Odor source localization (OSL) is the problem of locating the origin of an airborne or waterborne chemical plume using one or more mobile sensors, typically robots equipped with chemical sensors. The task sits at the intersection of robotics, fluid dynamics and machine olfaction. Chemical plumes in turbulent flows are intermittent and patchy, and most chemical sensors respond slowly and have limited selectivity, so the instantaneous reading available to a moving sensor is a poor proxy for the underlying time-averaged concentration field. Robotic OSL has been studied since the late 1980s and has applications including the detection of gas leaks, search and rescue after industrial accidents, and environmental monitoring of industrial emissions. == History == Robotic odor search emerged in the late 1980s and 1990s, drawing on earlier work in chemical ecology that had described how moths and other insects locate distant pheromone sources. R. A. Russell at Monash University was among the first to build mobile robots that followed chemical trails on the floor and tracked airborne odor plumes. Distributed and multi-robot odor search were investigated by Hayes, Martinoli and Goodman at the California Institute of Technology and EPFL, who studied cooperative plume-tracing on simulated and physical robot swarms. In 2007 Vergassola, Villermaux and Shraiman introduced infotaxis, an information-theoretic search strategy in which a sensor moves so as to maximize the expected information gain about source location, rather than following a chemical concentration gradient; the paper appeared in Nature and prompted substantial follow-up work in the robotics community. From the mid-2010s, multi-rotor unmanned aerial vehicles carrying lightweight chemical sensors became a common experimental platform for OSL research. == Problem formulation == OSL is generally decomposed into three sub-problems: plume detection (deciding whether a chemical signal is present), plume traversal (moving so as to remain in contact with the plume), and source declaration (deciding when the source has been reached). The mathematical difficulty depends strongly on the assumed dispersion model. In laminar or low-Reynolds number flows a Gaussian advection–diffusion model gives a smooth concentration field with a well-defined gradient. In turbulent flows, which dominate most realistic environments, the plume is filamentary: the sensor receives short, randomly spaced bursts of chemical separated by periods of zero signal, and the time-averaged field is not a useful guide on the time scales at which a robot must act. Source-term estimation, surveyed by Hutchinson and colleagues, additionally aims to recover both the position and the release rate of the source from the observed concentrations, often using probabilistic filters. == Biological inspiration == Many OSL strategies are explicitly modeled on the behavior of male moths flying upwind toward a pheromone source. As reviewed by Cardé and Willis, moths combine an upwind surge whenever they detect a filament of pheromone with a wider crosswind cast when contact is lost, producing a characteristic zig-zag trajectory that has been transposed onto mobile robots by several groups. Other biological models draw on the search behavior of dogs and of marine animals such as blue crabs and lobsters, which integrate chemical and bilateral hydrodynamic cues over much shorter ranges. == Algorithms and strategies == === Reactive strategies === Reactive strategies select the next motion as a direct function of the current sensor reading. Chemotaxis steers along the locally estimated concentration gradient, which is effective in laminar plumes but degrades severely in turbulence. Anemotaxis exploits a measured wind direction by surging upwind when chemical contact is made. The bio-inspired cast-and-surge family combines anemotaxis with a deterministic crosswind cast on contact loss, and is the dominant reactive approach for turbulent environments. === Probabilistic and information-theoretic strategies === Probabilistic methods maintain a posterior distribution over possible source locations and choose actions that improve that distribution. The infotaxis strategy of Vergassola, Villermaux and Shraiman selects the move that maximizes the expected reduction in entropy of the source-location posterior, and is effective in regimes where the spatial gradient is unusable. Bayesian source-term estimation extends this idea by inferring both source position and release rate, typically using particle filters or sequential Monte Carlo. === Map-based strategies === Map-based methods build a spatial model of the time-averaged gas distribution from sensor readings collected along the robot's trajectory and search for local maxima in that model. Lilienthal and colleagues describe a family of kernel-based gas distribution mapping techniques in which point measurements are convolved with a Gaussian kernel to produce a spatially extrapolated estimate. Such methods are most useful when the source can be assumed quasi-stationary and the robot is able to revisit locations. === Multi-robot and swarm strategies === Multiple robots searching cooperatively can shorten search times. Cooperative formations spread the sensors across the crosswind axis, making detection of an intermittent plume more likely. Swarm-based approaches, reviewed by Wang and colleagues, deploy larger numbers of simpler agents and rely on collective behavior rather than centralized planning; reported advantages include improved coverage of the search area and the possibility of locating multiple sources in parallel. == Sensors and platforms == Most OSL systems use metal-oxide semiconductor (MOX) sensors, photoionization detectors or electrochemical cells, which trade off