The following is a comparison of cloud-computing software and providers. == IaaS (Infrastructure as a service) == === Providers === ==== General ==== == SaaS (Software as a Service) == === General === === Supported hosts === === Supported guests === == PaaS (Platform as a service) == === Providers === === Providers on IaaS === PaaS providers which can run on IaaS providers ("itself" means the provider is both PaaS and IaaS):
Seccomp
seccomp (short for secure computing) is a computer security facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will either just log the event or terminate the process with SIGKILL or SIGSYS. In this sense, it does not virtualize the system's resources but isolates the process from them entirely. seccomp mode is enabled via the prctl(2) system call using the PR_SET_SECCOMP argument, or (since Linux kernel 3.17) via the seccomp(2) system call. seccomp mode used to be enabled by writing to a file, /proc/self/seccomp, but this method was removed in favor of prctl(). In some kernel versions, seccomp disables the RDTSC x86 instruction, which returns the number of elapsed processor cycles since power-on, used for high-precision timing. seccomp-bpf is an extension to seccomp that allows filtering of system calls using a configurable policy implemented using Berkeley Packet Filter rules. It is used by OpenSSH and vsftpd as well as the Google Chrome/Chromium web browsers on ChromeOS and Linux. (In this regard seccomp-bpf achieves similar functionality, but with more flexibility and higher performance, to the older systrace—which seems to be no longer supported for Linux.) Some consider seccomp comparable to OpenBSD pledge(2) and FreeBSD capsicum(4). == History == seccomp was first devised by Andrea Arcangeli in January 2005 for use in public grid computing and was originally intended as a means of safely running untrusted compute-bound programs. It was merged into the Linux kernel mainline in kernel version 2.6.12, which was released on March 8, 2005. == Software using seccomp or seccomp-bpf == Android uses a seccomp-bpf filter in the zygote since Android 8.0 Oreo. systemd's sandboxing options are based on seccomp. QEMU, the Quick Emulator, the core component to the modern virtualization together with KVM uses seccomp on the parameter --sandbox Docker – software that allows applications to run inside of isolated containers. Docker can associate a seccomp profile with the container using the --security-opt parameter. Arcangeli's CPUShare was the only known user of seccomp for a while. Writing in February 2009, Linus Torvalds expresses doubt whether seccomp is actually used by anyone. However, a Google engineer replied that Google is exploring using seccomp for sandboxing its Chrome web browser. Firejail is an open source Linux sandbox program that utilizes Linux namespaces, Seccomp, and other kernel-level security features to sandbox Linux and Wine applications. As of Chrome version 20, seccomp-bpf is used to sandbox Adobe Flash Player. As of Chrome version 23, seccomp-bpf is used to sandbox the renderers. Snap specify the shape of their application sandbox using "interfaces" which snapd translates to seccomp, AppArmor and other security constructs vsftpd uses seccomp-bpf sandboxing as of version 3.0.0. OpenSSH has supported seccomp-bpf since version 6.0. Mbox uses ptrace along with seccomp-bpf to create a secure sandbox with less overhead than ptrace alone. LXD, a Ubuntu "hypervisor" for containers Firefox and Firefox OS, which use seccomp-bpf Tor supports seccomp since 0.2.5.1-alpha Lepton, a JPEG compression tool developed by Dropbox uses seccomp Kafel is a configuration language, which converts readable policies into seccompb-bpf bytecode Subgraph OS uses seccomp-bpf Flatpak uses seccomp for process isolation Bubblewrap is a lightweight sandbox application developed from Flatpak minijail uses seccomp for process isolation SydBox uses seccomp-bpf to improve the runtime and security of the ptrace sandboxing used to sandbox package builds on Exherbo Linux distribution. File, a Unix program to determine filetypes, uses seccomp to restrict its runtime environment Zathura, a minimalistic document viewer, uses seccomp filter to implement different sandbox modes Tracker, a indexing and preview application for the GNOME desktop environment, uses seccomp to prevent automatic exploitation of parsing vulnerabilities in media files
Picture Prowler
Picture Prowler was an early piece of photo management software developed around and meant to show off Xing Technology's JPEG image decompression library during the early 1990s. Little known today, it featured thumbnail based picture management, printing, etc. The primary developer was Ray Bunnage from compression / decompression libraries developed by Howard Gordon and Chris Eddy.
