Tech News

Last year, the US Commerce Department issued a notice named advance notice of proposed rulemaking (ANPRM) that lists some emerging technologies on which export controls will be employed. The list includes fourteen categories including AI, quantum computing, robotics, advanced materials, and advanced surveillance technologies, among others. This notice called for public opinion on the criteria according to which these emerging technologies will be identified that are essential to U.S. national security. The public was requested to submit their comments on or before December 19, 2018, which is now extended to January 10, 2019. After identifying an emerging or foundational technology based on public comments, the Commerce Department will be authorized under the Export Control Reform Act (ECRA) of 2018 to establish "appropriate controls" on "emerging and foundational technologies". Will employing export rules on emerging technologies be successful? A technology policy researcher at the Massachusetts Institute of Technology, R. David Edelman believes that it is nearly impossible to classify technologies in two categories: military or commercial. He told to the New York Times, “trying to draw a line between what is military and what is commercial is exceedingly difficult. It may be impossible.” Another point to note here is that the research on these ever dynamic technologies is often done by scientists and engineers collaboratively all over the world, so we cannot really claim that the product is entirely developed by America. Also, companies and other researchers working on these technologies open source their work in hopes that some other researcher will be able to further develop the tool or technology. This is why policy experts believe that these US restrictions will have very little effect on the progress of AI in China and other countries. The government is unlikely to restrict companies and universities from publishing results of their AI research. But Greg Jaeger, a lawyer at the law firm Stroock & Stroock & Lavan who deals with export controls told NYT that the government could restrict foreign access to that information. One of the Hacker News readers wondered, “I'm curious how export restrictions would affect open source projects like Tensorflow and PyTorch. Would they be forced to become closed source? Could the license just include a disclaimer: "You're not allowed to use this if you're in one of the following countries: ..."? Would sites like Gitlab and Github be forced to implement per-repo geoblocking? Could they somehow be moved to ownership by a non-American entity that wasn't subject to such code? Does a US citizen contributing to a non-US open source ML project constitute a breach of export controls?”. They could also put control over the export of cloud-computing technology and computer chips related to artificial intelligence. These restrictive rules can prevent researchers from other countries from working on certain technologies in the US. They would rather choose other countries such as Europe. “It might be easier for people to just do this stuff in Europe,” said Jason Waite, a lawyer with the firm Alston & Bird who specializes in international trade, in the NYT interview. Patreon speaks out against the protests over its banning Sargon of Akkad for violating its rules on hate speech Mozilla v. FCC: Mozilla challenges FCC’s elimination of net neutrality protection rules Twitter prepares for mid-term US elections, with stronger rules and enforcement approach to fight against fake accounts and other malpractices

Liz Fong-Jones has been a key figure in the politicization of Silicon Valley over the last 18 months. But the Developer Advocate at Google Cloud Platform revealed today (3rd January 2018) that she is to leave the company in February, citing Google's lack of leadership in response to the demands made by employees during the Google walkout in November 2018. Fong-Jones hinted that she had found another role before Christmas, writing on Twitter that she had found a new job: https://twitter.com/lizthegrey/status/1075837650433646593 That was confirmed today when Fong-Jones tweeted "Resignation letter is in. February 25 is my last day." Her new role hasn't yet been revealed, but it appears that she will be remain within SRE. She told one follower that she will likely be at SRECon in Dublin later in the year. https://twitter.com/lizthegrey/status/1080837397347221505 She made it clear that she had no issue with her team, stating that her decision to leave was instead "a reflection on what Google's become over the 11 years I've worked there." Why Liz Fong-Jones exit from Google is important Fong-Jones exit from Google doesn't reflect well on the company. If anything, it only serves to highlight the company's stubbornness. Despite months to respond to serious allegations of sexual harassment and systemic discrimination, there appears to be a refusal to acknowledge problems, let alone find a way forward to tackle them. From Fong-Jones perspective, it the move is probably as much pragmatic as it is symbolic. She spoke on Twitter of "burnout" at "doing what has to be done, as second shift work." https://twitter.com/lizthegrey/status/1080848586135560192 While there are clearly personal reasons for Fong-Jones to leave Google, because of her importance as a figure in conversations around tech worker rights and diversity, her exit will have significant symbolic power. It's likely that she'll continue to play an important part in helping tech workers - in Silicon Valley and elsewhere - organize for a better future, even as she aims to do "more of what you want to do".

