The W3C Device Description Working Group (DDWG), operating as part of the World Wide Web Consortium (W3C) Mobile Web Initiative (MWI), was chartered to "foster the provision and access to device descriptions that can be used in support of Web-enabled applications that provide an appropriate user experience on mobile devices." Mobile devices exhibit the greatest diversity of capabilities, and therefore present the greatest challenge to content adaptation technologies. The group published several documents, including a list of requirements for an interface to a Device Description Repository (DDR) and a standard interface meeting those requirements. The group was rechartered in 2006 to work in public towards the development of the Application Programming Interface (API) for a DDR. Early in 2007, the group launched a wiki and a blog to add to the public mailing list. The group subsequently published a formal vocabulary of core device properties, and an API called the DDR Simple API, which became a W3C Recommendation in December 2008. The group closed at the end of 2008, but with the intention of maintaining the Web pages, blog and wiki through W3C volunteer effort. == Publications == The DDWG published several W3C Working Group Notes and one W3C Recommendation. A W3C WG Note that articulates what the W3C and other organizations are doing or have already done with regard to device information. This document suggests an environment in which these technologies work together to meet the goals of content adaptation. The completed document was published on 31 October 2007. A W3C WG Note describing the ecosystem surrounding creation, maintenance and use of device descriptions. The completed document was published on 31 October 2007. A W3C WG Note describing a set of requirements for a reference repository of device descriptions. The completed document was published on 17 December 2007. A W3C WG Note describing a process to manage contributions to an initial core vocabulary, identification of key device properties, a formal initial core vocabulary and the identification of a maintainer for the core vocabulary. The details were contained in the Working Group Note describing the DDWG Core Vocabulary published on 14 April 2008. A W3C WG Note defining useful grouping and structure patterns in device descriptions. The Device Description Structures document was published as a Working Draft on 5 December 2008. The intention is that this document will