A software token (a.k.a. soft token) is a piece of a two-factor authentication security device that may be used to authorize the use of computer services. Software tokens are stored on a general-purpose electronic device such as a desktop computer, laptop, PDA, or mobile phone and can be duplicated. (Contrast hardware tokens, where the credentials are stored on a dedicated hardware device and therefore cannot be duplicated — absent physical invasion of the device) Because software tokens are something one does not physically possess, they are exposed to unique threats based on duplication of the underlying cryptographic material - for example, computer viruses and software attacks. Both hardware and software tokens are vulnerable to bot-based man-in-the-middle attacks, or to simple phishing attacks in which the one-time password provided by the token is solicited, and then supplied to the genuine website in a timely manner. Software tokens do have benefits: there is no physical token to carry, they do not contain batteries that will run out, and they are cheaper than hardware tokens. == Security architecture == There are two primary architectures for software tokens: shared secret and public-key cryptography. For a shared secret, an administrator will typically generate a configuration file for each end-user. The file will contain a username, a personal identification number, and the secret. This configuration file is given to the user. The shared secret architecture is potentially vulnerable in a number of areas. The configuration file can be compromised if it is stolen and the token is copied. With time-based software tokens, it is possible to borrow an individual's PDA or laptop, set the clock forward, and generate codes that will be valid in the future. Any software token that uses shared secrets and stores the PIN alongside the shared secret in a software client can be stolen and subjected to offline attacks. Shared secret tokens can be difficult to distribute, since each token is essentially a different piece of software. Each user must receive a copy of the secret, which can create time constraints. Some newer software tokens rely on public-key cryptography, or asymmetric cryptography. This architecture eliminates some of the traditional weaknesses of software tokens, but does not affect their primary weakness (ability to duplicate). A PIN can be stored on a remote authentication server instead of with the token client, making a stolen software token no good unless the PIN is known as well. However, in the case of a virus infection, the cryptographic material can be duplicated and then the PIN can be captured (via keylogging or similar) the next time the user authenticates. If there are attempts made to guess the PIN, it can be detected and logged on the authentication server, which can disable the token. Using asymmetric cryptography also simplifies implementation, since the token client can generate its own key pair and exchange public keys with the server.
Summify
Summify was a social news aggregator founded by Mircea Paşoi and Cristian Strat, two former Google and Microsoft interns from Romania. The service emailed its users a periodic summary of news articles shared from their social networks based on their relevance and importance. The platform supported Twitter, Facebook, and Google Reader accounts. == History == In 2009, Paşoi and Strat created ReadFu, a plugin that provided a contextual summary and statistics of the target page of a hyperlink. In January 2010, ReadFu was accepted into the Vancouver-based start-up incubator Bootup Labs. On March 20, 2010 the service was renamed to Summify and a private beta began. On August 11, 2010 Paşoi and Strat announced a new direction for the service. It would become a real-time social news reader that aggregates incoming news from social networks and displays articles by importance using social reactions. After some feedback that the users preferred article digests by email more than the real-time news reader version, Summify discontinued the news reader version. In March 2011, Summify completed a Seed round, with investors including Rob Glaser, Accel Partners, and Stewart Butterfield. Summify received coverage from various news and media outlets such as TechCrunch. It was also featured in various news platforms, such as Time, The Globe and Mail, Mashable, VentureBeat, Gizmodo, Lifehacker, and The Next Web. Summify released a free app on the Apple App Store on July 8, 2011. The app allowed users to read their web summaries from iOS mobile devices. Summify was acquired by Twitter on January 19, 2012. The service shut down soon after, on June 22, 2012.
