False answer supervision (FAS) refers to VoIP fraud where the billed duration for the caller is more than the duration of the actual connection duration. The FAS is usually performed by VoIP wholesalers in their softswitches for randomly selected calls. Adding a small amount of extra billed seconds for many calls results in significant revenue for the VoIP wholesaler. == Implementation of FAS == The FAS fraud can be implemented in a softswitch in many different ways. These include: False billing of party A without calling a party B. Usually a fake ringback tone, loopback audio or voicemail message is played Start of billing before actual answer of party B Extra billing after disconnection of party B == Detection of FAS == The FAS can be detected and blocked in a softswitch. Common methods are: Manual verification of call detail records: listening to voice recordings Identification of FAS types and using algorithms to automatically detect the FAS RTP audio signal processing: detection of voice RTP audio signal processing: detection of silence RTP audio signal processing: detection of ringback tone
Google Research
Google Research (also known as Research at Google) is the research division of Google, a subsidiary of Alphabet Inc.. According to its official website, Google Research publishes findings, releases open-source software, and applies research results within Google products and services as well as within the wider scientific community. == Notable contributions == The 2017 landmark paper Attention Is All You Need, which introduced the Transformer architecture, which has subsequently been used to build modern large language models. Advances in neural machine translation powering Google Translate. Time series forecasting. Development of scalable learning systems and infrastructure for large-model training. Flood forecasting. Research into computational discovery via Google Accelerated Science including demonstrating the first below-threshold quantum calculations.
Alerts.in.ua
alerts.in.ua is an online service that visualizes information about air alerts and other threats on the map of Ukraine. == History == The idea of the site appeared in the first weeks of the 2022 Russian invasion of Ukraine, during the development of other projects related to alerting the population about alarms. So, on March 2, 2022, the "Lviv Siren" bot was created, which reported on air alarms in Lviv on Twitter. Later, the idea arose to monitor alarms all over Ukraine and display them on a map. However, the lack of a single official source reporting alarms made this task much more difficult. On March 15, 2022, the Ajax Systems company announced the creation of the official Telegram channel "Air Alarm". This channel receives signals from the "Air Alarm" application and instantly publishes messages about the start and end of alarms in different regions of Ukraine. This immediately solved the problem with the source of information and gave impetus to the further implementation of the project. On March 22, 2022, the first version of the "Air Alarm Map" website was published, located on the war.ukrzen.in.ua domain. The map quickly gained popularity in social networks. It, like several other similar projects, began to be widely distributed by the mass media: Suspilne, Novyi Kanal, UNIAN, DW, Fakty ICTV, Vikna TV, Ukrainian Radio, STB, Espresso, dev.ua, itc.ua and state bodies: Center for Countering Disinformation at the National Security and Defense Council of Ukraine, Verkhovna Rada of Ukraine, Khmelnytska OVA, etc. On April 8, 2022, the site moved to the alerts.in.ua domain, where it is still available today. On August 25, 2022, the service began monitoring local official channels in addition to the main "Air Alarm". On September 11, 2022, the English version of the site was published. On March 22, 2023, its own Android application was published. The project is actively developing and has its own community. == Description == The main part of the site is a map of Ukraine, on which the regions where an air alert or other threats have been declared are highlighted in real time. As of October 16, 2022, 5 types of threats are supported: Air alarm. The threat of artillery fire. The threat of street fighting. Chemical threat. Nuclear threat. Additionally, based on media reports, information is published about other dangerous events, such as explosions, demining, etc. On the site, you can view the history of announced alarms with links to sources. Alarm statistics for different time periods are also available. For developers, there is an API that allows you to develop your own services based on information about declared alarms. The site is available in Ukrainian, English, Polish and Japanese. == Use == The map is used by: To monitor the situation in the country and the region. To illustrate the alarms announced in the mass media: TSN, Ukrainian truth, Channel 24, Suspilne, RBC Ukraine, Gromadske, Glavkom. As a map of alarms in mobile applications, there is Alarm and AirAlert. As an API for its services, including alternative alarm maps, Telegram, Viber channels, Discord bots, IoT projects, etc. == Statistics == 89.5% of users use the map from a mobile phone, 10% from a PC and 1% from a tablet. Top 6 countries by visit: Ukraine, United States, Poland, Germany, Great Britain and Japan . == Alternative projects == eMap was created by the developer Vadym Klymenko. AlarmMap is an online from the Ukrainian office of Agroprep. The official map of air alarms was developed by Ajax Systems together with the developer Artem Lemeshev, Stfalcon with the support of the Ministry of Statistics.