be future input to other W3C groups. A W3C Recommendation defining a language-neutral programming interface to a Device Description Repository. The DDR Simple API was published on 5 December 2008. There is the possibility of future publications on the DDWG wiki describing implementations of the API in various languages, including Java, IDL, WSDL, C# etc. Much of the DDWG's material was developed in public via the DDWG Wiki and through their public mailing lists.
Nolot
Nolot is a chess test suite with 11 positions from real games. They were compiled by Pierre Nolot (French: [nɔ.lo]) for the French chess magazine Gambisco and posted on the rec.games.chess Usenet group in 1994. They were designed to be particularly hard to solve for chess engines to solve at the time, although modern engines can find a solution near-instantaneously. == Problem 1 == FEN: r3qb1k/1b4p1/p2pr2p/3n4/Pnp1N1N1/6RP/1B3PP1/1B1QR1K1 w - - 0 1 26.Nxh6!! c3 (26... Rxh6 27.Nxd6 Qh5 (best) 28.Rg5! Qxd1 29.Nf7+ Kg8 30.Nxh6+ Kh8 31.Rxd1 c3 32.Nf7+ Kg8 33.Bg6! Nf4 34.Bxc3 Nxg6 35.Bxb4 Kxf7 36.Rd7+ Kf6 37.Rxg6+ Kxg6 38.Rxb7 ±) 27.Nf5! cxb2 28.Qg4 Bc8 (28... g6!? 29.Kh2! 29.Qd7 30.Nh4 Bc6 31.Nc5! dxc 32.Rxe6 Nf6 33.Nxg6+ Kg7 34.Qg5 Nbd5 35.Ne5 Kh8 36.Nxd7 ±) 29.Qh4+ Rh6 30.Nxh6 gxh6 31.Kh2! Qe5 32.Ng5 Qf6 33.Re8 Bf5 34.Qxh6 (missing a mate in 6: 34.Nf7+ Qxf7 35.Qxh6+ Bh7 36.Rxa8 Nf6 37.Rxf8 Qxf8 38.Qxf8+ Ng8 39.Qg7#) 34...Qxh6 35.Nf7+ Kh7 36.Bxf5+ Qg6 37.Bxg6+ Kg7 38.Rxa8 Be7 39.Rb8 a5 40.Be4+ Kxf7 41.Bxd5+ 1–0 The best Novag computer, the Diablo 68000, finds 26. Nxh6 after seven and a half months (Pierre Nolot has let it run on the position for 14 months and one day, until a power failure stopped an analysis of over 80,000,000,000 nodes.) but for wrong reasons: it evaluates white's position as inferior and thinks this move would enable it to draw. Today Gambit Tiger 2.0 for example can find it quite quickly: Most free engines running on 64-bit processors in 2010 could solve this problem and the others in a few seconds. 1.Qd4 c3 2.Bxc3 Nxc3 3.Qxb4 Nxe4 4.Qxb7 Rb8 5.Qxb8 Qxb8 6.Bxe4 d5 7.Rb1 μ (-1.20) Depth: 12 00:00:09 6055 kN 1.Nxh6 c3 2.Nf5 cxb2 3.Qg4 Rb8 4.Nxg7 Rg6 5.Qxg6 Qxg6 6.Rxg6 Bxg7 7.Nxd6 ³ (-0.48) Depth: 12 00:00:21 14368 kN 1.Nxh6 c3 2.Nf5 cxb2 3.Qg4 Rc8 4.Nxg7 Rg6 5.Nxe8 Rxg4 6.Rxg4 Rxe8 7.Rg6 μ (-0.74) Depth: 13 00:00:55 38455 kN 1.Ne3 Rxe4 2.Bxe4 Qxe4 3.Nxd5 Qxd5 4.Qc1 Qf5 5.Qxh6+ Qh7 6.Qe6 Nd3 7.Re2 Nxb2 8.Rxb2 ³ (-0.58) Depth: 13 00:01:30 62979 kN 1.Ne3 