L-1 Identity Solutions, Inc. was an American biometric technology company headquartered in Stamford, Connecticut, specializing in identity management products and services including facial recognition systems, fingerprint readers, and secure credentialing solutions for governments and commercial enterprises. The company's shares traded on the New York Stock Exchange under the ticker symbol "ID." == History == L-1 Identity Solutions was formed on August 29, 2006, from a merger of Viisage Technology, Inc. and Identix Incorporated. Prior to the Safran acquisition, L-1 divested its Intelligence Services Group (ISG) comprising SpecTal LLC, Advanced Concepts Inc., and McClendon LLC to BAE Systems, Inc. for approximately $297 million. The transaction, initially announced in September 2010, closed on February 15, 2011, with more than 1,000 ISG employees joining BAE Systems' Intelligence & Security sector. It specializes in selling face recognition systems, electronic passports, such as Fly Clear, and other biometric technology to governments such as the United States and Saudi Arabia. It also licenses technology to other companies internationally, including China. On July 26, 2011, Safran (NYSE Euronext Paris: SAF) acquired L-1 Identity Solutions, Inc. for a total cash amount of USD 1.09 billion. L-1 was part of Morpho's MorphoTrust department which rebranded to Idemia in 2017. Bioscrypt is a biometrics research, development and manufacturing company purchased by L-1 Identity Solutions. It provides fingerprint IP readers for physical access control systems, Facial recognition system readers for contactless access control authentication and OEM fingerprint modules for embedded applications. According to IMS Research, Bioscrypt has been the world market leader in biometric access control for enterprises (since 2006) with a worldwide market share of over 13%. In 2011, Bioscrypt was sold to Safran Morpho.
AppValley
AppValley is an independent American digital distribution service operated and trademarked by AppValley LLC. It serves as an alternative app store for the iOS mobile operating system, which allows users to download applications that are not available on the App Store, most commonly tweaked "++" apps, jailbreak apps, and apps including paid apps on the app store. == Legality == AppValley is among several services that violate enterprise developer certificates from Apple. The terms under which these are granted make clear that they are for companies who wish to distribute apps to their employees. AppValley uses these certificates to distribute software directly to non-employees, thereby bypassing the AppStore. AppValley's conduct had implications in U.S. sanctioned markets like Iran, Iraq, North Korea, Cuba, and Venezuela, which have all been subject to commercial sanctions. Among the software offered by AppValley and other services is pirated software, including paid apps on the app store and premium versions of Instagram, Spotify, Pokémon Go, and others. For instance, AppValley distributes an ad-free version of the music streaming app Spotify even on the free tier. == History == The website was founded in May 2017, releasing late that month with a very basic version of the app. There were less than 100 apps available for download at this time. On Jan 19, 2018, a new version dubbed AppValley 2.0 was released bringing dark mode, more categories, a search, and a much faster interface. On February 14, 2019, a Chinese partner "Jason Wu" allegedly took control of the main Twitter account and domain, causing the original AppValley developers to migrate to the domain app-valley.vip and the Twitter account handle @App_Valley_vip. As of September 2024, the app-valley.vip domain now redirects to appvalley.signulous.com. Today, AppValley continues to offer an alternative to Apple's App Store where app developers can publish their applications. == Features == AppValley is a mobile app installer which can also support iOS version that can be installed and downloaded on the mobile or the devices of the people who wish to get access to many different applications available. AppValley also contains apps that have been modified or tweaked for user preferences, and allows the user to by pass national restrictions on the use of apps, without having to resort to jailbreaking. As of June 2, 2020, there are over 1300 apps available for download.
