AI News and Guides

Explore the best AI News and Guides — independent reviews, comparisons, pricing and step-by-step how-to guides, curated by Aizhi.

List of Java software and tools

This is a list of software and programming tools for the Java programming language, which includes frameworks, libraries, IDEs, build tools, application servers, and related projects. == Java frameworks == == Libraries == Apache Ant – build automation tool Apache Batik – SVG processing Apache Cayenne – object-relational mapping Apache Xerces – collection of software libraries for parsing, validating, serializing and manipulating XML. Applet – applet API Ardor3D – 3D graphics engine Bonita BPM – workflow engine Cassowary – constraint solving Checkstyle – static code analysis GNU Classpath – standard library implementation Colt – scientific computing and technical computing Commons Daemon – manages applications as daemons DESMO-J – discrete event simulation Diagrams.net – diagramming Disruptor – high-performance messaging Dom4j – XML processing Dynamic Languages Toolkit – support for dynamic programming languages on the JVM Echo – GUI Flying Saucer – XHTML/CSS rendering Formatting Objects Processor – XSL-FO to PDF H2 Database Engine – relational database IAIK-JCE – cryptography Internet Foundation Classes – legacy GUI JavaBeans – reusable component architecture for enabling encapsulation, events, and properties for software components JavaCC – open-source parser generator and lexical analyzer Java Class Library – standard library of Java and other JVM languages Java Native Access – provides Java programs easy access to native shared libraries without using the Java Native Interface Javolution – real-time computing Jblas – linear algebra JDBCFacade – simplifies JDBC use JExcel – Excel API JFugue – music programming JMusic – music programming Joget Workflow – workflow engine JOOQ Object Oriented Querying – fluent API for SQL JPOS – financial messaging JUNG – open-source graph modeling and visualization LanguageWare – language processing LibGDX – game development Modular Audio Recognition Framework – collection of voice, sound, speech, text and natural language processing algorithms. ASM – bytecode manipulation Open Inventor – 3D graphics OpenPDF – PDF Parallel Colt – parallel computing Parboiled – parser PlayN – game development QOCA – constraint solving QtJambi – Qt bindings SLF4J – logging StableUpdate – update management SWT – GUI SuanShu – numerical computing SwingLabs – GUI extensions UBY – natural language processing Undecimber – calendar XDoclet – attribute-oriented programming XINS – XML network services XStream – object serialization == Machine learning and AI == Apache Mahout – scalable machine learning library focused on clustering, classification, and collaborative filtering Apache MXNet – deep learning framework with Java API support Apache OpenNLP – machine learning based toolkit for natural language processing of text Deeplearning4j – distributed deep learning library Deep Java Library – open-source deep learning framework developed by Amazon Web Services Encog – framework for neural networks, genetic algorithms, Hidden Markov model, and Bayesian networks. LIBSVM – Support Vector Machine implementation Mallet – machine learning toolkit for classification, clustering, and topic modeling. MLlib – distributed machine-learning framework on top of Apache Spark Core Neuroph – lightweight neural network framework Weka – collection of machine learning algorithms for data mining Yooreeka – machine learning == Data mining == Java Data Mining (JDM) – standard Java API for data mining Massive Online Analysis (MOA) – data stream mining with concept drift == Math and scientific libraries == Apache Commons Math – general-purpose mathematics library including statistics, linear algebra, and optimization. Colt – high-performance scientific computing, including linear algebra and random numbers. Efficient Java Matrix Library (EJML) – dense and sparse matrix computations and linear algebra Easy Java Simulations – Open Source Physics project designed to create discrete computer simulations Exp4j – evaluates mathematical expressions at runtime GroovyLab – numerical computational environment Hipparchus – fork of Apache Commons Math with updated algorithms for statistics, linear algebra, and optimization. JAMA – numerical linear algebra library Jblas: Linear Algebra for Java (Jblas) – linear algebra library using native BLAS/LAPACK bindings Java Astrodynamics Toolkit – numerical library of software components for use in spaceflight applications for Java or MATLAB Matrix Toolkit Java (MTJ) – linear algebra library with BLAS and LAPACK support OjAlgo – optimization, linear algebra, and financial calculations. OptimJ – extension for mathematical optimization and constraint programming Parallel Colt – A parallel extension of Colt SuanShu – numerical analysis, linear algebra, statistics, and optimization. == Integrated development environments == See also: Java IDEs on Wikibooks Android Studio – IDE for Google's Android operating system BlueJ – educational IDE for teaching Java DrJava – lightweight Java IDE for beginners Eclipse IDE – open-source IDE with extensive plugin ecosystem Greenfoot – educational IDE IntelliJ IDEA – commercial and community editions from JetBrains JDeveloper – freeware IDE supplied by Oracle Corporation jGRASP – software visualizations MyEclipse – Java EE IDE NetBeans IDE – Apache NetBeans Visual Studio Code – general-purpose editor with Java extensions === Online IDEs === Eclipse Che GitHub Codespaces JDoodle Replit == Text editors with Java support == == Build tools and package managers == Apache Ant – automating software build Apache Ivy – subproject of Apache Ant Apache Maven – build automation and dependency management Boot – build automation for Clojure CMake – build tool with limited support for java Gradle – modern build automation tool Go continuous delivery (GoCD) – continuous delivery and build automation server Jenkins – automation server continuous delivery JitPack – package repository for Git projects Leiningen – build automation for Clojure Simple build tool (sbt) – open-source build tool Spring Roo – rapid application development of Java-based enterprise software WaveMaker – low-code development platform == Java runtimes, compilers and virtual machines == Android Runtime – runtime environment javac – Java programming language compiler Java Virtual Machine (JVM) – virtual machine that executes Java bytecode JD Decompiler JEB decompiler – disassembler and decompiler software for Android applications GraalVM – Just-in-time compilation HotSpot – JVM implementation included in OpenJDK == JVM languages and dialects == Clojure – Lisp dialect Groovy JRuby – Ruby implementation Jython – Python implementation Kotlin – popular for Android app development Renjin – R implementation Scala == Application servers and containers == Apache Geronimo – open source application server Apache MINA – event-driven asynchronous network application framework Apache Tomcat – web container and web server Apache TomEE – Apache Tomcat with Java EE features Borland Enterprise Server – discontinued application server by Borland ColdFusion – commercial application server by Adobe Systems GlassFish – application server for Jakarta EE IBM WebSphere Application Server – enterprise application server by IBM IBM WebSphere Application Server Community Edition – open source edition of WebSphere (discontinued) JBoss Enterprise Application Platform – Red Hat's supported distribution of JBoss/WildFly JEUS – commercial Java EE application server from TmaxSoft Jetty – HTTP server and web container Lucee (formerly Railo) – open source CFML application server Netty – non-blocking I/O client–server framework for network applications Oracle Containers for J2EE – discontinued application server by Oracle Oracle WebLogic Server – enterprise application server by Oracle Orion Application Server – early commercial Java EE server by IronFlare Payara Server – fork of GlassFish for production use Resin – Java application server by Caucho (open source and professional editions) SAP NetWeaver Application Server – enterprise application server by SAP WildFly – application server == Debugging and profiling tools == jdb – Java debugger bundled with the JDK JConsole – JMX-compliant monitoring tool JDK Flight Recorder – method profiling, allocation profiling, and garbage collection related events. JProfiler – commercial Java profiler VisualVM – visual tool integrating commandline JDK tools for profiling and monitoring == Testing and quality assurance == Apache JMeter – load testing tool JaCoCo – Java code coverage library JArchitect – analyzes code quality, architecture, and dependencies. Jtest – software testing and static analysis JUnit – unit testing framework Mockito – open-source testing framework for Java PMD – static program analysis source code analyzer Selenium – browser automation for web app testing Spock – test framework SpotBugs (formerly FindBugs) – static analysis tool TestNG – testing framework inspired by JUnit and NUnit == Other == Apache XMLBeans –
Read more →
Comparison of operating systems