The year 2018 proved to be interesting for the team at Thunderbird, a free email application, as they released the latest ESR, Thunderbird 60, which had improved security, stability, and the app’s interface. However, 2019 has some upgrades to Thunderbird’s calendar. With the new year, Thunderbird has come up with some interesting plans and is working towards bringing improvements to UI, Gmail support, notifications and much more. Let’s dive deeper into the plans and goals marked by the team at Thunderbird for this year. The roadmap towards making Thunderbird better Making Thunderbird faster than ever The team is working towards addressing technical debt, UI-slowness, and general performance issues across the application (Thunderbird). They will be focusing on methods for testing and measuring slowness and working on solutions to address the pain points. They will also be working on faster technologies in rewriting parts of Thunderbird and simultaneously will be working towards a multi-process Thunderbird. Better UI and Gmail support 2019 will mark improvements in Thunderbird’s UX/UI. The team plans to focus on integration improvements in various areas. They currently have plans for better Gmail support in mind, considering that it is one of the biggest Email providers, it would definitely make sense to work on this area. While addressing Gmail label support, Thunderbird is also ensuring that other features specific to the Gmail experience translate properly into Thunderbird. This will help Thunderbird become more native on each desktop and will make managing notifications from the app easier. The team also plans to work on encrypting email and ensuring secure communication in upcoming releases. They have plans for bringing architectural changes to support smoother operations. Better notifications (system integrated) The team is improving notifications in Thunderbird by integrating with each operating system’s built-in notification system. Earlier they worked towards unifying the implementation across platforms, but this was not completely finished and might get accomplished this year. The team might drop a lot of platform dependent implementations and unify the content production logic. Improvements to rewrite and mail filters Currently the filtering is synchronously done in C++ and might be changed to async JavaScript implementation this year. Filtering will be made contextual, which means the team will be adding the ability for pre-filter MIME processing so that filtering can work on a message representation instead of on the raw MIME. Thunderbird will be addressing the problem of not having filters on mobile and ensuring that the filter can sync up to the server. Calendar improvements In 2019, Thunderbird will remove the use of all calendar XPCOM components and will replace them with simple JavaScript classes. The calendar and tasks tabs will be self-contained and will be only using HTML. The Thunderbird UI integration will be changed so that most calendar features get visible once triggered. Improved .ics handling Thunderbird will now handle inline event display better. This year will bring improvements to invites in order to see the new event details before taking action. Users are excited about the upcoming development and have their share of suggestions. One of the users commented on HackerNews saying that he would want improved native CardDAV and CalDAV support, Native PGP and much more in the coming releases. Another user commented, “Full-text indexing for PGP mail would be nice too once it's native (Mailpile and CanaryMail helped pave the way on this I believe).” Read more about the updates expected in Thunderbird’s mailing list. Microsoft’s move towards ads on the Mail App in Windows 10 sparks privacy concerns Email and names of Amazon customers exposed due to ‘technical error’; number of affected users unknown LinkedIn used email addresses of 18M non-members to buy targeted ads on Facebook, reveals a report by DPC, Ireland

Blender, a free and open source 3D computer graphics software, celebrated its 25th birthday yesterday. Blender team celebrated the birthday by publishing a post that talked about the journey of blender from 1993 to 2018, taking a trip down the memory lane. Blender’s Journey (1994 - 2018) The Blender team states that during the 1993 Christmas Ton Roosendaal, creator of Blender started working on the Blender software, making use of the designs that he made during his 1993 course.                                                   Original design doc from 1993 The first blender version came to life on January 2nd, 1994 and used the subdivision-based windowing system working. This date has now been marked as Blender’s official Birthday and Roosendaal even has an old backup of this version on his SGI Indigo2 workstation. Blender was first released publicly online on 1st January 1998 as an SGI freeware. The Linux and Windows versions of Blender were released shortly after. In May 2002, Roosendaal started the non-profit Blender Foundation. The first goal for the Blender Foundation was to find a way to continue the development and promotion of Blender as a community-based open source project. https://www.youtube.com/watch?time_continue=164&v=8A-LldprfiE Blender's 25th birthday With the popularity of the internet in the early 2000s, the source code for Blender became available under GNU General Public License (GPL) on October 13th, 2002. This day marked Blender as the open source and free 3D creation software that we use till date. Blender team started “Project Orange” in 2005, that resulted in the world’s first and widely recognized Open Movie “Elephants Dream”. The success of the open movie project led to Roosendaal establishing the “Blender Institute” in summer 2007. Blender Institute has now become the permanent office and studio where the team organizes the Blender Foundation goals and facilitates the Open Projects related to 3D movies, games or visual effects. In early 2008, Roosendaal started the Blender 2.5 project, which was a major overhaul of the UI, tool definitions, data access system, event handling, and animation system. The main goal of the project was to bring the core of Blender to the contemporary interface standards as well as the input methods. The first alpha version for Blender 2.5 was presented on Siggraph 2009, with the final release of 2.5 getting published in 2011. In 2012, the Blender team put its focus on further developing and exploring a Visual Effect creation pipeline that included features such as motion tracking, camera solving, masking, grading and good color pipeline. Coming back to 2018, it was just last week when the Blender team released Blender 2.8 with a revamped user interface, high-end viewport, and other great features. Mozilla partners with Khronos Group to bring glTF format to Blender Building VR objects in React V2 2.0: Getting started with polygons in Blender Blender 2.5: Detailed Render of the Earth from Space