Subliminal channel
In cryptography, subliminal channels are covert channels that can be used to communicate secretly in normal looking communication over an insecure channel. Subliminal channels in digital signature crypto systems were found in 1984 by Gustavus Simmons. Simmons describes how the "Prisoners' Problem" can be solved through parameter substitution in digital signature algorithms. == Examples == An easy example of a narrowband subliminal channel for normal human-language text would be to define that an even word count in a sentence is associated with the bit "0" and an odd word count with the bit "1". The question "Hello, how do you do?" would therefore send the subliminal message "1". The Digital Signature Algorithm has one subliminal broadband and three subliminal narrow-band channels == Improvements == A modification to the Brickell and DeLaurentis signature scheme provides a broadband channel without the necessity to share the authentication key. The Newton channel is not a subliminal channel, but it can be viewed as an enhancement. == Countermeasures == With the help of the zero-knowledge proof and the commitment scheme it is possible to prevent the usage of the subliminal channel. This countermeasure has a 1-bit subliminal channel because for is the problem that a proof can succeed or purposely fail. Another countermeasure can detect, and not prevent, the subliminal usage of the randomness.
Government Secure Intranet
Government Secure Intranet (GSi) was a United Kingdom government wide area network, whose main purpose was to enable connected organisations to communicate electronically and securely at low protective marking levels. It was known for the '.gsi.gov.uk' family of domains for government email. Migration away from these domains began in 2019 and was completed in 2023. == History == === Use === Many UK government organisations used the GSi to transfer files on a peer-to-peer (P2P) basis between similarly accredited networks. The network itself was open within the context of its accreditation – it imposed no restrictions on traffic types carried across the network, restrictions and policy control were left to the connecting departments. Email traffic in and out of the network was filtered by an external provider. === Origin === The concept of GSi was defined by the Cabinet Office, and was turned into practical reality by the Internet Special Products group of Cable & Wireless (then known as Mercury Communications) at their Brentford premises. GSi development started late 1996, and can be roughly dated by checking the registration date of its first domain name, 'gsi.net', registered 30 May 1997. The formal go-live date was several months later (according to the Central Computer and Telecommunications Agency (CCTA) this was February 1998). The main drivers behind the development of GSi was the plethora of inter-agency connections in UK government which made managing security and connectivity budgets problematic. GSi not only provided better oversight, it also normalised connectivity. GSi was designed as an accredited, dual link connected Internet Protocol backbone, it imposed no restrictions on what type of traffic it carried; any restrictions were considered a policy decision for each connecting department. The design of GSi partly supported the then developing eGIF interoperability standards. This was a direct consequence of the two key technical people driving the project, one from Cable & Wireless, one from the UK government in the form of the CCTA. GSi used SMTP as mail transport protocol, and the conversion from the then prevalent X.400 email facilities to SMTP proved for many departments an improvement in reliability and speed. In the case of X.400, this conversion also cut email costs substantially as X.400 message conversions were still chargeable even if the conversion failed due to message size. In some cases, the ROI of such an email conversion was as short as two months. The creation of GSi handed Cable & Wireless a monopoly on UK government data connectivity. GSi can be considered one of the more successful UK government IT projects from the point of view of take up - even when still in pilot phase, demand increased to a point where service windows had to be imposed to continue building the platform to full strength. The development of GSi was also the root of the creation of the CESG Listed Adviser Scheme (CLAS). During the build of GSi, the need for accredited advisers became clear as