These tables provide a comparison of operating systems, of computer devices, as listing general and technical information for a number of widely used and currently available PC or handheld (including smartphone and tablet computer) operating systems. The article "Usage share of operating systems" provides a broader, and more general, comparison of operating systems that includes servers, mainframes and supercomputers. Because of the large number and variety of available Linux distributions, they are all grouped under a single entry; see comparison of Linux distributions for a detailed comparison. There is also a variety of BSD and DOS operating systems, covered in comparison of BSD operating systems and comparison of DOS operating systems. == Nomenclature == The nomenclature for operating systems varies among providers and sometimes within providers. For purposes of this article the terms used are; kernel In some operating systems, the OS is split into a low level region called the kernel and higher level code that relies on the kernel. Typically the kernel implements processes but its code does not run as part of a process. hybrid kernel monolithic kernel Nucleus In some operating systems there is OS code permanently present in a contiguous region of memory addressable by unprivileged code; in IBM systems this is typically referred to as the nucleus. The nucleus typically contains both code that requires special privileges and code that can run in an unprivileged state. Typically some code in the nucleus runs in the context of a dispatching unit, e.g., address space, process, task, thread, while other code runs independent of any dispatching unit. In contemporary operating systems unprivileged applications cannot alter the nucleus. License and pricing policies vary widely among different systems. Among others, the tables below use the following terms: BSD BSD licenses are a family of permissive free software licenses, imposing minimal restrictions on the use and distribution of covered software. bundled The fee is included in the price of the hardware == General information == == Technical information == == Security == == Commands == For POSIX compliant (or partly compliant) systems like FreeBSD, Linux, macOS or Solaris, the basic commands are the same because they are standardized. NOTE: Linux systems may vary by distribution which specific program, or even 'command' is called, via the POSIX alias function. For example, if you wanted to use the DOS dir to give you a directory listing with one detailed file listing per line you could use alias dir='ls -lahF' (e.g. in a session configuration file).
Read more →
Data commingling

Data commingling, in computer science, occurs when different items or kinds of data are stored in such a way that they become commonly accessible when they are supposed to remain separated. In cloud computing, this can occur where different customer data sits on the same server. Data that is commingled can present a security vulnerability. Data commingling can also occur due to high speed data transmission mixing. In this situation, data of one security level can inadvertently or purposely be mixed with data of a lower or higher security level on the same transmission portal. Portal vehicles can be wire, fiber optics, microwave or various radio frequency transmission portals. This commingling can cause breaches of security and become a source of legal issues to any entity, corporation or individual. Data commingling can also occur when personal computers and personal software programs are used for business, security, government, etc. uses. In the early formulation stages of entities, non-profit or profit corporations, LLC's, LLP's, etc., the creation and use of stand-alone computers and stand-alone networks, "absolutely unconnected" to involved individuals, is the easiest, and safest way to prevent Data Commingling.
Read more →
Sample (graphics)

In computer graphics, a sample is an intersection of a channel and a pixel. The diagram below depicts a 24-bit pixel, consisting of 3 samples for Red, Green, and Blue. In this particular diagram, the Red sample occupies 9 bits, the Green sample occupies 7 bits and the Blue sample occupies 8 bits, totaling 24 bits per pixel. Note that the samples do not have to be equal size and not all samples are mandatory in a pixel. Also, a pixel can consist of more than 3 samples (e.g. 4 samples of the RGBA color space). A sample is related to a subpixel on a physical display.
Read more →
AdBlock