Period-tracking app
Period-tracking apps are mobile applications used to track the menstrual cycle. They may be used to predict menstruation, to plan fertility, and to track health. Examples include Clue, Glow, and Flo. == Function == Users enter their dates of menstruation, and frequently other experiences such as vaginal discharge and spotting; premenstrual syndrome; changes in mood; menstrual cramps and other pain; and other symptoms such as appetite changes, bloating, and acne. The apps predict the date of users' next period, and often also their ovulation and fertile window. Some apps have additional features such as contraceptive reminders, educational content, tracking modes for use during pregnancy, or the ability to share one's menstrual cycle data with a partner. == Privacy == Period-tracking apps collect personal health data, potentially raising concerns about privacy. Researchers have warned that data may be transferred to third parties and used for consumer profiling and targeted advertising, used for employment and health insurance discrimination, or used to prosecute users for seeking abortions. After the 2022 decision by the United States Supreme Court to overturn Roe v. Wade, and the bans and restrictions on abortion in many US states that followed, many American women uninstalled the apps amidst fear that the data could be accessed by law enforcement and used to prosecute users. WIRED published a ranking of several period-tracking apps by data privacy.
FoundationDB
FoundationDB is a free and open-source multi-model distributed NoSQL database owned by Apple Inc. with a shared-nothing architecture. The product was designed around a "core" database, with additional features supplied in "layers." The core database exposes an ordered key–value store with transactions. The transactions are able to read or write multiple keys stored on any machine in the cluster while fully supporting ACID properties. Transactions are used to implement a variety of data models via layers. The FoundationDB Alpha program began in January 2012 and concluded on March 4, 2013, with their public Beta release. Their 1.0 version was released for general availability on August 20, 2013. On March 24, 2015, it was reported that Apple has acquired the company. A notice on the FoundationDB web site indicated that the company has "evolved" its mission and would no longer offer downloads of the software. On April 19, 2018, Apple open sourced the software, releasing it under the Apache 2.0 license. == Main features == The main features of FoundationDB include the following: Ordered key–value store In addition to supporting standard key-based reads and writes, the ordering property enables range reads that can efficiently scan large swaths of data. Transactions Transaction processing employs multiversion concurrency control for reads and optimistic concurrency for writes. Transactions can span multiple keys stored on multiple machines. ACID properties FoundationDB guarantees serializable isolation and strong durability via redundant storage on disk before transactions are considered committed. Layers Layers map new data models, APIs, and query languages to the FoundationDB core. They employ FoundationDB's ability to update multiple data elements in a single transaction, ensuring consistency. An example is their SQL layer. Commodity clusters FoundationDB is designed for deployment on distributed clusters of commodity hardware running Linux. Replication FoundationDB stores each piece of data on multiple machines according to a configurable replication factor. Triple replication is the recommended mode for clusters of 5 or more machines. Scalability FoundationDB is designed to support horizontal scaling through the addition of machines to a cluster while automatically handling data replication and partitioning. Systems supported FoundationDB supports packages for Linux, Windows, and macOS. The Linux version supports production clusters, while the Windows and macOS versions support local operation for development purposes. Configurations on Amazon EC2 are also supported. Programming language bindings FoundationDB supports language bindings for Python, Go, Ruby, Node.js, Java, PHP, and C, all of which are made available with the product. == Design limitations == The design of FoundationDB results in several limitations: Long transactions FoundationDB does not support transactions running over five seconds. Large transactions Transaction size cannot exceed 10 MB of total written keys and values. Large keys and values Keys cannot exceed 10 kB in size. Values cannot exceed 100 kB in size. == History == FoundationDB, headquartered in Vienna, Virginia, was started in 2009 by Nick Lavezzo, Dave Rosenthal, and Dave Scherer, drawing on their experience in executive and technology roles at their previous company, Visual Sciences. In March 2015 the FoundationDB Community site was updated to state that the company had changed directions and would no longer be offering downloads of its product. The company was acquired by Apple Inc., which was confirmed March 25, 2015. On April 19, 2018, Apple open sourced the software, releasing it under the Apache 2.0 license.
