Chaffing and winnowing is a cryptographic technique to achieve confidentiality without using encryption when sending data over an insecure channel. The name is derived from agriculture: after grain has been harvested and threshed, it remains mixed together with inedible fibrous chaff. The chaff and grain are then separated by winnowing, and the chaff is discarded. The cryptographic technique was conceived by Ron Rivest and published in an on-line article on 18 March 1998. Although it bears similarities to both traditional encryption and steganography, it cannot be classified under either category. This technique allows the sender to deny responsibility for encrypting their message. When using chaffing and winnowing, the sender transmits the message unencrypted, in clear text. Although the sender and the receiver share a secret key, they use it only for authentication. However, a third party can make their communication confidential by simultaneously sending specially crafted messages through the same channel. == How it works == The sender (Alice) wants to send a message to the receiver (Bob). In the simplest setup, Alice enumerates the symbols in her message and sends out each in a separate packet. If the symbols are complex enough, such as natural-language text, an attacker may be able to distinguish the real symbols from poorly faked chaff symbols, posing a similar problem as steganography in needing to generate highly realistic fakes; to avoid this, the symbols can be reduced to just single 0/1 bits, and realistic fakes can then be simply randomly generated 50:50 and are indistinguishable from real symbols. In general, the method requires each symbol to arrive in-order and to be authenticated by the receiver. When implemented over networks that may change the order of packets, the sender places the symbol's serial number in the packet, the symbol itself (both unencrypted), and a message authentication code (MAC). Many MACs use a secret key Alice shares with Bob, but it is sufficient that the receiver has a method to authenticate the packets. Rivest notes an interesting property of chaffing-and-winnowing is that third parties (such as an ISP) can opportunistically add it to communications without needing permission or coordination with the sender/recipient. A third-party (Charles) who transmits Alice's packets to Bob, interleaves the packets with corresponding bogus packets (called "chaff") with corresponding serial numbers, arbitrary symbols, and a random number in place of the MAC. Charles does not need to know the key to do that (real MACs are large enough that it is extremely unlikely to generate a valid one by chance, unlike in the example). Bob uses the MAC to find the authentic messages and drops the "chaff" messages. This process is called "winnowing". An eavesdropper located between Alice and Charles can easily read Alice's message. But an eavesdropper between Charles and Bob would have to tell which packets are bogus and which are real (i.e. to winnow, or "separate the wheat from the chaff"). That is infeasible if the MAC used is secure and Charles does not leak any information on packet authenticity (e.g. via timing). If a fourth party joins the example (named Darth) who wants to send counterfeit messages to impersonate Alice, it would require Alice to disclose her secret key. If Darth cannot force Alice to disclose an authentication key (the knowledge of which would enable him to forge messages from Alice), then her messages will remain confidential. Charles, on the other hand, is no target of Darth's at all, since Charles does not even possess any secret keys that could be disclosed. == Variations == The simple variant of the chaffing and winnowing technique described above adds many bits of overhead per bit of original message. To make the transmission more efficient, Alice can process her message with an all-or-nothing transform and then send it out in much larger chunks. The chaff packets will have to be modified accordingly. Because the original message can be reconstructed only by knowing all of its chunks, Charles needs to send only enough chaff packets to make finding the correct combination of packets computationally infeasible. Chaffing and winnowing lends itself especially well to use in packet-switched network environments such as the Internet, where each message (whose payload is typically small) is sent in a separate network packet. In another variant of the technique, Charles carefully interleaves packets coming from multiple senders. That eliminates the need for Charles to generate and inject bogus packets in the communication. However, the text of Alice's message cannot be well protected from other parties who are communicating via Charles at the same time. This variant also helps protect against information leakage and traffic analysis. == Implications for law enforcement == Ron Rivest suggests that laws related to cryptography, including export controls, would not apply to chaffing and winnowing because it does not employ any encryption at all. The power to authenticate is in many cases the power to control, and handing all authentication power to the government is beyond all reason The author of the paper proposes that the security implications of handing everyone's authentication keys to the government for law-enforcement purposes would be far too risky, since possession of the key would enable someone to masquerade and communicate as another entity, such as an airline controller. Furthermore, Ron Rivest contemplates the possibility of rogue law enforcement officials framing up innocent parties by introducing the chaff into their communications, concluding that drafting a law restricting chaffing and winnowing would be far too difficult. == Trivia == The term winnowing was suggested by Ronald Rivest's father. Before the publication of Rivest's paper in 1998 other people brought to his attention a 1965 novel, Rex Stout's The Doorbell Rang, which describes the same concept and was thus included in the paper's references.