AdBlock is an ad-blocking browser extension for Google Chrome, Apple Safari (desktop and mobile), Firefox, Samsung Internet, Microsoft Edge and Opera. AdBlock allows users to prevent page elements, such as advertisements, from being displayed. It is free to download and use, and it includes optional donations to the developers. The AdBlock extension was created on December 8, 2009, which is the day that supports for extensions was added to Google Chrome. It was one of the first Google Chrome extensions that was made. Since 2016, AdBlock has been based on the Adblock Plus source code. In July 2018, AdBlock acquired uBlock, a commercial ad-blocker owned by uBlock LLC and based on uBlock Origin. In April 2021, eyeo GmbH (developer of Adblock Plus) announced its purchase of AdBlock, Inc (formerly BetaFish, Inc). == Crowdfunding == Gundlach launched a crowdfunding campaign on Crowdtilt in August 2013 in order to fund an ad campaign to raise awareness of ad-blocking and to rent a billboard at Times Square. After the one-month campaign, it raised $55,000. == Sales and acceptable ads == AdBlock was sold to an anonymous buyer in 2015 and on October 15, 2015, Gundlach's name was taken down from the site. In the terms of the deal, the original developer Michael Gundlach left operations to Adblock's continuing director, Gabriel Cubbage, and as of October 2, 2015, AdBlock began participating in the Acceptable Ads program. Acceptable Ads identifies "non-annoying" ads, which AdBlock shows by default. The intent is to allow non-invasive advertising, to either maintain support for websites that rely on advertising as a main source of revenue or for websites that have an agreement with the program. == Filters == AdBlock uses EasyList, the same filter syntax as Adblock Plus for Firefox, and natively supports the use of a number of filter lists. == Partnership with Amnesty International == On March 12, 2016, in support of World Day Against Cyber Censorship, and in partnership with Amnesty International, instead of blocking ads, AdBlock replaced ads with banners linked to articles on Amnesty's website, written by prominent free speech advocates such as Edward Snowden, to raise awareness of government-imposed online censorship and digital privacy issues around the world. The campaign was met with both praise and criticism, with AdBlock's CEO, Gabriel Cubbage, defending the decision in an essay on AdBlock's website, saying "We’re showing you Amnesty banners, just for today, because we believe users should be part of the conversation about online privacy. Tomorrow, those spaces will be vacant again. But take a moment to consider that in an increasingly information-driven world, when your right to digital privacy is threatened, so is your right to free expression." Meanwhile, Simon Sharwood of The Register characterized Cubbage's position as "'You should control your computer except when we feel political', says AdBlock CEO". == AdBlock for Firefox == On September 13, 2014, the AdBlock team released a version for Firefox users, ported from the code for Google Chrome, released under the same free software license as the original Adblock. The extension was removed on April 2, 2015, by an administrator on Mozilla Add-ons. On December 7, 2015, the official AdBlock site's knowledge base article stated that with version 44 or higher of Firefox desktop and Firefox Mobile, AdBlock will not be supported. The last version of Adblock for those platforms will work on older versions of Firefox. AdBlock was released again on Mozilla Add-ons on November 17, 2016. On April 1, 2012, Adblock developer Michael Gundlach tweaked the code to display LOLcats instead of simply blocking ads. Initially developed as a short-lived April Fools joke, the response was so positive that CatBlock was continued to be offered as an optional add-on supported by a monthly subscription. On October 23, 2014, the developer decided to end official support for CatBlock, and made it open-source, under GPLv3 licensing, as the original extension.
Read more →
Roposo

Roposo is an Indian video-sharing social media service, owned by Glance, a subsidiary of InMobi. Roposo provides a space where users can share posts related to different topics like food, comedy, music, poetry, fashion and travel. It is a platform where people express visually with homemade videos and photos. The app offers a TV-like browsing experience with user-generated content on its channels. Users can also use editing tools on the platform and upload their content. == History == Established in July 2014 under Relevant E-solutions Pvt. Ltd., Roposo is the brainchild of three IIT Delhi alumni – Mayank Bhangadia, Avinash Saxena, and Kaushal Shubhank. Under Bhangadia's leadership, the company pivoted from a fashion-based network into a short-form video platform with AI-powered moderation, and its journey was featured as a Harvard Business Publishing case study. In November 2019, Roposo was acquired by InMobi's Glance Digital Experience Pvt. Ltd.(the mobile content platform and part of the InMobi Group). When the Chinese-owned video-sharing app TikTok was banned on 30 June 2020, the app saw a huge spike in users with several TikTok users registering on Roposo. == Technology == The open platform has some features such as a TV-like browsing, different channels, a chat feature that lets buyers and sellers converse directly through the platform, and creation tools such as an option to add voice-over, music and GIF stickers for videos and photos.
Read more →
Tea (app)

