AI Data Flow Diagram Generator

AI Data Flow Diagram Generator — independent reviews, comparisons, pricing and step-by-step guides on Aizhi.

Fling (social network)

Fling was a social media app available for IOS and Android. It was founded in 2014 by Marco Nardone and was taken offline in August 2016. == Overview == In 2012, Marco Nardone founded the startup Unii and launched Unii.com, a social network intended for students in the UK. While working on this service, Nardone had the idea for a messaging service where pictures could be sent to strangers in January 2014. The app Fling was then developed and released between March and July 2014. After a month, it already had 375,000 downloads and 180,000 active users on iOS. Users were able to take pictures inside the app and send them to 50 random people all over the world. The recipient could then choose to answer via chat or reply by sending a picture themselves. The app was used by many users as a medium to exchange sexually explicit pictures and for sexting with strangers. This led to the app being removed from the App Store in June 2015. In the 19 days that followed, flings developers rewrote the App almost completely from scratch, working around the clock. The feature to message random strangers was removed, and the app was readmitted into the App Store as a messenger App resembling Snapchat. But the redesigned Application did not have the success of its predecessor. The funding ran out and the parent company Unii went bankrupt. The company was not able to pay their content moderation team anymore, leading to a new surge of pornographic content on the App. Shortly after that, the Social Network was taken offline in August 2016. It has been inactive since. During the 2 years Fling was online, $21 million was raised from investors while generating no revenue at all. Of this $21 million (£16.5m), £5 million came from Nardone's father. == Allegations against CEO == Former employees made multiple allegations against Marco Nardone, the Founder and CEO of Unii and Fling. According to these claims, he behaved erratic and abusive, throwing "things across the office". He hired his girlfriend as the head of human resources to handle issues between him and his staff. Employees who left the company often had "some part of their pay held back". According to the reports, he also spent the money raised from investors irresponsibly, having no clear concept of a budget. Some of that money was used on expensive restaurants in London, a luxurious office for CEO Nardone and advertisements for Fling on Twitter and Facebook. Nardone also spent time partying in Ibiza with two employees, while the developer team in London frantically tried to get Fling back online after it being removed from the App Store. In December 2017 he pleaded guilty to assaulting his girlfriend at a domestic violence court.
Read more →
Spotify Kids

Spotify Kids is a Swedish kid-friendly Music streaming service developed by Spotify. It offers curated content for children, including music, audiobooks, lullabies, and bedtime stories, while providing their parents with parental controls. The service is only available to subscribers to Spotify's Premium Family subscription plan. == Function == Spotify Kids is a Swedish Kid-friendly Music Streaming Service that allows children to browse Spotify with parental controls. Using the app, parents can view their children's listening history, block specific songs, and share playlists with their children. The app also includes sing-along songs, playlists designed for young children, and curated audiobooks, lullabies, and bedtime stories. Access is included in Spotify's Premium Family subscription plan, and is exclusive to subscribers to the plan. Users can configure the app for a specific age group upon first launch. The playlists on Spotify Kids are curated by groups including Discovery Kids, Nickelodeon, Universal Pictures, and The Walt Disney Company. All content on the Spotify Kids app is curated by editors. As of March 2021, there were roughly 8,000 songs available on the platform. The design of the Spotify Kids app is colorful, and user interface varies depending on the age group for which the app is configured. Spotify Kids is designed to comply with consent and data collection regulations for apps used by children. TechCrunch explains that it is "designed on a grand scale to drive subscriptions to Spotify's top-tier $14.99-per-month Premium Family Plan." == Release == After being beta tested in Ireland in October 2019, it was released as a beta across the United Kingdom on February 11, 2020. It was later released in Sweden, Denmark, Australia, New Zealand, Mexico, Argentina, and Brazil. On March 31, 2021, it was made available in France, Canada, and the United States.
Read more →
Mobile Passport Control

Mobile Passport Control (MPC) is a mobile app that enables eligible travelers entering the United States to submit their passport information and customs declaration form to Customs and Border Protection via smartphone or tablet and go through the inspections process using an expedited lane. It is available to "U.S. citizens, U.S. lawful permanent residents, Canadian B1/B2 citizen visitors and returning Visa Waiver Program travelers with approved ESTA". The app is available on iOS and Android devices and is operational at 34 US airports, 14 international airports offering preclearance facilities, and 4 seaports. The use of Mobile Passport Control operations have increased threefold from 2016 to 2017. == History == Mobile Passport Control operations were launched in Atlanta at the Hartsfield-Jackson International Airport in 2016 and is now available at 34 U.S. airports, 14 international airports that offer preclearance and 4 U.S. cruise ports. The Mobile Passport app is authorized by CBP and sponsored by the Airports Council International-North America, Boeing, and the Port of Everglades. Airside Mobile, Inc. secured a Series A funding of $6 million in the fall of 2017. == How it works == During the customs process at the Federal Inspection Service (FIS) area of a U.S. airport, travelers arriving from international locations typically wait in long lines before presenting passports and paperwork and verbally answering questions made by CBP officials. Eligible travelers who have downloaded the Mobile Passport app can expedite this process by submitting information regarding their passport and trip details, and a newly-taken selfie, via their mobile device to CBP officials, then access an expedited line. Mobile Passport Control users will be required to show their physical passport(s) and briefly talk to a CBP officer. == Locations == === US airports === Atlanta (ATL) Baltimore (BWI) Boston (BOS) Charlotte (CLT) Chicago (ORD) Dallas/Ft Worth (DFW) Denver (DEN) Detroit (DTW) as of 7/2024 Ft. Lauderdale (FLL) Honolulu (HNL) Houston (HOU and IAH) Kansas City (MCI) Las Vegas (LAS) Los Angeles (LAX) Miami (MIA) Minneapolis (MSP) New York (JFK) Newark (EWR) Oakland (OAK) Orlando (MCO) Palm Beach (PBI) Philadelphia (PHL) Phoenix (PHX) Pittsburgh (PIT) Portland (PDX) Sacramento (SMF) San Diego (SAN) San Francisco (SFO) San Jose (SJC) San Juan (SJU) Seattle (SEA) Tampa (TPA) Washington Dulles (IAD) === International Preclearance locations === Abu Dhabi (AUH) Aruba (AUA) Bermuda (BDA) Calgary (YYC) Dublin (DUB) Edmonton (YEG) Halifax (YHZ) Montreal (YUL) Nassau (NAS) Ottawa (YOW) Shannon (SNN) Toronto (YYZ) Vancouver (YVR) Winnipeg (YWG) Sepinggan (BPN) === Seaports === Fort Lauderdale (PEV) Miami (MSE) San Juan (PUE) West Palm Beach (WPB)
Read more →
Kinematic chain