Language-Theoretic Security
Language-theoretic security, or LangSec, is an approach to software security that focuses on input handling, complexity, and program design as strategies to improve the verifiability of computer programs. It was introduced in 2005 by Robert J. Hansen and Meredith L. Patterson at BlackHat and in 2011 by Len Sassaman and Patterson. It aims to create a formal description of which software is likely to have security vulnerabilities of particular classes, and why. It considers programs to have an inherent parser component, whether or not explicit, composed of that part of the program which operates on external input before that input is fully parsed. A central hypothesis of language-theoretic security is that vulnerabilities in software increase according to the computational power of the notional input-accepting automaton equivalent to this parser, using the definitions of automata theory. The lower bound on this computational power is the input language complexity of the program. The extent to which reducing this complexity is possible is a function of the specification of the communication protocol or file format the program takes as input. == Parsing as a security mechanism == The behaviour of a program is defined with reference to its expected input. Unexpected input being used by a program is a factor in numerous security bugs, including the so-called Android master key vulnerability (CVE-2013-4787), because accepting unexpected input renders the program's specification ambiguous. In that instance, the unexpected ambiguity came in the form of a ZIP file with duplicate filenames. If a program fully parses its input and only acts on input that unambiguously meets the specification, it follows that the program will avoid these types of vulnerabilities. This is an intentional inversion of the Postel principle. Accepting only unambiguous and valid input is a more formal requirement than input validation or sanitization, and narrows the number of possible but unanticipated program states that can be induced in an application via user input. Conversely, failure to do this is associated with security vulnerabilities. Input sanitization in particular is held to be an inadequate approach to avoiding malicious input because it inherently ignores context-sensitive properties of the input; it can therefore result in paradoxical effects, such as sanitization code activating otherwise inert cross-site scripting payloads in browsers. === Parser differentials === If the language of accepted program input is sufficiently simple, it is possible to verify that two implementations parse the same input language consistently. This is advantageous because it shows no parser differential exists between the two implementations. The requisite level of simplicity is theoretically that for which there is a solution to the equivalence problem. If the two parsers involved in CVE-2013-4787 were equivalent - that is, if they rendered the same output state given the same input state - the vulnerability could not have existed. One strategy for doing this is to publish machine-readable specifications of a format or protocol, and then use a parser generator to generate the parser code. An example of a parser generator built for this purpose is DaeDaLus. The combination of Lex with any of GNU Bison, ANTLR, or Yacc also accomplishes this. However, many parser generators allow the mixing of general purpose code with the parsing definitions, which weakens the guarantees provided by parsing. === Analysis of injection attacks === Injection attacks are generally the result of differences between the serializer (or "unparser") and the corresponding parser at a layer boundary in a system; therefore, they are a special case of parser differentials. In a SQL injection attack, for example, an attacker is able to cause the application with which they are interacting to serialize a SQL query that has different semantics than intended. In the simplest case where the payload ends a string and adds new code, the payload has crossed the code-data boundary in SQL. In language-theoretic security, this is treated as a bug in the serializer of the SQL query, which should instead be written in a way that constrains its possible outputs to those within the scope of the intended query. === Parser combinators === If a parser generator is not used, it is still possible to avoid implementation bugs by using parser combinator such as Nom to implement the parser code. This has the drawback of relying on a programmer correctly translating the specification into the language of the parser generator library, though this task is still less error-prone than hand-coding a parser. == Input format complexity == Complexity in computer programs is associated with security vulnerabilities. Within the domain of language-theoretic security, complexity is described with reference to the computational power of the abstract machine necessary to implement the program, or more particularly, to implement the parser for its input language. This complexity describes whether it is possible to show that there is no unintended or undesired functionality in the program which might be exploitable by an attacker. To