Tea, officially Tea Dating Advice, is a dating surveillance mobile phone application that allows women to post personal data about men they are interested in or are currently dating. Founded by Sean Cook, the app rose to prominence in July 2025 after it was the subject of three major data leaks in July and August 2025. It was removed from Apple's App Store in October 2025, but remains available on the Google Play Store. == History == The app enables its users to upload, view, and comment on photos of men, check men's public records, and perform image searches. It also provides the ability to rate and review men, as well as a group chat function. The app uses artificial intelligence to verify that the user is a woman through facial analysis and other personal information to preserve the app as a women-only space. Users are required to submit their photo and an ID to access the app. The company that created the app was founded by businessman and tech capitalist Sean Cook, who stated in July 2025 that he was inspired to create the app because of his mother's experiences from online dating. According to the company, users remain anonymous, and the requirement to upload an ID was removed in 2023. An August 2025 investigation by 404 Media suggested that much of the information given by Cook on the historical background of the company was inaccurate. In July 2025, private messages, other personally identifying information, and approximately 72,000 images were leaked via 4chan. A further 1.1 million private messages were subsequently leaked using a separate security vulnerability; these included intimate conversations about controversial topics such as adultery and other forms of infidelity to their partners, discussions of abortion, phone numbers, meeting locations, and other confidential communications. The app's publishers subsequently revoked the ability to private message users in the app. Shortly after, the app was hidden from search on Android and an interactive, unverified map was also created of those in the files. By 7 August 2025, ten class action lawsuits had been filed. A further leak was reported later that month. Proponents have praised the app as an aid for women's safety by helping them check men for adultery, catfishing, criminal convictions and other "red flag" behaviors. Critics have described the app as a doxing tool and a violation of privacy, an opportunity for defamation against innocent individuals, and a witch hunt. Cook has stated that the company's legal team receives about three legal threats per day. Another mobile app, called TeaOnHer, was created in response of the app’s popularity. It was described as the male version of the Tea app. The app also reported a data breach in August 2025. In October 2025, Apple removed the app from their app store, telling journalists that the removal was due to a failure to meet company terms regarding content moderation and user privacy. Apple also mentioned an excessive amount of complaints, including allegations that the personal information of minors was being shared. The app remains on the Google Play Store.
Read more →
Multi-model database

In the field of database design, a multi-model database is a database management system designed to support multiple data models against a single, integrated backend. In contrast, most database management systems are organized around a single data model that determines how data can be organized, stored, and manipulated. Document, graph, relational, and key–value models are examples of data models that may be supported by a multi-model database. == Background == The relational data model became popular after its publication by Edgar F. Codd in 1970. Due to increasing requirements for horizontal scalability and fault tolerance, NoSQL databases became prominent after 2009. NoSQL databases use a variety of data models, with document, graph, and key–value models being popular. A multi-model database is a database that can store, index and query data in more than one model. For some time, databases have primarily supported only one model, such as: relational database, document-oriented database, graph database or triplestore. A database that combines many of these is multi-model. This should not be confused with multimodal database systems such as Pixeltable or ApertureDB, which focus on unified management of different media types (images, video, audio, text) rather than different data models. For some time, it was all but forgotten (or considered irrelevant) that there were any other database models besides relational. The relational model and notion of third normal form were the default standard for all data storage. However, prior to the dominance of relational data modeling, from about 1980 to 2005, the hierarchical database model was commonly used. Since 2000 or 2010, many NoSQL models that are non-relational, including documents, triples, key–value stores and graphs are popular. Arguably, geospatial data, temporal data, and text data are also separate models, though indexed, queryable text data is generally termed a "search engine" rather than a database. The first time the word "multi-model" has been associated to the databases was on May 30, 2012 in Cologne, Germany, during the Luca Garulli's key note "NoSQL Adoption – What’s the Next Step?". Luca Garulli envisioned the evolution of the 1st generation NoSQL products into new products with more features able to be used by multiple use cases. The idea of multi-model databases can be traced back to Object–Relational Data Management Systems (ORDBMS) in the early 1990s and in a more broader scope even to federated and integrated DBMSs in the early 1980s. An ORDBMS system manages different types of data such as relational, object, text and spatial by plugging domain specific data types, functions and index implementations into the DBMS kernels. A multi-model database is most directly a response to the "polyglot persistence" approach of knitting together multiple database products, each handing a different model, to achieve a multi-model capability as described by Martin Fowler. This strategy has two major disadvantages: it leads to a significant increase in operational complexity, and there is no support for maintaining data consistency across the separate data stores, so multi-model databases have begun to fill in this gap. Multi-model databases are intended to offer the data modeling advantages of polyglot persistence, without its disadvantages. Operational complexity, in particular, is reduced through the use of a single data store. == Benchmarking multi-model databases == As more and more platforms are proposed to deal with multi-model data, there are a few works on benchmarking multi-model databases. For instance, Pluciennik, Oliveira, and UniBench reviewed existing multi-model databases and made an evaluation effort towards comparing multi-model databases and other SQL and NoSQL databases respectively. They pointed out that the advantages of multi-model databases over single-model databases are as follows : == Architecture == The main difference between the available multi-model databases is related to their architectures. Multi-model databases can support different models either within the engine or via different layers on top of the engine. Some products may provide an engine which supports documents and graphs while others provide layers on top of a key-key store. With a layered architecture, each data model is provided via its own component. == User-defined data models == In addition to offering multiple data models in a single data store, some databases allow developers to easily define custom data models. This capability is enabled by ACID transactions with high performance and scalability. In order for a custom data model to support concurrent updates, the database must be able to synchronize updates across multiple keys. ACID transactions, if they are sufficiently performant, allow such synchronization. JSON documents, graphs, and relational tables can all be implemented in a manner that inherits the horizontal scalability and fault-tolerance of the underlying data store. == Theoretical Foundation for Multi-Model Databases == The traditional theory of relations is not enough to accurately describe multi-model database systems. Recent research is focused on developing a new theoretical foundation for these systems. Category theory can provide a unified, rigorous language for modeling, integrating, and transforming different data models. By representing multi-model data as sets and their relationships as functions or relations within the Set category, we can create a formal framework to describe, manipulate, and understand various data models and how they interact.
Read more →
Powerset (company)

