Tech News

Otter Browser released its first stable version, 1.0.01, last week. It is a free and open-source browser with a GPLv3 license that aims to recreate the experience of the classic Opera (12.x) UI using Qt5. Fun Fact: 1.0.xx releases are codenamed Mordecai, after a character from Regular Show As the browser’s tagline states, “Controlled by the user, not vice versa”, users are free to contribute to making the browser better. Users can write code, create resources, report bugs, or suggest features. The browser uses JavaScript for interacting with rendering engines (when native APIs are not available). It is written primarily in C++ and leverages powerful features offered by the Qt5 framework. Enhancements in Otter browser 1.0.01 This stable version does not include all planned features. However, some features might be included in the 1.1 version later this year. The most important changes since the RC 12 include: There are some enhancements in the experimental backend for QtWebEngine (Blink), which include, the download dialog is now shown for the tab that initiated it. Also, there is an added support for handling requests to print page. This release also includes many other fixes. One issue that has not been solved is, the new browsing history backend does not store favicons yet. Read more about this release on Otter Browser’s official website. Chromium-based Brave browser shows 22% faster page load time than its Muon-based counterpart Introducing Basilisk, an open source XUL based browser and “close twin” to pre-Servo Firefox An SQLite “Magellan” RCE vulnerability exposes billions of apps, including all Chromium-based browsers

A team of researchers at the University of Maryland released unCaptcha2 last week, an updated version of their tool Uncaptcha that defeated Google's reCAPTCHA audio challenge with 85.15% accuracy in 2017. Google’s Audio challenge is aimed at solving reCAPTCHA's accessibility problem for visually challenged people who can’t see where to "tick the box" to prove that they’re a human and not a robot. Hence, they’re offered an option to listen to the audio and enter what they hear as a response. UnCaptcha, which was released in 2017, managed to pass the reCAPTCHA audio system by using an approach that involved downloading the audio and segmenting it. These segments were then uploaded to multiple speech-to-text services, which in turn would convert the message.                                                            unCaptcha Finally, the response obtained would be typed into the reCAPTCHA form to solve the challenge. However, after the attack in 2017, Google updated the reCAPTCHA form by introducing changes such as improved browser automation detection and using spoken phrases instead of digits for reCAPTCHA. These changes managed to successfully protect reCAPTCHA from the 2017 unCaptcha attack but failed to protect it from the new unCaptcha2. “As of June 2018, these challenges have been solved. The reCAPTCHA team..is..fully aware of this attack. The team has allowed us to release the code. The code now only needs to make a single request to a free, publicly available speech to text API (by Google) to achieve around 90% accuracy over all the captchas”, states the team. UnCaptcha2 makes use of a screen clicker that helps it move to certain pixels on the screen and move around the webpage as a human would. However, this method is not very robust and still needs more working. Also, unCaptcha2 uses a different approach than the first version and no longer requires the use of multiple speech-to-text engines as well as the segmentation approach. UnCaptcha2 involves navigating to Google's ReCaptcha Demo site, navigating to audio challenge for reCAPTCHA and then downloading the audio challenge. After this step, the audio challenge is submitted to Speech To Text services. Finally, the response obtained is typed in and submitted to solve the challenge. “unCaptcha2, like the original version, is meant to be a proof of concept. As Google updates its service, this repository will not be updated. As a result, it is not expected to work in the future, and is likely to break at any time,” state the researchers. Google launches score-based reCAPTCHA v3 to filter abusive traffic on websites Google’s secret Operating System ‘Fuchsia’ will run Android Applications: 9to5Google Report Google Cloud releases a beta version of SparkR job types in Cloud Dataproc