Medical imaging
Medical imaging is the technique and process of imaging the interior of a body for clinical analysis and medical intervention, as well as visual representation of the function of some organs or tissues (physiology). Medical imaging seeks to reveal internal structures hidden by the skin and bones, as well as to diagnose and treat disease. Medical imaging also establishes a database of normal anatomy and physiology to make it possible to identify abnormalities. Although imaging of removed organs and tissues can be performed for medical reasons, such procedures are usually considered part of pathology instead of medical imaging. Measurement and recording techniques that are not primarily designed to produce images, such as electroencephalography (EEG), magnetoencephalography (MEG), electrocardiography (ECG), and others, represent other technologies that produce data susceptible to representation as a parameter graph versus time or maps that contain data about the measurement locations. In a limited comparison, these technologies can be considered forms of medical imaging in another discipline of medical instrumentation. As of 2010, 5 billion medical imaging studies had been conducted worldwide. Radiation exposure from medical imaging in 2006 made up about 50% of total ionizing radiation exposure in the United States. Medical imaging equipment is manufactured using technology from the semiconductor industry, including CMOS integrated circuit chips, power semiconductor devices, sensors such as image sensors (particularly CMOS sensors) and biosensors, and processors such as microcontrollers, microprocessors, digital signal processors, media processors and system-on-chip devices. As of 2015, annual shipments of medical imaging chips amount to 46 million units and $1.1 billion. The term "noninvasive" is used to denote a procedure where no instrument is introduced into a patient's body, which is the case for most imaging techniques used. == History == In 1972, engineer Godfrey Hounsfield from the British company EMI invented the X-ray computed tomography device for head diagnosis, which is commonly referred to as computed tomography (CT). The CT nucleus method is based on the projecting X-rays through a section of the human head, which are then processed by computer to reconstruct the cross-sectional image, known as image reconstruction. In 1975, EMI successfully developed a CT device for the entire body, enabling the clear acquisition of tomographic images of various parts of the human body. This revolutionary diagnostic technique earned Hounsfield and physicist Allan Cormack the Nobel Prize in Physiology or Medicine in 1979. Digital image processing technology for medical applications was inducted into the Space Foundation's Space Technology Hall of Fame in 1994. By 2010, over 5 billion medical imaging studies had been conducted worldwide. Radiation exposure from medical imaging in 2006 accounted for about 50% of total ionizing radiation exposure in the United States. Medical imaging equipment is manufactured using technology from the semiconductor industry, including CMOS integrated circuit chips, power semiconductor devices, sensors such as image sensors (particularly CMOS sensors) and biosensors, as well as processors like microcontrollers, microprocessors, digital signal processors, media processors and system-on-chip devices. As of 2015, annual shipments of medical imaging chips reached 46 million units, generating a market value of $1.1 billion. == Types == In the clinical context, "invisible light" medical imaging is generally equated to radiology or "clinical imaging". "Visible light" medical imaging involves digital video or still pictures that can be seen without special equipment. Dermatology and wound care are two modalities that use visible light imagery. Interpretation of medical images is generally undertaken by a physician specialising in radiology known as a radiologist; however, this may be undertaken by any healthcare professional who is trained and certified in radiological clinical evaluation. Increasingly interpretation is being undertaken by non-physicians, for example radiographers frequently train in interpretation as part of expanded practice. Diagnostic radiography designates the technical aspects of medical imaging and in particular the acquisition of medical images. The radiographer (also known as a radiologic technologist) is usually responsible for acquiring medical images of diagnostic quality; although other professionals may train in this area, notably some radiological interventions performed by radiologists are done so without a radiographer. As a field of scientific investigation, medical imaging constitutes a sub-discipline of biomedical engineering, medical physics or medicine depending on the context: Research and development in the area of instrumentation, image acquisition (e.g., radiography), modeling and quantification are usually the preserve of biomedical engineering, medical physics, and computer science; Research into the application and interpretation of medical images is usually the preserve of radiology and the medical sub-discipline relevant to medical condition or area of medical science (neuroscience, cardiology, psychiatry, psychology, etc.) under investigation. Many of the techniques developed for medical imaging also have scientific and industrial applications. === Radiography === Two forms of radiographic images are in use in medical imaging. Projection radiography and fluoroscopy, with the latter being useful for catheter guidance. These 2D techniques are still in wide use despite the advance of 3D tomography due to