In mechanical engineering, a kinematic chain is an assembly of rigid bodies connected by joints to provide constrained motion that is the mathematical model for a mechanical system. As the word chain suggests, the rigid bodies, or links, are constrained by their connections to other links. An example is the simple open chain formed by links connected in series, like the usual chain, which is the kinematic model for a typical robot manipulator. Mathematical models of the connections, or joints, between two links are termed kinematic pairs. Kinematic pairs model the hinged and sliding joints fundamental to robotics, often called lower pairs and the surface contact joints critical to cams and gearing, called higher pairs. These joints are generally modeled as holonomic constraints. A kinematic diagram is a schematic of the mechanical system that shows the kinematic chain. The modern use of kinematic chains includes analysis of Linkages (mechanical), compliance that arises from flexure joints in precision mechanisms, link compliance in compliant mechanisms and micro-electro-mechanical systems, and cable compliance in cable robotic and tensegrity systems. == Mobility formula == The degrees of freedom, or mobility, of a kinematic chain is the number of parameters that define the configuration of the chain. A system of n rigid bodies moving in space has 6n degrees of freedom measured relative to a fixed frame. This frame is included in the count of bodies, so that mobility does not depend on link that forms the fixed frame. This means the degree-of-freedom of this system is M = 6(N − 1), where N = n + 1 is the number of moving bodies plus the fixed body. Joints that connect bodies impose constraints. Specifically, hinges and sliders each impose five constraints and therefore remove five degrees of freedom. It is convenient to define the number of constraints c that a joint imposes in terms of the joint's freedom f, where c = 6 − f. In the case of a hinge or slider, which are one-degree-of-freedom joints, have f = 1 and therefore c = 6 − 1 = 5. The result in general where d {\displaystyle d} is the degrees of freedom for the mobility of a kinematic chain formed from n moving links and j joints each with freedom fi, i = 1, 2, …, j, is given by M = d n − ∑ i = 1 j ( d − f i ) = d ( N − 1 − j ) + ∑ i = 1 j f i {\displaystyle M=dn-\sum _{i=1}^{j}(d-f_{i})=d(N-1-j)+\sum _{i=1}^{j}f_{i}} Where N is the total number of links and includes the fixed link. Spacial linkages used d = 6 {\displaystyle d=6} and planar linkages use d = 3 {\displaystyle d=3} . This result is known as the Chebychev–Grübler–Kutzbach criterion. == Analysis of kinematic chains == The constraint equations of a kinematic chain couple the range of movement allowed at each joint to the dimensions of the links in the chain, and form algebraic equations that are solved to determine the configuration of the chain associated with specific values of input parameters, called degrees of freedom. The constraint equations for a kinematic chain are obtained using rigid transformations [Z] to characterize the relative movement allowed at each joint and separate rigid transformations [X] to define the dimensions of each link. In the case of a serial open chain, the result is a sequence of rigid transformations alternating joint and link transformations from the base of the chain to its end link, which is equated to the specified position for the end link. A chain of n links connected in series has the kinematic equations, [ T ] = [ Z 1 ] [ X 1 ] [ Z 2 ] [ X 2 ] ⋯ [ X n − 1 ] [ Z n ] , {\displaystyle [T]=[Z_{1}][X_{1}][Z_{2}][X_{2}]\cdots [X_{n-1}][Z_{n}],\!} where [T] is the transformation locating the end-link—notice that the chain includes a "zeroth" link consisting of the ground frame to which it is attached. These equations are called the forward kinematics equations of the serial chain. Kinematic chains of a wide range of complexity are analyzed by equating the kinematics equations of serial chains that form loops within the kinematic chain. These equations are often called loop equations. The complexity (in terms of calculating the forward and inverse kinematics) of the chain is determined by the following factors: Its topology: a serial chain, a parallel manipulator, a tree structure, or a graph. Its geometrical form: how are neighbouring joints spatially connected to each other? Explanation Two or more rigid bodies in space are collectively called a rigid body system. We can hinder the motion of these independent rigid bodies with kinematic constraints. Kinematic constraints are constraints between rigid bodies that result in the decrease of the degrees of freedom of rigid body system. == Synthesis of kinematic chains == The constraint equations of a kinematic chain can be used in reverse to determine the dimensions of the links from a specification of the desired movement of the system. This is termed kinematic synthesis. Perhaps the most developed formulation of kinematic synthesis is for four-bar linkages, which is known as Burmester theory. Ferdinand Freudenstein is often called the father of modern kinematics for his contributions to the kinematic synthesis of linkages beginning in the 1950s. His use of the newly developed computer to solve Freudenstein's equation became the prototype of computer-aided design systems. This work has been generalized to the synthesis of spherical and spatial mechanisms.
Read more →
Jais (language model)