sensitivity, selectivity, response time and power consumption. Ishida and colleagues describe how these sensors interact with airflow around the robot body, an effect that motivates careful aerodynamic design and active sampling. Mobile platforms include wheeled ground robots for indoor and structured outdoor environments, multi-rotor unmanned aerial vehicles for open spaces and elevated sources, and autonomous underwater vehicles for chemical plumes in the marine environment. == Notable systems == Among the early demonstrations, R. A. Russell's series of differential-drive robots at Monash University localized volatile sources in still and ventilated rooms during the 1990s. The Smelling Nano Aerial Vehicle reported by Burgués and colleagues used a Crazyflie nano-quadcopter (approximately 27 grams in mass and 10 cm across) carrying a custom MOX gas sensing board, and built three-dimensional gas distribution maps of indoor releases from sweeping flights of less than three minutes. The GADEN simulator, released by Monroy and colleagues, couples three-dimensional dispersion computed from an OpenFOAM CFD solver with models of MOX and photo-ionization gas sensors, and is widely used to test mobile-robot olfaction algorithms in simulation. == Applications == Reported applications include the localization of natural-gas and methane leaks in urban infrastructure, search for chemical contamination after industrial accidents, search and rescue, and environmental monitoring of industrial emissions. Drug- and explosives-detection robots are an adjacent application area, although these typically rely on close-range sniffing rather than long-range plume tracking. == Open challenges == Open challenges identified in recent reviews include the limited speed, selectivity and stability of available chemical sensors; the scarcity of standardized, large-scale benchmarks comparable to those available in computer vision; reliable handling of multi-source environments, where standard single-source assumptions fail; and the integration of OSL with other autonomous-vehicle subsystems such as obstacle avoidance and navigation in three-dimensional turbulent flow.
Digital on-screen graphics by country are the varying logos and differences of digital on-screen graphics in different countries and regions. == Overview == Digital on-screen graphics (DOGs; also called a digitally originated graphic, bug, network bug, on-screen bug, or screenbug) are almost always placed in one of four corners: the top left, the top right, the bottom left, or the bottom right. There are few exceptions to this rule: most notably, Saturday! in Russia, which places their DOG in the top center. Many news broadcasters, as well as a few television networks, also place a clock alongside their bug. In the United States, Canada, Australia, and New Zealand, DOGs may also include the show's parental guideline rating. In Australia, this is known as a Program Return Graphic (PRG). It has become common to place text above the station's logo advertising other programs on the network. In many countries, some TV networks insert the word "live" near the DOG to advise viewers that the program is live, rather than pre-recorded. During televised sports events, a DOG may also display game-related statistics such as the current score. This has led people in Canada and the United States to refer to such a DOG as a score bug. In many countries, DOGs are removed in non-program sections such as commercials and program trailers, but TV channels in some other countries have retained in full color or instead replaced them in either of these sections or in both sections (like Turkey, Indonesia, Italy, the entirety of South Asia, Vietnam, Taiwan, and Russia). == MENA == === Arab world === Arabic TV logos are placed in the top-right and top-left except for Al-Jazeera, whose logo appears on the bottom-right of the screen. Some Arabian TV stations hide their logos during commercial breaks and promos/trailers, such as Dubai TV, Dubai One, Funoon, the Egyptian CBC and Nile TV networks, ART Hekayat, ART Hekayat 2, Iqraa, and Al-Jazeera. Abu Dhabi TV and MBC1 initially had their logos at the bottom-right corner from their launch until the mid-2000s, when they were moved to the top-right corner. === Iran === Iranian broadcaster IRIB introduced DOGs in early 2000s. Unlike other Middle Eastern nations that introduced DOGs on their TV networks in 1990s, Iran was very late in this practice. Almost all Iranian TV channels display DOGs at top-left corner of the screen. The few exception is IRIB-owned channels remove DOGs during news broadcasts. === Israel === In Israel, Television DOGs were first introduced in 1991. Israeli channel watermarks most often appear on the top left or the top right corner since Israeli cable and satellite-based services often have the channel description and programming (OSD) on the bottom of the screen. Most channels have an opaque, full-color watermark, though exceptions exist, for example Channel 9, which displays a blue-tinted semi-transparent logo. In ad breaks, it is required to replace the channel watermark with another symbol – sometimes on the other edge of the screen – indicating there are ads at the moment. The Israel Broadcasting Authority, whose channels placed their logos in the top left corner, ceased broadcasting in May 2017. The new public broadcaster, the Israeli Public Broadcasting Corporation, displays its logos at the top right instead. The erstwhile Channel 2 as well as its successors, Keshet 12 and Reshet 13, also use the top right corner. However, Channel 10 used the top left corner before rebranding to Eser (Literally "Ten") in 2017 and simultaneously moving its logo to the top right (Not long after, in January 2019, it ceased broadcasting as it merged with Reshet 