A ganimal, also commonly referred to as GANimal, is a hybrid animal created with generative artificial intelligence systems, such as generative adversarial networks (GANs) or diffusion models. The concept was created for a website from the MIT Media Lab in 2020, where users could create ganimal images. 78,210 ganimals were generated from hybrid pairs of animal labels from BigGAN (G1) and 3,058,362,945 ganimals generated from blending G1 ganimals. The term ganimal is a portmanteau between the words GAN and animal. It is typically used to refer to a hybrid animal generated by interpolating between distinct species; the term can also refer to any AI-generated creatures that have not been identified in reality. The ganimal concept is similar to Artbreeder, an online website for blending images with AI. == Meet the Ganimals == Meet the Ganimals was an online platform from the MIT Media Lab that allowed visitors to generate, blend and curate ganimals. By June 2020, 44,791 ganimals had been generated, 8,547 ganimals bred, and 743 ganimals named by a total of 10,657 users. The site also had an educational component where visitors could play with blending and learn about AI. == Evolution and ganimal morphology == Because ganimals exist within an attention economy and evolve based on human preferences, charismatic megafauna (e.g. ganimals with cute, dog-like morphologies) become the most popular. However, social cues can increase the diversity of the ganimals ecosystem and lead to the success of unconventional ganimals, such as those without eyes or that live underwater. == The Barracuda Effect == Although there is typically no human morphology used to synthesize ganimals, creepy humanoid characters would emerge whenever animals were bred with a barracuda. This occurs because many pictures on the internet of barracudas include a human holding the fish up as a prized catch. This highlights a cultural form of algorithmic bias embedded in the training data of AI systems. == In popular culture == Ganimals have appeared in the Artificial Intelligence exhibition at the Vienna Technical Museum. They also appeared in the Ties That Cannot Be Unbound virtual exhibition at New Art City.
Nextcloud
Nextcloud is a modular workspace platform designed to provide teams and businesses with a comprehensive environment for digital collaboration. Beyond central data management, it integrates office suites like Collabora Online and EuroOffice office suites. for seamless, cooperative workflows. The platform features built-in tools for chat, videoconferencing, and a privacy-focused AI assistant capable of running entirely on local LLMs. Supported by a rich ecosystem of apps, it can be hosted in the cloud or on premises and can scale up to millions of users. It has been translated into over 100 languages. == Features == Nextcloud files are stored in conventional directory structures, accessible via WebDAV if necessary. A SQLite, MySQL/MariaDB or PostgreSQL database is required to provide additional functionality like permissions, shares, and comments. Nextcloud can synchronize with local clients running Windows (Windows 8.1 and above), macOS (10.14 or later), Linux and FreeBSD. Nextcloud permits user and group administration locally or via different backends like OpenID or LDAP. Content can be shared inside the system by defining granular read/write permissions between users and groups. Nextcloud users can create public URLs when sharing files. Logging of file-related actions, as well as disallowing access based on file access rules is also available. Security options like brute-force protection and multi-factor authentication using TOTP, WebAuthn, Oauth2, and OpenID Connect are available. Nextcloud has planned new features such as monitoring capabilities, full-text search and Kerberos authentication, as well as audio/video conferencing, expanded federation and smaller user interface improvements. == History == In April 2016 Frank Karlitschek and most core contributors left ownCloud Inc. These included some of ownCloud's staff according to sources near to the ownCloud community. Karlitschek and many of these contributors went on to fork ownCloud, creating Nextcloud. The fork was preceded by a blog post of Karlitschek announcing his departure and raising questions about the management of the ownCloud, its community, and priorities between growth, money, and sustainability. There have been no official statements about the reason for the fork. However, Karlitschek mentioned the fork several times in a talk at the 2018 FOSDEM conference and in two appearances on the FLOSS Weekly podcast, emphasizing cultural mismatch between open source developers and business oriented people not used to the open source community. On June 2, within 12 hours of the announcement of the fork, the American entity "ownCloud Inc." announced that it is shutting down with immediate effect, stating that "[...] main lenders in the US have cancelled our credit. Following American law, we are forced to close the doors of ownCloud, Inc. with immediate effect and terminate the contracts of 8 