Yesterday, the USB Implementers Forum (USB-IF), the organization that supports the adoption of USB technology, launched a USB Type-C Authentication Program. The USB Type-C Authentication specification defines cryptographic-based authentication for USB Type-C chargers and devices. The USB Type-C has been introduced on leading notebooks, smartphones, and other connected devices as it allows faster data transfer and more power delivery than the widely deployed USB Type-A interface. These USB devices while being extremely helpful in the computing landscape have also introduced new risks that result from simply plugging in a malicious USB device. With the new authentication program, host systems can protect against non-compliant USB chargers and also mitigate risks from malicious firmware/hardware in USB devices that attempt to exploit a USB connection. The protocol also helps the host systems to confirm the authenticity of a USB device, USB cable or USB charger. All of this happens right at the moment a connection is made before inappropriate power or data can be transferred. USB-IF President and COO Jeff Ravencraft said, “USB-IF is excited to launch the USB Type-C Authentication Program, providing OEMs with the flexibility to implement a security framework that best fits their specific product requirements. As the USB Type-C ecosystem continues to grow, companies can further provide the security that consumers have come to expect from certified USB devices.” Characteristics of the USB Type-C Authentication program: A standard protocol for authenticating certified USB Type-C chargers, devices, cables, and power sources Support for authenticating over either USB data bus or USB Power Delivery communications channels Products that use the authentication protocol retain control over the security policies to be implemented and enforced Relies on 128-bit security for all cryptographic methods Includes accepted cryptographic methods for certificate format, digital signing, hash, and random number generation USB-IF selected DigiCert to manage the PKI and certificate authority services for the USB Type-C Authentication Program. Geoffrey Noakes, Vice President, IoT Business Development at DigiCert said, “DigiCert is excited to work with USB-IF and its CA Program Participants from the industry at large to provide the technical expertise and scale needed for the USB Type-C Authentication Program, and we look forward to implementation.” To know more about this news head over to the USB Type-C Authentication specification. Apple USB Restricted Mode: Here’s Everything You Need to Know According to a report, Microsoft plans for new 4K webcams featuring facial recognition to all Windows 10 devices in 2019 DragonFly BSD 5.4.1 released with new system compiler in GCC 8 and more  

Last year, GIMP 2.10 was released with an updated user interface, revamped color management, new transformation tools, and many more changes. Yesterday, the GIMP development team shared their further plans about GIMP 2.10.x and 3.0 releases. As per the announcement, GIMP 3.0 will support the latest GTK3 toolkit and have a much leaner code base. The GIMP 2.10.x releases will support HEIF images, simple horizon straightening, and new filters. With the release of GIMP 2.10, the team also revised their release schedule. The new features will now be developed on feature branches separately and then merged to the main branch once they are ready. This essentially means that developers need not wait for a new release for years, as there will be a new release every 1-2 months. Here is what we can expect in the GIMP 2.10.x and 3.0 releases: Smart colorization: A new feature called smart colorization will be introduced in 2.10.10, that will simplify filling inked sketches with color where areas are not completely closed. Support for extension management: To support extension management within GIMP they have started working on ZeMarmot project. With this feature, you will be able to search, install, uninstall, and update extensions. Under this project, developers will also focus on better canvas interactions, as well as animation support improvements, starting from merging existing work. Better performance: Async operations such as lazy loading of fonts has been introduced to improve the performance of GIMP. All the parallel processing in multiple threads has been moved over to GEGL. Space invasion: Previously, sRGB color space was hardcoded into all processing in GIMP. To change this, the team introduced some updates to support any RGB color spaces in the 2.10 release. Now, the master git branch of GIMP allows taking an image that is originally in any color space, processes it in a different color space, and outputs an image, which will be in original color space again. CMYK (Cyan, Magenta, Yellow, Key): GEGL now supports CMYK. It can now open a CMYK JPEG file, composite an RGB PNG file with an alpha channel on top of it, then write a CMYK TIFF file to the output. GIMP 2.10.10 will be released in January/February, and we can expect further 2.10.x releases throughout the year. This version will feature faster layer groups rendering, smart colorization, and various usability improvements. They are also planning to release the first unstable version 2.99.2 once the space invasion feature is complete, eventually leading up to version 3.0. GIMP gets $100K of the $400K donation made to GNOME Krita 4.1.3, a FOSS graphic editor for digital painting and animation, is now out!

