice, and began to add an underscore as a prefix to certain suspicious words and word fragments. === Greylisting === Incoming mail to Yahoo! addresses can be subjected to deferred delivery as part of Yahoo's incoming spam controls. This can delay delivery of mail sent to Yahoo! addresses without the sender or recipients being aware of it. The deferral is typically of short duration, but
Read more →
Molecular graphics

Molecular graphics is the discipline and philosophy of studying molecules and their properties through graphical representation. IUPAC limits the definition to representations on a "graphical display device". Ever since Dalton's atoms and Kekulé's benzene, there has been a rich history of hand-drawn atoms and molecules, and these representations have had an important influence on modern molecular graphics. Colour molecular graphics are often used on chemistry journal covers artistically. == History == Prior to the use of computer graphics in representing molecular structure, Robert Corey and Linus Pauling developed a system for representing atoms or groups of atoms from hard wood on a scale of 1 inch = 1 angstrom connected by a clamping device to maintain the molecular configuration. These early models also established the CPK coloring scheme that is still used today to differentiate the different types of atoms in molecular models (e.g. carbon = black, oxygen = red, nitrogen = blue, etc). This early model was improved upon in 1966 by W.L. Koltun and are now known as Corey-Pauling-Koltun (CPK) models. The earliest efforts to produce models of molecular structure was done by Project MAC using wire-frame models displayed on a cathode ray tube in the mid 1960s. In 1965, Carroll Johnson distributed the Oak Ridge thermal ellipsoid plot (ORTEP) that visualized molecules as a ball-and-stick model with lines representing the bonds between atoms and ellipsoids to represent the probability of thermal motion. Thermal ellipsoid plots quickly became the de facto standard used in the display of X-ray crystallography data, and are still in wide use today. The first practical use of molecular graphics was a simple display of the protein myoglobin using a wireframe representation in 1966 by Cyrus Levinthal and Robert Langridge working at Project MAC. Among the milestones in high-performance molecular graphics was the work of Nelson Max in "realistic" rendering of macromolecules using reflecting spheres. Initially much of the technology concentrated on high-performance 3D graphics. During the 1970s, methods for displaying 3D graphics using cathode ray tubes were developed using continuous tone computer graphics in combination with electro-optic shutter viewing devices. The first devices used an active shutter 3D system, generating different perspective views for the left and right channel to provide the illusion of three-dimensional viewing. Stereoscopic viewing glasses were designed using lead lanthanum zirconate titanate (PLZT) ceramics as electronically controlled shutter elements. Active 3D glasses require batteries and work in concert with the display to actively change the presentation by the lenses to the wearer's eyes. Many modern 3D glasses use a passive, polarized 3D system that enables the wearer to visualize 3D effects based on their own perception. Passive 3D glasses are more common today since they are less expensive. The requirements of macromolecular crystallography also drove molecular graphics because the traditional techniques of physical model-building could not scale. The first two protein structures solved by molecular graphics without the aid of the Richards' Box were built with Stan Swanson's program FIT on the Vector General graphics display in the laboratory of Edgar Meyer at Texas A&M University: First Marge Legg in Al Cotton's lab at A&M solved a second, higher-resolution structure of staph. nuclease (1975) and then Jim Hogle solved the structure of monoclinic lysozyme in 1976. A full year passed before other graphics systems were used to replace the Richards' Box for modelling into density in 3-D. Alwyn Jones' FRODO program (and later "O") were developed to overlay the molecular electron density determined from X-ray crystallography and the hypothetical molecular structure. === Timeline === == Types == === Ball-and-stick models === In the ball-and-stick model, atoms are drawn as small sphered connected by rods representing the chemical bonds between them. === Space-filling models === In the space-filling model, atoms are drawn as solid spheres to suggest the space they occupy, in proportion to their van der Waals radii. Atoms that share a bond overlap with each other. === Surfaces === In some models, the surface of the molecule is approximated and shaded to represent a physical property of the molecule, such as electronic charge density. === Ribbon diagrams === Ribbon diagrams are schematic representations of protein structure and are one of the most common methods of protein depiction used today. The ribbon shows the overall path and organization of the protein backbone in 3D, and serves as a visual framework on which to hang details of the full atomic structure, such as the balls for the oxygen atoms bound to the active site of myoglobin in the adjacent image. Ribbon diagrams are generated by interpolating a smooth curve through the polypeptide backbone. α-helices are shown as coiled ribbons or thick tubes, β-strands as arrows, and non-repetitive coils or loops as lines or thin tubes. The direction of the polypeptide chain is shown locally by the arrows, and may be indicated overall by a colour ramp along the length of the ribbon.