employees." ownCloud Inc. accused Karlitschek of poaching developers, while Nextcloud developers such as Arthur Schiwon stated that he "decided to quit because not everything in the ownCloud Inc. company world evolved as I imagined". ownCloud GmbH continued operations, secured financing from new investors and took over the business of ownCloud Inc. In April 2018 Informationstechnikzentrum Bund (ITZBund) reported Nextcloud won the tender for "Bundescloud" (Germany government cloud) project. In August 2019 it was announced that the governments of France, Sweden and the Netherlands would use Nextcloud for file transfer. In January 2020 Nextcloud 18 "Nextcloud Hub" was released. The major change was direct integration with an Office suite (OnlyOffice) and Nextcloud announced that their goal was to compete with Office 365 and Google Docs. A partnership with Ionos was revealed – its hosting location in Germany and compliance with GDPR should support the goal of data sovereignty. In spring 2020 remote work and web conferencing usage increased due to the COVID-19 pandemic and Nextcloud released version 19 with chat and videoconferencing Talk app integrated into the application core. Communication with an optional "high performance back-end" allows self-hosting of web conferences with more than 10 participants. Collabora Online was introduced as another integrated office suite. In August 2021 Nextcloud was chosen as a collaboration platform for European cloud software GAIA-X. In a September 2021 European Commission report it was mentioned as "the most widely deployed Open Source content collaboration platform" Following the 2025 United States tariffs against the European Union, fear of overreliance on US cloud providers such as Microsoft 365 and Google Workspace increased, with Nextcloud being one of the foremost contenders to replace them. Some governmental organisations including the European Data Protection Supervisor and the German state of Schleswig-Holstein have since switched from Microsoft's Sharepoint to Nextcloud. According to Nextcloud, during the first 5 months of 2025, customer interest in the software had tripled.
Interlacing (bitmaps)
In computing, interlacing (also known as interleaving) is a method of encoding a bitmap image such that a person who has partially received it sees a degraded copy of the entire image. When communicating over a slow communications link, this is often preferable to seeing a perfectly clear copy of one part of the image, as it helps the viewer decide more quickly whether to abort or continue the transmission. Interlacing is supported by the following formats, where it is optional: GIF interlacing stores the lines in the order 0 , 8 , 16 , … , ( 8 n ) , 4 , 12 , … , ( 8 n + 4 ) , 2 , 6 , 10 , 14 , … , ( 4 n + 2 ) , 1 , 3 , 5 , 7 , 9 , … , ( 2 n + 1 ) . {\displaystyle 0,8,16,\dots ,(8n),\ 4,12,\dots ,(8n+4),\ 2,6,10,14,\dots ,(4n+2),\ 1,3,5,7,9,\dots ,(2n+1).} PNG uses the Adam7 algorithm, which interlaces in both the vertical and horizontal direction. TGA uses two optional interlacing algorithms: Two-way: 0 , 2 , 4 , … , ( 2 n ) , 1 , 3 , … , ( 2 n + 1 ) , {\displaystyle 0,2,4,\dots ,(2n),\ 1,3,\dots ,(2n+1),} And four-way: 0 , 4 , 8 , … , ( 4 n ) , 1 , 5 , … , ( 4 n + 1 ) , 2 , 6 , … , ( 4 n + 2 ) , 3 , 7 , … , ( 4 n + 3 ) . {\displaystyle 0,4,8,\dots ,(4n),\ 1,5,\dots ,(4n+1),\ 2,6,\dots ,\ (4n+2),3,7,\dots ,(4n+3).} JPEG, JPEG 2000, and JPEG XR (actually using a frequency decomposition hierarchy rather than interlacing of pixel values) PGF (also using a frequency decomposition) Interlacing is a form of incremental decoding, because the image can be loaded incrementally. Another form of incremental decoding is progressive scan. In progressive scan the loaded image is decoded line for line, so instead of becoming incrementally clearer it becomes incrementally larger. The main difference between the interlace concept in bitmaps and in video is that even progressive bitmaps can be loaded over multiple frames. For example: Interlaced GIF is a GIF image that seems to arrive on your display like an image coming through a slowly opening Venetian blind. A fuzzy outline of an image is gradually replaced by seven successive waves of bit streams that fill in the missing lines until the image arrives at its full resolution. Interlaced graphics were once widely used in web design and before that in the distribution of graphics files over bulletin board systems and other low-speed communications methods. The practice is much less common today, as common broadband internet connections allow most images to be downloaded to the user's screen nearly instantaneously, and interlacing is usually an inefficient method of encoding images. Interlacing has been criticized because it may not be clear to viewers when the image has finished rendering, unlike non-interlaced rendering, where progress is apparent (remaining data appears as blank). Also, the benefits of interlacing to those on low-speed connections may be outweighed by having to download a larger file, as interlaced images typically do not compress as well.