Jais is an open-source large language model launched in August 2023. Developed as a collaboration between Emirati AI company G42, the Mohamed bin Zayed University of Artificial Intelligence (MBZUAI), and US-based Cerebras Systems, Jais was designed to produce high-quality Arabic text and was also trained on English data. The model's creation was motivated by the underrepresentation of the Arabic language in the field of generative artificial intelligence. It aims to provide a more culturally and linguistically accurate model for the world's 400 million Arabic speakers. Its name is a reference to Jebel Jais, the highest mountain in the UAE. == Background and development == Jais was developed in response to the limited availability of advanced generative artificial intelligence models for the Arabic language, despite it being spoken by over 400 million people. Existing models were often trained on limited or low-quality Arabic web content, resulting in poor performance. The project represents a significant investment by the United Arab Emirates in the field of AI as part of its national strategy. The model was created through a partnership between Inception (now Core42), a subsidiary of the Abu Dhabi-based AI company G42; the Mohamed bin Zayed University of Artificial Intelligence (MBZUAI); and Cerebras Systems, a US company specializing in AI hardware. The model is named after Jebel Jais, the highest peak in the UAE. == Training == The initial version of Jais released in August 2023 had 13 billion parameters. In November 2023, Core42 released Jais 30B, an improved version with 30 billion parameters. Both models were trained on a subset of the Cerebras Condor Galaxy 1 supercomputer. The training dataset consisted of a mix of Arabic, English, and computer code. According to Timothy Baldwin, a professor of natural language processing at MBZUAI, training the model on a diverse Arabic dataset allows it to switch between dialects. == Features == Jais is designed to generate text in both English and Arabic. The project has also released instruction-tuned "Chat" variants for both the 13B and 30B models, which are specifically optimized for conversational applications. Additional functionality for working with images, graphs, and tabular data is planned for future releases.
Read more →
Datasource

A datasource or DataSource is a name given to the connection set up to a database from a server. The name is commonly used when creating a query to the database. The data source name (DSN) need not be the same as the filename for the database. For example, a database file named friends.mdb could be set up with a DSN of school. Then DSN school would be used to refer to the database when performing a query. == Sun's version of DataSource [1] == A factory for connections to the physical data source that this DataSource object represents. An alternative to the DriverManager facility, a DataSource object is the preferred means of getting a connection. An object that implements the DataSource interface will typically be registered with a naming service based on the Java Naming and Directory Interface (JNDI) API. The DataSource interface is implemented by a driver vendor. There are three types of implementations: Basic implementation — produces a standard Connection object Connection pooling implementation — produces a Connection object that will automatically participate in connection pooling. This implementation works with a middle-tier connection pooling manager. Distributed transaction implementation — produces a Connection object that may be used for distributed transactions and almost always participates in connection pooling. This implementation works with a middle-tier transaction manager and almost always with a connection pooling manager. A DataSource object has properties that can be modified when necessary. For example, if the data source is moved to a different server, the property for the server can be changed. The benefit is that because the data source's properties can be changed, any code accessing that data source does not need to be changed. A driver that is accessed via a DataSource object does not register itself with the DriverManager. Rather, a DataSource object is retrieved through a lookup operation and then used to create a Connection object. With a basic implementation, the connection obtained through a DataSource object is identical to a connection obtained through the DriverManager facility. == Sun's DataSource Overview [2] == A DataSource object is the representation of a data source in the Java programming language. In basic terms, a data source is a facility for storing data. It can be as sophisticated as a complex database for a large corporation or as simple as a file with rows and columns. A data source can reside on a remote server, or it can be on a local desktop machine. Applications access a data source using a connection, and a DataSource object can be thought of as a factory for connections to the particular data source that the DataSource instance represents. The DataSource interface provides two methods for establishing a connection with a data source. Using a DataSource object is the preferred alternative to using the DriverManager for establishing a connection to a data source. They are similar to the extent that the DriverManager class and DataSource interface both have methods for creating a connection, methods for getting and setting a timeout limit for making a connection, and methods for getting and setting a stream for logging. Their differences are more significant than their similarities, however. Unlike the DriverManager, a DataSource object has properties that identify and describe the data source it represents. Also, a DataSource object works with a Java Naming and Directory Interface (JNDI) naming service and can be created, deployed, and managed separately from the applications that use it. A driver vendor will provide a class that is a basic implementation of the DataSource interface as part of its Java Database Connectivity (JDBC) 2.0 or 3.0 driver product. What a system administrator does to register a DataSource object with a JNDI naming service and what an application does to get a connection to a data source using a DataSource object registered with a JNDI naming service are described later in this chapter. Being registered with a JNDI naming service gives a DataSource object two major advantages over the DriverManager. First, an application does not need to hardcode driver information, as it does with the DriverManager. A programmer can choose a logical name for the data source and register the logical name with a JNDI naming service. The application uses the logical name, and the JNDI naming service will supply the DataSource object associated with the logical name. The DataSource object can then be used to create a connection to the data source it represents. The second major advantage is that the DataSource facility allows developers to implement a DataSource class to take advantage of features like connection pooling and distributed transactions. Connection pooling can increase performance dramatically by reusing connections rather than creating a new physical connection each time a connection is requested. The ability to use distributed transactions enables an application to do the heavy duty database work of large enterprises. Although an application may use either the DriverManager or a DataSource object to get a connection, using a DataSource object offers significant advantages and is the recommended way to establish a connection. Since 1.4 Since Java EE 6 a JNDI-bound DataSource can alternatively be configured in a declarative way directly from within the application. This alternative is particularly useful for self-sufficient applications or for transparently using an embedded database. == Yahoo's version of DataSource [3] == A DataSource is an abstract representation of a live set of data that presents a common predictable API for other objects to interact with. The nature of your data, its quantity, its complexity, and the logic for returning query results all play a role in determining your type of DataSource. For small amounts of simple textual data, a JavaScript array is a good choice. If your data has a small footprint but requires a simple computational or transformational filter before being displayed, a JavaScript function may be the right approach. For very large datasets—for example, a robust relational database—or to access a third-party webservice you'll certainly need to leverage the power of a Script Node or XHR DataSource.
Read more →
Zynn