Powerset was an American company based in San Francisco, California, that, in 2006, was developing a natural language search engine for the Internet. On July 1, 2008, Powerset was acquired by Microsoft for an estimated $100 million (~$143 million in 2024). Powerset was working on building a natural language search engine that could find targeted answers to user questions (as opposed to keyword based search). For example, when confronted with a question like "Which U.S. state has the highest income tax?", conventional search engines ignore the question phrasing and instead do a search on the keywords "state", "highest", "income", and "tax". Powerset on the other hand, attempts to use natural language processing to understand the nature of the question and return pages containing the answer. The company was in the process of "building a natural language search engine that reads and understands every sentence on the Web". The company has licensed natural language technology from PARC, the former Xerox Palo Alto Research Center. On May 11, 2008, the company unveiled a tool for searching a fixed subset of English Wikipedia using conversational phrases rather than keywords. Acquisition by Microsoft: One significant milestone in Powerset's history was its acquisition by Microsoft on July 1, 2008, for an estimated $100 million. This acquisition was part of Microsoft's broader strategy to enhance its search capabilities and compete more effectively with other search engine providers, particularly Google. Natural Language Search Engine: Powerset's primary focus was on developing a natural language search engine capable of understanding and interpreting user queries in a more human-like manner. Instead of simply matching keywords, Powerset aimed to comprehend the meaning behind the words, allowing for more accurate and contextually relevant search results. Technology and Partnerships: Powerset had licensed natural language technology from PARC, the Xerox Palo Alto Research Center. This technology likely played a crucial role in the development of Powerset's NLP capabilities. Wikipedia Search Tool: In May 2008, Powerset unveiled a search tool that allowed users to search a fixed subset of English Wikipedia using conversational phrases rather than traditional keywords. This demonstrated the potential of Powerset's NLP technology in providing more precise and relevant search results. == Powerlabs == In a form of beta testing, Powerset opened an online community called Powerlabs on September 17, 2007. Business Week said: "The company hopes the site will marshal thousands of people to help build and improve its search engine before it goes public next year." Said The New York Times: "[Powerset Labs] goes far beyond the 'alpha' or 'beta' testing involved in most software projects, when users put a new product through rigorous testing to find its flaws. Powerset doesn’t have a product yet, but rather a collection of promising natural language technologies, which are the fruit of years of research at Xerox PARC." Powerlabs' initial search results are taken from Wikipedia. == Notable people == Barney Pell (born March 18, 1968, in Hollywood, California) was co-founder and CEO of Powerset. Pell received his Bachelor of Science degree in symbolic systems from Stanford University in 1989, where he graduated Phi Beta Kappa and was a National Merit Scholar. Pell received a PhD in computer science from Cambridge University in 1993, where he was a Marshall Scholar. He has worked at NASA, as chief strategist and vice president of business development at StockMaster.com (acquired by Red Herring in March, 2000) and at Whizbang! Labs. Prior to joining Powerset, Pell was an Entrepreneur-in-Residence at Mayfield Fund, a venture capital firm in Silicon Valley. Pell is also a founder of Moon Express, Inc., a U.S. company awarded a $10M commercial lunar contract by NASA and a competitor in the Google Lunar X PRIZE. Steve Newcomb was the COO and co-founder of Powerset. Prior to joining Powerset, he was a co-founder of Loudfire, General Manager at Promptu, and was on the board of directors at Jaxtr. He left Powerset in October 2007 to form Virgance, a social startup incubator. Lorenzo Thione (born in Como, Italy) was the product architect and co-founder of Powerset. Prior to joining Powerset, he worked at FXPAL in natural language processing and related research fields. Thione earned his master's degree in software engineering from the University of Texas at Austin. Ronald Kaplan, former manager of research in Natural Language Theory and Technology at PARC, served as the company's CTO and CSO. Ryan Ferrier is a member of the founding team of Powerset. He managed personnel and internal operations. After 2008 he went on to co-found Serious Business, which made Facebook applications and was later bought by Zynga. Another Powerset alumnus, Alex Le, became CTO of Serious Business and went on to become an executive producer at Zynga when it bought the company. Siqi Chen founded a stealth startup in mobile computing after leaving Powerset. Tom Preston-Werner worked at Powerset and left after the acquisition to found GitHub. == Investors == Powerset attracted a wide range of investors, many of whom had considerable experience in the venture capital field. The company received $12.5 million (~$18.2 million in 2024) in Series A funding during November 2007, co-led by the venture capital firms Foundation Capital and The Founders Fund. Among the better-known investors: Esther Dyson, founding chairman of ICANN, founder of the newsletter Release 1.0 and editor at Cnet Peter Thiel, founder and former CEO of PayPal Luke Nosek, founder of PayPal Todd Parker. Managing Partner, Hidden River Ventures Reid Hoffman, executive vice president of PayPal and founder of LinkedIn First Round Capital, seed-stage venture firm
Read more →
Insider threat