CES 2019, the annual consumer electronics show in Las Vegas will go from Tuesday, Jan. 8 through Friday, Jan. 11. However, the conference has unofficially kicked off on Sunday, January 6, followed by press conferences on Monday, Jan. 7. Over the span of these two days, a lot of companies showcased their latest projects and announced new products, software, and services. Let us look at the key announcements made by prominent tech companies so far. Nvidia Nvidia CEO Jensen Huang unveiled some "amazing new technology innovations." First, they announced that over 40 new laptop models in 100-plus configurations will be powered by NVIDIA GeForce RTX GPUs. Turing-based laptops will be available across the GeForce RTX family — from RTX 2080 through RTX 2060 GPUs, said Huang. Seventeen of the new models will feature Max-Q design. Laptops with the latest GeForce RTX GPUs will also be equipped with WhisperMode, NVIDIA Battery Boost, and NVIDIA G-SYNC. GeForce RTX-powered laptops will be available starting Jan. 29 from the world's top OEMs. Nvidia also announced the first 65-inch 4K HDR gaming display that will arrive in February for $4,999. LG LG Electronics, which have a major press release today, has already confirmed a variety of their new products. These include the release of LG's 2019 TVs with Alexa and Google Assistant support, 8K OLED, full HDMI 2.1 support and more. Also includes, LG CineBeam Laser 4K projector for voice control, new sound bars included with Dolby Atmos and Google Assistant and LG Gram 17 and new 14-inch 2-in-1. Samsung Samsung announced that their Smart TVs will be soon equipped with iTunes Movies & TV Shows and will support AirPlay 2 beginning Spring 2019. AirPlay 2 support will be available on Samsung Smart TVs in 190 countries worldwide. Samsung is also launching a new Notebook Odyssey to take PC gaming more seriously posing a threat to competitors Razer and Alienware. HP HP also announced HP Chromebook 14, at CES 2019. It is the world's first AMD-powered Chromebook running on either an AMD A4 or A6 processor with integrated Radeon R4 or R5 graphics. It has 4GB of memory and 32GB of storage and support for Android apps from the Google Play Store. These models will start shipping in January starting at $269. More announcements: Asus launches a new 17-inch, 10-pound Surface Pro gaming laptop, the Asus ROG Mothership. It has also announced Zephyrus S GX701, the smallest and lightest 17-inch gaming laptop yet. Corsair’s impressive compact gaming desktops come with Core i9 chips and GeForce RTX graphics L’Oréal’s newest prototype detects wearers’ skin pH levels Acer’s new Swift 7 will kill the bezel when it launches in May for $1,699. It is one of the thinnest and lightest laptops ever made Audeze’s motion-aware headphones will soon recreate your head gestures in-game Whirlpool is launching a Wear OS app for its connected appliances with simplified voice commands for both Google Assistant and Alexa devices. Vuzix starts selling its AR smart glasses for $1,000 Pico Interactive just revealed the Pico G2 4K, an all-in-one 4K VR headset based-on China’s best-selling VR unit, the Pico G2. It’s incredibly lightweight, powerful and highly customizable for enterprise purposes. Features include kiosk mode, hands-free controls, and hygienic design. You can have a look at all products that will be showcased at CES 2019. NVIDIA launches GeForce Now’s (GFN) ‘recommended router’ program to enhance the overall performance and experience of GFN NVIDIA open sources its game physics simulation engine, PhysX, and unveils PhysX SDK 4.0 Uses of Machine Learning in Gaming

Last week, Ilia Mirkin, a former software engineer of Google, shared on the nouveau mailing list that nouveau is now blacklisted in Chromium 71 and Chrome. Many users have been facing rendering issues with nouveau such as tabs and address bar getting partially or totally covered by multiple black rectangles. Users also experienced memory and CPU leak. Because of these kinds of bug reports, the Chromium team considers the driver unstable. The team has disabled the GPU-acceleration by default, but users can still bypass the block if they want to by using these two options: installing proprietary NVidia drivers or running Chrome with --ignore-gpu-blacklist. Why did the Chromium team decide to blacklist Nouveau? Looking at the performance issues, the Chromium team wanted to blacklist the nouveau driver a long time ago. Also, now that Ubuntu ships with nouveau support by default they think that it's time to blacklist it in Chrome and Chromium. Since Ubuntu LTS supports nouveau, it was quite confusing for users to understand why it is being considered unstable for Chromium. The team commented on a bug report that they do not have enough resources to investigate and fix bugs and their main priority is keeping the browser secure and stable. One of the team members said, “We want a stable & secure browser first, a GPU-accelerated one second, only if possible. The default driver on Ubuntu LTS has severe issues, asking non-technical users to update their driver is just not acceptable as a prerequisite to using Chrome. If someone is interested in well-scoping the brokenness (version range and/or devices affected), we're happy to take a patch to the blacklist.” In addition to rendering issues, it does not come with support for many features. Users also feel that the root cause is Nvidia, which does not provide open source drivers to the kernel, unlike Intel or AMD. Hence, nouveau (an open source device driver) does not show the same degree of stability or performance. Some felt that to avoid this confusion the Chromium team could have provided some kind of warning message and recommendation about how to update/remove the driver to one that is supported. NVIDIA launches GeForce Now’s (GFN) ‘recommended router’ program to enhance the overall performance and experience of GFN NVIDIA demos a style-based generative adversarial network that can generate extremely realistic images; has ML community enthralled NVIDIA makes its new “brain for autonomous AI machines”, Jetson AGX Xavier Module, available for purchase