advice on connectivity invariably involved discussing government confidential matters. CESG eventually responded with the above CLAS scheme. === Operations contract === GSi was operated on a five-year renewable contract basis. Energis won this contract from Cable & Wireless in August 2003. Cable & Wireless then bought Energis in 2005, thus regaining control over the platform. Cable and Wireless Worldwide won the GSi Convergence Framework (GCF) contract in 2011. The GSi and Managed Telecommunications Service (MTS) framework agreements finished in August 2011 with contracts running on to 12 February 2012. GCF is intended to facilitate the migration to the Public Services Network. === Previous developments === Government Connect went live across local authorities in England and Wales. Government Connect is a pan-government programme providing an accredited and secure network between central government and every local authority in England and Wales and allows exchange of RESTRICTED information between authorities. The GCSX network is part of the wider GSi and provides connectivity to nearly all central departments. Scottish local authorities have already established a similar network known as the Government Secure Extranet (GSX). Local authorities with a GCSX connection can now use a GCSX email account to exchange sensitive data, including DWP benefits data, patient identifiable data, with health sector staff who have a NHS.net email address, e.g. PCT staff and GPs. As both GCSX and the Police National Network (PNN) are both connected to the wider Government Secure Intranet (GSi), data can be transferred securely between local authorities and the Police. GC Mail can be used now to replace the existing less efficient and less secure methods of exchanging data between local authorities and the Police. Local authorities that deliver Housing and Council Tax benefits are taking part in the e-Transfers programme, which is e-enabling the process for delivery of Local Authority Input Documents (LAIDs) and Local Authority Claim Information (LACIs). Version 4.1 of the Code of Connection for compliance was introduced in 2010. Compared with version 3.2 the main Code of Connection version 4.1 areas of are: Mobile working - full implementation of compliant service Firewall specification (EAL 4) Execution of unauthorised software Requirement for IT Healthchecks (CHECK / CREST / TigerScheme) Labelling e-mails with protective markings. == Public Services Network == The Public Services Network is a UK Government programme that unified the provision of network infrastructure across the United Kingdom public sector into an interconnected "network of networks". This included large elements of GSi. It is now a legacy network. Centrally procured public sector networks migrated across to the PSN framework as they reached the end of their contract terms, either through an interim framework or directly. The Government Secure Intranet (GSi) contracts expired in September 2011, running on to 12 February 2012 and were replaced by the transitional Government Secure Intranet Convergence Framework (GCF).
Cleo Communications
Cleo Communications LLC, simply referred to as Cleo, is a privately held software company founded in 1976. The company is best known for its ecosystem integration platform, Cleo Integration Cloud with RADAR. == History == Cleo originally began as a division of Phone 1 Inc., a voice data gathering systems manufacturer, and built data concentrators and terminal emulators — multi-bus computers, modems, and terminals to interface with IBM mainframes via bisynchronous communications. The company then began developing mainframe middleware in the 1980s, and with the rise of the PC, moved into B2B data communications and secure file transfer software. Cleo Communications was acquired in 2012 by Global Equity Partners along with other investment companies. Since being acquired in 2012, the company’s offerings have evolved into Cleo Integration Cloud, a platform for enterprise business integration. == Business == Based in Rockford, Illinois (USA), with offices in Chicago, Pennsylvania, London, and Bangalore, Cleo has about 400 employees and more than 4,100 direct customers. The company's flagship offering, Cleo Integration Cloud, provides both on-premise and cloud-based integration technologies and comprises solutions for B2B/EDI, application integration, data movement and data transformation. Previous products now incorporated into the Cleo Integration