Zynn was a Chinese video-sharing social networking service owned by Kuaishou, a Beijing-based internet technology company established in 2011 by Su Hua and Cheng Yixiao. It was used to create and share short videos, and it pays its users for using the app and referring others. Zynn was launched on May 7, 2020. It became the most-downloaded app in the App Store in the same month. It has also been criticized for being a "pyramid scheme", and it has faced accusations of plagiarism and stealing content. Aside from Zynn in North America, Kuaishou is available under the name Kwai in Russia, South Korea, Japan, Thailand, Vietnam, Philippines, Malaysia, Indonesia, Brazil, America, India, and the Middle East. Kwai used to be available in Australia and the United States on the App Store, but was removed at an unknown date. Zynn was permanently shut down on the 20th of August, 2021. == History == In 2011, entrepreneur Su Hua co-founded Kuaishou with business partner Cheng Yixiao. Originally a GIF-making app, Kuaishou soon moved to short video content. Su Hua also serves as the current Kuaishou CEO. In December 2019, Chinese internet conglomerate Tencent invested $2 billion in Kuaishou, reportedly to compete with rival ByteDance. In December 2019, Kuaishou acquired an app developer called Owlii, which is the developer of Zynn. Zynn was developed to be a North American Market edition of Kuaishou. On May 7, 2020, the app was launched and it was downloaded over 2 million times in that month. On May 12, 2020, Kuaishou filed a lawsuit seeking compensation for "unfair competition", and accused Douyin, the sister app of TikTok, of "interfering" with search results on app stores. Zynn shut down on the 20th of August, 2021. == Features == Zynn allows its users to create, edit and share short videos of themselves. Its interface has been described as a "complete clone" of TikTok, its main competitor. The Zynn app was unique in the way that they paid users for using the platform. Each user earned $1 for signing up, and they could earn money for referring users to the platform. Watching videos resulted in earning "points", which could be redeemed for gift cards or be cashed out via PayPal.[1] == Criticisms and controversies == Multiple TikTok users had reported seeing their entire accounts plagiarized, with one account pretending to be Addison Rae. Despite being launched in May, many videos were posted in February. Zynn has employed "intermittent variable rewards" in its point system, which has been criticized as being the "same reinforcement strategy used to addict people to slot machines". Cash payouts for using the app have resulted in criticism and accusations of anti-competitive behavior. The app was taken down from the Google Play store on June 10. Zynn blamed it on an "isolated incident". Six days later, it was taken down from the App Store as well. US Senator Josh Hawley has criticized the platform, calling it "predatory" and "anti-competitive" in a letter to the Federal Trade Commission asking for an investigation into Zynn. He said "[Zynn] smacks of a textbook predatory-pricing scheme, one calculated to attain immediate market dominance for Zynn by driving competitors out of the market."
Read more →
Tuber (app)

Tuber (Chinese: Tuber浏览器) was a web browser mobile app developed by Shanghai Fengxuan Information Technology that allowed users within mainland China to view filtered versions of certain websites normally blocked by the Great Firewall. Filtered versions of websites such as Google, Facebook, Instagram, YouTube, Twitter, Netflix, IMDb, and Wikipedia could be viewed. The app was backed by cybersecurity company Qihoo 360 which served as the parent company. The app required phone number registration. Sensitive keywords were blocked by the app. On October 9, 2020, Global Times editor Rita Bai Yunyi tweeted that the move represented "a great step for China's opening up". The app was removed from China domestic app stores and operations ceased as of October 10, 2020. On October 12, when questioned by a Bloomberg News reporter on the topic, Foreign Ministry spokesperson Zhao Lijian replied, "This is not a diplomatic issue, and I do not have the relevant information you mentioned. China has always managed the Internet in accordance with the law. I suggest you ask the competent department for the specific situation."
Read more →
Software diagnosis