On Wednesday, a hacker duo hijacked thousands of Google’s Chromecast streaming adapters, Google Home smart speakers and smart TVs with built-in Chromecast technology to play a video urging users to subscribe to Swedish Youtuber ‘PewDiePie's’ Youtube channel. The hacked smart TV’s also displayed a message on the similar lines. The hackers behind this hacking campaign --codenamed CastHack-- are known on Twitter as TheHackerGiraffe and j3ws3r. The attack took advantage of badly configured routers to find streaming devices exposed to the public internet. Once found, the hackers renamed the device’s Wi-Fi name, and then played a PewDiePie Youtube video. A website detailing the hack lists the statistics on the number of devices forced to play the video, total renamed devices, total exposed devices and much more. The website shared some of the information the hackers had access to, including “what WIFI your Chromecast/Google Home is connected to, what bluetooth devices it has paired to, how long it’s been on, what WiFi networks your device remembers, what alarms you have set, and much more.” However, they state that “We’re only trying to protect you and inform you of this before someone takes real advantage of it. Imagine the consequences of having access to the information above.” They further added that  “We want to help you, and also our favorite Youtubers (mostly PewDiePie)’. According to Variety, the attack was part of a marketing campaign- “Subscribe to PewDiePie”-that fans of the Swedish video-game streamer and vlogger have been engaged in since late last year. The goal of that campaign is to defeat the Indian Youtube channel T-Series for the title of ‘Youtube's most popular channel’ by gaining more subscribers than the latter. How did the attack take place? The attack exploited a Chromecast bug allegedly ignored by Google for almost five years. According to ZDNet, the ongoing CastHack takes advantage of users who use incorrectly configured routers that have the UPnP (Universal Plug'n'Play) service enabled, a service which forwards specific ports from the internal network on the Internet. The ports are 8008, 8009, and 8443, normally used by smart TVs, Chromecasts, and Google Home for various management functions. The streaming devices expose these ports on internal networks, where users can operate them by sending commands from their smartphones or computers to the devices for remote management purposes. Routers with incorrectly configured UPnP settings make these ports available on the internet. This allowed FriendlyH4xx0r to scan the entire internet for devices with these ports exposed. Once devices are identified, the hacker said another script renames the devices to "HACKED_SUB2PEWDS_#" and then tries to autoplay a video (now taken down by Youtube) to promote PewDiePie’s channel. A Google spokesperson, told Variety via email: “To restrict the ability for external videos to be played on their devices, users can turn off Universal Plug and Play (UPnP). Please note that turning off UPnP may disable some devices (e.g. printers, game consoles, etc.) that depend on it for local device discovery.” This is the second time that HackerGiraffe and j3ws3r have teamed up to promote PewDiePie’s channel. Both said they were behind a hack in November that forced printers around the world to print out sheets of paper telling people to subscribe to PewDiePie. https://twitter.com/maddybenavente1/status/1068017390246600704 You can head over to The Verge for more insights on this news. How IRA hacked American democracy using social media and meme warfare to promote disinformation and polarization: A new report to Senate Intelligence Committee 16 year old hacked into Apple’s servers, accessed ‘extremely secure’ customer accounts for over a year undetected Quora Hacked: Almost a 100 Million users’ data compromised!