Last month, researchers from USA, China, and Hong Kong published a paper in collaboration, titled as ‘Beware of Your Screen: Anonymous Fingerprinting of Device Screens for Off-line Protection’. This paper, presented at The 34th Annual Computer Security Applications Conference, highlights a new technique to enhance the security protection of QR-based payment, without undermining the payer’s privacy. The technique used by the researchers takes advantage of the unique luminance unevenness of a payer’s screen that is introduced by the imperfect manufacture process. The paper also presents a way to ensure that even when the payer’s digital wallet has compromised, an unauthorized payment cannot succeed. Besides this, the paper also takes into consideration the privacy issues that may arise if the screen’s features were naively deployed to authenticate the payer; as it could be misused by the vendors to link one’s different purchases together. To tackle this, the researchers have presented ‘AnonPrint’ that obfuscates the phone screen during each payment transaction. QR-code mobile payment systems are used by almost everyone today, including banks, service providers, and other commercial organizations. These payment systems are deployed solely using software without any hardware support. The paper highlights that in the absence of hardware support, a users wallet ‘can be vulnerable to an Os-level adversary’ which could be misused to generate a user’s payment tokens. To overcome this adversary, the researchers have demonstrated a method as a second factor authentication mechanism in the form of the physical features of a mobile's screen. The research takes advantage of the taried luminance levels of the pixels on the screen (which occurs due to the flaws in the manufacturing process) and can be used to uniquely characterize the screen. An advantage of this method is that, since the adversary cannot observe the physical features of the screen the physical fingerprint cannot be stolen even when the OS is fully compromised. Also, this second-factor authentication is fool-proof even when the secret key for generating QR codes is stolen or when a user’s phone has been fully compromised by the adversary. How is Anonymous screen Fingerprinting carried out? In order to enable service providers to utilize the screen to enhance security protection as well as preserve users privacy, the researchers have designed a new technique called ‘AnonPrint’. AnonPrint randomly generates visual one- time masks which is a pixel pattern with dots set to various brightness levels to obfuscate the distinguishable features of a user’s screen. The technique randomly creates a smooth textured pattern for each transaction (this pattern is also known to the provider), and displays a pattern as the background of QR code to disarrange the brightness of a screen, in line with the screen’s real-world physical properties i.e. the neighboring dots are correlated and the levels of brightness change smoothly. This will hide the physical properties of a screen, and the party that knows the mask, like the payment service provider, can verify whether the features collected from the protected screen are related to the authorized device or not. Here is an overview of how the system works: First, the user needs to submit the original screen fingerprint of their device to the payment provider when they open an account. The wallet app is modified to synchronize a secret random seed with the provider. This seed could be achieved through hashing the time for the payment together with a shared secret using a cryptographic hash function (e.g., SHA-256). This duo then bootstraps a pseudo random number generator (PRNG) each time when the wallet app needs to provide each party a sequence of random numbers for mask generation. The mask is displayed as the background for displaying the QR payment token, from which the POS scanner extracts the obfuscated screen fingerprint in addition to decoding the QR code, finally passing the information to the payment provider. The provider retrieves the shared secret and the original screen fingerprint using the claimed ID. Next, the same mask used by the payer is re-constructed and used with the with the original ngerprint as inputs for synthesizing a new obfuscated fingerprint. This is compared with the fingerprint  from the payer’s screen and the transaction can be approved the similarity of these two prints is above a certain threshold and other security checks are completed. How does AnonPrint obfuscate the screen? AnonPrint creates a ‘mask’, to hide the screen’s hardware fingerprint for every payment transaction. Such a mask is automatically generated by a digital wallet app, seeding a PRNG with a random number synchronized with the payment service provider. To obfuscate this hardware fingerprint and to maintain a screen’s realistic look, the researchers performed the following steps: (1) They first performed a ‘Random zone selection’, in which they produced a 180*108 pure white (with all pixels set to 255) image as the background and randomly selected from the image 20 mutually disjoint zones, each of size 16*16. (2) Next, came the ‘Dot darkening’ step.  From each zone, they randomly chose 3 pixels and set their pixel value to a random number between 0 to 100. (3) The team then performed Smoothing in which for every zone, AnonPrint blurs it using Gaussian Smoothing that , “smoothes out” the dark color of the selected pixels to its neighboring pixels. (4) Finally, they performed ‘Resizing’ where the mask image is resized and scaled to a 1800*1080 matrix whose values range from 220 to 255. The size of this image is iden- tical to the original fingerprint. Each user needs to register to the payment provider with an image of their unprotected screen when all pixels are set to the maximum gray-scale. During the payment, an image of a masked screen is used to authenticate the payer done on the payment service provider’s side by reconstructing the mask using the shared secret, and then obfuscate the fingerprint for comparing with the image from the vendor. Results and Discussion The researchers conducted various experiments in which they collected 100 smartphones- including iPhone, Samsung and many others.  All 100 phones were used to understand the effectiveness of the screen fingerprint in identifying the device. 50 phones were used to evaluate the anonymity protection and the effectiveness of AnonPrint separately.  iPhone 6s was used to capture images for screen fingerprinting. They implemented an Android application to display QR code and obfuscate a screen using masks derived from given random numbers for anonymous payment. To collect the fingerprints from each device, they displayed a QR code without obfuscation, and then continue to show 5 different masks on the screen with the same code. Each time, they took a picture from the screen and used the image to extract fingerprints. Their experiment concluded that for 88.75% of transactions, the vendors can accurately identify other transactions from the same customer, by simply looking at the features of their screens. Their experiment also proved that Anon Print indeed breaks vendors’ capability of linking screen fingerprint and that the overhead introduced by AnonPrint (only 50ms) is small for the offline payment. Fingerprint verification takes 2.4 seconds on average to be completed. You can head over to the paper for a detailed explanation on every experiment conducted to check fingerprint accuracy, anonymity protection, fingerprint verification and much more. The research results look promising and it will be interesting to see some potential implementation in the QR-payment systems of today. Head over to the paper for more insights on this news. NeurIPS 2018 paper: DeepMind researchers explore autoregressive discrete autoencoders (ADAs) to model music in raw audio at scale Cyber security researcher withdraws public talk on hacking Apple’s Face ID from Black Hat Conference 2019: Reuters report Stanford researchers introduce DeepSolar, a deep learning framework that mapped every solar panel in the US  

