Content Credentials (also known as C2PA signatures) are a digital media metadata specification. They aim to provide provenance information about a piece of media (such as an image or a video) and help prove its authenticity. They are described as the equivalent of nutrition labels for digital media. One of the stated goal of this specification is to fight online disinformation. The specification is written and maintained by the Coalition for Content Provenance and Authenticity (C2PA), a group of many media and tech organizations including Adobe, Amazon, the BBC, Google, Meta, Microsoft, OpenAI and Sony. Another organization, the Content Authenticity Initiative (CAI), is responsible for promoting the standard and accelerate its adoption. The standard relies on cryptographic digital signatures. == Adoption == There are two main stakeholders who can implement Content Credentials: Producers (softwares and hardwares that produce or modify digital media) and publishers (softwares that show digital media to users). === Producers === ==== Adobe ==== Adobe is one of the first companies to implement the specification, announcing support in Photoshop in 2021. Content Credentials can be enabled and the complete history of edits is kept. ==== Google ==== Google announced support for Content Credentials on its Pixel 10 phones in August 2025. The Content Credentials are embedded on each picture taken from the Pixel Camera, and modifications done using Google Photos. Information include picture timestamp and a non-identifiable signature that proves it was taken from a Pixel 10. As for Google Photos, a list of AI and non-AI edits are kept. Google is the first company to introduce support for Content Credentials on either phones or consumer-grade devices, and also the first company to make it available for free to all users. ==== Nikon ==== Nikon announced in 2024 that their Z6 III camera would support embedding Content Credentials in its photos. However, in 2025, a vulnerability was discovered in the software of the camera that allowed to combine unauthentic images with authentic photos and still have the resulting image with a valid digital signature. Nikon revoked the certificates. ==== Media organizations ==== CBC/Radio-Canada and the BBC both have started attaching Content Credentials to media they produce or verify. ==== OpenAI ==== OpenAI embeds Content Credentials on the images and videos it generates that includes that the media was created by AI using their platforms. ==== Sony ==== In June 2025, Sony announced the release of its Camera Verify system for press photographers and news editors using C2PA digital signatures. Initially, the system will be limited to still images, high‑end cameras, and selected news agencies. Registration with Sony Creators' Cloud is also required. === Publishers === ==== LinkedIn ==== In 2024, LinkedIn started showing a "CR" icon on images that contain Content Credentials of AI-generated images. In 2025, they announced a partnership with Adobe to allow photographers to prove ownership of images using Content Credentials. ==== TikTok ==== TikTok announced in 2024 that an "AI-generated" label would be applied to videos containing Content Credentials if they were AI-generated. In 2025, they announced that users could control the amount of AI-generated content they see, using self-reported labels, Content Credentials and an invisible, proprietary AI watermark embedded in videos by their AI editor tool. ==== YouTube ==== In 2024, YouTube started showing to users a label that reads "captured with a camera" on videos that show authentic, unedited videos taken by Content Credentials-compatible cameras.
Tensor glyph
In scientific visualization a tensor glyph is an object that can visualize all or most of the nine degrees of freedom, such as acceleration, twist, or shear – of a 3 × 3 {\displaystyle 3\times 3} matrix. It is used for tensor field visualization, where a data-matrix is available at every point in the grid. "Glyphs, or icons, depict multiple data values by mapping them onto the shape, size, orientation, and surface appearance of a base geometric primitive." Tensor glyphs are a particular case of multivariate data glyphs. There are certain types of glyphs that are commonly used: Ellipsoid Cuboid Cylindrical Superquadrics According to Thomas Schultz and Gordon Kindlmann, specific types of tensor fields "play a central role in scientific and biomedical studies as well as in image analysis and feature-extraction methods."