Scratch 3.0 was released yesterday. Scratch is an environment aimed to teach basic programming logic to kids with blocks and cartoon-ish characters and scenes. Yesterday, Scratch 3.0 officially became a part of the Scratch online community. Scratch 3.0 new features There are various new sprites, backgrounds, and sounds for users to play with. A new extension library lets users add new sets of blocks that connect to hardware and software components to do more tasks with Scratch A new sound editor New programming blocks Support for tablets, hence the blocks in Scratch 3.0 are bigger Users can add collections of extra blocks the developers call ‘extensions’ Among existing blocks new ones are added for sound effects, operators to make string operations easier, new pen blocks and a new glide block to move a sprite. The paint editor has a new layout that increases the visibility of tools and options, an eraser tool, more color options, better control over vector points, more controls for ordering layers, and new gradient controls. With the sound editor in Scratch 3.0, you can now record sounds, trim audio with more ease, and explore new sound effects. General reactions to Scratch Comments from Hacker news are positive for Scratch: “Scratch is pretty great, and at least 3 of my kids constantly ask if they can play Scratch.” “Scratch (and similar programming environments) is a very successful way to introduce children to programming and I hope that it continues to do so.” Any of your old projects can be found at https://scratch.mit.edu/mystuff/. You can check out Scratch at the MIT website. Ruby 2.6.0 released with a new JIT compiler Python governance vote results are here: The steering council model is the winner NumPy drops Python 2 support. Now you need Python 3.5 or later.

Corona Labs announced yesterday that it’s making its free and cross-platform 2D game engine, Corona, available as open source under the GPLv3 license and commercial licenses. The license for builds and releases remains unchanged and the change applies only to the source code of the engine. Corona is a popular game engine for creating 2D games and apps for mobile, desktop systems, TV platforms, and the web. It is based on Lua language and makes use of over 1,000 built-in APIs and plugins, and Corona Native extensions (C/C++/Obj-C/Java). According to Vlad Sherban, product manager for Corona Labs, the Corona team had been discussing making Corona open source ever since it got acquired by Appodeal, back in 2017. “We believe that this move will bring transparency to the development process, and will allow users to contribute features or bug fixes to make the project better for everyone,” said Sherban. The team also mentions that transitioning to open source would help them respond quickly to market shifts and changes. It would also ensure that Corona stays relevant at all times for all mobile app developers. Moreover, now that Corona is open source, it will bring more visibility to the development process by letting users see what the engine team is working on and where the project is going. It will also offer extra benefits for businesses as they will be able to acquire a commercial license for source code and customize the engine for certain commercial projects. Additionally, Corona Labs won’t be collecting any statistics from apps built with daily build 2018.3454 or later. When Corona Labs was a closed source product, it used to collect basic app usage stats such as the number of sessions, daily average users, etc. With Corona available as open source now, there is no need to collect this data. “Powered by the new open source model and supported by the development of new features and bug fixes will make Corona more community driven — but not without our help and guidance --- going open source will provide confidence in the future of the engine and an opportunity to grow community involvement in engine development,” said Sherban. NVIDIA open sources its game physics simulation engine, PhysX, and unveils PhysX SDK 4.0 Microsoft open sources Trill, a streaming engine that employs algorithms to process “a trillion events per day” Facebook contributes to MLPerf and open sources Mask R-CNN2Go, its CV framework for embedded and mobile devices

Yesterday, Tim Cook, CEO Apple, wrote an open letter to Apple investors talking about why Apple missed it’s earnings target. They have also released a revised guidance for Apple’s fiscal 2019 first quarter, with Apple's revenue lower than what they had originally anticipated. The revised guidance states: Revenue of approximately $84 billion Gross margin of approximately 38 percent Operating expenses of approximately $8.7 billion Other income/(expense) of approximately $550 million Tax rate of approximately 16.5 percent before discrete items Cook has cited two major reasons for Apple’s revenue decline. First, supply constraints, that was responsible to block the sales of certain Apple products during Q1. This included Apple Watch Series 4, iPad Pro, AirPods and MacBook Air. Second, they had initially expected economic weakness in some emerging markets which turned to have a significantly greater impact than originally projected. The major economic weakness was observed in Greater China. Cook wrote, “most of our revenue shortfall to our guidance, and over 100 percent of our year-over-year worldwide revenue decline, occurred in Greater China across iPhone, Mac and iPad.” Traffic to Apple retail stores and channel partners in China also declined as the quarter progressed. He cited China’s government-reported GDP growth during the September quarter and the trade tensions of China with the United States as the major reasons for slow economic environment in China. Apart from Greater China, iPhone revenue also declined in some other developed countries due to weak iPhone upgrades. Cook said that macroeconomic challenges in these markets were a key contributor to this trend. However, he also added, “ fewer carrier subsidies, US dollar strength-related price increases, and some customers taking advantage of significantly reduced pricing for iPhone battery replacements”, as other factors impacting iPhone performance. On the positive side, Apple set a new record in China for Services revenue. Services generated over $10.8 billion in revenue during the quarter, with Apple on track to double the size of this business from 2016 to 2020. The installed base of devices also grew over the last year. Categories outside of iPhone (Services, Mac, iPad, Wearables/Home/Accessories) combined to grow almost 19 percent year-over-year. Their installed base of active devices grew by more than 100 million units in 12 months. Wearables also spiked with almost 50 percent growth year-over-year. This was attributed to new MacBook Air, Mac mini and the new iPad Pro. Apple Watch and AirPods were also wildly popular among holiday shoppers. For the future, Apple expects to set all-time revenue records in several developed countries and to report a new all-time record for Apple’s earnings per share. You may go through the entire letter from Tim Cook to Apple investors. Apple ups it’s AI game; promotes John Giannandrea as SVP of machine learning Apple’s security expert joins the American Civil Liberties Union (ACLU) Apple has quietly acquired privacy-minded AI startup Silk Labs, reports Information