A former Apple software development manager, Bob Burrough has developed an environmentally-lit user interface. He demonstrated this unique UI concept named Project Erasmus on Tuesday in a YouTube video. This UI design basically changes the light, shade, and reflect on the UI elements based on the lighting of the surroundings. With this project, Burrough tries to bring back skeuomorphic design in UIs, which Apple got rid of since iOS 7. In the demonstration, he explained how this concept works. Basically, an Olloclip lens is attached to an iPhone’s front camera to capture a wide-angle shot of the room. This captured data is then used to create a lighting map, which includes data about the reflections and shadows across the environment. According to this map, the lighting effects on the graphic elements of the screen changes. For instance, based on the lighting in the room the toggle buttons and menu bars drop shadows and highlights. This UI design makes elements on the screen appear as real-life objects below the display. “It looks like the user-interface elements are physical objects that reside just beneath the surface of the screen, like you could reach in and touch them,” said Burrough in the demo. The project is still work-in-progress but looks very promising. Though this environmentally-lit UI concept wouldn’t make any performance upgrades, it would surely make the user experience even more immersive and open more possibilities for further inventions. Burrough said that developers can create a backlight effect for the UI elements when the device is in a dark room, similar to the keyboards that can light up in the dark. This UI design will make user interfaces more interactive, but developers have to ensure that it is not eating up the battery when implementing in an app. One of the YouTube users also pointed out an interesting benefit of this UI design, “As someone with color-deficient vision, I haven't been impressed by Apple's choice of colors to differentiate user interface elements. The presence of shadows would do a lot to define elements. This isn't useless at all. It's incredibly useful for people with issues like mine.” Watch the demo by Burrough here: https://www.youtube.com/watch?v=TIUMgiQ7rQs Thunderbird welcomes the new year with better UI, Gmail support and more Ionic v4 RC released with improved performance, UI Library distribution and more HashiCorp Vault 1.0 released with batch tokens, updated UI and more