Cloud platform include Cleo Harmony, Cleo Clarify, and Cleo Jetsonic. Cleo solutions span a variety of industries, including manufacturing, logistics and supply chain, retail, third-party logistics, warehouse management and transportation management, healthcare, financial services and government. The U.S. Department of Veterans Affairs adopted Cleo's fax technology, Cleo Streem, in 2013 when in need of FIPS 140-2-compliant technology to protect information, and the City of Atlanta has used Cleo Streem for network and desktop faxing since 2006. Cleo also serves U.S. transportation logistics company MercuryGate International and SaaS-based food logistics organization ArrowStream. It powers the architecture for several major supply chain companies, such as Blue Yonder and SAP. Cleo integrates the pharmaceutical supply chain for such companies as Octapharma. Key partners include FourKites and ClientsFirst, among many others. In May 2023, Cleo announced it entered a global partnership with consulting and multinational information technology services company, Cognizant (NASDAQ: CTSH). Together, the companies announced CCIB, powered by Cleo, which is a B2B iPaaS solution that provides B2B managed services with built-in, scalable infrastructure on the cloud. The solution comprises elements from Cleo’s flagship offering, Cleo Integration Cloud. == Expansion == In June 2014, Cleo opened an office in Chicago for members of its support and Ashok and teams. In 2014, the company hired Jorge Rodriguez as Senior Vice President of Product Development and John Thielens as Vice President of Technology. Cleo hired Dave Brunswick as Vice President of Solutions for North America in 2015, and Cleo hired Ken Lyons to lead global sales in 2016. Lyons now serves as the company's Chief Revenue Officer. More recent additions to the company's leadership team include Vipin Mittal, Vice President, Customer Experience, and Tushar Patel, CMO. Cleo opened its product development facility in Bengaluru, India, in 2015 and expanded its hybrid cloud integration teams into a new office there in 2017. The company also opened a London office in 2016 and expanded its network of channel partners in EMEA. In 2016, Cleo acquired EXTOL International, a Pottsville, Pa.-based business and EDI integration and data transformation company for an undisclosed amount. In 2017, the company moved its headquarters from Loves Park, Illinois, to Rockford. In 2021 the company received a significant growth investment from H.I.G. Capital. In July 2022, Cleo opened a new, 5,000-square-foot office located in Chicago's Loop. In November 2022, Cleo launched an accelerator for Microsoft Dynamics 365 SCM-to-X12 and a connector for Microsoft Dynamics 365 Business Central. These pre-built solutions allow businesses and users to quickly build integration flows that integrate their digital ecosystems. In March 2023, Cleo released CIC PAVE (Procurement Automation and Vendor Enablement). PAVE provides customers with enhanced supply chain visibility via a supplier portal that allows the customer to keep vendor interaction in a single location, even if they cannot use EDI or have API-ready applications. In December 2023, Cleo acquired ECS International, an integration technology company based in the Netherlands. == Certification == Cleo regularly submits its products to Drummond Group's interoperability software testing for AS2, AS3 and ebMS 2.0. In January 2020, Cleo announced that its new application connector for Acumatica ERP has been recognized as an Acumatica-Certified Application (ACA). The company also holds SOC 2, Type 2 certification. == Awards == Cleo was a Xerox partner of the year award for five years, from 2009 to 2014. The Cleo Streem solution integrates with Xerox multi-function products, providing customers with solutions for network fax and interactive messaging needs. Cleo was named to Food Logistics’ FL100+ Top Software and Technology Providers Lists in 2016, 2017, 2019 and 2020. Cleo CEO, Mahesh Rajasekharan was named an Ernst & Young Entrepreneur Of The Year 2022 Midwest Award winner. Rajasekharan is serving as a judge for the 2023 Ernst & Young Entrepreneur Of the Year Awards. As of April 2022, Cleo has been named a Leader in EDI on the G2 Grid, a peer-to-peer review site, for 20 straight quarters. In Spring 2023, Cleo won 23 G2 awards—including EDI Leader Enterprise, MFT Leader Enterprise, On-Premise Data Integration Best Support Enterprise, and iPaaS High Performer Asia.