Rxe4 ³ (-0.58) Depth: 14 00:02:02 84941 kN 1.Ne3 Nxe3 2.Rexe3 Bxe4 3.Qg4 Rg6 4.Qxe4 Qxe4 5.Bxe4 Rxg3 6.Rxg3 d5 7.Bf5 Re8 8.Bc3 ³ (-0.30) Depth: 15 00:03:05 128968 kN 1.Nxh6 ² (0.32) Depth: 15 00:07:58 350813 kN With the next ply showing a clear advantage. Stockfish 14dev 64bit 4CPU running on 2020 hardware recognises the significance of Nxh6!! in 1 second. Stockfish_21092606_x64_avx2: NNUE evaluation using nn-13406b1dcbe0.nnue enabled. 19/32 00:01 7708k 4882k +3,00 Nxh6 Rxh6 Nxd6 Qh5 Bg6 Qxd1 Nf7+ Kg8 Nxh6+ gxh6 Bh5+ Kh7 Rxd1 c3 Bxc3 Nxc3 Rd7+ Kh8 Rxb7 Ne4 Re3 Nxf2 Kxf2 Bc5 Ke2 Bxe3 Kxe3 Nd5+ Kf2 49/73 15:02 5118270k 5673k +6,15 Nxh6 Rxh6 Nxd6 Qh5 Rg5 Qxd1 Nf7+ Kg8 Nxh6+ Kh8 Rxd1 c3 Nf7+ Kg8 Bg6 Nf4 Bxc3 Nbd5 Rb1 Bc6 Bd2 Nxg6 Rxg6 Ne7 Rxc6 Nxc6 Rb6 Rc8 Ng5 a5 Ra6 Bb4 Be3 Ne5 Bd4 Nc6 Bb6 Bd2 h4 Kf8 Bc5+ Kg8 Be3 Bxe3 fxe3 Kf8 Kf2 Ke7 Nf3 Kd7 Rb6 Ne7 Rb5 Kd6 Rxa5 Rc2+ Kg3 Re2 Nd4 Rxe3+ Kf4 Rd3 Nf5+ Kc7 Nxe7 == Problem 2 == FEN: r4rk1/pp1n1p1p/1nqP2p1/2b1P1B1/4NQ2/1B3P2/PP2K2P/2R5 w - - 0 1 22.Rxc5!! Nxc5 23.Nf6+ Kh8 24.Qh4 Qb5+ (computers think there is perpetual check here, but...) 25.Ke3! 25... h5 26.Nxh5 Qxb3+ (26... d5+ 27.Bxd5 Qd3 28.Kf2 Ne4+ 29.Bxe4 Qd4+ 30.Kg2 Qxb2+ 31.Kh3 ±) and White won in 41 moves. Today Deep Junior 8.ZX for example finds it very quickly (around 1 minute): 1.Kd1 Rac8 2.Bh6 Qb5 3.Rc3 Qf1+ 4.Kc2 Rc6 5.Bxf8 −+ (-2.11) Depth: 12 00:00:04 10422 kN 1.Nxc5 Nxc5 2.Rxc5 Qxc5 3.e6 Rae8 4.e7 Nc8 5.Kf1 Nxd6 6.Bf6 b5 −+ (-2.10) Depth: 12 00:00:14 25054 kN 1.Bf6! μ (-1.35) Depth: 12 00:00:17 34601 kN 1.Bf6 Qb5+ 2.Ke1 Bb4+ 3.Kf2 Bc5+ = (0.00) Depth: 12 00:00:20 34601 kN 1.Bf6 Qb5+ 2.Ke1 Nxf6 3.Nxf6+ Kg7 4.Nh5+ gxh5 5.Qf6+ Kg8 6.Qg5+ Kh8 7.Qf6+ = (0.00) Depth: 15 00:01:01 130544 kN 1.Rxc5! = (0.15) Depth: 15 00:01:12 145875 kN 1.Rxc5 Nxc5 2.Nf6+ Kh8 3.Qh4 Qb5+ 4.Ke3 h5 5.Nxh5 Qd3+ 6.Kf2 Ne4+ 7.fxe4 Qd4+ 8.Kf1 Qd3+ 9.Ke1 Qb1+ 10.Bd1 ± (2.18) Depth: 15 00:01:18 145875 kN Stockfish 14dev 64bit 4CPU running on 2020 hardware recognises the significance of Rxc5!! in 1 second. Stockfish_21092606_x64_avx2: NNUE evaluation using nn-13406b1dcbe0.nnue enabled. 21/25 00:01 5822k 5545k +6,61 Rxc5 Qxc5 Nxc5 Nxc5 Bh6 Nbd7 Bxf8 Rxf8 Qe3 Rc8 f4 Nxe5 Qxe5 Ne6 Bxe6 Rc2+ Kd3 Rxh2 46/86 11:27 5057055k 7355k +7,61 Rxc5 Qxc5 Nxc5 Nxc5 Bf6 Ne6 Qh6 Nd4+ Kf2 Nf5 Qg5 Nd7 h4 Nxf6 Qxf6 Ng7 d7 b5 Bd5 Rab8 b4 Nh5 Bxf7+ Rxf7 d8R+ Rxd8 Qxd8+ Rf8 Qd5+ Kg7 e6 Kf6 Qd7 Ng7 Qd4+ Kxe6 Qxg7 Rf7 Qc3 Ke7 Qc5+ Ke8 Qc8+ Ke7 h5 gxh5 Kg3 h4+ Kh2 h6 Qc5+ Kf6 Qxb5 Kg7 f4 