An insider threat is a perceived threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems. == Overview == Insiders may have accounts giving them legitimate access to computer systems, with this access originally having been given to them to serve in the performance of their duties; these permissions could be abused to harm the organization. Insiders are often familiar with the organization's data and intellectual property as well as the methods that are in place to protect them. This makes it easier for the insider to circumvent any security controls of which they are aware. Physical proximity to data means that the insider does not need to hack into the organizational network through the outer perimeter by traversing firewalls; rather they are in the building already, often with direct access to the organization's internal network. Insider threats are harder to defend against than attacks from outsiders, since the insider already has legitimate access to the organization's information and assets. An insider may attempt to steal property or information for personal gain or to benefit another organization or country. The threat to the organization could also be through malicious software left running on its computer systems by former employees, a so-called logic bomb. == Research == Insider threat is an active area of research in academia and government. The CERT Coordination Center at Carnegie-Mellon University maintains the CERT Insider Threat Center, which includes a database of more than 850 cases of insider threats, including instances of fraud, theft and sabotage; the database is used for research and analysis. CERT's Insider Threat Team also maintains an informational blog to help organizations and businesses defend themselves against insider crime. The Threat Lab and Defense Personnel and Security Research Center (DOD PERSEREC) has also recently emerged as a national resource within the United States of America. The Threat Lab hosts an annual conference, the SBS Summit. They also maintain a website that contains resources from this conference. Complimenting these efforts, a companion podcast was created, Voices from the SBS Summit. In 2022, the Threat Lab created an interdisciplinary journal, Counter Insider Threat Research and Practice (CITRAP) which publishes research on insider threat detection. === Findings === In the 2022 Data Breach Investigations Report (DBIR), Verizon found that 82% of breaches involved the human element, noting that employees continue to play a leading role in cybersecurity incidents and breaches. According to the UK Information Commissioners Office, 90% of all breaches reported to them in 2019 were the result of mistakes made by end users. This was up from 61% and 87% over the previous two years. A 2018 whitepaper reported that 53% of companies surveyed had confirmed insider attacks against their organization in the previous 12 months, with 27% saying insider attacks have become more frequent. A report published in July 2012 on the insider threat in the U.S. financial sector gives some statistics on insider threat incidents: 80% of the malicious acts were committed at work during working hours; 81% of the perpetrators planned their actions beforehand; 33% of the perpetrators were described as "difficult" and 17% as being "disgruntled". The insider was identified in 74% of cases. Financial gain was a motive in 81% of cases, revenge in 23% of cases, and 27% of the people carrying out malicious acts were in financial difficulties at the time. The US Department of Defense Personnel Security Research Center published a report that describes approaches for detecting insider threats. Earlier it published ten case studies of insider attacks by information technology professionals. Cybersecurity experts believe that 38% of negligent insiders are victims of a phishing attack, whereby they receive an email that appears to come from a legitimate source such as a company. These emails normally contain malware in the form of hyperlinks. == Typologies and ontologies == Multiple classification systems and ontologies have been proposed to classify insider threats. Traditional models of insider threat identify three broad categories: Malicious insiders, which are people who take advantage of their access to inflict harm on an organization; Negligent insiders, which are people who make errors and disregard policies, which place their organizations at risk; and Infiltrators, who are external actors that obtain legitimate access credentials without authorization. == Criticisms == Insider threat research has been criticized. Critics have argued that insider threat is a poorly defined concept. Forensically investigating insider data theft is notoriously difficult, and requires novel techniques such as stochastic forensics. Data supporting insider threat is generally proprietary (i.e., encrypted data). Theoretical/conceptual models of insider threat are often based on loose interpretations of research in the behavioral and social sciences, using "deductive principles and intuitions of subject matter expert." Adopting sociotechnical approaches, researchers have also argued for the need to consider insider threat from the perspective of social systems. Jordan Schoenherr said that "surveillance requires an understanding of how sanctioning systems are framed, how employees will respond to surveillance, what workplace norms are deemed relevant, and what ‘deviance’ means, e.g., deviation for a justified organization norm or failure to conform to an organizational norm that conflicts with general social values." By treating all employees as potential insider threats, organizations might create conditions that lead to insider threats. == Sector-specific concerns == === Healthcare === The healthcare industry faces particularly acute insider threat risks due to the large number of workforce members who require access to sensitive patient records for legitimate clinical purposes. The U.S. Department of Health and Human Services has identified unauthorized access by insiders, including workforce snooping on patient records and theft of protected health information for identity fraud, as a persistent enforcement concern. The Health Insurance Portability and Accountability Act (HIPAA) Security Rule addresses insider threats through several administrative safeguards, including workforce security procedures requiring covered entities to implement policies for authorizing and supervising workforce members who work with electronic protected health information, as well as termination procedures to revoke access when employment ends (45 CFR 164.308(a)(3)). The rule also requires audit controls to record and examine information system activity (45 CFR 164.312(b)), enabling detection of unauthorized access by insiders. The December 2024 Notice of proposed rulemaking (NPRM) to overhaul the HIPAA Security Rule would strengthen insider threat defenses by mandating role-based access controls, requiring notification of relevant workforce members within 24 hours of any changes to access privileges, and requiring regular review of audit logs to detect anomalous access patterns.
Read more →
Security type system