Software diagnosis (also: software diagnostics) refers to concepts, techniques, and tools that allow for obtaining findings, conclusions, and evaluations about software systems and their implementation, composition, behaviour, and evolution. It serves as means to monitor, steer, observe and optimize software development, software maintenance, and software re-engineering in the sense of a business intelligence approach specific to software systems. It is generally based on the automatic extraction, analysis, and visualization of corresponding information sources of the software system. It can also be manually done and not automatic. == Applications == Software diagnosis supports all branches of software engineering, in particular project management, quality management, risk management as well as implementation and test. Its main strength is to support all stakeholders of software projects (in particular during software maintenance and for software re-engineering tasks) and to provide effective communication means for software development projects. For example, software diagnosis facilitates "bridging an essential information gap between management and development, improve awareness, and serve as early risk detection instrument". Software diagnosis includes assessment methods for "perfective maintenance" that, for example, apply "visual analysis techniques to combine multiple indicators for low maintainability, including code complexity and entanglement with other parts of the system, and recent changes applied to the code". == Characteristics == In contrast to manifold approaches and techniques in software engineering, software diagnosis does not depend on programming languages, modeling techniques, software development processes or the specific techniques used in the various stages of the software development process. Instead, software diagnosis aims at analyzing and evaluating the software system in its as-is state and based on system-generated information to bypass any subjective or potentially outdated information sources (e.g., initial software models). For it, software diagnosis combines and relates sources of information that are typically not directly linked. Examples: Source-code metrics are related with software developer activity to gain insight into developer-specific effects on software code quality. System structure and run-time execution traces are correlated to facilitate program comprehension through dynamic analysis in software maintenance tasks. == Principles == The core principle of software diagnosis is to automatically extract information from all available information sources of a given software projects such as source code base, project repository, code metrics, execution traces, test results, etc. To combine information, software-specific data mining, analysis, and visualization techniques are applied. Its strength results, among various reasons, from integrating decoupled information spaces in the scope of a typical software project, for example development and developer activities (recorded by the repository) and code and quality metrics (derived by analyzing source code) or key performance indicators (KPIs). == Examples == Examples of software diagnosis tools include software maps and software metrics. == Critics == Software diagnosis—in contrast to many approaches in software engineering—does not assume that developer capabilities, development methods, programming or modeling languages are right or wrong (or better or worse compared to each other): Software diagnosis aims at giving insight into a given software system and its status regardless of the methods, languages, or models used to create and maintain the system. === Related subjects === Cost estimation in software engineering Programming productivity Rapid application development Software design Software development Software documentation Software map Software release life cycle Systems design Systems Development Life Cycle
Read more →
Secure coding

Secure coding is the practice of developing computer software in such a way that guards against the accidental introduction of security vulnerabilities. Defects, bugs and logic flaws are consistently the primary cause of commonly exploited software vulnerabilities. Through the analysis of thousands of reported vulnerabilities, security professionals have discovered that most vulnerabilities stem from a relatively small number of common software programming errors. By identifying the insecure coding practices that lead to these errors and educating developers on secure alternatives, organizations can take proactive steps to help significantly reduce or eliminate vulnerabilities in software before deployment. Some scholars have suggested that in order to effectively confront threats related to cybersecurity, proper security should be coded or "baked in" to the systems. With security being designed into the software, this ensures that there will be protection against insider attacks and reduces the threat to application security. Implementing secure coding practices is part of the secure by design approach to security engineering. == Buffer-overflow prevention == Buffer overflows, a common software security vulnerability, happen when a process tries to store data beyond a fixed-length buffer. For example, if there are 8 slots to store items in, there will be a problem if there is an attempt to store 9 items. In computer memory the overflowed data may overwrite data in the next location which can result in a security vulnerability (stack smashing) or program termination (segmentation fault). An example of a C program prone to a buffer overflow is If the user input is larger than the destination buffer, a buffer overflow will occur. To fix this unsafe program, use strncpy to prevent a possible buffer overflow. Another secure alternative is to dynamically allocate memory on the heap using malloc. In the above code snippet, the program attempts to copy the contents of src into dst, while also checking the return value of malloc() to ensure that enough memory was able to be allocated for the destination buffer. == Format-string attack prevention == A Format String Attack is when a malicious user supplies specific inputs that will eventually be entered as an argument to a function that performs formatting, such as printf(). The attack involves the adversary reading from or writing to the stack. The C printf function writes output to stdout. If the parameter of the printf function is not properly formatted, several security bugs can be introduced. Below is a program that is vulnerable to a format string attack. A malicious argument passed to the program could be "%s%s%s%s%s%s%s", which can crash the program from improper memory reads. == Integer-overflow prevention == Integer overflow occurs when an arithmetic operation results in an integer too large to be represented within the available space. A program which does not properly check for integer overflow introduces potential software bugs and exploits. Below is a function in C++ which attempts to confirm that the sum of x and y is less than or equal to a defined value MAX: The problem with the code is it does not check for integer overflow on the addition operation. If the sum of x and y is greater than the maximum possible value of an unsigned int, the addition operation will overflow and perhaps result in a value less than or equal to MAX, even though the sum of x and y is greater than MAX. Below is a function which checks for overflow by confirming the sum is greater than or equal to both x and y. If the sum did overflow, the sum would be less than x or less than y. == Path traversal prevention == Path traversal is a vulnerability whereby paths provided from an untrusted source are interpreted in such a way that unauthorised file access is possible. For example, consider a script that fetches an article by taking a filename, which is then read by the script and parsed. Such a script might use the following hypothetical URL to retrieve an article about dog food: https://www.example.net/cgi-bin/article.sh?name=dogfood.html If the script has no input checking, instead trusting that the filename is always valid, a malicious user could forge a URL to retrieve configuration files from the web server: https://www.example.net/cgi-bin/article.sh?name=../../../../../etc/passwd Depending on the script, this may expose the /etc/passwd file, which on Unix-like systems contains (among others) user IDs, their login names, home directory paths and shells. (See SQL injection for a similar attack.) == Regulatory drivers == Secure coding practices are increasingly mandated by regulatory frameworks governing the development and maintenance of software systems that process sensitive data. The Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires covered entities to protect the integrity of protected health information through technical safeguards under 45 CFR 164.312(c)(1) and to implement mechanisms to authenticate electronic protected health information under 45 CFR 164.312(c)(2). The Payment Card Industry Data Security Standard (PCI DSS) version 4.0 Requirement 6.2 mandates that custom software is developed securely, including training developers in secure coding techniques (6.2.2), reviewing custom code for vulnerabilities before release (6.2.3), and addressing common software attacks in development practices (6.2.4).
Read more →
Colour banding