Rxf4 Qe5+ Rf6 b5 h3 Qd4 Kg8 Qxf6 h5 Blacks 22. .. Nxc5 is suboptimal and leads faster mate 77/44 09:18 6987714k 12518k +M22 Nf6+ Kh8 Qh4 Qb5+ Ke3 Qxb3+ axb3 h5 Nxh5 Nd5+ Kd4 Ne6+ Kxd5 Nxg5 Qxg5 gxh5 f4 Rad8 f5 f6 Qxh5+ Kg7 Qg6+ Kh8 e6 b6 e7 Rb8 exf8Q+ Rxf8 Ke6 b5 Ke7 Rb8 Qh5+ Kg7 Qf7+ Kh8 Kxf6 Rf8 Qxf8+ Kh7 Qg7+ == Problem 3 == FEN: r2qk2r/ppp1b1pp/2n1p3/3pP1n1/3P2b1/2PB1NN1/PP4PP/R1BQK2R w KQkq - 0 1 12.Nxg5!! Bxd1 13.Nxe6 Qb8 14.Nxg7+!! Kf8 15.Bh6! Bg4 16.0-0+ Kg8 17.Rf4 ± White wins with a queen sac but black has defensive resources. Stockfish 8 64bit 3CPU running on 2016 hardware recognizes the significance of Nxg5!! in 55 seconds. Stockfish 14 dev (Stockfish_21092606_x64_avx2) 64bit 4CPU running on 2020 hardware recognizes the significance of Nxg5!! in 1 second. NNUE evaluation using nn-13406b1dcbe0.nnue enabled. 21/34 00:01 8291k 4530k +2,78 Nxg5 Bxd1 Nxe6 Qb8 Nxg7+ Kd8 Kxd1 b5 N3f5 Bf8 Rf1 Kc8 Nh5 Kb7 Bxb5 Ne7 g4 a6 Ba4 Nxf5 gxf5 Ka7 Nf4 c5 47/59 37:49 10390430k 4578k +3,16 Nxg5 Bxd1 Nxe6 Qb8 Nxg7+ Kd8 Kxd1 b5 Rf1 Kc8 N3f5 Bf8 Ne6 Kd7 Nf4 Ne7 g4 a5 Ke2 Qb7 h4 Ra6 a3 Kc8 Be3 Kb8 Kf3 Rb6 Bd2 Qc8 Kg3 c5 Be3 c4 Nxe7 Bxe7 Bf5 Qd8 h5 Qg8 Kh3 Bg5 Rf3 Ra6 Raf1 b4 Nxd5 Qxd5 Bxg5 bxc3 bxc3 Rb6 Be3 Rb3 Blacks 14 .. Kf8 is suboptimal and leads loss fast 41/68 06:31 3269727k 8350k +9,28 Bh6 Kg8 Rxd1 Bf8 N3h5 Bxg7 Nxg7 Qf8 Nf5 Ne7 Bxf8 Nxf5 Bxf5 Rxf8 Be6+ Kg7 Rd3 Rf4 Bxd5 c6 Rg3+ Kf8 Rf3 Rxf3 Bxf3 Kg7 Rf1 Re8 Be4 Re6 Ke2 a5 Ke3 Rh6 h3 a4 Kf4 Re6 h4 Re8 Ke3 h6 h5 Rf8 Rxf8 Kxf8 == Problem 4 == FEN: r1b1kb1r/1p1n1ppp/p2ppn2/6BB/2qNP3/2N5/PPP2PPP/R2Q1RK1 w kq - 0 1 10.Nxe6!! Qxe6 11.Nd5 Kd8 12.Bg4 Qe5 13.f4 Qxe4 (13...Qxb2 stronger but not sufficient: 14.Bxd7 Bxd7 15.Rb1 Qa3 16.Nxf6 Bb5 17.Qd4 Qc5 18.Rfd1 ±) 14.Bxd7 Bxd7 15.Nxf6 gxf6 16.Bxf6+ Kc7 17.Bxh8 and Black resigned on move 27. Stockfish 14dev 64bit 4CPU running on 2020 hardware recognises the significance of 10.Nxe6 in 1 second. Stockfish_21092606_x64_avx2: NNUE evaluation using nn-13406b1dcbe0.nnue enabled. 22/37 00:01 6955k 5367k +4,00 Nxe6 Qxe6 Nd5 Kd8 Bg4 Qe5 f4 Qxb2 Rb1 Qa3 Bxd7 Bxd7 Nxf6 Bb5 Rf3 Qxa2 c4 Bxc4 Rf2 Qa5 Nd5+ f6 Nxf6 Kc7 Rc1 b5 Qd5 gxf6 Bxf6 Kb8 Rxc4 Qe1+ Rf1 51/70 47:10 14538911k 5137k +5,76 Nxe6 Qxe6 Nd5 Kd8 Bg4 Qe5 f4 Qxe4 Bxd7 Bxd7 Nxf6 Qf5 Qd4 Kc8 Nd5 Bc6 c4 f6 Nb6+ Kb8 Bh4 Be7 Rae1 Bd8 Nxa8 Kxa8 Bf2 Kb8 Qxd6+ Bc7 Ba7+ Kc8 Qe6+ Qxe6 Rxe6 h5 h4 Rd8 Re7 g6 Be3 Ba5 Kf2 Rd6 Rc1 Bd8 Rg7 Be4 Rg8 Kd7 c5 Rd3 Rc4 Bd5 Rg7+ Ke6 Rd4 Rxd4 Bxd4 Kf5 Rd7 Bc6 Rxd8 Kxf4 Bxf6 == Problem 