In computer science, a type system can be described as a syntactic framework which contains a set of rules that are used to assign a type property (int, boolean, char etc.) to various components of a computer program, such as variables or functions. A security type system works in a similar way, only with a main focus on the security of the computer program, through information flow control. Thus, the various components of the program are assigned security types, or labels. The aim of a such system is to ultimately be able to verify that a given program conforms to the type system rules and satisfies non-interference. Security type systems is one of many security techniques used in the field of language-based security, and is tightly connected to information flow and information flow policies. In simple terms, a security type system can be used to detect if there exists any kind of violation of confidentiality or integrity in a program, i.e. the programmer wants to detect if the program is in line with the information flow policy or not. == A simple information flow policy == Suppose there are two users, A and B. In a program, the following security classes (SC) are introduced: SC = {∅, {A}, {B}, {A,B}}, where ∅ is the empty set. The information flow policy should define the direction that information is allowed to flow, which is dependent on whether the policy allows read or write operations. This example considers read operations (confidentiality). The following flows are allowed: → = {({A}, {A}), ({B}, {B}), ({A,B}, {A,B}), ({A,B}, {A}), ({A,B}, {B}), ({A}, ∅), ({B}, ∅), ({A,B}, ∅)} This can also be described as a superset (⊇). In words: information is allowed to flow towards stricter levels of confidentiality. The combination operator (⊕) can express how security classes can perform read operations with respect to other security classes. For example: {A} ⊕ {A,B} = {A} — the only security class that can read from both {A} and {A,B} is {A}. {A} ⊕ {B} = ∅ — neither {A} nor {B} are allowed to read from both {A} and {B}. This can also be described as an intersection (∩) between security classes. An information flow policy can be illustrated as a Hasse diagram. The policy should also be a lattice, that is, it has a greatest lower-bound and least upper-bound (there always exists a combination between security classes). In the case of integrity, information will flow in the opposite direction, thus the policy will be inverted. == Information flow policy in security type systems == Once the policy is in place, the software developer can apply the security classes to the program components. Use of a security type system is usually combined with a compiler that can perform the verification of the information flow according to the type system rules. For the sake of simplicity, a very simple computer program, together with the information flow policy as described in the previous section, can be used as a demonstration. The simple program is given in the following pseudocode: if y{A} = 1 then x{A,B} := 0 else x{A,B} := 1 Here, an equality check is made on a variable y that is assigned the security class {A}. A variable x with a lower security class ({A,B}) is influenced by this check. This means that information is leaking from class {A} to class {A,B}, which is a violation of the confidentiality policy. This leak should be detected by the security type system. === Example === Designing a security type system requires a function (also known as a security environment) that creates a mapping from variables to security types, or classes. This function can be called Γ, such that Γ(x) = τ, where x is a variable and τ is the security class, or type. Security classes are assigned (also called "judgement") to program components, using the following notation: Types are assigned to read operations by: Γ ⊢ e : τ. Types are assigned to write operations by: Γ ⊢ S : τ cmd. Constants can be assigned any type. The following bottom-up notation can be used to decompose the program: ⁠assumption1 ... assumptionn/conclusion⁠. Once the program is decomposed into trivial judgements, by which the type can easily be determined, the types for the less trivial parts of the program can be derived. Each "numerator" is considered in isolation, looking at the type of each statement to see if an allowed type can be derived for the "denominator", based on the defined type system "rules". ==== Rules ==== The main part of the security type system is the rules. They say how the program should be decomposed and how type verification should be performed. This toy program consists of a conditional test and two possible variable assignments. Rules for these two events are defined as follows: Applying this to the simple program introduced above yields: The type system detects the policy violation in line 2, where a read operation of security class {A} is performed, followed by two write operations of a less strict security class {A,B}. In more formalized terms, {A} ⋢ {A,B}, {A,B} (from the rule of the conditional test). Thus, the program is classified as "not typeable". === Soundness === The soundness of a security type system can be informally defined as: If program P is well typed, P satisfies non-interference. Volpano, Smith and Irvine were the first to prove soundness of a security type system for a deterministic imperative programming language with a standard (non-instrumented) semantics using the notion of non-interference.
Read more →
Device-independent pixel

A device-independent pixel (also: density-independent pixel, dip, dp) is a unit of length. A typical use is to allow mobile device software to scale the display of information and user interaction to different screen sizes. The abstraction allows an application to work in pixels as a measurement, while the underlying graphics system converts the abstract pixel measurements of the application into real pixel measurements appropriate to the particular device. For example, on the Android operating system a device-independent pixel is equivalent to one physical pixel on a 160 dpi screen, while the Windows Presentation Foundation specifies one device-independent pixel as equivalent to 1/96th of an inch. As dp is a physical unit it has an absolute value which can be measured in traditional units, e.g. for Android devices 1 dp equals 1/160 of inch or 0.15875 mm. While traditional pixels only refer to the display of information, device-independent pixels may also be used to measure user input such as input on a touch screen device.
Read more →
CloudPassage

CloudPassage is a company that provides an automation platform, delivered via software as a service, that improves security for private, public, and hybrid cloud computing environments. CloudPassage is headquartered in San Francisco. == History == CloudPassage was founded by Carson Sweet, Talli Somekh, and Vitaliy Geraymovych in 2010. The company used cloud computing and big data analytics to implement security monitoring and control in a platform called Halo. CloudPassage spent a year in stealth developing the Halo technology, coming out of stealth mode to a closed beta in January 2011. In June 2012, the company launched the commercial product that included configuration security monitoring, network microsegmentation, and two-factor authentication for privileged access management. By 2013, CloudPassage expanded Halo to support large enterprises with advanced security and compliance requirements with a product called Halo Enterprise. The first round of venture funding for the company raised $6.5 million. In April 2012, CloudPassage raised $14 million. The financing round was led by Tenaya Capital. In February 2014, CloudPassage announced that it had raised $25.5 million in funding led by Shasta Ventures. In total, the company has invested over $30 million in its technology and raised approximately $88 million in capital. == Product == The CloudPassage platform provides cloud workload security and compliance for systems hosted in public or private cloud infrastructure environments, including hybrid cloud and multi-cloud workload hosting models. The flagship product the company offers is called Halo. Halo secures virtual servers in public, private, and hybrid cloud infrastructures and provides file integrity monitoring (FIM) while also administering firewall automation, vulnerability monitoring, network access control, security event alerting, and assessment. The Halo platform also provides security applications such as privileged access management, software vulnerability scanning, multifactor authentication, and log-based IDS. In December 2013, CloudPassage set up six servers with Microsoft Windows and Linux operating systems and combinations of popular programs and invited hackers to attempt to hack into the servers. The top prize was $5,000 and the winning hacker was a novice that completed the task in four hours. CloudPassage programmed the servers to use basic default security settings to show how vulnerable cloud computing programs can be to security threats. == Awards and recognition == In May 2011, Gigaom named CloudPassage in its list of the Top 50 Cloud Innovators. That same month, eWeek recognized CloudPassage as one of 16 Hot Startup Companies Flying Under the Radar. SC Magazine named CloudPassage an Industry Innovator in the Virtualization and Cloud Security category in 2012. Also in 2012, The Wall Street Journal named CloudPassage a runner-up in the Information Security category of its Technology Innovation Awards. The CloudPassage large-scale security program, Halo, won Best Security Solution in 2014 at the SIIA Codie awards.
Read more →
WIPO GREEN