Contextual AI
Contextual AI is an enterprise software company based in Mountain View, California. It develops a platform for building specialized Retrieval-Augmented Generation (RAG) agents for enterprise use. The company was founded in 2023 by Douwe Kiela and Amanpreet Singh, both former AI researchers at Facebook AI Research (FAIR) and Hugging Face. Douwe Kiela previously led the Meta research team that introduced the Retrieval-Augmented Generation (RAG) approach in 2020. Contextual AI focuses on enterprise generative AI applications using RAG 2.0 technology, with deployments primarily in the technology, banking, finance and media sectors. == History == In June 2023, Contextual AI announced it had raised $20 million in a seed funding round led by Bain Capital Ventures (BCV), with participation from Lightspeed Venture Partners, Greycroft, SV Angel, and several angel investors. In August 2024, the company raised $80 million in a Series A funding round led by Greycroft, with participation from previous investors including Bain Capital Ventures, Lightspeed, and Conviction Partners. The round also included new backers such as Bezos Expeditions, NVentures (Nvidia), HSBC Ventures, and Snowflake Ventures. == Features == Retrieval-Augmented Generation (RAG) is an artificial intelligence framework that integrates information retrieval with text generation to improve the performance of large language models (LLMs) on complex, knowledge-intensive tasks. It was introduced in 2020 by researchers at Meta AI, including Douwe Kiela, Patrick Lewis and others, in their paper Retrieval-Augmented Generation for Knowledge-Intensive NLP Tasks. RAG enables language models to access and incorporate external information, such as proprietary databases or real-time web content, at query time, instead of relying solely on pre-trained, internal, static knowledge. This architecture addresses common limitations of standard LLMs, including hallucination, outdated information, and lack of attribution to source materials. RAG systems retrieve relevant context through a variety of techniques - including vector search, keyword search, text-to-SQL - and feeds this context into the language model to generate responses. The approach improves factual accuracy, supports domain-specific customization, enables citation of sources, and allows for more updated information without retraining the model itself. General Availability. In January 2025, Contextual AI announced the general availability of its enterprise platform for building specialized RAG agents. Early adopters included Qualcomm, which used the platform for their Customer Engineering team needs. Grounded Language Model. In March 2025, the company introduced a Grounded Language Model (GLM) for factual accuracy in enterprise AI applications. Reranker. In March 2025, Contextual AI released an instruction-following reranker that allows users to influence the ranking of retrieved documents through natural language instructions, such as prioritizing recent files, specific formats, or content from designated sources. == Applications == Contextual AI's platform has been adopted across a range of industries, including finance, technology, media and professional services. Clients include Fortune 500 companies such as Qualcomm and HSBC.
Human rights and encryption
Human rights and encryption refers to the ways in which digital encryption affects human rights. Encryption can be used as both a detriment and a boon to human rights; for example, encryption can be used to enforce digital rights management for video games. This kind of video game licensing can render software unusable long term and represents the erosion of consumer rights. At the same time, encryption is fundamental part of internet security. Asymmetrical encryption is used extensively online for authentication, providing users confidence their internet traffic is not being misdirected. Encryption is also used to obfuscate information as it travels from end-to-end over the internet, preventing eavesdropping and tampering. Encryption can also provide anonymity, which is an important consideration for freedom of expression. Despite its drawbacks, encryption is essential for a free, open, and trustworthy internet. == Background == === Human rights === Human rights are moral principles or norms for human behaviour that are regularly protected as legal rights in national and international law. They are commonly understood as inalienable, fundamental rights "to which a person is inherently entitled simply because they are a human being". Those rights are "inherent in all human beings" regardless of their nationality, location, language, religion, ethnic origin, or any other status. They are applicable everywhere and at every time and are universal and egalitarian. === Cryptography === Cryptography is a long-standing subfield of both mathematics and computer science. It can generally be defined as "the protection of information and computation using mathematical techniques." Encryption and cryptography are closely interlinked, although "cryptography" has a broader meaning. For example, a digital signature is "cryptography", but not technically "encryption". == Overview == Under international human rights law, freedom of expression is recognized as a human right under Article 19 of the Universal Declaration of Human Rights (UDHR) and the International Covenant on Civil and Political Rights (ICCPR). In Article 19 of the UDHR states that "everyone shall have the right to hold opinions without interference" and "everyone shall have the right to freedom of expression; this right shall include freedom to seek, receive and impart information and ideas of all kinds, regardless of frontiers, either orally, in writing or in print, in the form of art, or through any other media of his choice". Since the 1970s, the availability of digital computing and the invention of public-key cryptography have made encryption more widely available. (Previously, encryption techniques were the domain of nation-state actors.) Cryptographic techniques are also used to protect the anonymity of