the low cost, high resolution, and depending on the application, lower radiation dosages with 2D technique. This imaging modality uses a wide beam of X-rays for image acquisition and is the first imaging technique available in modern medicine. Fluoroscopy produces real-time images of internal structures of the body in a similar fashion to radiography, but employs a constant input of X-rays, at a lower dose rate. Contrast media, such as barium, iodine, and air are used to visualize internal organs as they work. Fluoroscopy is also used in image-guided procedures when constant feedback during a procedure is required. An image receptor is required to convert the radiation into an image after it has passed through the area of interest. Early on, this was a fluorescing screen, which gave way to an Image Amplifier (IA) which was a large vacuum tube that had the receiving end coated with cesium iodide, and a mirror at the opposite end. Eventually the mirror was replaced with a TV camera. Projectional radiographs, more commonly known as X-rays, are often used to determine the type and extent of a fracture as well as for detecting pathological changes in the lungs. With the use of radio-opaque contrast media, such as barium, they can also be used to visualize the structure of the stomach and intestines – this can help diagnose ulcers or certain types of colon cancer. === Magnetic resonance imaging === A magnetic resonance imaging instrument (MRI scanner), or "nuclear magnetic resonance (NMR) imaging" scanner as it was originally known, uses powerful magnets to polarize and excite hydrogen nuclei (i.e., single protons) of water molecules in human tissue, producing a detectable signal that is spatially encoded, resulting in images of the body. The MRI machine emits a radio frequency (RF) pulse at the resonant frequency of the hydrogen atoms on water molecules. Radio frequency antennas ("RF coils") send the pulse to the area of the body to be examined. The RF pulse is absorbed by protons, causing their direction with respect to the primary magnetic field to change. When the RF pulse is turned off, the protons "relax" back to alignment with the primary magnet and emit radio waves in the process. This radio-frequency emission from the hydrogen atoms on water is what is detected and reconstructed into an image. The resonant frequency of a spinning magnetic dipole (of which protons are one example) is called the Larmor frequency and is determined by the strength of the main magnetic field and the chemical environment of the nuclei of interest. MRI uses three electromagnetic fields: a very strong (typically 1.5 to 3 teslas) static magnetic field to polarize the hydrogen nuclei, called the primary field; gradient fields that can be modified to vary in space and time (on the order of 1 kHz) for spatial encoding, often simply called gradients; and a spatially homogeneous radio-frequency (RF) field for manipulation of the hydrogen nuclei to produce measurable signals, collected through an RF antenna. Like CT, MRI traditionally creates a two-dimensional image of a thin "slice" of the body and is therefore considered a tomographic imaging technique. Modern MRI instruments are capable of producing images in the form of 3D blocks, which may be considered a generalization of the single-slice
Baby Bundle (app)
Baby Bundle is a parenting mobile app for iPhone and iPad. It was designed to help new parents through pregnancy and the first two years of parenthood. Developed in collaboration with medical experts, it helps track and record the child's development and growth, offers parental advice, manages vaccinations and health check-ups, stores photos and provides baby monitoring services. == History == Baby Bundle was founded in the United Kingdom by brothers, Nick and Anthony von Christierson. Each worked in investment banking prior to developing Baby Bundle, Nick at Greenhill & Co., and Anthony at Goldman Sachs. The idea for the app came when a friend's wife voiced her frustration over having multiple parenting apps on her smartphone. Nick and Anthony left their jobs to create a single app that would include all those features. They conducted market research by interviewing more than 500 parents in the UK and US. It took them a year to build the app, which was named by their mother. Looking for endorsement, they first went to the US in 2013 and partnered with parenting expert and pediatrician Dr. Jennifer Trachtenberg. Baby Bundle was launched in the US and Canadian App Stores in April 2014. In the same month, it became the #1 parenting app in iTunes and was featured by Apple as the #1 Editor's pick across all categories. Mashable called it one of the "Top 5 Can’t Miss Apps." Baby Bundle raised $1.8m seed round in March 2015 to fund development. The money came from a range of angel investors from across the US, UK and Asia. The von Christierson brothers have signed a deal to co-brand the app in the Middle East and expect to launch in Europe and Africa. == Features == Baby Bundle is an app for both the iPhone or iPad and provides smart monitoring tools and trackers for pregnancy and child development. It acts as a growth and daily activity tracker and offers parental advice, manages vaccinations and health check-ups. It has a parenting guide with tips and advice on what to expect when the baby arrives. An interactive forum also lets parents ask questions from others in the community. The app is free and also include paid premium features like the ability to turn two iPhones running into a baby monitor, a cloud service to share the child's data with a spouse and the ability to store data on more than one baby.