Index locking
In databases an index is a data structure, part of the database, used by a database system to efficiently navigate access to user data. Index data are system data distinct from user data, and consist primarily of pointers. Changes in a database (by insert, delete, or modify operations), may require indexes to be updated to maintain accurate user data accesses. Index locking is a technique used to maintain index integrity. A portion of an index is locked during a database transaction when this portion is being accessed by the transaction as a result of attempt to access related user data. Additionally, special database system transactions (not user-invoked transactions) may be invoked to maintain and modify an index, as part of a system's self-maintenance activities. When a portion of an index is locked by a transaction, other transactions may be blocked from accessing this index portion (blocked from modifying, and even from reading it, depending on lock type and needed operation). Index Locking Protocol guarantees that phantom read phenomenon won't occur. Index locking protocol states: Every relation must have at least one index. A transaction can access tuples only after finding them through one or more indices on the relation A transaction Ti that performs a lookup must lock all the index leaf nodes that it accesses, in S-mode, even if the leaf node does not contain any tuple satisfying the index lookup (e.g. for a range query, no tuple in a leaf is in the range) A transaction Ti that inserts, updates or deletes a tuple ti in a relation r must update all indices to r and it must obtain exclusive locks on all index leaf nodes affected by the insert/update/delete The rules of the two-phase locking protocol must be observed. Specialized concurrency control techniques exist for accessing indexes. These techniques depend on the index type, and take advantage of its structure. They are typically much more effective than applying to indexes common concurrency control methods applied to user data. Notable and widely researched are specialized techniques for B-trees (B-Tree concurrency control) which are regularly used as database indexes. Index locks are used to coordinate threads accessing indexes concurrently, and typically shorter-lived than the common transaction locks on user data. In professional literature, they are often called latches.
Touch 'n Go eWallet
Touch 'n Go eWallet is a Malaysian digital wallet and online payment platform, established in Kuala Lumpur, Malaysia, in July 2017 as a joint venture between Touch 'n Go and Ant Financial. It allows users to make payments at over 280,000 merchant touch points via QR code, as well as perform peer-to-peer (P2P) money transfers. Since then, the e-wallet further diversified for users to pay for tolls via RFID or PayDirect, street parking and various online payment spanning e-hailing, car-sharing apps or taxis, various overhead bills; top-up for mobile prepaid or in-game currencies; purchases on e-commerce websites; food delivery; renewing motor insurance and other insurance/takaful plans; and even movie, bus, trains or airline tickets. == Background == Prior to the launch of the e-wallet service, Touch 'n Go provided stored-value physical all-in-one contactless card (namely Touch 'n Go cards or "TnG cards") that users can use to pay for toll fares, public transportation and parking lots as well as purchases in some retail stores. In 1999, Touch 'n Go also markets SmartTag devices that allow road users to pass through certain toll booths without the need to unwind the car window. The high entry cost of the device (around RM 100 each) also meant that only few can enjoy the seamless experience. In 2009, Touch 'n Go partnered with Maxis to launch FastTap, a new mobile payment service that utilised Near-Field Communication (NFC). Maxis customers can make payments by placing the phone near the card readers (that also supports physical bank cards and Touch ’N Go cards). However, the venture featured only one phone model, Nokia 6212, which greatly limited the public reach. In July 2012, Touch 'n Go announced another collaboration with CIMB and Maxis to create similar NFC-based online transaction service that runs on compatible smartphones. Touch 'n Go Wallet was launched in February 2017 as an QR code-based e-wallet application, to compete with Samsung Pay that utilizes NFC modules. In the controlled pilot test in Taman Tun Dr Ismail, the correspondents can experience basic functionalities (prepaid mobile service reload, bills payment, movie tickets and flight tickets purchase, transfer of money with another user, and payments at participating stores and restaurants). While the deployed version of the app was generally well-received, the existing process to transfer the balance to the physical TnG card stored value from the app garnered unanimous backlash. Test groups felt that the need to head to a self-service terminal named "Pick Up Device" in person within 24 hours for completion, along with the failure to do so (the balance would be credited back to the wallet after 24 hours), was not divulged clearly and also defeated the purpose of convenience, not to mention there were only 2 such