be bounded in complexity, the program's input must be well-defined both in terms of form and of semantics. === Weird machines === A weird machine is a model of computation in a program that exists in parallel with, but is distinct from, the intended abstract model of computation in that program. Some classes of weird machine arise from the multi-layered nature of computer programs, or the context in which the programs run; others result from the unanticipated functionality a program has due to its complexity or to software bugs. The more complex the computation model of a program, the more likely it is to implement a weird machine. Depending on context, the weird machine may or may not be concretely useful for an attacker. Since the space of weird machines in the context of some program is the universe of all possible states that are not within the program's intended states, many exploited states including remote code execution and injection attacks belong to the domain of weird machines. A reduction in weird machines is therefore a likely correlate with reduced program vulnerability. === SafeDocs project === SafeDocs is a DARPA project undertaken in 2018 to take existing file formats, create safer subsets of them, and develop programming tools to work for the safer formats. The initial test case for this was PDF. The purpose of creating safer subsets in this case is to lower the minimum bound on parser complexity so that it becomes possible to create tools that will generate correct, normative parsers for them. == Relation to programming languages == The analytic framework of language-theoretic security assumes programs to be virtual machines that execute their input. A document that is read by an application is in this sense a form of machine code, in a generalization of the data as code idea, following the automata theory description of parsers. === Type-safe programming languages === Parsing input and serializing output are operations that consume one data type and emit another. A programming language can therefore check that data is correctly parsed and contains the expected structure by checking data types, and correct serializing (or unparsing) can be implemented as operations on the data types that are relevant to the program's output. This approach can be used to show that the recognizer and unparser patterns have been implemented. It is also possible to implement type checking across a distributed system to enforce parsing and unparsing of the expected structures and to verify that the assumptions made in designing the compositional properties of a distributed system have been followed. === Memory-safe programming languages === In the general case, spatial memory correctness is undecidable. If any proof of spatial memory correctness is to be made, it is therefore necessary to bound the complexity of the code. Interpreted languages such as Java and Python effectively accomplish this via runtime bounds checking, and frameworks for runtime bounds checking also exist for C. The effect of these strategies for spatial memory correctness are to create a halt state in place of a spatial memory correctness violation; therefore, it can be shown that the program will not violate spatial memory correctness, but in exchange, it cannot be shown in the general case that programs will not have runtime bounds checking exceptions. Some programming languages, such as Rust, accomplish this using borrow checking. The borrow checker acts to assure spatial memory correctness by compile-time reference counting. Code for which spatial memory correctness cannot be shown to not be violated therefore does not compile, inherently limiting the complexity of the spatial memory correctness of the program to what is decidable. Thi
Ware report
Security Controls for Computer Systems, commonly called the Ware report, is a 1970 text by Willis Ware that was foundational in the field of computer security. == Development == A defense contractor in St. Louis, Missouri, had bought an IBM mainframe computer, which it was using for classified work on a fighter aircraft. To provide additional income, the contractor asked the Department of Defense (DoD) for permission to sell computer time on the mainframe to local businesses via remote terminals, while the classified work continued. At the time, the DoD did not have a policy to cover this. The DoD's Advanced Research Projects Agency (DARPA) asked Ware - a RAND employee - to chair a committee to examine and report on the feasibility of security controls for computer systems. The committee's report was a classified document given in January 1970 to the Defense Science Board (DSB), which had taken over the project from ARPA. After declassification, the report was published by RAND in October 1979. == Influence == The IEEE Computer Society said the report was widely circulated, and the IEEE Annals of the History of Computing said that it, together with Ware's 1967 Spring Joint Computer Conference session, marked the start of the field of computer security. The report influenced security certification standards and processes, especially in the banking and defense industries, where the report was instrumental in creating the Orange Book.