Colour banding is a subtle form of posterisation in digital images, caused by the colour of each pixel being rounded to the nearest of the digital colour levels. While posterisation is often done for artistic effect, colour banding is an undesired artefact. In 24-bit colour modes, 8 bits per channel is usually considered sufficient to render images in Rec. 709 or sRGB. However the eye can see the difference between the colour levels, especially when there is a sharp border between two large areas of adjacent colour levels. This will happen with gradual gradients (like sunsets, dawns or clear blue skies), and also when blurring an image a large amount. Colour banding is more noticeable with fewer bits per pixel (BPP) at 16–256 colours (4–8 BPP), where there are fewer shades with a larger difference between them. The appearance of colour banding is exaggerated by the Mach bands effect. Possible solutions include the introduction of dithering and increasing the number of bits per colour channel. Because the banding comes from limitations in the presentation of the image, blurring the image does not fix this unless the image BPP is higher than the original.
Read more →
Glossary of computer graphics

This is a glossary of terms relating to computer graphics. For more general computer hardware terms, see glossary of computer hardware terms. == 0–9 == 2D convolution Operation that applies linear filtering to image with a given two-dimensional kernel, able to achieve e.g. edge detection, blurring, etc. 2D image 2D texture map A texture map with two dimensions, typically indexed by UV coordinates. 2D vector A two-dimensional vector, a common data type in rasterization algorithms, 2D computer graphics, graphical user interface libraries. 2.5D Also pseudo 3D. Rendering whose result looks 3D while actually not being 3D or having great limitations, e.g. in camera degrees of freedom. 3D graphics pipeline A graphics pipeline taking 3D models and producing a 2D bitmap image result. 3D paint tool A 3D graphics application for digital painting of multiple texture map image channels directly onto a rotated 3D model, such as zbrush or mudbox, also sometimes able to modify vertex attributes. 3D scene A collection of 3D models and lightsources in world space, into which a camera may be placed, describing a scene for 3D rendering. 3D unit vector A unit vector in 3D space. 4D vector A common datatype in graphics code, holding homogeneous coordinates or RGBA data, or simply a 3D vector with unused W to benefit from alignment, naturally handled by machines with 4-element SIMD registers. 4×4 matrix A matrix commonly used as a transformation of homogeneous coordinates in 3D graphics pipelines. 7e3 format A packed pixel format supported by some graphics processing units (GPUs) where a single 32-bit word encodes three 10-bit floating-point color channels, each with seven bits of mantissa and three bits of exponent. == A == AABB Axis-aligned bounding box (sometimes called "axis oriented"), a bounding box stored in world coordinates; one of the simplest bounding volumes. Additive blending A compositing operation where d s t = d s t + s r c , {\displaystyle dst=dst+src,} without the use of an alpha channel, used for various effects. Also known as linear dodge in some applications. Affine texture mapping Linear interpolation of texture coordinates in screen space without taking perspective into account, causing texture distortion. Aliasing Unwanted effect arising when sampling high-frequency signals, in computer graphics appearing e.g. when downscaling images. Antialiasing methods can prevent it. Alpha channel An additional image channel (e.g. extending an RGB image) or standalone channel controlling alpha blending. Ambient lighting An approximation to the light entering a region from a wide range of directions, used to avoid needing an exact solution to the rendering equation. Ambient occlusion (AO) Effect approximating, in an inexpensive way, one aspect of global illumination by taking into account how much ambient light is blocked by nearby geometry, adding visual clues about the shape. Analytic model A mathematical model for a phenomenon to be simulated, e.g. some approximation to surface shading. Contrasts with Empirical models based purely on recorded data. Anisotropic filtering Advanced texture filtering improving on mipmapping, preventing aliasing while reducing blur in textured polygons at oblique angles to the camera. Anti-aliasing Methods for filtering and sampling to avoid visual artifacts associated with the uniform pixel grid in 3D rendering. Array texture A form of texture map containing an array of 2D texture slices selectable by a 3rd 'W' texture coordinate; used to reduce state changes in 3D rendering. Augmented reality Computer-rendered content inserted into the user's view of the real world. AZDO Approaching zero driver overhead, a set of techniques aimed at reducing the CPU overhead in preparing and submitting rendering commands in the OpenGL pipeline. A compromise between the traditional GL API and other high-performance low-level rendering APIs. == B == Back-face culling Culling (discarding) of polygons that are facing backwards from the camera. Baking Performing an expensive calculation offline, and caching the results in a texture map or vertex attributes. Typically used for generating lightmaps, normal maps, or low level of detail models. Barycentric coordinates Three-element coordinates of a point inside a triangle. Beam tracing Modification of ray tracing which instead of lines uses pyramid-shaped beams to address some of the shortcomings of traditional ray tracing, such as aliasing. Bicubic interpolation Extension of cubic interpolation to 2D, commonly used when scaling textures. Bilinear interpolation Linear interpolation extended to 2D, commonly used when scaling textures. Binding Selecting a resource (texture, buffer, etc.) to be referenced by future commands. Billboard A textured rectangle that keeps itself oriented towards the camera, typically used e.g. for vegetation or particle effects. Binary space partitioning (BSP) A data structure that can be used to accelerate visibility determination, used e.g. in Doom engine. Bit depth The number of bits per pixel, sample, or texel in a bitmap image (holding one or more image channels, typical values being 4, 8, 16, 24, 32) Bitmap Image stored by pixels. Bit plane A format for bitmap images storing 1 bit per pixel in a contiguous 2D array; Several such parallel arrays combine to produce the a higher-bit-depth image. Opposite of packed-pixel format. Blend operation A render state controlling alpha blending, describing a formula for combining source and destination pixels. Bone Coordinate systems used to control surface deformation (via Weight maps) during skeletal animation. Typically stored in a hierarchy, controlled by key frames, and other procedural constraints. Bounding box One of the simplest type of bounding volume, consisting of axis-aligned or object-aligned extents. Bounding volume A mathematically simple volume, such as a sphere or a box, containing 3D objects, used to simplify and accelerate spatial tests (e.g. for visibility or collisions). BRDF Bidirectional reflectance distribution functions (BRDFs), empirical models defining 4D functions for surface shading indexed by a view vector and light vector relative to a surface. Bump mapping Technique similar to normal mapping that instead of normal maps uses so called bump maps (height maps). BVH Bounding volume hierarchy is a tree structure on a set of geometric objects. == C == Camera A virtual camera from which rendering is performed, also sometimes referred to as 'eye'. Camera space A space with the camera at the origin, aligned with the viewer's direction, after the application of the world transformation and view transformation. Cel shading Cartoon-like shading effect. Clipping Limiting specific operations to a specific region, usually the view frustum. Clipping plane A plane used to clip rendering primitives in a graphics pipeline. These may define the view frustum or be used for other effects. Clip space Coordinate space in which clipping is performed. Clip window A rectangular region in screen space, used during clipping. A clip window may be used to enclose a region around a portal in portal rendering. CLUT A table of RGB color values to be indexed by a lower-bit-depth image (typically 4–8 bits), a form of vector quantization. Color bleeding Unwanted effect in texture mapping. A color from a border of unmapped region of the texture may appear (bleed) in the mapped result due to interpolation. Color channels The set of channels in a bitmap image representing the visible color components, i.e. distinct from the alpha channel or other information. Color resolution Command buffer A region of memory holding a set of instructions for a graphics processing unit for rendering a scene or portion of a scene. These may be generated manually in bare metal programming, or managed by low level rendering APIs, or handled internally by high level rendering APIs. Command list A group of rendering commands ready for submission to a graphics processing unit, see also Command buffer. Compute API An API for efficiently processing large amounts of data. Compute shader A compute kernel managed by a rendering API, with easy access to rendering resources. Cone tracing Modification of ray tracing which instead of lines uses cones as rays in order to achieve e.g. antialiasing or soft shadows. Connectivity information Indices defining [rendering primitive]s between vertices, possibly held in index buffers. describes geometry as a graph or hypergraph. CSG Constructive solid geometry, a method for generating complex solid models from boolean operations combining simpler modelling primitives. Cube mapping A form of environment reflection mapping in which the environment is captured on a surface of a cube (cube map). Culling Before rendering begins, culling removes objects that don't significantly contribute to the rendered result (e.g. being obscured or outside camera view). == D == Decal A "sticker" picture applied onto a surface (e.g. a
Read more →
BLOOM (language model)