terminals. The feature was eventually suspended. On 15 November 2017, Touch 'n Go was granted permission by the Central Bank of Malaysia to form a joint venture with Ant Financial, a Chinese-based financial company that operates Alipay. The partnership allowed the local e-wallet to learn from and build upon the operational model pioneered by Alipay. In June 2018, it was reported that Touch 'n Go was pilot testing the uses of the Touch 'n Go eWallet in Rapid Transit, as the ticketing system was enabled on the Kelana Jaya line in the Klang Valley. Pilot testing only applied to stations in Kelana Jaya, KL Gateway–Universiti, Kerinchi, KL Sentral, Dang Wangi, KLCC, and Ampang Park. The test was reported to be successful in February 2020 and was planned to be fully deployed on the LRT and MRT. Due to unforeseen circumstances, this feature did not come into fruition, the app merely adds in-app purchase of monthly concession cards called "My50". In August 2018, Touch 'n Go announced that selected drivers may experience first-hand a new RFID-based payment (later rebranded as "myRFID") that serves to replace SmartTag devices on closed toll roads with during pilot testing phase commencing on 3 September 2018. On 2 November 2018, participation in the ongoing pilot programme was expanded, allowing more drivers to sign up ahead of the public rollout of the RFID system. During the same period, Touch 'n Go has discontinued the sales of SmartTAG devices in favor of the RFID-based payment system. Initially, the installation of the RFID chip onto the car could only be done by Touch 'n Go staff at the RFID fitment centers, at no cost. As the pilot testing concluded on 15 February 2020, a self-installation kit are being offered to the public on Lazada and Shopee. Support for taxi-hailing mobile apps was added in November 2018 when Touch 'n Go partnered with EzCab and Public Cab, allowing users to make payments via QR code. This was later expanded to support MULA on 7 January 2020, and later MyCar on 4 April 2020. Touch 'n Go eWallet was also the first eWallet to convert Kuala Lumpur's most famous Ramadan bazaar in Kampong Bahru into "Kampong Kashless", a venue that can accept cashless QR payments. It welcomed more than 250,000 Malaysians including local celebrities and government officials. On 1 October 2019, some e-commerce websites owned by the Alibaba Group (TMall and Taobao) began to support Touch 'n Go eWallet payments, Lazada joined the list on 29 October 2019. Touch 'n Go eWallet was one of the three e-wallet services in Malaysia (the other being Boost and GrabPay) that was eligible for its users to receive an RM 30 credit in conjunction of E-Tunai Rakyat program under the Budget 2020 plan, that further normalizes adoption of cashless and mobile payment among Malaysians. Unlike Boost and GrabPay, whose P2P transfers were completely disabled until users have exhausted the RM 30 first, Touch 'n Go eWallet did not impose such measures. in 2020, Touch 'n Go eWallet joined DuitNow, an electronic transaction ecosystem in Malaysia which allows the funds from Touch 'n Go eWallet to be transferred to other competing services and vice versa, by implementing a standard DuitNow QR code deisgn. Japan become the first country outside Malaysia to support Touch 'n Go eWallet payment via Alipay Connect. During the COVID-19 pandemic and the enforcement of the movement control order, use of eWallets (including Touch 'n Go eWallet) increased tremendously among citizens due to its contactless nature of the payment and increased take-out orders at home; which in turn helped small and medium-sized enterprises to thrive. Touch 'n Go eWallet launched its loyalty programme – The Goal Hunter – in October 2020 where on monthly basis, users collect stamps by paying with the app in exchange for rewards that include lucky draws and other vouchers. == Services == Touch 'n Go eWallet app is available for download on both Google Play and Apple Appstore. It utilizes QR code technology for local in-store payments. The Touch 'n Go eWallet app also diversifies payment types, including but not limited to Utility bills Purchase of motor insurance policy Pay Later facility Prepaid reload and Postpaid payment to telecommunications companies loan repayments for courts, MBSJ payments, zakat and PTPTN payment for car parking P2P transfer airline ticket bookings; movie tickets from TGV Cinemas RFID refuelling at Shell stations (defunct after Shell launched its own payment app in 2024) User can reload the eWallet credit by setting up auto-reload, purchasing reload pins from convenience stores (such as 7-Eleven, KK Super Mart, MyNews, Family Mart etc.), reloading by FPX and credit/debit card. The PayDirect feature allows users to link their physical Touch 'n Go cards into the eWallet, where the toll fare can be debited from the eWallet balance when flashing the card near the sensor. In the circumstance of insufficient balance in the app, the toll fare will be deducted from the physical card's balance instead. This also conveniently allows users to view the card's remaining balance. Touch 'n Go eWallet is the first and only eWallet to offer a money-back guarantee when an unauthorised transaction is made on the