13). Channel 14 as well as its predecessor Channel 20 use the top right corner as well. The Knesset Channel, however, uses the top left corner. === Morocco === The SNRT and 2M And Al-Aoula Uses permanent on-screen DOGs for their TV channels. In contrast, other channels such as Medi 1 TV hide their DOGs during commercial breaks. == Asia == === Brunei === Radio Television Brunei introduced DOGs in 1994. Like TV channels from neighbouring Malaysia, all DOGs are removed during advertisement breaks. === Cambodia === Cambodian TV channels introduced DOGs in 1995. Like Thailand, all logos are full-color and displayed on the top-right corner of the screen. Some channels such as TV5 hide their logos during commercial breaks. Hang Meas HDTV Logo on the top-left corner of the screen, CTN (Cambodian Television Network), MyTV, Bayon TV, PNN, Logo on the top-right corner of the screen. === China === TV stations in mainland China always place their logo (usually semi-transparent and sometimes animated) in the top-left corner of the screen in full-color or grey-scale. Regardless of the content being broadcast (program or advertisements), some channels like Phoenix Television hide their logos during commercial breaks; although in some rare cases, the DOG may be placed elsewhere to avoid covering the score bug during the broadcast of a sporting event. China introduced logos in 1983 on the bottom-left corner of the screen, but they were used only during commercial breaks and clock idents. Later China Central Television (CCTV) introduced permanent DOGs for all programs in 1992, on the top-left corner of the screen. China also displays a clock on top-right corner of the screen for 1 minute between 59:30–00:30 & 29:30–30:30 time in transition between programs. === Hong Kong === Hong Kong TV introduced DOGs in 1994. Hong Kong DOGs can be either of full color or semi-transparent and (except for RTHK 31) always be hidden during commercial breaks. Television Broadcasts Limited (TVB) placed their logos at the top-right corner of the screen while now-defunct Asia Television and other channels placed their logos at the top-left corner of the screen. Sometimes, weather information, date, and time clocks had been used alongside DOGs in news programs, continuity & live broadcasts. === India === The first on-screen logo in India was introduced in 1984 by DD2 Metro (now DD News). It was white and slightly transparent. All Indian TV channels have on-screen logos. They are always full-colors, never transparent, and they are almost never removed during commercial breaks (though the channels of the South Indian Sun TV Network did so until 2015). The great majority of Indian TV channels place their logos in the top right corner of the screen, though there are exceptions. The corner used may be broadcaster-dependent. Among the big national broadcasters: Channels from the Sony network always use the top right corner, without exception. Star channels also use the top right, with the exception of National Geographic and Nat Geo Wild, which use the top left corner in line with their international counterparts. Past exceptions include The History Channel, whose logo was placed in the top left until it rebranded to Fox History & Entertainment in 2008; the now-defunct Channel V, which used the top left between 2013 and 2016; and Nat Geo People, Nat Geo Music and BabyTV, were withdrawn from India in June 2019. TV18 and Viacom18 channels use the top right corner as well, with the exceptions of regional-language movie channels (e.g., Colors Kannada Cinema and Colors Gujarati Cinema) as well as Colors Super, which have shown their logos at the top left corner since 2018; and VH1, which has always used the bottom right corner. Also, CNBC-TV18, CNBC Awaaz and CNBC Bajar use the bottom right. Moreover, MTV showed its logo in the top left corner until 23 April 2018, when it was moved to the top right (its HD version, launched in 2017, has always used the top right). Unlike most other major networks, the Zee Network's non-news channels containing 'Zee' in their name display their logos at the top left corner and not the top right. This has been the case since 15 October 2017, when almost all the Zee-branded TV channels of the Zee network rebranded with a new logo and, in many cases, a new graphics package and look. Before then, the logos were shown at the top right, as with other broadcasters. (News channels' logos—i.e., logos of channels owned by Zee Media Corporation—stayed put at the top right corner, with the exception of WION, which uses the bottom left.) All the major Zee-branded channels—such as Zee TV, Zee Cinema, Zee Café and the regional-language channels like Zee Tamil, Zee Telugu, Zee Marathi and Zee Bangla—show their logos at the top left; moreover, the Odia-language channel Sarthak TV rebranded to Zee Sarthak and moved its logo to the top left. Among the Zee channels not containing the word 'Zee' that moved their logos to the top left during the big rebrand in 2017 was English movie channel Zee Studio; when it was renamed to &flix on 3 June 2018, the logo remained at the top left. Moreover, Hindi movie channel &pictures has always shown its logo at the top left since its launch in 2013. However, &privé HD, Zee's other English movie channel, and Hindi entertainment channel &TV place the
Himmat is a women's safety mobile application of Delhi Police. It was launched by Home Minister Rajnath Singh on 1 January 2015. The app is freely available for Android mobile phones and can be downloaded from Delhi Police website. Delhi Police plans to launch app for other platforms in future. Low registrations and other problems resulted in a parliamentary panel calling the app a failure in 2018. Himmat has gone on to be called as one of India's best safety apps for women.