The BigScience Large Open-science Open-access Multilingual Language Model (BLOOM) is an open-access large language model (LLM) released in 2022. It was created by a volunteer-driven research effort to provide a transparently-created alternative to proprietary AI models. With 176 billion parameters, BLOOM is a transformer-based autoregressive model designed to generate text in 46 natural languages and 13 programming languages. The model is distributed under the project's "Responsible AI License". == Development == BLOOM is the main outcome of the BigScience initiative, a one-year-long research workshop. The project was coordinated by Hugging Face using funding from the French government and involved several hundred volunteer researchers and engineers from academia and the private sector. The model was trained between March and July 2022 on the Jean Zay public supercomputer in France, managed by GENCI and IDRIS (CNRS). Unlike GPT-3, BLOOM was trained to be multilingual. The source code is released under the Apache 2.0 license. The model's parameters are released under BigScience's "Responsible AI License" (RAIL), which grants open access and reuse rights but with some usage restrictions. BLOOM was used in the chatbots BLOOMChat and HuggingChat due to its multilingual abilities. BLOOM's training corpus, named ROOTS, combines data extracted from the then-latest version of the web-based OSCAR corpus (38% of ROOTS) and newly collected data extracted from a manually selected and documented list of language data sources. In total, the model was trained on approximately 366 billion (1.6TB) tokens. It was developed using the open-source libraries DeepSpeed Megatron. BigScience then released xP3, a multilingual dataset for LLM supervised learning. It also released BLOOMZ, a variant of BLOOM fine-tuned on xP3 to follow instructions.
Read more →
Commitment ordering