Robinson compass mask
In image processing, a Robinson compass mask is a type of compass mask used for edge detection. It has eight major compass orientations, each will extract the edges in respect to its direction. A combined use of compass masks of different directions could detect the edges from different angles. == Technical explanation == The Robinson compass mask is defined by taking a single mask and rotating it to form eight orientations: North: [ − 1 0 1 − 2 0 2 − 1 0 1 ] {\displaystyle {\text{North:}}{\begin{bmatrix}-1&0&1\\-2&0&2\\-1&0&1\end{bmatrix}}} North West: [ 0 1 2 − 1 0 1 − 2 − 1 0 ] {\displaystyle {\text{North West:}}{\begin{bmatrix}0&1&2\\-1&0&1\\-2&-1&0\end{bmatrix}}} West: [ 1 2 1 0 0 0 − 1 − 2 − 1 ] {\displaystyle {\text{West:}}{\begin{bmatrix}1&2&1\\0&0&0\\-1&-2&-1\end{bmatrix}}} South West: [ 2 1 0 1 0 − 1 0 − 1 − 2 ] {\displaystyle {\text{South West:}}{\begin{bmatrix}2&1&0\\1&0&-1\\0&-1&-2\end{bmatrix}}} South: [ 1 0 − 1 2 0 − 2 1 0 − 1 ] {\displaystyle {\text{South:}}{\begin{bmatrix}1&0&-1\\2&0&-2\\1&0&-1\end{bmatrix}}} South East: [ 0 − 1 − 2 1 0 − 1 2 1 0 ] {\displaystyle {\text{South East:}}{\begin{bmatrix}0&-1&-2\\1&0&-1\\2&1&0\end{bmatrix}}} East: [ − 1 − 2 − 1 0 0 0 1 2 1 ] {\displaystyle {\text{East:}}{\begin{bmatrix}-1&-2&-1\\0&0&0\\1&2&1\end{bmatrix}}} North East: [ − 2 − 1 0 − 1 0 1 0 1 2 ] {\displaystyle {\text{North East:}}{\begin{bmatrix}-2&-1&0\\-1&0&1\\0&1&2\end{bmatrix}}} The direction axis is the line of zeros in the matrix. Robinson compass mask is similar to kirsch compass masks, but is simpler to implement. Since the matrix coefficients only contains 0, 1, 2, and are symmetrical, only the results of four masks need to be calculated, the other four results are the negation of the first four results. An edge, or contour is an tiny area with neighboring distinct pixel values. The convolution of each mask with the image would create a high value output where there is a rapid change of pixel value, thus an edge point is found. All the detected edge points would line up as edges. == Example == An example of Robinson compass masks applied to the original image. Obviously, the edges in the direction of the mask is enhanced.
Tresorit
Tresorit is a Swiss company providing end-to-end encrypted cloud storage and secure content collaboration services. Founded in 2011, the company primarily serves businesses and organizations with elevated data protection and compliance requirements. Since 2021, Tresorit has been part of Swiss Post's digital business services, which, under the name 'Swiss Post Digital' offer secure communication platforms and connectable software solutions for SMEs, public authorities, and the healthcare sector, among others. == History == Tresorit was founded in 2011 by Hungarian software developers Istvan Lam, Szilveszter Szebeni and Gyorgy Szilagyi with the aim of providing a secure alternative to traditional cloud storage solutions. The company developed a cloud collaboration platform based on client-side end-to-end encryption and a zero-knowledge architecture. In its early years, Tresorit gained attention through a public security challenge inviting researchers to attempt to compromise its encryption system. The initiative received coverage in technology and cybersecurity media. The company initially positioned itself as a secure alternative to conventional cloud storage services and gradually expanded its offering toward enterprise-focused collaboration tools. In 2021, Swiss Post Communications Services acquired a majority stake in Tresorit. The company is now part of Swiss Post, and continues to operate independently within Swiss Post’s digital division, while benefiting from the broader infrastructure and institutional framework of its parent organization. Tresorit has offices in Zurich, Munich, and Budapest. == Products and Services == Tresorit provides a cloud-based platform for secure file storage and collaboration. Its services include encrypted file sharing, email encryption, electronic signatures, and encrypted data rooms for managing sensitive documents and workflows. The platform is available on Windows, macOS, Linux, Android, and iOS. == Technology == Tresorit uses client-side end-to-end encryption based on a zero-knowledge model. Files are encrypted on the user’s device before being uploaded to company servers. According to the company, encryption keys remain under user control, meaning that Tresorit and third parties cannot access the content of stored files. == Security challenge == Between 2013 and 2014, Tresorit organized a public challenge inviting security researchers to attempt to compromise the service's encryption implementation. The challenge received coverage in technology and cybersecurity media. == Acquisition by Swiss Post == In 2021, Swiss Post Communications Services acquired a majority stake in Tresorit as part of Swiss Post’s broader digital services strategy. The company is now part of Swiss Post. == Reception == Tresorit has been covered by international technology and business publications in the context of secure cloud storage and encrypted collaboration services. TechCrunch described the company as an early European provider of end-to-end encrypted cloud services, while The New York Times included it in discussions of secure file-sharing tools. Other publications such as TechRadar and ITPro have reviewed Tresorit in the context of enterprise security and confidential data handling.