Boris FX
Boris FX is a visual effects, video editing, photography, and audio software plug-in developer based in Miami, Florida, USA. The developer is known for its flagship products, Continuum (formerly Boris Continuum Complete/BCC), Sapphire, Mocha, and Silhouette. Boris FX creates plug-in tools for feature film, broadcast television, and multimedia post-production workflows. The plug-ins are compatible with various NLEs, including Adobe After Effects and Premiere Pro, Avid Media Composer, Apple Final Cut Pro, and OFX hosts such as Autodesk Flame, Foundry Nuke, Blackmagic Design DaVinci Resolve and Fusion, and VEGAS Pro. Boris FX has incorporated artificial intelligence into its software, introducing features for noise reduction, rotoscoping, upscaling, and masking. The company has acquired technologies via mergers and acquisitions from Imagineer Systems, GenArts, Silhouette FX, Digital Film Tools, CrumplePop and Andersson Technologies to expand its visual effects, editing, photography, and audio tools. == History == Boris FX was founded in 1995 by Boris Yamnitsky. The former Media 100 engineer (a member of the original Media 100 launch team in 1993) released “Boris FX,” the first plug-in-based digital video effects (DVE) for Adobe Premiere and Media 100, in 1995. The plug-in won Best of Show at Apple Macworld in Boston, MA that same year. The Boris FX Suite includes a range of visual effects and post-production tools, such as Sapphire, Continuum, Mocha Pro, Silhouette, SynthEyes, CrumplePop, Optics, and Particle Illusion. == Media 100 == In October 2005, Yamnitsky acquired Media 100 the company that launched his plug-in career. Boris FX had a long relationship with Media 100 which bundled Boris RED software as its main titling and compositing solution. Media 100's video editing software is available as freeware for macOS. == Continuum == Continuum is a visual effect and compositing plugin suite that includes a library of over 300 effects and more than 40 transitions, including tools for image restoration, compositing, titling, particle generation, and stylized effects, along with features such as lens flares, lighting effects, and cinematic color grading presets. A key component of Continuum is its integration with the Mocha planar tracking and masking system, enabling advanced tracking and rotoscoping within the effects. The suite also includes Particle Illusion, a real-time particle generator used for creating visual effects such as explosions, smoke, and abstract motion graphics, as well as Primatte Studio, a chroma keying and compositing toolset for green screen and blue screen workflows. Continuum supports GPU acceleration and offers compatibility with HDR and 360/VR content. Regular updates introduce new effects, presets, and performance enhancements to expand its capabilities. In October 2018, Continuum relaunched Particle Illusion, a Mocha Essentials workflow with magnetic edge-snapping, and updates to Title Studio. In October 2019, Continuum introduced Corner Pin Studio with built-in Mocha tracking for quick screen replacement and inserts, 6 stylized transitions, and 4 creative effects. In October 2020, Continuum released an update that included over 80 GPU-accelerated effects such as film stocks, color grades, optical filter simulations, and a digital gobo library. The update also introduced a custom FX Editor interface, real-time particles, and more than 1,000 drag-and-drop presets. In November 2021, it added multi-frame rendering for After Effects, native Apple M1 support, fluid dynamics in Particle Illusion, and 60 color-grade presets. In October 2022, the software introduced 10 additional transitions, a revised Particle Illusion workflow, an atmospheric glow effect, and more than 250 curated presets. Continuum plugins have been used in television, streaming, and film projects, including A Black Lady Sketch Show (HBO/HBO Max), Star Trek: Discovery (CBS), Andor (Disney+), The Curse of Oak Island (History Channel), Keeping up with the Kardashians (E!), This Old House (PBS), Ms. Marvel (Disney+), MasterChef (Fox), WipeOut (TBS), The Boys (Prime Video), and The Today Show (NBC). == Mocha Pro == In December 2014, Boris FX merged with Imagineer Systems, the UK-based developer of the Academy Award-winning planar motion tracking software, Mocha Pro. Mocha Pro's features include planar tracking (motion tracking), rotoscoping, image stabilization, 3D camera tracking, and object removal. In June 2016, Mocha released (v5) which introduced Mocha Pro's tools as plug-ins for Adobe After Effects and Premiere Pro, Avid Media Composer, and OFX hosts Foundry's NUKE, Blackmagic Design Fusion, VEGAS Pro, and HitFilm. A simplified version, Mocha AE, is included with Adobe After Effects Creative Cloud and has been bundled with the software