In computing, interlacing (also known as interleaving) is a method of encoding a bitmap image such that a person who has partially received it sees a degraded copy of the entire image. When communicating over a slow communications link, this is often preferable to seeing a perfectly clear copy of one part of the image, as it helps the viewer decide more quickly whether to abort or continue the transmission. Interlacing is supported by the following formats, where it is optional: GIF interlacing stores the lines in the order 0 , 8 , 16 , … , ( 8 n ) , 4 , 12 , … , ( 8 n + 4 ) , 2 , 6 , 10 , 14 , … , ( 4 n + 2 ) , 1 , 3 , 5 , 7 , 9 , … , ( 2 n + 1 ) . {\displaystyle 0,8,16,\dots ,(8n),\ 4,12,\dots ,(8n+4),\ 2,6,10,14,\dots ,(4n+2),\ 1,3,5,7,9,\dots ,(2n+1).} PNG uses the Adam7 algorithm, which interlaces in both the vertical and horizontal direction. TGA uses two optional interlacing algorithms: Two-way: 0 , 2 , 4 , … , ( 2 n ) , 1 , 3 , … , ( 2 n + 1 ) , {\displaystyle 0,2,4,\dots ,(2n),\ 1,3,\dots ,(2n+1),} And four-way: 0 , 4 , 8 , … , ( 4 n ) , 1 , 5 , … , ( 4 n + 1 ) , 2 , 6 , … , ( 4 n + 2 ) , 3 , 7 , … , ( 4 n + 3 ) . {\displaystyle 0,4,8,\dots ,(4n),\ 1,5,\dots ,(4n+1),\ 2,6,\dots ,\ (4n+2),3,7,\dots ,(4n+3).} JPEG, JPEG 2000, and JPEG XR (actually using a frequency decomposition hierarchy rather than interlacing of pixel values) PGF (also using a frequency decomposition) Interlacing is a form of incremental decoding, because the image can be loaded incrementally. Another form of incremental decoding is progressive scan. In progressive scan the loaded image is decoded line for line, so instead of becoming incrementally clearer it becomes incrementally larger. The main difference between the interlace concept in bitmaps and in video is that even progressive bitmaps can be loaded over multiple frames. For example: Interlaced GIF is a GIF image that seems to arrive on your display like an image coming through a slowly opening Venetian blind. A fuzzy outline of an image is gradually replaced by seven successive waves of bit streams that fill in the missing lines until the image arrives at its full resolution. Interlaced graphics were once widely used in web design and before that in the distribution of graphics files over bulletin board systems and other low-speed communications methods. The practice is much less common today, as common broadband internet connections allow most images to be downloaded to the user's screen nearly instantaneously, and interlacing is usually an inefficient method of encoding images. Interlacing has been criticized because it may not be clear to viewers when the image has finished rendering, unlike non-interlaced rendering, where progress is apparent (remaining data appears as blank). Also, the benefits of interlacing to those on low-speed connections may be outweighed by having to download a larger file, as interlaced images typically do not compress as well.