Turret lathe
A turret lathe is a form of metalworking lathe that is used for repetitive production of duplicate parts, which by the nature of their cutting process are usually interchangeable. It evolved from earlier lathes with the addition of the turret, which is an indexable toolholder that allows multiple cutting operations to be performed, each with a different cutting tool, in easy, rapid succession, with no need for the operator to perform set-up tasks in between (such as installing or uninstalling tools) or to control the toolpath. The latter is due to the toolpath's being controlled by the machine, either in jig-like fashion, via the mechanical limits placed on it by the turret's slide and stops, or via digitally-directed servomechanisms for computer numerical control lathes. The name derives from the way early turrets took the general form of a flattened cylindrical block mounted to the lathe's cross-slide, capable of rotating about the vertical axis and with toolholders projecting out to all sides, and thus vaguely resembled a swiveling gun turret. Capstan lathe is the usual name in the UK and Commonwealth, though the two terms are also used in contrast: see below, Capstan versus turret. == History == Turret lathes became indispensable to the production of interchangeable parts and for mass production. The first turret lathe was built by Stephen Fitch in 1845 to manufacture screws for pistol percussion parts. In the mid-nineteenth century, the need for interchangeable parts for Colt revolvers enhanced the role of turret lathes in achieving this goal as part of the "American system" of manufacturing arms. Clock-making and bicycle manufacturing had similar requirements. Christopher Spencer invented the first fully automated turret lathe in 1873, which led to designs using cam action or hydraulic mechanisms. From the late-19th through mid-20th centuries, turret lathes, both manual and automatic (i.e., screw machines and chuckers), were one of the most important classes of machine tools for mass production. They were used extensively in the mass production for the war effort in World War II. The U.S. company Warner & Swasey was one of the premier brands in heavy turret lathes between the 1910s and 1960s; it became the world's largest manufacturer of such lathes by 1928. During World War II, it employed 7,000 people and produced half of the turret lathes manufactured in the United States. == Types == There are many variants of the turret lathe. They can be most generally classified by size (small, medium, or large); method of control (manual, automated mechanically, or automated via computer (numerical control (NC) or computer numerical control (CNC)); and bed orientation (horizontal or vertical). === Archetypical: horizontal, manual === In the late 1830s a "capstan lathe" with a turret was patented in Britain. The first American turret lathe was invented by Stephen Fitch in 1845. The archetypical turret lathe, and the first in order of historical appearance, is the horizontal-bed, manual turret lathe. The term "turret lathe" without further qualification is still understood to refer to this type. The formative decades for this class of machine were the 1840s through 1860s, when the basic idea of mounting an indexable turret on a bench lathe or engine lathe was born, developed, and disseminated from the originating shops to many other factories. Some important tool-builders in this development were Stephen Fitch; Gay, Silver & Co.; Elisha K. Root of Colt; J.D. Alvord of the Sharps Armory; Frederick W. Howe, Richard S. Lawrence, and Henry D. Stone of Robbins & Lawrence; J.R. Brown of Brown & Sharpe; and Francis A. Pratt of Pratt & Whitney. Various designers at these and other firms later made further refinements. === Semi-automatic === Sometimes machines similar to those above, but with power feeds and automatic turret-indexing at the end of the return stroke, are called "semi-automatic turret lathes". This nomenclature distinction is blurry and not consistently observed. The term "turret lathe" encompasses them all. During the 1860s, when semi-automatic turret lathes were developed, they were sometimes called "automatic". What we today would call "automatics", that is, fully automatic machines, had not been developed yet. During that era both manual and semi-automatic turret lathes were sometimes called "screw machines", although we today reserve that term for fully automatic machines. === Automatic === During the 1870s through 1890s, the mechanically automated "automatic" turret lathe was developed and disseminated. These machines can execute many part-cutting cycles without human intervention. Thus the duties of the operator, which were already greatly reduced by the manual turret lathe, were even further reduced, and productivity increased. These machines use cams to automate the sliding and indexing of the turret and the opening and closing of the chuck. Thus, they execute the part-cutting cycle somewhat analogously to the way in which an elaborate cuckoo clock performs an automated theater show. Small- to medium-sized automatic turret lathes are usually called "screw machines" or "automatic screw machines", while larger ones are usually called "automatic chucking lathes", "automatic chuckers", or "chuckers". Such machine tools of the "automatic" variety, which in the pre-computer era meant mechanically automated, had already reached a highly advanced state by World War