A day after Christmas, Philips Hue experienced an outage where customers were experiencing issues creating new accounts, logging in and linking their account to third parties. The company concluded that this was due to “a lot of new activations”. According to a TechCrunch post, “many people received Hue’s connected lighting products over the holidays and were now trying to set up their smart bulbs and other devices all around the same time. Hue’s servers couldn’t keep up with the demand and weren’t responding to the incoming requests”. This meant that users could not create or log into their MyHue account, or connect their lights to their Amazon Echo or Google Home. Philips Hue’s Twitter account didn’t make a public announcement about the outage until Dec 26. Instead, the company was only replying to individual users. https://twitter.com/tweethue/status/1077996790035689474 The company then tweeted that the issue preventing successful account setup and device linking was resolved. https://twitter.com/tweethue/status/1078415024908128259 Almost a week after the company claimed that the issue was resolved, the company tweeted that they were having an issue with remote connectivity (Out of Home, voice commands). The company said that they would resolve the issue soon. However, the local connection via Wi-Fi would not be affected, the company tweeted. https://twitter.com/tweethue/status/1080867645858164736 One of the users tweeted pointing out that the company chose Twitter to let the users know and not via a notification email. https://twitter.com/bigjonvtpa/status/1080928370655924224 The company, however, informed the users that this issue will be resolved soon. If not, they could also disconnect their bridge for 30 seconds or try again later. To know more about this news in detail, head over to Philips Hue’s twitter thread. CenturyLink suffers a major outage; affects 911 services across several states in the US Fortnite server suffered a minor outage, Epic Games was quick to address the issue Ericsson’s expired software certificate issue causes massive outages in UK’s O2 and Japan’s SoftBank network services

A China-based cyber security researcher, Wish Wu, canceled his briefing on how he could crack biometric facial recognition on Apple Inc iPhones to be held at the Black Hat Asia hacking conference 2019. In a message to Reuters on Twitter, Wu said that his talk entitled 'Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms' was called as ‘misleading’ by his employer, and he was requested to withdraw his briefing from Black Hat- one of the most prestigious cybersecurity conferences- to be held at Singapore this year. In late December, Black Hat withdrew an abstract of the talk from their website after Wu’s employer- Ant Financial- uncovered problems with the research. The abstract stated that Face ID could be hacked with an image printed on an ordinary black-and-white printer and some tape. Ant Financial said in a statement that “'The research on the face ID verification mechanism is incomplete and would be misleading if presented”. Wu told Reuters that 'In order to ensure the credibility and maturity of the research results, we decided to cancel the speech’. He further added that he agreed with the decision to withdraw his talk, saying he was only able to reproduce hacks on iPhone X under certain conditions, but that it did not work with iPhone XS and XS Max. Black Hat conference spokeswoman Kimberly Samra said, “Black Hat accepted the talk after believing the hack could be replicated based on the materials provided by the researcher”. According to Apple, there is a one in 1 million chance a random person could unlock a Face ID, and 1 in 50,000 chance that would happen with the iPhone's fingerprint sensor. Thus, the idea that Face ID could be defeated or rather hacked into is disturbing. Especially because Face ID is used to lock down numerous functions on millions of iPhones which include banking apps, healthcare apps, emails, text messages, photos and much more. If fallen into the wrong hands, the hack could have damaging consequences and possibly compromise sensitive information. Head over to Reuters for more insights on this news. 7 Black Hat USA 2018 conference cybersecurity training highlights: Hardware attacks, IO campaigns, Threat Hunting, Fuzzing, and more Microsoft calls on governments to regulate Facial recognition tech now, before it is too late DC Airport nabs first imposter using its newly deployed facial recognition security system

This Wednesday, GitHub pages were non-functional as there was some instability in their servers. A hacker claimed that he performed a DDoS attack on the website. Github was down for roughly about an hour before normal functionality was restored. A hacker that goes by the name of Hax Stroke, a part of Ghost Squad Hackers Tweeted: https://twitter.com/HaxStroke/status/1080517770222231553 Hax Stroke claims to have performed the attack using RPCBIND service DDoS amp and that it was ‘just a demo’. The Issues, PRs, Dashboard, Projects seemed to be down, enough for the website to not load at all. https://twitter.com/odraudek99/status/1080517844763377665 The outage was observed in many parts of the globe. https://twitter.com/ReportOutage/status/1080517092569423878 The same person also claims to be responsible for the YouTube outage end of last year. https://twitter.com/HaxStroke/status/1052743020435640325 The new year has just started and users observed issues in using GitHub: https://twitter.com/arungupta/status/1080518646152089601 On their status website, their official comment as of January 2, 16:32 UTC is: “Resolved - We observed elevated error rates and discovered a capacity issue in one of our databases which impacted Web, API, and Gists. A backlog was cleared and systems returned to normal.” This isn’t the first time when the crowd favorite open-source repository was malfunctional. In October last year, GitHub was down for one whole day due to a failure in its data storage system. GitHub down for a complete day due to failure in its data storage system GitHub plans to deprecate GitHub services and move to Webhooks in 2019 GitHub Octoverse: The top programming languages of 2018