At NeurIPS 2017, a group of Stanford and Google researchers presented a very intriguing study on how a neural network, CycleGAN learns to cheat. The researchers trained CycleGAN to transform aerial images into street maps, and vice versa. They found that the neural network learned to hide information about the original image inside the generated one in the form of a low-amplitude high-frequency signal, which almost appears to be noise. Using this information, the generator can then reproduce the original image and thus satisfy the cyclic consistency requirement. What is CycleGAN? CycleGAN is an algorithm for performing image-to-image translation where the neural network needs to learn the mapping between an input image and an output image with the help of a training set of aligned image pairs. What sets CycleGAN apart from other GAN algorithms is that it does not require paired training data. It translates images from a source domain X to a target domain Y without needing paired examples. How CycleGAN was hiding information? For the experiment, the researchers trained CycleGAN on a maps dataset that consisted of 1,000 aerial photographs X and 1,000 maps Y. After training for 500 epochs, the model produced two maps F : X → Y and G : Y → X that generated realistic samples from these image domains. While training the model, the researchers used an aerial photograph that was unseen by the network. The generated image was nearly identical to the source images. On closer inspection, the researchers observed that there are various details present in both the original aerial photograph and the aerial reconstruction that are not visible in the intermediate map, as shown in the following figure: Source: CycleGAN The network showed this result with nearly every aerial photograph, even when it was trained on datasets other than maps. After making this observation, the researchers concluded that CycleGAN is learning an encoding scheme in which it hides information about the aerial photograph within the generated map. What are the implications of this information hiding? The researchers highlighted that this property of encoding information can make this model vulnerable to adversarial attacks. The study showed that CycleGAN can reconstruct any aerial image from a specifically crafted map by starting gradient descent from an initial source map. Attackers can misuse this fact and cause one of the learned transformations to produce an image of their choice by perturbing any chosen source image. Also, if the developers are not careful and are not taking proper measures, their models may be collecting personal data under GDPR. How can these the attacks be avoided? The vulnerability of this model is caused by two reasons: cyclic consistency loss and the difference in entropy between two domains. The cyclic consistency loss can be modified to prevent such attacks. The entropy of one of the domains can be increased artificially by adding an additional hidden variable. The paper, ‘CycleGAN, a Master of Steganography’ grabbed attention when it was posted on Reddit and sparked a discussion. Many Redditors suggested a solution to this, and one of them said, “Adding nearly imperceptible gaussian noise between the cycles should be enough to prevent the CycleGAN from hiding information encoded in imperceptible high-frequency components: it forces it to encode all semantic information in whatever is able to survive low-amplitude gaussian noise (i.e. the visible low-frequency components, as we want/expect).” A recent work towards reducing this steganographic behavior is the introduction of Augmented CycleGAN, which learns many-to-many mappings between domains unlike CycleGAN which learns one-to-one mappings. To know more about this in detail, check out the paper: CycleGAN, a Master of Steganography. What are generative adversarial networks (GANs) and how do they work? [Video] Video-to-video synthesis method: A GAN by NVIDIA & MIT CSAIL is now Open source Generative Adversarial Networks: Generate images using Keras GAN [Tutorial]