I. === Computer numerical control === When World War II ended, the digital computer was poised to develop from a colossal laboratory curiosity into a practical technology that could begin to disseminate into business and industry. The advent of computer-based automation in machine tools via numerical control (NC) and then computer numerical control (CNC) displaced to a large extent, but not at all completely, the previously existing manual and mechanically automated machines. Numerically controlled turrets allow automated selection of tools on a turret. CNC lathes may be horizontal or vertical in orientation and mount six separate tools on one or more turrets. Such machine tools can work in two axes per turret, with up to six axes being feasible for complex work. === Vertical === Vertical turret lathes have the workpiece held vertically, which allows the headstock to sit on the floor and the faceplate to become a horizontal rotating table, analogous to a huge potter's wheel. This is useful for the handling of very large, heavy, short workpieces. Vertical lathes in general are also called "vertical boring mills" or often simply "boring mills"; therefore a vertical turret lathe is a vertical boring mill equipped with a turret. == Other variations == === Capstan versus turret === The term "capstan lathe" overlaps in sense with the term "turret lathe" to a large extent. In many times and places, it has been understood to be synonymous with "turret lathe". In other times and places it has been held in technical contradistinction to "turret lathe", with the difference being in whether the turret's slide is fixed to the bed (ram-type turret) or slides on the bed's ways (saddle-type turret). The difference in terminology is mostly a matter of United Kingdom and Commonwealth usage versus United States usage. === Flat === A subtype of horizontal turret lathe is the flat-turret lathe. Its turret is flat (and analogous to a rotary table), allowing the turret to pass beneath the part. Patented by James Hartness of Jones & Lamson, and first disseminated in the 1890s, it was developed to provide more rigidity via requiring less overhang in the tool setup, especially when the part is relatively long. === Hollow-hexagon === Hollow-hexagon turret lathes competed with flat-turret lathes by taking the conventional hexagon turret and making it hollow, allowing the part to pass into it during the cut, analogously to how the part would pass over the flat turret. In both cases, the main idea is to increase rigidity by allowing a relatively long part to be turned without the tool overhang that would be needed with a conventional turret, which is not flat or hollow. === Monitor lathe === The term "monitor lathe" formerly (1860s–1940s) referred to the class of small- to medium-sized manual turret lathes used on relatively small work. The name was inspired by the monitor-class warships, which the monitor lathe's turret resembled. Today, lathes of such appearance, such as the Hardinge DSM-59 and its many clones, are still common, but the name "monitor lathe" is no longer current in the industry. === Toolpost turrets and tailstock turrets === Turrets can be added to non-turret lathes (bench lathes, engine lathes, toolroom lathes, etc.) by mounting them on the toolpost, tailstock, or both. Often these turrets are not as large as a turret lathe's, and they usually do not offer the sliding and stopping that a turret lathe's turret does; but they do offer the ability to index through successive tool
ZipBooks
ZipBooks is a free online accounting software company based in American Fork, Utah. The cloud-based software is an accounting and bookkeeping tool that helps business owners process credit cards, track finances, and send invoices, among other features. == History == ZipBooks was founded by Tim Chaves in June 2015, backed by venture capital firm Peak Ventures. The company secured an additional $2 million of funding in July 2016, and in 2017 it was awarded a $100,000 economic grant by the Utah Governor's Office of Economic Development Technology Commercialization and Innovation Program. == Products == ZipBooks' core modules are invoicing, transactions, bills, reporting, time tracking, contacts, and payroll. Accrual accounting was added in 2017. The application is available on G Suite, iOS, Slack, and as a web application. == Reception == Computerworld compared ZipBooks favorably with other accounting software. PC Magazine praised its user experience, but stated it lacked "a lot of features that competing sites offer".
Protocol Builder
Protocol Builder is a tool in programming languages to generate code to build protocols in a fast and reliable way. Network programming for all kinds of protocols (such as TCP, UDP, and SNMP) includes converting data to be transferred to raw bytes in the sending side and parsing these bytes in the receiving side. Protocol builders facilitate this stage, usually by automatically generating the code. Protocol Programming has many components to be developed, these are: server listener, server connection, client connection, packets, and loggers. Most protocol builders implement these components automatically so developers save time and money. Currently, there are two Protocol Builders in the market, one for C++ from UpRedSun which is for TCP and UDP protocols. The second one is for .Net languages which generates the code in C# for TCP Protocols, this tool is called .Net Protocol Builder.