Read more →
Insider threat

An insider threat is a perceived threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems. == Overview == Insiders may have accounts giving them legitimate access to computer systems, with this access originally having been given to them to serve in the performance of their duties; these permissions could be abused to harm the organization. Insiders are often familiar with the organization's data and intellectual property as well as the methods that are in place to protect them. This makes it easier for the insider to circumvent any security controls of which they are aware. Physical proximity to data means that the insider does not need to hack into the organizational network through the outer perimeter by traversing firewalls; rather they are in the building already, often with direct access to the organization's internal network. Insider threats are harder to defend against than attacks from outsiders, since the insider already has legitimate access to the organization's information and assets. An insider may attempt to steal property or information for personal gain or to benefit another organization or country. The threat to the organization could also be through malicious software left running on its computer systems by former employees, a so-called logic bomb. == Research == Insider threat is an active area of research in academia and government. The CERT Coordination Center at Carnegie-Mellon University maintains the CERT Insider Threat Center, which includes a database of more than 850 cases of insider threats, including instances of fraud, theft and sabotage; the database is used for research and analysis. CERT's Insider Threat Team also maintains an informational blog to help organizations and businesses defend themselves against insider crime. The Threat Lab and Defense Personnel and Security Research Center (DOD PERSEREC) has also recently emerged as a national resource within the United States of America. The Threat Lab hosts an annual conference, the SBS Summit. They also maintain a website that contains resources from this conference. Complimenting these efforts, a companion podcast was created, Voices from the SBS Summit. In 2022, the Threat Lab created an interdisciplinary journal, Counter Insider Threat Research and Practice (CITRAP) which publishes research on insider threat detection. === Findings === In the 2022 Data Breach Investigations Report (DBIR), Verizon found that 82% of breaches involved the human element, noting that employees continue to play a leading role in cybersecurity incidents and breaches. According to the UK Information Commissioners Office, 90% of all breaches reported to them in 2019 were the result of mistakes made by end users. This was up from 61% and 87% over the previous two years. A 2018 whitepaper reported that 53% of companies surveyed had confirmed insider attacks against their organization in the previous 12 months, with 27% saying insider attacks have become more frequent. A report published in July 2012 on the insider threat in the U.S. financial sector gives some statistics on insider threat incidents: 80% of the malicious acts were committed at work during working hours; 81% of the perpetrators planned their actions beforehand; 33% of the perpetrators were described as "difficult" and 17% as being "disgruntled". The insider was identified in 74% of cases. Financial gain was a motive in 81% of cases, revenge in 23% of cases, and 27% of the people carrying out malicious acts were in financial difficulties at the time. The US Department of Defense Personnel Security Research Center published a report that describes approaches for detecting insider threats. Earlier it published ten case studies of insider attacks by information technology professionals. Cybersecurity experts believe that 38% of negligent insiders are victims of a phishing attack, whereby they receive an email that appears to come from a legitimate source such as a company. These emails normally contain malware in the form of hyperlinks. == Typologies and ontologies == Multiple classification systems and ontologies have been proposed to classify insider threats. Traditional models of insider threat identify three broad categories: Malicious insiders, which are people who take advantage of their access to inflict harm on an organization; Negligent insiders, which are people who make errors and disregard policies, which place their organizations at risk; and Infiltrators, who are external actors that obtain legitimate access credentials without authorization. == Criticisms == Insider threat research has been criticized. Critics have argued that insider threat is a poorly defined concept. Forensically investigating insider data theft is notoriously difficult, and requires novel techniques such as stochastic forensics. Data supporting insider threat is generally proprietary (i.e., encrypted data). Theoretical/conceptual models of insider threat are often based on loose interpretations of research in the behavioral and social sciences, using "deductive principles and intuitions of subject matter expert." Adopting sociotechnical approaches, researchers have also argued for the need to consider insider threat from the perspective of social systems. Jordan Schoenherr said that "surveillance requires an understanding of how sanctioning systems are framed, how employees will respond to surveillance, what workplace norms are deemed relevant, and what ‘deviance’ means, e.g., deviation for a justified organization norm or failure to conform to an organizational norm that conflicts with general social values." By treating all employees as potential insider threats, organizations might create conditions that lead to insider threats. == Sector-specific concerns == === Healthcare === The healthcare industry faces particularly acute insider threat risks due to the large number of workforce members who require access to sensitive patient records for legitimate clinical purposes. The U.S. Department of Health and Human Services has identified unauthorized access by insiders, including workforce snooping on patient records and theft of protected health information for identity fraud, as a persistent enforcement concern. The Health Insurance Portability and Accountability Act (HIPAA) Security Rule addresses insider threats through several administrative safeguards, including workforce security procedures requiring covered entities to implement policies for authorizing and supervising workforce members who work with electronic protected health information, as well as termination procedures to revoke access when employment ends (45 CFR 164.308(a)(3)). The rule also requires audit controls to record and examine information system activity (45 CFR 164.312(b)), enabling detection of unauthorized access by insiders. The December 2024 Notice of proposed rulemaking (NPRM) to overhaul the HIPAA Security Rule would strengthen insider threat defenses by mandating role-based access controls, requiring notification of relevant workforce members within 24 hours of any changes to access privileges, and requiring regular review of audit logs to detect anomalous access patterns.
Read more →