AI anthropomorphism is the attribution of human-like feelings, mental states, and behavioral characteristics to artificial intelligence systems. Factors related to the user of the AI – such as culture, age, education, gender, and personality traits – are also important determinants of the strength of anthropomorphic effects. Since the earliest days of AI development, humans have interpreted machine outputs through anthropomorphic frameworks, but the recent emergence of generative AI has amplified these tendencies. In research and engineering, there is a distinction between anthropomorphism and anthropomorphic design. The former is an innate human tendency toward non-human entities. The latter is the scientific community effort to “design anthropomorphism”. Such a design can involve the manipulation of cues, including AI appearance, behaviour and language. Contemporary AI systems today can generate extremely human-like outputs and are often designed specifically to do so, meaning that their anthropomorphic effects can be especially powerful. In some cases, anthropomorphism is accompanied with explicit beliefs that AI systems are capable of empathy, goodwill, understanding, or consciousness. == Background == === In early AIs === Views of artificial agents possessing a human-like intelligence have existed since the early development of computers in the mid-1900s. The use of the human mind as a metaphor for understanding the workings of machine systems was prevalent among researchers in the early days of computer science, with multiple influential works widely distributing the idea of intelligent machines. Among the most widely cited papers of this period was Alan Turing's "Computing Machinery and Intelligence" in which he introduced the Turing Test, stating that a machine was intelligent if it could produce conversation that was indistinguishable from that of a human. These academic works in the 1940s and 1950s gave early credibility to the idea that machine workings could be thought of similarly to human minds. The public quickly came to view artificial systems similarly, with often exaggerated conceptions of the capabilities of early machines. Among the most well-known demonstrations of this was through the chatbot ELIZA designed by Joseph Weizenbaum in 1966. ELIZA responded to user inputs with a rudimentary text-processing approach that could not be considered anything resembling true understanding of the inputs, yet users, even when operating with full conscious knowledge of ELIZA's limitations, often began to ascribe motivation and understanding to the program's output. Weizenbaum later wrote, "I had not realized ... that extremely short exposures to a relatively simple computer program could induce powerful delusional thinking in quite normal people." Comparisons between the intellectual capabilities of artificial intelligence and human intelligence were continually intensified by the attempts of computer scientists to develop machines that could perform human tasks at a level equal to or better than humans. A symbolic turning point was achieved in 1997, when IBM's chess supercomputer Deep Blue defeated then-world champion Garry Kasparov in a highly publicized six-game match. The defeat of a human by a machine for the first time in chess – a game viewed as a canonical example of human intellect – and the media attention surrounding the match led to a significant shift, where views of parallels between human and artificial intelligence moved from abstract speculation to being concretely demonstrated. A similar achievement was reached in the board game Go in 2017, when the program AlphaGo defeated world top-ranked Ke Jie. === Large language models === The AI boom of the 2020s brought about the widespread emergence of generative AI; in particular, chatbots such as ChatGPT, Gemini, and Claude based on large language models (LLMs) have become increasingly pervasive in everyday society. These systems are notable for the fact that they are able to respond to a wide range of prompts across contexts while producing strikingly human-like outputs – research has shown that humans are often unable to distinguish human-generated text from AI-generated text, and modern AI chatbots have formally been shown to pass the Turing test. As such, the anthropomorphic effects of AI are more powerful than ever. Given that LLMs have brought AI into the technological mainstream, considerable scientific effort has been devoted in recent years to understand existing and potential ramifications of AI in the public sphere; the prevalence and effects of anthropomorphism is one of those domains where much of this effort has been directed. == Current anthropomorphic attributions == === In the general public === Surveys have shown that a substantial portion of the public attributes human-like qualities to AI. In one sample of U.S. adults from 2024, two-thirds of people believed that ChatGPT is possibly conscious on some level, though other research has shown that the public still views the likelihood itself of AI consciousness as comparatively low. Another study conducted in 2025 found that women, people of color, and older individuals were most likely to anthropomorphize AI, as well as that – in general – humans view AIs as warm and competent, and anthropomorphic attributions to AI had increased by 34% in the past year. A YouGov poll reported that 46% of Americans