5 == FEN: r2qrb1k/1p1b2p1/p2ppn1p/8/3NP3/1BN5/PPP3QP/1K3RR1 w - - 0 1 21.e5!! dxe5 22.Ne4! Nh5 23.Qg6!? (stronger is 23.Qg4!! Nf4 24.Nf3 Qc7 25.Nh4 ± ) 23...exd4? (23...Nf4 24.Rxf4! exf4 25.Nf3! Qb6 26.Rg5!! covering b5 and threatening Nf6 or Ne5-f7+) 24.Ng5 1−0 Stockfish 8 64bit 3CPU running on 2016 hardware recognises the significance of 21.e5 in 5 seconds. Stockfish 12 dev (Stockfish_20062212_x64_modern) 64bit 1CPU running on 2016 hardware recognizes the significance of 21.e5 in 11 seconds. 25/42 00:06 7 963k 1309k +6,93 e5 Nh5 Ne4 dxe5 Nf3 Nf4 Qg4 Qc7 Nh4 Bc6 Nf6 g5 Rxf4 exf4 Qh5 Qe7 Ng6+ Kg7 Nxe7 Rxe7 Ng4 37/62 03:12 298 083k 1545k +10,70 e5 Ng4 Qxg4 Qg5 Qh3 Qxe5 Nde2 g5 Rxf8+ Kg7 Rff1 Rf8 Re1 Qf5 Qg3 Rad8 Nd4 Qf4 Nxe6+ Bxe6 Rxe6 Qxg3 == Problem 6 == FEN: rnbqk2r/1p3ppp/p7/1NpPp3/QPP1P1n1/P4N2/4KbPP/R1B2B1R b kq - 0 1 13... axb5!! offers an exchange to keep the white queen out of play. 14.Qxa8 Bd4 15.Nxd4 cxd4 16.Qxb8 0-0! 17.Ke1 Qh4 18.g3 Qf6 19.Bf4 g5? (Ivanchuk found 19...d3! during post-game analysis.) 20.Rc1 exf4 21.Qxf4 Qd4 22.Rd1 bxc4 23.e5 Qc3+ 24.Rd2 Re8 25.Bxd3 cxd3 −+ Tasc R30 finds 19... d3! in 2 1/2 hours. 19... Bf5!! is even stronger than 19... d3. Position is already lost at 19... d3 +8.00 for black, ... Bf5 not much better Stockfish 14dev 64bit 4CPU running on 2020 hardware recognises the significance of axb5!! in 1 second. Stockfish_21092606_x64_avx2: NNUE evaluation using nn-13406b1dcbe0.nnue enabled. 21/28 00:01 9264k 4714k -1,22 axb5 Qxa8 Bd4 Nxd4 cxd4 h3 Nf6 Bg5 0-0 cxb5 h6 Bxf6 Qxf6 Re1 Nd7 Kd1 Qg6 Qa4 Qg3 Qc2 Qxa3 Bd3 Qxb4 Qb1 46/67 1:05:00 18113493k 4644k -2,40 axb5 Qxa8 Bd4 h3 Nf6 Nxd4 exd4 Kf2 Nxe4+ Kg1 Nd7 Bg5 Qxg5 Qxc8+ Ke7 Qc7 Qe5 d6+ Qxd6 Qxd6+ Kxd6 bxc5+ Ndxc5 cxb5 d3 h4 d2 Rh3 Ke5 Be2 f5 Ra2 Rd8 Bd1 Rd4 Re3 f4 Re2 b6 a4 Kd6 Rc2 Kd5 Ra2 h6 Rb2 Nxa4 Bxa4 Rxa4 Rexd2+ Nxd2 Rxd2+ Kc4 Rd7 g6 == Problem 7 == FEN 1r1bk2r/2R2ppp/p3p3/1b2P2q/4QP2/4N3/1B4PP/3R2K1 w k - 0 1 1.Rxd8+!! Rxd8 (1...Kxd8 2.Ra7! Qe2 3.Qd4+ Ke8 4.h3 Qe1+ 5.Kh2 Rd8 6.Qc5 Qh4 7.Ba3 Rd7 8.Ra8+ Rd8 9.g3 1−0)
PeduliLindungi
SatuSehat (Indonesian for "one health"), formerly PeduliLindungi (roughly "care to protect"), is a national integrated health data exchange platform, jointly developed by the Indonesian Ministry of Communication and Information Technology (Kemenkominfo), in partnership with Committee for COVID-19 Response and National Economic Recovery (KPCPEN), Ministry of Health (Kemenkes), Ministry of State-Owned Enterprises (KemenBUMN), and Telkom Indonesia. The SatuSehat platform aims to facilitate data accessibility and service efficiency for health providers and the government, and assist the public as a tool to access their own electronic medical record data. This app was the official COVID-19 contact tracing app used for digital contact tracing in Indonesia, and originally known as TraceTogether but later changed because Singapore had its app using the same name. == Implementation == On 23 August 2021, Coordinating Minister for Maritime and Investments Affairs, Luhut Binsar Panjaitan, encouraged the government to make this app a mandatory requirement before using public transportations, such as train, bus, ferry, and plane. Furthermore, citizen must have installed the app before entering shopping malls, factories, and sport venues. Every person who have received at least a dose of vaccine will receive a vaccine card and vaccination certificate which can be downloaded from the app. In December 2022, with the revocation of PPKM (Community Activities Restrictions Enforcement) starting from 1 January 2023, Ministry of Health issued a statement that the usage of the app is not a governmental mandatory requirement as it used to be. === Transition into a citizen health app === On 7 September 2022, it was announced that the app would be modified to become a citizen health app, capitalising on the reach of the app and the existing work done around the app. On 28 February 2023, the authorities announced that the app was rebranded to SATUSEHAT Mobile (lit. 'OneHealth Mobile'), with existing users needing to update the PeduliLindungi app and re-synchronise their COVID-19 related health information. The re-branded app would eventually be an all-in-one health service and records retrieval app for Indonesians. == Controversy == It was reported that the app requires continuous access to the phone's files, media, and GPS, which quickly drains the battery. Allowing location access only during use or denying it altogether will render the app unusable. This stands in stark contrast to COVID-19 apps used in other countries that only utilize Bluetooth and do not require any additional permissions. In September 2021, stored personal data of at least 1.3 million Indonesian residents were leaked online, including the vaccine certificate of President Joko Widodo. The data leak was also reported on eHAC (electronic Health Alert Card), a mandatory app used for air passengers.