since CS4. A similar version is also available with HitFilm Pro from FXhome and VEGAS Pro. Mocha's tracking SDK is integrated into other visual effects tools, including SAM Quantel Pablo Rio, Silhouette FX, CoreMelt, and Motion VFX. Mocha Pro has been used in various film and television productions, including Birdman, Black Swan, the Harry Potter series, The Hobbit, Star Wars, The Mandalorian, Star Trek: Discovery, and The Umbrella Academy. It has also been employed in projects such as Gone Girl, The Hunger Games: Mockingjay – Part 1, Game of Thrones, and House of Cards. == Sapphire == GenArts, founded by Karl Sims in 1996, developed visual effects plug-ins that were used by studios and post-production facilities. In September 2016, Boris FX merged with former competitor, GenArts, Inc., developer of Sapphire high-end visual effects plug-ins, to expand its suite of motion graphics and VFX tools. The merger brought Sapphire alongside Boris Continuum Complete (BCC) and Mocha Pro, integrating these tools for film and television post-production. The Sapphire suite includes a library of over 270 effects and transitions, organized into categories such as lighting, stylization, distortions, textures, and transitions. Commonly used effects include glows, lens flares, film looks, and blurs. The plug-ins are designed to be GPU-accelerated, allowing for improved rendering performance and real-time previews in supported host applications. A central feature of Sapphire is the Builder tool, a node-based workspace that allows users to create custom effects and transitions by combining multiple Sapphire plug-ins. This enables a high level of creative flexibility and reusability, making it a popular tool for both editors and VFX artists. Sapphire also integrates with Mocha, Boris FX's planar tracking and masking system, allowing for advanced control of visual elements within an effect. In October 2017, Boris FX released its first new version of Sapphire since the GenArts acquisition. Sapphire (v11) now includes integrated Mocha tracking and masking tools. Sapphire is available for Adobe, Avid, the Autodesk Flame family, and OFX hosts including Blackmagic DaVinci Resolve and Fusion, and Foundry's NUKE. As part of the merger, Boris FX acquired the rights to Particle Illusion. In 2018, Boris FX reintroduced the product to the larger NLE/Compositing market. Sapphire's plug-ins transitioned from C to C++ to improve performance and support higher-resolution visual effects. This update enhanced floating-point calculations, compatibility with film editing APIs, and integration with NVIDIA's CUDA for faster rendering. The plug-ins have been used in various films, including Avatar, the Harry Potter and the Prisoner of Azkaban, Iron Man, The Lord of the Rings, The Matrix trilogy, Titanic, and X-Men. == Particle Illusion == As part of the merger with GenArts in 2016, Boris FX acquired the rights to the Particle Illusion (formerly particleIllusion) product, a storied particle system from the original developer Alan Lorence, the founder of Wondertouch. In 2018, Boris FX released a redesigned version of the product to a larger NLE/compositing market as part of Continuum (2019). The new Particle Illusion plug-in supports Adobe, Avid, and many OFX hosts. == Silhouette == In September 2019, Boris FX merged with SilhouetteFX, Academy Award-winning developer of Silhouette, a high-end digital paint, advanced rotoscoping, motion tracking, and node-based compositing application for visual effects in film post-production. The acquisition integrated Silhouette's advanced rotoscoping and paint technology, recognized by the Academy of Motion Pictures, into Boris FX's suite of products, alongside Sapphire, Continuum, and Mocha Pro. In May 2021, Boris FX released Silhouette 2021, the first version of Silhouette released by Boris FX to function both as a standalone application and as a plug-in for Adobe, Autodesk, Nuke, and other OFX hosts. Silhouette has been used in the visual effects of films such as Avatar, Avengers: Infinity War, Blade Runner 2049, Ex Machina, and Interstellar. == Optics == In June 2020, Boris FX launched Optics, its first plugin deve
Texture artist
A texture artist is an individual who develops textures for digital media, usually for video games, movies, web sites and television shows or things like 3D posters. These textures can be in the form of 2D or (rarely) 3D art that may be overlaid onto a polygon mesh to create a realistic 3D model. Texture artists often take advantage of web sites for the purposes of marketing their art and self-promotion of their skills with the goal of gaining employment from a professional game studio or to join a team working on a "mod" (modification) of an existing game in hopes of establishing industry or trade credentials.