WIPO GREEN is a World Intellectual Property Organization program established in 2013 that supports global efforts to address climate change and food security through sharing of sustainable technology innovations. == WIPO GREEN database == The WIPO GREEN database is the foundation of the platform. The database is a free, solutions-oriented, global innovation catalog that connects needs for solving environmental or climate change problems with sustainable solutions from prototypes to marketable products available for sale, license, collaborations, knowledge transfer, joint ventures, or collaborations. Green technology innovators can promote their products, businesses, organizations, and governments looking for green technologies can explain their needs and seek collaboration with providers. As of July 2022, WIPO GREEN has over 120,000 technologies, needs and experts, more than 2000 users in 110 countries, and has recorded over 1000 connections made between technology providers and seekers. The database utilizes AI-assisted auto-matching, user uploads tracing and alerts, full-text search for solutions based on long need descriptions, and the Patent2Solution search function for finding commercial applications of a patent, which are some of the unique features of the database. Free registration is required for detailed record view and uploading. All technologies uploaded to the WIPO GREEN database remain the property of the rights holder. It is up to the rights holder and the collaborating parties to structure agreements in the manner they feel is most appropriate and effective. WIPO GREEN does not require that technologies or innovations uploaded to the database be patented or in the process of being patented. Therefore, technology providers can upload their technology while related patent applications are pending. Technology providers are encouraged to upload technology solutions on the WIPO GREEN database and connect with other users to explore partnerships, technology transfers, including funding and licensing opportunities. == Acceleration projects == Acceleration projects work with WIPO GREEN partners and local organizations to explore local challenges and green opportunities for particular environmental needs. These projects are organized annually in different countries or regions around and connect providers and seekers of green technologies. For example, the Latin America Acceleration Project explores innovative new technologies in the region and facilitates green technology exchange between providers and seekers in green opportunities in intensified crop rotation, soil re-carbonization, and forest management in Argentina; zero-till or conservation agriculture in Brazil; and wine production in Chile. In October 2021, a project in Indonesia on palm oil mill effluent (POME), a by-product of palm oil production that emits greenhouse gases and reportedly harms flora and fauna in local rivers, identified viable green solutions to turn the high organic content of POME wastewater into biogas and other environmentally friendly uses. Former projects took place in Cambodia, Indonesia, and the Philippines around wastewater treatment, agriculture, and water technologies. == The Green Technology Book == In November 2022 at UNFCCC COP27, WIPO introduced its new Flagship publication the Green Technology Book. This digital-first publication aims to put innovation, technology and intellectual property at the forefront in the fight against climate change. The inaugural edition of this annual publication focused on available solutions for climate-change adaptation to reduce vulnerability as well as to increase resilience to the impacts of climate change. The book was created in cooperation with the Climate Technology Center and Network (CTCN) and the Egyptian Academy of Scientific Research and Technology (ASTR). It features 200 adaptation technologies, which are also available in the WIPO GREEN database of innovative technologies and needs. == Partners Network == WIPO GREEN partners are public or private institutions that wish to collaborate to advance WIPO GREEN’s mission. The network is aimed at helping the implementation and diffusion of green technology innovations around the world. Partners include government institutions, intergovernmental organizations, academia, and businesses – from small and medium-sized enterprises to Fortune 500 companies. As of 2022, WIPO GREEN has a network of over 146 partner organizations involved in green technology.
Read more →
Comparison of operating systems

These tables provide a comparison of operating systems, of computer devices, as listing general and technical information for a number of widely used and currently available PC or handheld (including smartphone and tablet computer) operating systems. The article "Usage share of operating systems" provides a broader, and more general, comparison of operating systems that includes servers, mainframes and supercomputers. Because of the large number and variety of available Linux distributions, they are all grouped under a single entry; see comparison of Linux distributions for a detailed comparison. There is also a variety of BSD and DOS operating systems, covered in comparison of BSD operating systems and comparison of DOS operating systems. == Nomenclature == The nomenclature for operating systems varies among providers and sometimes within providers. For purposes of this article the terms used are; kernel In some operating systems, the OS is split into a low level region called the kernel and higher level code that relies on the kernel. Typically the kernel implements processes but its code does not run as part of a process. hybrid kernel monolithic kernel Nucleus In some operating systems there is OS code permanently present in a contiguous region of memory addressable by unprivileged code; in IBM systems this is typically referred to as the nucleus. The nucleus typically contains both code that requires special privileges and code that can run in an unprivileged state. Typically some code in the nucleus runs in the context of a dispatching unit, e.g., address space, process, task, thread, while other code runs independent of any dispatching unit. In contemporary operating systems unprivileged applications cannot alter the nucleus. License and pricing policies vary widely among different systems. Among others, the tables below use the following terms: BSD BSD licenses are a family of permissive free software licenses, imposing minimal restrictions on the use and distribution of covered software. bundled The fee is included in the price of the hardware == General information == == Technical information == == Security == == Commands == For POSIX compliant (or partly compliant) systems like FreeBSD, Linux, macOS or Solaris, the basic commands are the same because they are standardized. NOTE: Linux systems may vary by distribution which specific program, or even 'command' is called, via the POSIX alias function. For example, if you wanted to use the DOS dir to give you a directory listing with one detailed file listing per line you could use alias dir='ls -lahF' (e.g. in a session configuration file).
Read more →