Confused deputy problem
In information security, a confused deputy is a computer program that is tricked by another program (with fewer privileges or less rights) into misusing its authority on the system. It is a specific type of privilege escalation. The confused deputy problem is often cited as an example of why capability-based security is important. Capability systems protect against the confused deputy problem, whereas access-control list–based systems do not. Such systems can mitigate the confused deputy problem by eliminating ambient authority, allowing programs to act only on resources for which they hold explicit capabilities, whereas access-control list–based systems are more susceptible to it. However, this protection depends on correct implementation; in formally verified capability systems such as seL4, it can be shown that the kernel enforces capability constraints correctly, preventing such behavior at the system level. == Example == In the original example of a confused deputy, there was a compiler program provided on a commercial timesharing service. Users could run the compiler and optionally specify a filename where it would write debugging output, and the compiler would be able to write to that file if the user had permission to write there. The compiler also collected statistics about language feature usage. Those statistics were stored in a file called "(SYSX)STAT", in the directory "SYSX". To make this possible, the compiler program was given permission to write to files in SYSX. But there were other files in SYSX: in particular, the system's billing information was stored in a file "(SYSX)BILL". A user ran the compiler and named "(SYSX)BILL" as the desired debugging output file. This produced a confused deputy problem. The compiler made a request to the operating system to open (SYSX)BILL. Even though the user did not have access to that file, the compiler did, so the open succeeded. The compiler wrote the compilation output to the file (here "(SYSX)BILL") as normal, overwriting it, and the billing information was destroyed. === The confused deputy === In this example, the compiler program is the deputy because it is acting at the request of the user. The program is seen as 'confused' because it was tricked into overwriting the system's billing file. Whenever a program tries to access a file, the operating system needs to know two things: which file the program is asking for, and whether the program has permission to access the file. In the example, the file is designated by its name, “(SYSX)BILL”. The program receives the file name from the user, but does not know whether the user had permission to write the file. When the program opens the file, the system uses the program's permission, not the user's. When the file name was passed from the user to the program, the permission did not go along with it; the permission was increased by the system silently and automatically. It is not essential to the attack that the billing file be designated by a name represented as a string. The essential points are that: the designator for the file does not carry the full authority needed to access the file; the program's own permission to access the file is used implicitly. == Other examples == A cross-site request forgery (CSRF) is an example of a confused deputy attack that uses the web browser to perform sensitive actions against a web application. A common form of this attack occurs when a web application uses a cookie to authenticate all requests transmitted by a browser. Using JavaScript, an attacker can force a browser into transmitting authenticated HTTP requests. The Samy computer worm used cross-site scripting (XSS) to turn the browser's authenticated MySpace session into a confused deputy. Using XSS the worm forced the browser into posting an executable copy of the worm as a MySpace message which was then viewed and executed by friends of the infected user. Clickjacking is an attack where the user acts as the confused deputy. In this attack a user thinks they are harmlessly browsing a website (an attacker-controlled website) but they are in fact tricked into performing sensitive actions on another website. An FTP bounce attack can allow an attacker to connect indirectly to TCP ports to which the attacker's machine has no access, using a remote FTP server as the confused deputy. Another example relates to personal firewall software. It can restrict Internet access for specific applications. Some applications circumvent this by starting a browser with instructions to access a specific URL. The browser has authority to open a network connection, even though the application does not. Firewall software can attempt to address this by prompting the user in cases where one program starts another which then accesses the network. However, the user frequently does not have sufficient information to determine whether such an access is legitimate—false positives are common, and there is a substantial risk that even sophisticated users will become habituated to clicking "OK" to these prompts. Not every program that misuses authority is a confused deputy. Sometimes misuse of authority is simply a result of a program error. The confused deputy problem occurs when the designation of an object is passed from one program to another, and the associated permission changes unintentionally, without any explicit action by either party. It is insidious because neither party did anything explicit to change the authority. Another example is when an administrator authorizes an AI agent to act on their behalf, and that AI subsequently delegates authority to another AI agent neither vetted nor authorized by the original administrator. The unvetted AI can then act without permissions or oversight from the original developer. == Solutions == In some systems it is possible to ask the operating system to open a file using the permissions of another client. This solution has some drawbacks: It requires explicit attention to security by the server. A naive or careless server might not take this extra step. It becomes more difficult to identify the correct permission if the server is in turn the client of another service and wants to pass along access to the file. It requires the client to trust the server to not abuse the borrowed permissions. Note that intersecting the server and client's permissions does not solve the problem either, because the server may then have to be given very wide permissions (all of the time, rather than those needed for a given request) in order to act for arbitrary clients. The simplest way to solve the confused deputy problem is to bundle together the designation of an object and the permission to access that object. This is exactly what a capability is. Using capability security in the compiler example, the client would pass to the server a capability to the output file, such as a file descriptor, rather than the name of the file. Since it lacks a capability to the billing file, it cannot designate that file for output. In the cross-site request forgery example, a URL supplied "cross"-site would include its own authority independent of that of the client of the web browser.