Adding to the list of Python-like programming languages is Coconut that allows developers write simple and elegant functional code, while using the familiar Python environment and libraries. It is basically a superset of Python that adds on top of Python syntax and is inspired by programming languages like Haskell, CoffeeScript, F#, and patterns.py. The language is written by Evan Hubinger, an undergraduate student studying mathematics and computer science at Harvey Mudd College. Why Coconut was developed? Writing functional programs in Python can be challenging at times. While Python does allow developers to write high-order functions, it lacks concise syntax for lambdas, boilerplate-less pattern matching, etc. One Hacker News user mentioned, “It's capable of functional programming in the sense that functions are first class values that you can pass around, but it is infamously hostile to functional programming. For example, Python still doesn't have multiline lambdas, and the justifications for why always boil down to it being "unpythonic".” This is what Coconut tries to solve by bringing tools of modern functional programming. It provides a clean -> operator replacing Python’s lambda statements. It supports pipeline-style programming, partial application, pattern-matching, destructuring assignment, parallel programming, and more. To provide optional static type-checking you can integrate Coconut with MyPy, which is an optional static type checker for Python. But, it is not purely functional that allows programmers to choose whatever programming style they are comfortable with. As it is a variant of Python, developers who have experience in working on Python will not have much difficulty in learning it. Coconut code are compiled to Python code. Developers can access the Coconut compiler through its command-line utility, which also comes with an interpreter to enable real-time compilation. Additionally, it also supports the use of IPython/Jupyter notebooks. What are the Python version it supports? It supports these Python versions: >= 2.6 on the 2.x branch or >= 3.2 on the 3.x branch. To make Coconut built-ins universal across Python versions, it automatically overwrites Python 2 built-ins with their Python 3 counterparts. It also overwrites some Python 3 built-ins for optimization and enhancement purposes. If developers want to access the original Python versions of any overwritten built-ins, they can retrieve the old built-in by prefixing them with py_. pandas will drop support for Python 2 this month with pandas 0.24 Qt for Python 5.12 released with PySide2, Qt GUI and more Google researchers introduce JAX: A TensorFlow-like framework for generating high-performance code from Python and NumPy machine learning programs

Google’s secret operating system in the works and a potential Android replacement will use the Android runtime to run Android apps. On 2nd January, an evidence for the same was spotted by 9to5Google, who found a new change in the Android Open Source Project that will use a special version of ART to run Android applications. This feature would enable devices with Fuchsia —i.e. smart devices including mobile phones, tablets, computers, wearables, and other gadgets— to take advantage of Android apps in the Google Play Store. Last month, the same site had reported two new Fuchsia-related repositories that were added to the Android Open Source Project (AOSP) manifest: “platform/prebuilts/fuchsia_sdk” and “device/google/fuchsia”. In a new change posted to Android’s Gerrit source code management, Google has included a README file that indicates what the latter repository is intended for: Source: 9to5Google The above snippet from the README file means that Fuchsia will use a specially designed version of the Android Runtime to run Android applications and installable on any Fuchsia device using a .far file. Google has not listed the exact details on how Fuchsia will use the Android Runtime. What we know about Project Fuchsia so far According to a Bloomberg report, Google engineers have been working on this project for the past two years in the hope that project Fuchsia will replace the now dominant Android operating system. Google started posting the code for this project 2 years before, and have been working on the project ever since. Fuchsia, is being designed to overcome the limitations of Android with better voice interactions and frequent security updates for devices. In the software code posted online, the engineers built encrypted user keys into the system to ensure  information is protected every time the software is updated. Bloomberg stated the main aim of designing Fuchsia- according to people familiar with the project- as ‘creating a single operating system capable of running all the company’s in-house gadgets’. These include devices like Pixel phones and smart speakers, as well as third-party devices relying on Android and other systems like Chrome OS. Some engineers also told Bloomberg that engineers that they want to embed Fuchsia on connected home devices, like  voice-controlled speakers, and then move on to larger machines such as laptops. Ultimately aspiring to swap in their system for Android. You can head over to ZDNet for more insights to this news. Alternatively, check out 9to5Google for more information on this announcement. Hacker duo hijacks thousands of Chromecasts and Google smart TVs to play PewDiePie ad, reveals bug in Google’s Chromecast devices! ‘Istio’ available in beta for Google Kubernetes Engine, will accelerate app delivery and improve microservice management Project Fi is now Google Fi, will support multiple Android based phones, offer beta service for iPhone  