believe that people should display politeness to AI chatbots by saying "please" and "thank you", demonstrating the application of social norms to AI. These beliefs extend to behavior, where majorities of AI users claim to always be polite to chatbots; of those who behave politely, most say they do so simply because it is the "nice" thing to do. In many recent cases, humans have developed robust interpersonal bonds with AI systems. For example: users of social chatbots like Replika and Character.ai have been documented to fall in love with the AIs, or to otherwise treat the AIs as intimate companions, and it has become increasingly common for individuals to use LLMs like ChatGPT as therapists. Chatbots are able to produce responses deeply attuned to users, as they are often designed to maximize agreeableness and mirror users' emotions; this can create compelling illusions of intimacy. === In the research community === In many cases, even AI researchers anthropomorphize AI systems in some capacity. Among the most extreme and well-publicized of these instances occurred in 2022, when engineer Blake Lemoine publicly claimed that Google's LLM LaMDA was conscious. Lemoine published the transcript of a conversation he had had with LaMDA regarding self identity and morality which he claimed was evidence of its sentience; he asserted that LaMDA was "a person" as defined by the United States Constitution and compared its mental capability to that of a 7- or 8-year-old. Lemoine's claims were widely dismissed by the scientific community and by Google itself, which described Lemoine's conclusions as "wholly unfounded" and fired him on the grounds that he had violated policies "to safeguard product information". It is much more common that AI researchers unintentionally imply humanness of AI through the ordinary use of anthropomorphic language to describe nonhuman agents. This kind of language, which Daniel Dennett coined the "intentional stance", is very common in everyday life in a variety of different contexts (e.g., "My computer doesn't want to turn on today"). For AI agents that may actually appear to very closely replicate some human abilities, however, the casual use of such anthropomorphic language in research has been scrutinized for being potentially misleading to the public. As early as 1976, Drew McDermott criticized the research community for the use of "wishful mnemonics", where AIs were referred to with terms like "understand" and "learn". In the LLM era, these criticisms have further intensified, with the negative effects of AI anthropomorphism in the public posing an especially salient danger given the elevated accessibility of modern AI. In some cases, the use of anthropomorphic language for AI is not unintentional, but is willfully used by researchers in order to promote better understanding of the brain – the idea being that, as AI can be functionally similar in some ways to the human brain, we may gain new insights and ideas from treating AI as a kind of model of the brain's workings. In particular, deep neuronal networks (DNNs) are often explicitly compared to the human brain, and significant advances in DNN research have stirred considerable enthusiasm about the ability of AI to emulate the human abilities. Caution has been urged in this domain as well, however; the use of anthropomorphic language can mask important differences that fundamentally distinguish AI from human intelligence. When it comes to DNNs, for example, it has been pointed out that they are still structurally quite different
security.txt is an accepted standard for website security information that allows security researchers to report security vulnerabilities easily. The standard prescribes a text file named security.txt in the well known location, similar in syntax to robots.txt but intended to be machine and human readable, for those wishing to contact a website's owner about security issues. security.txt files have been adopted by Google, GitHub, LinkedIn, and Facebook. == History == The Internet Draft was first submitted by Edwin Foudil in September 2017. At that time it covered four directives, "Contact", "Encryption", "Disclosure" and "Acknowledgement". Foudil expected to add further directives based on feedback. In addition, web security expert Scott Helme said he had seen positive feedback from the security community while use among the top 1 million websites was "as low as expected right now". In 2019, the Cybersecurity and Infrastructure Security Agency (CISA) published a draft binding operational directive that requires all US federal agencies to publish a security.txt file within 180 days. The Internet Engineering Steering Group (IESG) issued a Last Call for security.txt in December 2019 which ended on January 6, 2020. A study in 2021 found that over ten percent of top-100 websites published a security.txt file, with the percentage of sites publishing the file decreasing as more websites were considered. The study also noted a number of discrepancies between the standard and the content of the file. In April 2022 the security.txt file has been accepted by Internet Engineering Task Force (IETF) as RFC 9116. == File format == security.txt files can be served under the /.well-known/ directory (i.e. /.well-known/security.txt) or the top-level directory (i.e. /security.txt) of a website. The file must be served over HTTPS and in plaintext format.