Mixed raster content
Mixed raster content (MRC) is a method for compressing images that contain both binary-compressible text and continuous-tone components, using image segmentation methods to improve the level of compression and the quality of the rendered image. By separating the image into components with different compressibility characteristics, the most efficient and accurate compression algorithm for each component can be applied. MRC-compressed images are typically packaged into a hybrid file format such as DjVu and sometimes PDF. This allows for multiple images, and the instructions to properly render and reassemble them, to be stored within a single file. Some image scanners optionally support MRC when scanning to PDF. A typical manual states that without MRC, the image is generated in a single process, with text and graphics not distinguished. With MRC, separate processes are used for text, graphics, and other elements, producing clearer graphics and sharper text, at the price of slightly slower processing. MRC is recommended to optimise the scanning of documents with harder-to-read text or lower-quality graphics. MRC can also reduce the size of the scanned file, though higher compression using JBIG2 can sometimes lead to character substitution errors in scanned documents. == File format == A form of MRC is defined by international standard bodies as ISO/IEC 16485, or ITU recommendation T.44 (accessible free of charge). It defines a file format with bilevel masks and two data layers in each "stripe" of the image. The mask can be encoded in ITU T.4, JBIG1, or JBIG2, while the images can be JPEG, JBIG1, or run-length encoded color. The format is loosely based on JPEG, with a APP13 segment registered for this purpose. It is not known whether this file format is actually used, as formats like DjVu and PDF have their own ways of defining layers and masks.
Microsoft Fresh Paint
Fresh Paint is a painting app developed by Microsoft and released on May 25, 2012. == History == Fresh Paint originated from a Microsoft Research project known as Project Gustav, an endeavor to reproduce the behavior of physical oil paint on a digital medium. To push the boundaries of simulating oil on a digital medium, the research team created a physics model that precisely replicated on a screen what would happen in the real world if you combined oil, a surface and a tool such as a paint brush. Two publications, Detail-Preserving Paint Modeling for 3D Brushes and Simple Data-Driven Modeling of Brushes, were released as a result of the team’s findings. After a variety of internal testing Project, Gustav was codenamed Digital Art. Partnering with The Museum of Modern Art, Digital Art was tested for a year by 60,000 people. With feedback culled from MoMA, developers expanded the existing physics model, experimenting with how real oil paint blended and reacted to the texture of a canvas. After final adjustments were made, Digital Art was rebranded as Fresh Paint. It was released to the public on 25 May 2012.
Geofence warrant
A geofence warrant or a reverse location warrant is a search warrant issued by a court to allow law enforcement to search a database to find all active mobile devices within a particular geo-fence area. Courts have granted law enforcement geo-fence warrants to obtain information from databases such as Google's Sensorvault, which collects users' historical geolocation data. Geo-fence warrants are a part of a category of warrants known as reverse search warrants. == History == Geofence warrants were first used in 2016. Google reported that it had received 982 such warrants in 2018, 8,396 in 2019, and 11,554 in 2020. A 2021 transparency report showed that 25% of data requests from law enforcement to Google were geo-fence data requests. Google is the most common recipient of geo-fence warrants and the main provider of such data, although companies including Apple, Snapchat, Lyft, and Uber have also received such warrants. == Legality == === United States === Some lawyers and privacy experts believe reverse search warrants are unconstitutional under the Fourth Amendment to the United States Constitution, which protects people from unreasonable searches and seizures, and requires any search warrants be specific to what and to whom they apply. The Fourth Amendment specifies that warrants may only be issued "upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." Some lawyers, legal scholars, and privacy experts have likened reverse search warrants to general warrants, which were made illegal by the Fourth Amendment. Groups including the Electronic Frontier Foundation have opposed geo-fence warrants in amicus briefs filed in motions to quash such orders to disclose geo-fence data. In 2024, a panel of the United States Fourth Circuit Court of Appeals considered data acquired from Google’s Sensorvault not to be a search, but non-private business records when users opt-in to Google’s location history. However, upon a rehearing en banc, the Court vacated that decision. In April 2025, the full Court affirmed the judgment solely on the 'good faith' exception, leaving the underlying constitutional question of whether geofence warrants constitute a search unsettled in the Circuit. However, the United States Fifth Circuit Court of Appeals found that geofence warrants are "categorically prohibited by the Fourth Amendment." The split in Circuits prompted the United States Supreme Court to agree to hear Chatrie v. United States in January 2026.