Korean researchers have developed a GAN that can achieve image translation in challenging cases. Instance-aware GAN or InstaGAN as the authors call it can achieve image translation in various scenarios showing better results than CycleGAN in specific problems. It can swap pants with skirts and giraffes with sheeps. The system is designed by a student and an assistant professor from Korea Advanced Institute of Science and Technology and an assistant professor from the Pohang University of Science and Technology. They have published their results in a paper titled InstaGAN: Instance-Aware Image-to-Image Translation, last week. Systems that map images aren’t new but the authors of the paper say that they are the first to report image to image translation in multi-instance transfiguration tasks. The methods used in image to image translation before InstaGAN often failed in challenging cases, like multi-instance transfiguration where significant changes are involved. A multi-instance transfiguration task involves multiple individual objects present in an image. The objective here is to swap objects in an image without changing the background scene. InstaGAN uses the instance information such as object segmentation masks improving on the challenging areas for image to image transformation. The method showed in the paper translates an image as well as its instance attributes. They introduce a context-preserving loss, which encourages the network to learn the identity function outside the target instances. A sequential mini-batch training technique handles multiple instances when using a limited GPU memory. This also enhances the network to generalize better when multiple instances are involved. The researchers compared InstaGAN with CycleGAN and doubled the number of parameters for CycleGAN. This is done for a fair comparison as InstaGAN uses two networks for image and masks. In areas where CycleGAN fails, the new method generates ‘reasonable shapes’. InstaGAN preserves the background while making changes to the objects in images where CycleGAN is unable to maintain the original background. Source: InstaGAN: Instance-Aware Image-to-Image Translation The authors said that their ideas of using the set-structured side information have potential applications in other cross-domain generation tasks such as neural machine translation or video generation. For more details, examples of the model where images are swapped, check out the research paper. NVIDIA demos a style-based generative adversarial network that can generate extremely realistic images; has ML community enthralled Generative Adversarial Networks: Generate images using Keras GAN [Tutorial] What are generative adversarial networks (GANs) and how do they work? [Video]

Privacy International, a UK registered charity firm that promotes the right to privacy, released a report last week, that shows how popular Android apps (Qibla Connect, Period Tracker Clue, Indeed, My talking tom, etc) share user data with Facebook, despite not having a Facebook account. The report raises questions about transparency and use of important app data by Facebook. As per the report, Facebook uses Facebook Business tools to routinely track users, non-users and logged-out users outside its platform. App developers use Facebook software development Kit (SDK) to share data with Facebook. To track these data sharing practices, Privacy International used “mitmproxy” (interactive HTTPS proxy), a free and open source software tool to analyze the data sent to Facebook via 34 apps on Android. All of these apps were put to test between August and December 2018. The latest re-test was done between 3rd and 11th of December 2018. Findings from the analysis The report states that at least 61% of tested apps transferred data to Facebook the moment a user opened the app. It doesn’t matter whether a person has a Facebook account or not, or whether they are logged into Facebook or not. Privacy International found out that the data that gets transmitted first is “events data”. This kind of data tells Facebook that the Facebook SDK is initialized by transmitting data like "App installed” and "SDK Initialized". This data gives information that a specific app is being used by a user, every single time that user opens an app. It was found that apps that automatically transfer the data to Facebook share this data together with a unique identifier i.e. the Google advertising ID (AAID). These advertising IDs enable advertisers to link data about user behavior from different apps into a “comprehensive profile”, i.e. a clear and intimate picture of a person’s activities, interests, behaviors, and routines. This comprehensive profile can also reveal information about a person’s health or religion. The analysis also revealed that event data such as "App installed”, "SDK Initialized" and “Deactivate app” offer a detailed insight into the behavior of users and the apps that they use. Moreover, the report also revealed that some of the apps send data to Facebook that is highly detailed and sometimes sensitive. This data is often related to people who are either logged out of Facebook and even those with no Facebook account. The report states that Facebook’s Cookies Policy describes two ways where people with no Facebook account can control Facebook's use of cookies to show them ads. Privacy International analyzed both the ways and found out that it didn’t have much impact on the data sharing process. The report also mentions that the default implementation of the Facebook SDK automatically transmits event data to Facebook due to which many developers have filed bug reports, over the concerns that Facebook SDK shares user data without consent. After May 25th, 2018, when GDPR came into force, Facebook came out with a voluntary feature that enables developers to delay collecting logged events until they acquire user consent. Facebook responded to the report in an email saying that “Prior to our introduction of the ‘delay’ option, developers had the ability to disable transmission of automatic event logging data, except for a signal that the SDK had been initialized. Following the June change to our SDK, we also removed the signal that the SDK was initialized for developers that disabled automatic event logging.” However, Private International mentions that before this voluntary feature was released, many apps that used Facebook SDK in the Android ecosystem could not prevent or delay the SDK from automatically collecting and sharing that the SDK has been initialized. This data, in turn, informs Facebook about a user using a particular app, when they use it and for how long. “Without any further transparency from Facebook, it is impossible to know for certain, how the data that we have described in this report is being used. Our findings also raise a number of legal questions”, says Private International. For more information, check out the official Private International report. ProPublica shares learnings of its Facebook Political Ad Collector project Facebook halted its project ‘Common Ground’ after Joel Kaplan, VP, public policy, raised concerns over potential bias allegations NYT says Facebook has been disclosing personal data to Amazon, Microsoft, Apple and other tech giants; Facebook denies claims with obfuscating press release