Digital supply chain security refers to efforts to enhance cyber security within the supply chain. It is a subset of supply chain security and is focused on the management of cyber security requirements for information technology systems, software and networks, which are driven by threats such as cyber-terrorism, malware, data theft and the advanced persistent threat (APT). Typical supply chain cyber security activities for minimizing risks include buying only from trusted vendors, disconnecting critical machines from outside networks, and educating users on the threats and protective measures they can take. The acting deputy undersecretary for the National Protection and Programs Directorate for the United States Department of Homeland Security, Greg Schaffer, stated at a hearing that he is aware that there are instances where malware has been found on imported electronic and computer devices sold within the United States. == Examples of supply chain cyber security threats == Network or computer hardware that is delivered with malware installed on it already. Malware that is inserted into software or hardware (by various means) Vulnerabilities in software applications and networks within the supply chain that are discovered by malicious hackers Counterfeit computer hardware == Related U.S. government efforts == Comprehensive National Cyber Initiative Defense Procurement Regulations: Noted in section 806 of the National Defense Authorization Act International Strategy for Cyberspace: White House lays out for the first time the U.S.’s vision for a secure and open Internet. The strategy outlines three main themes: diplomacy, development and defense. Diplomacy: The strategy sets out to “promote an open, interoperable, secure and reliable information and communication infrastructure” by establishing norms of acceptable state behavior built through consensus among nations. Development: Through this strategy the government seeks to “facilitate cybersecurity capacity-building abroad, bilaterally and through multilateral organizations.” The objective is to protect the global IT infrastructure and to build closer international partnerships to sustain open and secure networks. Defense: The strategy calls out that the government “will ensure that the risks associated with attacking or exploiting our networks vastly outweigh the potential benefits” and calls for all nations to investigate, apprehend and prosecute criminals and non-state actors who intrude and disrupt network systems. == Related government efforts around the world == Common Criteria offers with Evaluation Assurance Level(EAL) 4 an opportunity to evaluate all relevant aspects of the digital supply chain security like the product, the development environment, IT systems security, the processes in human resource, physical security and with the module ALC_FLR.3 (Systematic Flaw Remediation) also security update processes and methods even by physical site visits. EAL 4 is mutually recognized in countries that signed the SOGIS-MRA and up to ELA 2 in countries the signed the CCRA but including ALC_FRL.3. Russia: Russia has had non-disclosed functionality certification requirements for several years and has recently initiated the National Software Platform effort based on open-source software. This reflects the apparent desire for national autonomy, reducing dependence on foreign suppliers. India: Recognition of supply chain risk in its draft National Cybersecurity Strategy. Rather than targeting specific products for exclusion, it is considering Indigenous Innovation policies, giving preferences to domestic ITC suppliers in order to create a robust, globally competitive national presence in the sector. China: Deriving from goals in the 11th Five Year Plan (2006–2010), China introduced and pursued a mix of security-focused and aggressive Indigenous Innovation policies. China is requiring an indigenous innovation product catalog be used for its government procurement and implementing a Multi-level Protection Scheme (MLPS) which requires (among other things) product developers and manufacturers to be Chinese citizens or legal persons, and product core technology and key components must have independent Chinese or indigenous intellectual property rights. == Private sector efforts == SLSA (Supply-chain Levels for Software Artifacts) is an end-to-end framework for ensuring the integrity of software artifacts throughout the software supply chain. The requirements are inspired by Google’s internal "Binary Authorization for Borg" that has been in use for the past 8+ years and that is mandatory for all of Google's production workloads. The goal of SLSA is to improve the state of the industry, particularly open source, to defend against the most pressing integrity threats. With SLSA, consumers can make informed choices about the security posture of the software they consume. == Other references == Financial Sector Information Sharing and Analysis Center International Strategy for Cyberspace (from the White House) NSTIC SafeCode Whitepaper Archived 2013-10-21 at the Wayback Machine Trusted Technology Forum and the Open Trusted Technology Provider Standard (O-TTPS) Archived 2012-01-03 at the Wayback Machine Cyber Supply Chain Security Solution Malware Implants in Firmware Supply Chain in the Software Era INFORMATION AND COMMUNICATIONS TECHNOLOGY SUPPLY CHAIN RISK MANAGEMENT TASK FORCE: INTERIM REPORT
iMazing is mobile device management software that allows users to transfer files and data between iOS devices (iPhone, iPad and iPod Touch) and macOS or Windows computers, in addition to many other features beyond the scope of what Apple's own tools enable. == History == Developed by DigiDNA, iMazing was initially released in 2008 as DiskAid, enabling users to transfer data and files from the iPhone or iPod Touch to Mac or Windows computers. DiskAid was renamed iMazing in 2014. Version 2.0 was released on September 13, 2016. In August 2021, version 2.14 of iMazing added a spyware detection feature. The feature is based on Amnesty International’s Mobile Verification Toolkit to detect Pegasus Spyware following the publication of Pegasus Project. == Description == With iMazing, an iPhone or iPad can be used similarly to an external hard drive. It performs tasks that iTunes doesn’t offer, including incremental backups of iOS devices, browsing and exporting text and voicemail messages, managing apps, encryption, and migrating data from an old phone to a new one. The menu bar app iMazing Mini enables automatic, wireless and encrypted backups of iPhones. The iMazing HEIC Converter is a free desktop app for Mac and PC that lets users convert photos from HEIC format to JPG or PNG.