T Layout
The T-Layout is an architectural and design concept for web applications, specifically tailored to improve the user experience on mobile devices. It features a horizontally scrollable container divided into three distinct sections, each spanning the full width of the screen, and was developed to optimise space usage and streamline navigation. == Background == The T-Layout introduces horizontal scrolling as a complementary method to the conventional pop-up-based navigation system in mobile web applications. In this layout, the central section which is visible by default upon accessing the application, facilitates the main content of a URL address and is flanked by two "helper" sections. This approach minimises the need for extensive user movements, in order to reach navigation controls typically located at the top of the screen. It is aimed at enhancing the user experience on mobile devices by providing an easier way to access essential content such as the main navigation, e-commerce related screens, or user account related information, ensuring that those elements are readily accessible while requiring minimal user effort. The T-Layout was first implemented by E (e-streetwear.com) in their mobile web app layout, and it was inspired by the interfaces of well-tested native mobile apps like Instagram and Revolut. A study titled "Mobile Navigation and User Preferences Survey" indicated a preference among mobile app users for one-handed usage, primarily navigating with their thumb. These insights led to the T-Layout Experiment, which compared the efficiency of using swipe gestures to access navigational elements against reaching traditional navigation controls. == Development history == It was first released as the mobile layout of E in early 2023. It was originally developed based on six principles: user-centric functionality, lightweight filesize, HTML and CSS implementation with minimal or no use of JavaScript required, suitable both for browser and server-rendering architectures, intuitive design, and improved SEO. The development of the T-Layout was driven by the necessity for more ergonomic and user-friendly interfaces in mobile web applications. Its design, reminiscent of the letter 'T', emerged as a solution to several usability challenges mobile device users face, emphasising ease of access and efficient screen space utilisation. In July 2023, E formalised the concept and its technical specifications, introducing it to the web design and development community. In October 2023 the "Mobile Navigation and User Preferences Survey" was conducted, establishing that the vast majority of individuals prefer to use mobile applications by holding the phone in a one-handed grip, utilising only the thumb for gestures when possible. The subsequent "T-Layout Experiment", designed to measure the time in seconds and the distance (user effort) in pixels, required to access navigational elements by traditionally tapping on fixed-positioned controls compared to swiping anywhere on the screen. The results proved that swipe gestures require less time and much less effort. == Styling and features == The main characteristic of the T-Layout is its horizontal scrolling feature, which can improve navigation efficiency while preserving the functionality of traditionally structured user interfaces. Its Implementation can be achieved with a combination of HTML and styling with CSS as well as precompiled Scss and Sass, CSS-in-JS, and styled JSX. It can be either a purely HTML/CSS solution but JavaScript can be utilised as well to add more specific functionalities, while It can be implemented to both existing and new applications. Its application in server-side rendering architectures will ensure that all its underlying principles apply. Although principally each section in the layout has a distinct role and facilitates specific types of content, the T-Layout as a concept is versatile, and it is adaptable allowing modifications in the layout or how it's implemented to cater to the specific needs of different applications.
Plum Voice
The Plum Group, Inc. (DBA Plum Voice) is a company. Plum is headquartered in New York City with offices in Boston and Denver. == History == Plum Voice, founded in 2000 as The Plum Group, Inc., was incorporated to create technologies for personalized audio communication. By 2001, Plum had commercialized the open-standard Plum VoiceXML IVR platform which facilitated the creation of dynamic telecom applications. 2001 - Commercial launch of Plum VoiceXML IVR platform for customer-premises deployment 2002 - Launch of Plum Voice Hosting Centers for 24x7x365 managed IVR hosting 2004 - Plum Voice application suite receives a "Product of the Year" award from Customer Interactions magazine 2008 - Plum Survey builder launched, a do-it-yourself IVR survey tool. 2010 - Plum launched QuickFuse, a web-based rapid development platform used to create voice applications. 2013 - Plum launched VoiceTrends, an analytics and reporting toolkit designed specifically for voice applications. Plum achieves PCI-DSS Level 1. 2015 - Plum launched Plum Insight, a multi-channel (voice, web, mobile) survey platform. Plum achieves HIPAA compliance. 2016 - Plum launched a new version of QuickFuse called Fuse+. 2020 - Plum sunsets QuickFuse, rebrands Fuse+ as Plum Fuse.
Orleans (software framework)
Orleans is a cross-platform software framework for building scalable and robust distributed interactive applications based on the .NET Framework or on the more recent .NET. == Overview == Orleans was originally created by the eXtreme Computing Group at Microsoft Research and introduced the virtual actor model as a new approach to building distributed systems for the cloud. Orleans scales from a single on-premises server to highly-available and globally distributed applications in the cloud. The virtual actor model is based on the actor model but has several differences: A virtual actor always exists, it cannot be explicitly created or destroyed. Virtual actors are automatically instantiated. If a server hosting an actor crashes, the next message sent to the actor causes it to be reinstantiated automatically. The server that an actor is on is transparent to the application code. Orleans can automatically create multiple instances of the same stateless actor. Starting with cloud services for the Halo franchise, the framework has been used by a number of cloud services at Microsoft and other companies since 2011. The core Orleans technology was transferred to 343 Industries and is available as open source since January 2015. The source code is licensed under MIT License and hosted on GitHub. Orleans runs on Microsoft Windows, Linux, and macOS and is compatible with .NET Standard 2.0 and above. == Features == Some Orleans features include: Persistence Distributed ACID transactions Streams Timers & Reminders Fault tolerance == Related implementations == The Electronic Arts BioWare division created Project Orbit. It is a Java implementation of virtual actors that was heavily inspired by the Orleans project.