Vx-underground
vx-underground, also known as VXUG, is an educational website about malware and cybersecurity. It claims to have the largest online repository of malware. The site was launched in May, 2019 and has grown to host over 35 million pieces of malware samples. On their account on Twitter, VXUG reports on and verifies cybersecurity breaches. == Reception == Kim Crawley compared the site to VirusTotal and states that vx-underground is more susceptible to suspicion for law enforcement. == Data breach reports == In May 2024, the International Baccalaureate organizations faced allegations over supposed breaches in their IT infrastructure after an incident of examination leaks. Upon inspecting leaked data, VXUG were the first to report that the breach seemed legitimate on the morning of May 6.
FreshBooks
FreshBooks is accounting software operated by 2ndSite Inc. primarily for small and medium-sized businesses. It is a web-based software as a service (SaaS) model, that can be accessed through a desktop or mobile device. The company was founded in 2003 and is based in Toronto, Canada. == History == FreshBooks was founded in 2004 by Mike McDerment, Levi Cooperman, and Joe Sawada in Toronto, Ontario. McDerment incorporated a second company, BillSpring in January 2015 to work on new product development. It was rolled back into FreshBooks as an updated interface in 2016. Initially FreshBooks functioned like an electronic invoicing program targeting IT professionals. After the release of the new interface, the initial release of FreshBooks was referred to as "FreshBooks Classic." FreshBooks Classic was discontinued in 2022 after migrating users to the new platform. FreshBooks Classic's front-end application was built in PHP, and the backend services were built in Python while the new FreshBooks uses the same backend services with a JavaScript single-page application. == Product == FreshBooks is a subscription-based accounting software platform that provides features such as invoicing, accounts payable, expense and time tracking, retainers, fixed asset depreciation, purchase orders, payroll integrations, mileage tracking, double-entry accounting, and standard business reporting. Financial data is stored in the cloud on a unified ledger, enabling access from desktop and mobile devices. The platform includes a free API for integration with external applications and supports multiple tax rates and currencies. It also offers project management and payroll functionalities. Pricing is based on a recurring monthly fee. FreshBooks supports country-specific tax calculations, including GST and HST in Canada, sales taxes in the United States, and MTD compliance in the UK. == Operations == FreshBooks has its headquarters in Toronto, Canada with operations in North America, Europe and Australia. Founder Mike McDerment was the chief executive officer of the company from 2003 until 2021, when he stepped down and was replaced by Don Epperson, but stayed as the executive chair. Don Epperson had previously joined FreshBooks as executive director in 2019. == Funding == FreshBooks was initially self-funded. In 2014, the company raised a Series A venture investment of $30 million led by the venture capital firm Oak Investment Partners, with participation by Georgian Partners and Atlas Venture. In 2017, FreshBooks announced that it raised another $43 million in funding from Accomplice, Georgian Partners and Oak Investment Partners. On August 10, 2021, FreshBooks announced that it had secured $80.75 million in Series E funding and $50 million in debt financing. FreshBooks also reached a valuation of more than $1 billion.
North Atlantic Population Project
The North Atlantic Population Project (NAPP) is a collaboration of historical demographers in Britain, Canada, Denmark, Germany, Iceland, Norway, and Sweden to produce a massive census microdata collection for the North Atlantic Region in the late-nineteenth century. The database includes complete individual-level census enumerations for each country, and provides information on over 110 million people. This large scale allows detailed analysis of small geographic areas and population subgroups. The NAPP database is designed to be compatible with the Integrated Public Use Microdata Series (IPUMS), and is disseminated through the IPUMS data-access system at the Minnesota Population Center, University of Minnesota. Major collaborators on the project include Lisa Dillon, University of Montreal; Chad Gaffield, University of Ottawa; Ólöf Garðarsdóttir, Statistics Iceland; Marianne Jarnes Erikstad, University of Tromsø; Jan Oldervall University of Bergen; Evan Roberts, University of Minnesota; Steven Ruggles, University of Minnesota; Kevin Schürer, UK Data Archive; Gunnar Thorvaldsen, University of Tromsø; and Matthew Woollard, UK Data Archive. The project is also coordinated by the Minnesota Population Center at the University of Minnesota.