Security and Privacy in Computer Systems is a paper by Willis Ware that was first presented to the public at the 1967 Spring Joint Computer Conference. == Significance == Ware's presentation was the first public conference session about information security and privacy in respect of computer systems, especially networked or remotely-accessed ones. The IEEE Annals of the History of Computing said that Ware's 1967 Spring Joint Computer Conference session, together with 1970's Ware report, marked the start of the field of computer security.
imo.im is a proprietary audio/video calling and instant messaging software service. It allows sending music, video, PDFs and other files, along with various free stickers. It supports encrypted group video and voice calls with up to 20 participants. According to its developer, the service possesses over 200 million users and over 50 million messages per day are sent through it. == History == The product was created as a web-based application in 2005 for accessing multiple chat platforms, including Facebook Messenger, Google Talk, Yahoo! Messenger, and Skype chat. It was developed by Pagebites, which is a subsidiary of Singularity IM, Inc. and required a subscriber's phone number to verify the users' account. In March 2014, support for all third-party messaging networks ended. In January 2018, the app reached 500 million installs. imo.im has implemented end-to-end encryption for its chats and calls, ensuring that the conversations remain private between the sender and receiver.
Exercism is an online, open-source, free coding platform that offers code practice and mentorship on 77 different programming languages. == History == Software developer Katrina Owen created Exercism while she was teaching programming at Jumpstart Labs. The platform was developed as an internal tool to solve the problem of her own students not receiving feedback on the coding problems they were practicing. Katrina put the site publicly online and found that people were sharing it with their friends, practicing together and giving each other feedback. Within 12 months, the site had organically grown to see over 6,000 users had submitted code or feedback, and hundreds of volunteers contribute to the languages or tooling on the platform. In 2016, Jeremy Walker joined as co-founder and CEO. In July 2018, the site was relaunched with a new design and centered around a formal mentoring mode, at which point Katrina stepped back from day-to-day involvement. == Product == In the past, the website differed from other coding platforms by requiring students to download exercises through a command line client, solve the code on their own computers then submit the solution for feedback, at which point they can also view other's solutions to the same problem. Since its second relaunch in 2021, solutions can be edited and submitted through a web editor, though the command line client remains available. Exercism has tracks for 74 programming languages. Among the notable languages taught: ABAP, C, C#, C++, CoffeeScript, Delphi, Elm, Erlang, F#, Gleam, Go, Java, JavaScript, Julia, Kotlin, Objective-C, PHP, Python, Raku, Red, Ruby, Rust, Scala, Swift, and V (Vlang). In 2023, the site launched a "12 in 23" challenge for users to learn the basics of 12 different languages - one per month in 2023. == Open source == The Exercism codebase is open source. In April 2016, it consisted of 50 repositories including website code, API code, command-line code and, most of all, over 40 stand-alone repositories for different language tracks. As of February 2024 Exercism has 14,344 contributors, maintains 366 repositories, and 19,603 mentors.
The North Atlantic Population Project (NAPP) is a collaboration of historical demographers in Britain, Canada, Denmark, Germany, Iceland, Norway, and Sweden to produce a massive census microdata collection for the North Atlantic Region in the late-nineteenth century. The database includes complete individual-level census enumerations for each country, and provides information on over 110 million people. This large scale allows detailed analysis of small geographic areas and population subgroups. The NAPP database is designed to be compatible with the Integrated Public Use Microdata Series (IPUMS), and is disseminated through the IPUMS data-access system at the Minnesota Population Center, University of Minnesota. Major collaborators on the project include Lisa Dillon, University of Montreal; Chad Gaffield, University of Ottawa; Ólöf Garðarsdóttir, Statistics Iceland; Marianne Jarnes Erikstad, University of Tromsø; Jan Oldervall University of Bergen; Evan Roberts, University of Minnesota; Steven Ruggles, University of Minnesota; Kevin Schürer, UK Data Archive; Gunnar Thorvaldsen, University of Tromsø; and Matthew Woollard, UK Data Archive. The project is also coordinated by the Minnesota Population Center at the University of Minnesota.