communicating actors and privacy more generally. The availability and use of encryption continue to lead to complex, important, and highly contentious legal policy debates. Some government agencies have made statements or proposals to lessen such usage and deployment due to hurdles it presents for government access. The rise of commercial end-to-end encryption services have pushed towards more debates around the use of encryption and the legal status of cryptography in general. Encryption, as defined above, is a set of cryptographic techniques to protect information. The normative value of encryption, however, is not fixed but varies with the type and purpose of the cryptographic methods used. Traditionally, encryption (cipher) techniques were used to ensure the confidentiality of communications and prevent access to information and communications by others and intended recipients. Cryptography can also ensure the authenticity of communicating parties and the integrity of communications contents, providing a key ingredient for enabling trust in the digital environment. There is a growing awareness within human rights organizations that encryption plays an important role in realizing a free, open, and trustworthy Internet. UN Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression David Kaye observed, during the Human Rights Council in June 2015, that encryption and anonymity deserve a protected status under the rights to privacy and freedom of expression: "Encryption and anonymity, today's leading vehicles for online security, provide individuals with a means to protect their privacy, empowering them to browse, read, develop and share opinions and information without interference and enabling journalists, civil society organizations, members of ethnic or religious groups, those persecuted because of their sexual orientation or gender identity, activists, scholars, artists and others to exercise the rights to freedom of opinion and expression." == Encryption in media and communication == In the context of media and communication, two types of encryption in media and communication can be distinguished: It could be used as a result of the choice of a service provider or deployed by Internet users. Client-side encryption tools and technologies are relevant for marginalized communities, journalists and other online media actors practicing journalism as a way of protecting their rights. It could prevent unauthorized third party access, but the service provider implementing it would still have access to the relevant user data. End-to-end encryption is an encryption technique that refers to encryption that also prevents service providers themselves from having access to the user's communications. The implementation of these forms of encryption has sparked the most debate since the start of the 21st century. === Service providers deployed techniques to prevent unauthorized third-party access. === Among the most widely deployed cryptographic techniques is the securitization of communications channel between internet users and specific service providers from man-in-the-middle attacks, access by unauthorized third parties. Given the breadth of nuances involved, these cryptographic techniques must be run jointly by both the service user and the service provider in order to work properly. They require service providers, including online news publisher(s) or social network(s), to actively implement them into service design. Users cannot deploy these techniques unilaterally; their deployment is contingent on active participation by the service provider. The TLS protocol, which becomes visible to the normal internet user through the HTTPS header, is widely used for securing online commerce, e-government services and health applications as well as devices that make up networked infrastructures, e.g., routers, cameras. However, although the standard has been around since 1990, the wider spread and evolution of the technology has been slow. As with other cryptographic methods and protocols, the practical challenges related to proper, secure and (wider) deployment are significant and have to be considered. Many service providers still do not implement TLS or do not implement it well. In the context of wireless communications, the use of cryptographic techniques that protect communications from third parties are also important. Different standards have been developed to protect wireless communications: 2G, 3G and 4G standards for communication between mobile phones, base stations and base stations controllers; standards to protect communications between mobile devices and wireless routers ('WLAN'); and standards for local computer networks. One common weakness in these designs is that the transmission points of the wireless communication can access all communications e.g., the telecommunications provider. This vulnerability is exacerbated when wireless protocols only authenticate user devices, but not the wireless access point. Whether the data is stored on a device, or on a local server as in the cloud, there is also a distinction between 'at rest'. Given the vulnerability of cellphones to theft for instance, particular attention may be given to limiting service provided access. This does not exclude the situation that the service provider discloses this information to third parties like other commercial entities or governments. The user needs to trust the service provider to act in their interests. The possibility that a service provider is legally compelled to hand over user information or to interfere with particular communications with particular users, remains. === Privacy-enhancing Technologies === There are services that specifically market themselves with claims not to have access to the content of their users' communication. Service Providers can also take measures that restrict their ability to access information and communication, further increasing the protection of users against access to their information and communications. The integrity of these Privacy Enhancing Technologies (PETs), depends on delicate design decisions as well as the