user’s eWallet account, subject to Terms & Conditions. Payment via QR code scanning, including Touch 'n Go eWallet, becomes a norm in most of the shops/restaurants across Malaysia, including roadside hawkers/stall owners and automatic vending machines. The merchants usually display their owner's individual QR or Business account that they can apply for in-app. The popularity attributes to the low merchant onboarding cost (Unlike NFC payment and debit/credit card that requires purchase or rental of a payment terminal device at a yearly fee.) The app is also one of the few ewallet that supports bidirectional liquidity (alongside MAE developed by Maybank), where funds can be transferred two-way with bank accounts. This is not possible with the other major ewallets (GrabPay, Boost, ShopeePay etc.) where the money that is reloaded to the wallet cannot be transferred to another bank account, unless through manual req
ACLU Mobile Justice
ACLU Mobile Justice was a video live streaming application developed for smartphones by various state chapters of the American Civil Liberties Union. It was intended to allow instant, secure video recording and transmission of interactions with, and perceived abuses by, law enforcement officers. Since its release by the ACLU of California for California residents, other versions of the app have been released for 16 other states and the District of Columbia by their ACLU chapters. It was discontinued in February 2025.
Language-Theoretic Security
Language-theoretic security, or LangSec, is an approach to software security that focuses on input handling, complexity, and program design as strategies to improve the verifiability of computer programs. It was introduced in 2005 by Robert J. Hansen and Meredith L. Patterson at BlackHat and in 2011 by Len Sassaman and Patterson. It aims to create a formal description of which software is likely to have security vulnerabilities of particular classes, and why. It considers programs to have an inherent parser component, whether or not explicit, composed of that part of the program which operates on external input before that input is fully parsed. A central hypothesis of language-theoretic security is that vulnerabilities in software increase according to the computational power of the notional input-accepting automaton equivalent to this parser, using the definitions of automata theory. The lower bound on this computational power is the input language complexity of the program. The extent to which reducing this complexity is possible is a function of the specification of the communication protocol or file format the program takes as input. == Parsing as a security mechanism == The behaviour of a program is defined with reference to its expected input. Unexpected input being used by a program is a factor in numerous security bugs, including the so-called Android master key vulnerability (CVE-2013-4787), because accepting unexpected input renders the program's specification ambiguous. In that instance, the unexpected ambiguity came in the form of a ZIP file with duplicate filenames. If a program fully parses its input and only acts on input that unambiguously meets the specification, it follows that the program will avoid these types of vulnerabilities. This is an intentional inversion of the Postel principle. Accepting only unambiguous and valid input is a more formal requirement than input validation or sanitization, and narrows the number of possible but unanticipated program states that can be induced in an application via user input. Conversely, failure to do this is associated with security vulnerabilities. Input sanitization in particular is held to be an inadequate approach to avoiding malicious input because it inherently ignores context-sensitive properties of the input; it can therefore result in paradoxical effects, such as sanitization code activating otherwise inert cross-site scripting payloads in browsers. === Parser differentials === If the language of accepted program input is sufficiently simple, it is possible to verify that two implementations parse the same input language consistently. This is advantageous because it shows no parser differential exists between the two implementations. The requisite level of simplicity is theoretically that for which there is a solution to the equivalence problem. If the two parsers involved in CVE-2013-4787 were equivalent - that is, if they rendered the same output state given the same input state - the vulnerability could not have existed. One strategy for doing this is to publish machine-readable specifications of a format or protocol, and then use a parser generator to generate the parser code. An example of a parser generator built for this purpose is DaeDaLus. The combination of Lex with any of GNU Bison, ANTLR, or Yacc also accomplishes this. However, many parser generators allow the mixing of general purpose code with the parsing definitions, which weakens the guarantees provided by parsing. === Analysis of injection attacks === Injection attacks are generally the result of differences between the serializer (or "unparser") and the corresponding parser at a layer boundary in a system; therefore, they are a special case of