The next version of the Python library, pandas 0.24.0 will not have support for Python 2. pandas is a popular Python library widely used for data manipulation and data analysis. It is used in areas like numerical tables and time series data. Jeff Reback, pandas maintainer Tweeted on Wednesday: https://twitter.com/jreback/status/1080603676882935811 Many major Python libraries removing Python 2 support One of the first tools to drop support for Python 2 was ipython in 2017. This was followed by matplotlib and more recently NumPy. Other popular libraries like scikit-learn and SciPy will also be removing support for Python 2 this year. IDEs like Spyder and Pythran are also included in the list. Python 2 support ending in 2020 Core Python developers will stop supporting Python 2 no later than the year 2020. This move is to control fragmentation and save on workforce for maintaining Python 2. Python 2 will no longer receive any new features and all support for it will cease next year. As stated on the official website: “2.7 will receive bugfix support until January 1, 2020. After the last release, 2.7 will receive no support.” Python 2 support was about to end in 2015 itself but was extended by five years considering the user base. Users seem to welcome the change to move forward as a comment on Hacker new says: “Time to move forward. Python 2 is so 2010.” NumPy drops Python 2 support. Now you need Python 3.5 or later. Python governance vote results are here: The steering council model is the winner NYU and AWS introduce Deep Graph Library (DGL), a python package to build neural network graphs

A few days ago, Alibaba Cloud announced the release of Mars, its tensor-based framework for large-scale data computation. Mars tensor provides a familiar interface like Numpy, which is a popular tool for most of the Python users such as mathematicians, engineers, etc. and the ones working in core scientific computing. Mars can also scale into a single machine, and scale out to a cluster with hundreds of machines. Users can simply install Mars tensor with the following code: import mars.tensor as mta = mt.random.rand(1000, 2000)(a + 1).sum(axis=1).execute() According to a Medium post by Synced, “Mars can simply tile a large tensor into small chunks and describe the inner computation with a directed graph, enabling the running of parallel computation on a wide range of distributed environments, from a single machine to a cluster comprising thousands of machines.” Xuye Qin, Alibaba Cloud Senior Engineer, bragged about Mars’ performance by stating, “Mars can complete the computation on a 2.25T-size matrix and a 2.25T-size matrix multiplication in two hours.” Unlike NumPy, Mars provides users with the ability to run matrix computation at a very large-scale. Alibaba developers carried out a simple experiment to test Mars’ performance. According to the graph below where NumPy (represented by a red cross at the upper left) lags far behind Mars tensors, which is successful in achieving ideal performance values. Source: Medium Mars supports a subset of NumPy interfaces, which include: Arithmetic and mathematics: +, -, *, /, exp, log, etc. Reduction along axes (sum, max, argmax, etc). Most of the array creation routines (empty, ones_like, diag, etc). Mars not only supports create array/tensor on GPU, but also supports create sparse tensor. Most of the array manipulation routines such as reshape, rollaxis, concatenate, etc. Basic indexing (indexing by ints, slices, newaxes, and Ellipsis) Fancy indexing along a single axis with lists or NumPy arrays, e.g. x[[1, 4, 8],:5] Universal functions for elementwise operations. Linear algebra functions including product (dot, matmul, etc.) and decomposition (cholesky, svd, etc.). To know more about Mars in detail, visit its official GitHub page. NumPy drops Python 2 support. Now you need Python 3.5 or later Google researchers introduce JAX: A TensorFlow-like framework for generating high-performance code from Python and NumPy machine learning programs Introducing numpywren, a system for linear algebra built on a serverless architecture