Today, Reuters reported that Google has won an approval from U.S. regulators for deploying a radar-based motion sensing device known as project Soli. According to the report, the Federal Communications Commission (FCC) specified in an order late on Monday that it will grant Google a waiver for operating the Soli sensors at higher power levels than currently allowed. The FCC said, “the decision will serve the public interest by providing for innovative device control.” These Soli sensors help in capturing motion in 3D space with a radar beam for enabling touchless control of functions that help users with mobility and speech impairments. According to Google, the Soli sensor can allow users to press an invisible button between the thumb and index fingers or a virtual dial that turns by rubbing a thumb against the index finger. Google says“even though these controls are virtual, the interactions feel physical and responsive”, as the feedback is generated by the haptic sensation of fingers touching. According to Google, the virtual tools can approximate the precision of natural human hand motion and the Soli sensor can be embedded in wearables, computers, phones, and vehicles including aircraft. Last year in March, Google asked the FCC to allow its short-range interactive motion-sensing Soli radar to operate in the 57 to 64 GHz frequency band at power levels consistent with European Telecommunications Standards Institute standards. In July, Facebook Inc raised concerns that the Soli sensors operating in the spectrum band at higher power levels might have issues coexisting with other technologies. In September, post the discussions, Reuters writes, Google and Facebook collectively told the FCC agreeing that the sensors could operate at higher than currently allowed power levels without interference. In September, Facebook told FCC that it expected a “variety of use cases to develop with respect to new radar devices, including Soli.” Users are excited about this news and are appreciating Google’s efforts towards experimenting something new. One user commented on HackerNews, “Go big or go home. That's one thing I like about Google/Alphabet. Not being afraid to try completely new things outside the normal comfort zone of their traditional product space, and aiming for the most radical potentially game-changing ones at that.” Another user commented on Reddit, “Will be interesting to see if this makes it into new watches/phones by the end of the year.” This news was first reported by  Reuters. Google Cloud releases a beta version of SparkR job types in Cloud Dataproc Google shares initiatives towards enforcing its AI principles; employs a formal review structure for new projects France to levy digital services tax on big tech companies like Google, Apple, Facebook, Amazon in the new year  

Julia Reda, EU member of the parliament, announced, last week, that EU will be funding the internet bug bounty programs for 14 out of the total 15 open source projects, starting January 2019. The Internet Bug Bounty programs are rewards for friendly hackers who actively search for security vulnerabilities and issues. The program is managed by a group of volunteers that are selected from the security community. The amount of the bounty depends on how severe the issue uncovered is and the importance of the software. The amount ranges from 25,000,00 Euros and all the way up to 89,000,00 Euros. The 14 open source projects include: Filezilla Apache Kafka Notepad++ PuTTY VLC media player FLUX TL KeePass 7-zip Digital Signature services (DSS) Drupal GNU C library (glibc) The Symfony PHP framework Apache Tomcat WSO2 MidPoint. EU is sponsoring the bug bounty programs as a part of their third edition of the Free and Open Source Software Audit project (FOSSA). Reda mentions that FOSSA project that started in 2015, was an initiative to encourage promotion of free and open source software. “In 2014, security vulnerabilities were found in important Free Software projects. One of the issues was found in the Open Source encryption library OpenSSL.The issue made lots of people realize how important Free and Open Source Software is for the integrity and reliability of the Internet and other infrastructure”, mentions Reda. People can contribute to the projects mentioned by EU by analyzing the software, and submitting any bugs or issues found in these software on bug bounty platforms such as Hackerone and Intigriti/Deloitte. For more information, check out Julia Reda’s official blog post. Mozilla funds winners of the 2018 Creative Media Awards for highlighting unintended consequences of AI in society Airtable, a Slack-like coding platform for non-techies, raises $100 million in funding The ‘Flock’ program provides grants to Aragon teams worth $1 million