parser differentials. In a SQL injection attack, for example, an attacker is able to cause the application with which they are interacting to serialize a SQL query that has different semantics than intended. In the simplest case where the payload ends a string and adds new code, the payload has crossed the code-data boundary in SQL. In language-theoretic security, this is treated as a bug in the serializer of the SQL query, which should instead be written in a way that constrains its possible outputs to those within the scope of the intended query. === Parser combinators === If a parser generator is not used, it is still possible to avoid implementation bugs by using parser combinator such as Nom to implement the parser code. This has the drawback of relying on a programmer correctly translating the specification into the language of the parser generator library, though this task is still less error-prone than hand-coding a parser. == Input format complexity == Complexity in computer programs is associated with security vulnerabilities. Within the domain of language-theoretic security, complexity is described with reference to the computational power of the abstract machine necessary to implement the program, or more particularly, to implement the parser for its input language. This complexity describes whether it is possible to show that there is no unintended or undesired functionality in the program which might be exploitable by an attacker. To be bounded in complexity, the program's input must be well-defined both in terms of form and of semantics. === Weird machines === A weird machine is a model of computation in a program that exists in parallel with, but is distinct from, the intended abstract model of computation in that program. Some classes of weird machine arise from the multi-layered nature of computer programs, or the context in which the programs run; others result from the unanticipated functionality a program has due to its complexity or to software bugs. The more complex the computation model of a program, the more likely it is to implement a weird machine. Depending on context, the weird machine may or may not be concretely useful for an attacker. Since the space of weird machines in the context of some program is the universe of all possible states that are not within the program's intended states, many exploited states including remote code execution and injection attacks belong to the domain of weird machines. A reduction in weird machines is therefore a likely correlate with reduced program vulnerability. === SafeDocs project === SafeDocs is a DARPA project undertaken in 2018 to take existing file formats, create safer subsets of them, and develop programming tools to work for the safer formats. The initial test case for this was PDF. The purpose of creating safer subsets in this case is to lower the minimum bound on parser complexity so that it becomes possible to create tools that will generate correct, normative parsers for them. == Relation to programming languages == The analytic framework of language-theoretic security assumes programs to be virtual machines that execute their input. A document that is read by an application is in this sense a form of machine code, in a generalization of the data as code idea, following the automata theory description of parsers. === Type-safe programming languages === Parsing input and serializing output are operations that consume one data type and emit another. A programming language can therefore check that data is correctly parsed and contains the expected structure by checking data types, and correct serializing (or unparsing) can be implemented as operations on the data types that are relevant to the program's output. This approach can be used to show that the recognizer and unparser patterns have been implemented. It is also possible to implement type checking across a distributed system to enforce parsing and unparsing of the expected structures and to verify that the assumptions made in designing the compositional properties of a distributed system have been followed. === Memory-safe programming languages === In the general case, spatial memory correctness is undecidable. If any proof of spatial memory correctness is to be made, it is therefore necessary to bound the complexity of the code. Interpreted languages such as Java and Python effectively accomplish this via runtime bounds checking, and frameworks for runtime bounds checking also exist for C. The effect of these strategies for spatial memory correctness are to create a halt state in place of a spatial memory correctness violation; therefore, it can be shown that the program will not violate spatial memory correctness, but in exchange, it cannot be shown in the general case that programs will not have runtime bounds checking exceptions. Some programming languages, such as Rust, accomplish this using borrow checking. The borrow checker acts to assure spatial memory correctness by compile-time reference counting. Code for which spatial memory correctness cannot be shown to not be violated therefore does not compile, inherently limiting the complexity of the spatial memory correctness of the program to what is decidable. Thi