The Canadian top court has slammed Uber’s arbitration process allowing Uber drivers to turn to Canadian courts for resolving their disputes with Uber. According to Uber’s previous policy, Uber drivers and employees had to resolve their complaints through an international mediation process in the Netherlands which costed drivers US$14,500. In a rule released on Wednesday, a panel of three judges with the Court of Appeal for Ontario concluded that this arbitration clause in Uber’s driver services agreement was “unconscionable” and “invalid”. “It can be safely concluded that Uber chose this arbitration clause in order to favour itself and thus take advantage of its drivers who are clearly vulnerable to the market strength of Uber,” the ruling said. Uber considers its drivers as contractual workers instead of employees and hence denies basic worker rights to them such as sick leaves and minimum wages. Drivers protested and proposed class-action lawsuit to declare drivers as employees, not independent contractors. They demanded minimum wage, overtime and vacation pay claiming $400 million in damages. Uber argued that this lawsuit can’t proceed in Canada due to the arbitration clause. A lower court agreed, but the panel of three appeal court judges reversed the decision. The court found this clause improper due to two reasons. First, it is an illegal contracting out of an employment standard under the Employment Standards Act. Second, the clause is immoral considering the inequality of bargaining power between Uber and its drivers. “This decision confirms that employment laws actually matter in Ontario, and that you cannot deprive workers of their legal rights under the Ontario Employment Standards Act by sending them 6,000 km overseas to enforce those rights at exorbitant personal cost,” told lawyer Lior Samfiru who represents the proposed class-action plaintiffs and a partner at Samfiru Tumarkin LLP to Financial Post. “I think the message here is for companies … if you’re going to operate in Ontario, if you’re going to operate in Canada, you have to abide by our laws,” Samfiru said. “You have to play by the same rules as everyone else.” Uber Canada has released a statement saying that it is currently reviewing the court’s decision and is “proud to offer a flexible earning opportunity to tens of thousands of drivers throughout Ontario.” This news first appeared on Financial Post. Uber to restart its autonomous vehicle testing, nine months after the fatal Arizona accident Uber manager warned the leadership team of the inadequacy of safety procedures in their prototype robo-taxis early March, reports The Information Uber fined by British ICO and Dutch DPA for nearly $1.2m over a data breach from 2016.

TXQR is a project for transferring data via animated QR codes. It is written in Go and uses fountain erasure codes. Ivan Daniluk, it’s creator and software engineer has shared his experience in building TXDR and also the results of using animated QR as a data transfer method. QR Codes QR codes, a type of visual encoding allows different error recovery levels, with almost 30% redundancy for the highest one. QR Version 40 allows to encode up to 4296 alphanumeric or 2953 binary symbols. But this gives rise to two major issues, firstly 3-4KB might just not be enough and secondly the more data in QR code, the better should be the quality and image resolution. But what if we need to transfer approximately ~15KB of data on the average consumer devices? Using animated QR codes with dynamic FPS and size changes could possibly work. The basic design of TXQR A client chooses the data to be sent and generates an animated QR code and shows it in the loop until all the frames are received by the reader. Encoding is designed properly such that it allows any particular order of frames, as well as dynamic changes in FPS. In case, the reader is slower then it can display a message “please decrease FPS on the sender.” Talking about the protocol, it is simply where each frame starts with a prefix “NUM/TOTAL|”, (where NUM and TOTAL are integer values for current and total frames respectively) and rest is the file content. Original data is encoded using Base64, so only alphanumeric data is actually encoded in QR. Gomobile To get .framework or .aar file to be included in your iOS or Android project one can write a standard Go code, then run gomobile bind. Users can refer to it as any regular library and get autocomplete and type information. Ivan has built a simple iOS QR scanner in Swift and modified it to read animated QR codes, fed the decoded chunks into txqr decoder and displayed received the file in a preview window. Fountain codes TXQR is used for unidirectional data transfer using an animated sequence of QR codes. The approach involved in TXQR included repeating the encoded sequence over and over until the receiver gets complete data. This led to long delays in case the receiver missed at least one frame. As per the article by Bojtos Kiskutya, LT ( Luby Transform) codes can yield much better results for TXQR. LT codes are one of the implementations of the family of codes called fountain codes. It’s a class of erasure codes that can easily produce a potentially infinite amount of blocks from the source message blocks (K). The receiver can receive blocks from any point, in any order, with any erasure probability. Fountain codes start as soon as  K+ different blocks are received. It is named as fountain code as the encoded blocks represent the fountain’s water drops. Fountain codes are easy and they solve critical problems as they harness the properties of randomness, mathematical logic and probability distribution tuning to achieve their goal. In this article we have covered TXQR’s basic design, basics of animated QR codes, Fountain codes, Gomobile etc. To know more about the experimentation in detail, check out Ivan’s Github. AWS introduces ‘AWS DataSync’ for automated, simplified, and accelerated data transfer Google, Microsoft, Twitter, and Facebook team up for Data Transfer Project MySQL Data Transfer using Sql Server Integration Services (SSIS)