Commitment ordering (CO) is a class of interoperable serializability techniques in concurrency control of databases, transaction processing, and related applications. It allows optimistic (non-blocking) implementations. With the proliferation of multi-core processors, CO has also been increasingly utilized in concurrent programming, transactional memory, and software transactional memory (STM) to achieve serializability optimistically. CO is also the name of the resulting transaction schedule (history) property, defined in 1988 with the name dynamic atomicity. In a CO compliant schedule, the chronological order of commitment events of transactions is compatible with the precedence order of the respective transactions. CO is a broad special case of conflict serializability and effective means (reliable, high-performance, distributed, and scalable) to achieve global serializability (modular serializability) across any collection of database systems that possibly use different concurrency control mechanisms (CO also makes each system serializability compliant, if not already). Each not-CO-compliant database system is augmented with a CO component (the commitment order coordinator—COCO) which orders the commitment events for CO compliance, with neither data-access nor any other transaction operation interference. As such, CO provides a low overhead, general solution for global serializability (and distributed serializability), instrumental for global concurrency control (and distributed concurrency control) of multi-database systems and other transactional objects, possibly highly distributed (e.g., within cloud computing, grid computing, and networks of smartphones). An atomic commitment protocol (ACP; of any type) is a fundamental part of the solution, utilized to break global cycles in the conflict (precedence, serializability) graph. CO is the most general property (a necessary condition) that guarantees global serializability, if the database systems involved do not share concurrency control information beyond atomic commitment protocol (unmodified) messages and have no knowledge of whether transactions are global or local (the database systems are autonomous). Thus CO (with its variants) is the only general technique that does not require the typically costly distribution of local concurrency control information (e.g., local precedence relations, locks, timestamps, or tickets). It generalizes the popular strong strict two-phase locking (SS2PL) property, which in conjunction with the two-phase commit protocol (2PC), is the de facto standard to achieve global serializability across (SS2PL based) database systems. As a result, CO compliant database systems (with any different concurrency control types) can transparently join such SS2PL based solutions for global serializability. In addition, locking based global deadlocks are resolved automatically in a CO based multi-database environment, a vital side-benefit (including the special case of a completely SS2PL based environment; a previously unnoticed fact for SS2PL). Furthermore, strict commitment ordering (SCO; Raz 1991c), the intersection of Strictness and CO, provides better performance (shorter average transaction completion time and resulting in better transaction throughput) than SS2PL whenever read-write conflicts are present (identical blocking behavior for write-read and write-write conflicts; comparable locking overhead). The advantage of SCO is especially during lock contention. Strictness allows both SS2PL and SCO to use the same effective database recovery mechanisms. Two major generalizing variants of CO exist, extended CO (ECO; Raz 1993a) and multi-version CO (MVCO; Raz 1993b). They also provide global serializability without local concurrency control information distribution, can be combined with any relevant concurrency control, and allow optimistic (non-blocking) implementations. Both use additional information for relaxing CO constraints and achieving better concurrency and performance. Vote ordering (VO or Generalized CO (GCO); Raz 2009) is a container schedule set (property) and technique for CO and all its variants. Local VO is necessary for guaranteeing global serializability if the atomic commitment protocol (ACP) participants do not share concurrency control information (have the generalized autonomy property). CO and its variants inter-operate transparently, guaranteeing global serializability and automatic global deadlock resolution together in a mixed, heterogeneous environment with different variants. == Overview == The Commitment ordering (CO; Raz 1990, 1992, 1994, 2009) schedule property has been referred to also as Dynamic atomicity (since 1988), commit ordering, commit order serializability, and strong recoverability (since 1991). The latter is a misleading name since CO is incomparable with recoverability, and the term "strong" implies a special case. This means that a substantial recoverability property does not necessarily have the CO property and vice versa. In 2009 CO has been characterized as a major concurrency control method, together with the previously known (since the 1980s) three major methods: Locking, Time-stamp ordering, and Serialization graph testing, and as an enabler for the interoperability of systems using different concurrency control mechanisms. In a federated database system or any other more loosely defined multidatabase system, which are typically distributed in a communication network, transactions span multiple and possibly Distributed databases. Enforcing global serializability in such system is problematic. Even if every local schedule of a single database is still serializable, the global schedule of a whole system is not necessarily serializable. The massive communication exchanges of conflict information needed between databases to reach conflict serializability would lead to unacceptable performance, primarily due to computer and communication latency. The problem of achieving global serializability effectively had been characterized as open until the public disclosure of CO in 1991 by its inventor Yoav Raz (Raz 1991a; see also Global serializability). Enforcing CO is an effective way to enforce conflict serializability globally in a distributed system since enforcing CO locally in each database (or other transactional objects) also enforces it globally. Each database may use any, possibly different, type of concurrency control mechanism. With a local mechanism that already provides conflict serializability, enforcing CO locally does not cause any other aborts, since enforcing CO locally does not affect the data access scheduling strategy of the mechanism (this scheduling determines the serializability related aborts; such a mechanism typically does not consider the commitment events or their order). The CO solution requires no communication overhead since it uses (unmodified) atomic commitment protocol messages only, already needed by each distributed transaction to reach atomicity. An atomic commitment protocol plays a central role in the distributed CO algorithm, which enforces CO globally by breaking global cycles (cycles that span two or more databases) in the global conflict graph. CO, its special cases, and its generalizations are interoperable and achieve global serializability while transparently being utilized together in a single heterogeneous distributed environment comprising objects with possibly different concurrency control mechanisms. As such, Commitment ordering, including its special cases, and together with its generalizations (see CO variants below), provides a general, high performance, fully distributed solution (no central processing component or central data structure are needed) for guaranteeing global serializability in heterogeneous environments of multidatabase systems and other multiple transactional objects (objects with states accessed and modified only by transactions; e.g., in the framework of transactional processes, and within Cloud computing and Grid computing). The CO solution scales up with network size and the number of databases without any negative impact on performance (assuming the statistics of a single distributed transaction, e.g., the average number of databases involved with a single transaction, are unchanged). With the proliferation of Multi-core processors, Optimistic CO (OCO) has also been increasingly utilized to achieve serializability in software transactional memory, and numerous STM articles and patents utilizing "commit order" have already been published (e.g., Zhang et al. 2006). == The commitment ordering solution for global serializability == === General characterization of CO === Commitment ordering (CO) is a special case of conflict serializability. CO can be enforced with non-blocking mechanisms (each transaction can complete its task without having its data-access blocked, which allows optimistic concurrency control; however, commitment could be blo
Read more →
Integrated test facility

An integrated test facility (ITF) creates a fictitious entity in a database to process test transactions simultaneously with live input. ITF can be used to incorporate test transactions into a normal production run of a system. Its advantage is that periodic testing does not require separate test processes. However, careful planning is necessary, and test data must be isolated from production data. Moreover, ITF validates the correct operation of a transaction in an application, but it does not ensure that a system is being operated correctly. Integrated test facility is considered a useful audit tool during an IT audit because it uses the same programs to compare processing using independently calculated data. This involves setting up dummy entities on an application system and processing test or production data against the entity as a means of verifying processing accuracy.
Read more →