Mozilla VPN
Mozilla VPN is an open-source virtual private network developed by Mozilla. It launched in beta as Firefox Private Network on September 10, 2019, and officially launched on July 15, 2020, as Mozilla VPN. Mozilla VPN should not be confused with the built-in VPN in Firefox since version 149 released in March 2026, which is free with a monthly data limit of 50 GB but only masks traffic that originates in Firefox unlike Mozilla VPN that protects the entire device. == History == The Firefox Private Network web browser extension beta version was released on September 10, 2019, as part of the relaunch of Mozilla's Test Pilot Program, a program that allowed Firefox users to test experimental new features which had been shuttered in January 2019. The beta of the subscription-based standalone virtual private network for Android, Microsoft Windows, and Chromebook launched on February 19, 2020, with the iOS version following soon after. Firefox Private Network was rebranded as "Mozilla VPN" on June 18, 2020, and officially launched as Mozilla VPN on July 15, 2020. At launch, Mozilla VPN was available in six countries (the United States, Canada, the United Kingdom, Singapore, Malaysia, and New Zealand) for Windows 10, Android, and iOS (beta). Over time, the service also launched in Germany, France, Italy, Spain, Switzerland, Austria, Belgium, Netherlands, Ireland, Finland, Sweden, Poland, Czechia, Hungary, Romania, Bulgaria, Slovakia, Portugal, Denmark, Croatia, Lithuania, Slovenia, Latvia, Luxembourg, Estonia, Cyprus, and Malta. == Audits history == Cybersecurity firm Cure53 conducted a security audit for Mozilla VPN in August 2020 and identified multiple vulnerabilities, including one critical-severity vulnerability. In March 2021, Cure53 conducted a second security audit, which noted significant improvements since the 2020 audit. The second audit identified multiple issues, including two medium-severity and one high-severity vulnerability, but concluded that by the time of publication, only one vulnerability remained unresolved, and that it would require "a strong state-funded attacker-model" to be exploitable. Mozilla disclosed most of the vulnerabilities in July 2021 and released the full report by Cure53 in August 2021. In April 2023, Cure53 conducted a third security audit, the results of which Mozilla disclosed in December that year, along with the full report by Cure53. == Features == Mozilla VPN masks the user's IP address, hiding the user's location data from the websites accessed by the user, and encrypts all network activity. The service allows for up to 5 simultaneous connections, to any of more than 500 servers in 30+ countries, and is available on the mobile operating systems iOS and Android and the desktop operating systems Microsoft Windows, macOS and Linux. Mozilla VPN's infrastructure is provided by the Swedish Mullvad VPN service, which uses the WireGuard VPN protocol. The VPN software comes with additional features, like recommended server locations, the ability to block ads, block ad trackers and malware, the ability to exclude certain applications from protection, the ability to set multi-hop connections, and to set custom DNS servers. When used with Firefox and the official extension, Mozilla VPN allows the use of different settings per container as well as bypassing the VPN for specific websites.
Thunderspy
Thunderspy is a type of security vulnerability, based on the Intel Thunderbolt 3 port, first reported publicly on 10 May 2020, that can result in an evil maid (i.e., attacker of an unattended device) attack gaining full access to a computer's information in about five minutes, and may affect millions of Apple, Linux and Windows computers, as well as any computers manufactured before 2019, and some after that. According to Björn Ruytenberg, the discoverer of the vulnerability, "All the evil maid needs to do is unscrew the backplate, attach a device momentarily, reprogram the firmware, reattach the backplate, and the evil maid gets full access to the laptop. All of this can be done in under five minutes." The malicious firmware is used to clone device identities which makes classical DMA attack possible. == History == The Thunderspy security vulnerabilities were first publicly reported by Björn Ruytenberg of Eindhoven University of Technology in the Netherlands on 10 May 2020. Thunderspy is similar to Thunderclap, another security vulnerability, reported in 2019, that also involves access to computer files through the Thunderbolt port. == Impact == The security vulnerability affects millions of Apple, Linux and Windows computers, as well as all computers manufactured before 2019, and some after that. However, this impact is restricted mainly to how precise a bad actor would have to be to execute the attack. Physical access to a machine with a vulnerable Thunderbolt controller is necessary, as well as a writable ROM chip for the Thunderbolt controller's firmware. Additionally, part of Thunderspy, specifically the portion involving re-writing the firmware of the controller, requires the device to be in sleep, or at least in some sort of powered-on state, to be effective. Machines that force power-off when the case is open may assist in resisting this attack to the extent that the feature (switch) itself resists tampering. Due to the nature of attacks that require extended physical access to hardware, it's unlikely the attack will affect users outside of a business or government environment. == Mitigation == The researchers claim there is no easy software solution, and may only be mitigated by disabling the Thunderbolt port altogether. However, the impacts of this attack (reading kernel level memory without the machine needing to be powered off) are largely mitigated by anti-intrusion features provided by many business machines. Intel claims enabling such features would substantially restrict the effectiveness of the attack. Microsoft's official security recommendations recommend disabling sleep mode while using BitLocker. Using hibernation in place of sleep mode turns the device off, mitigating potential risks of attack on encrypted data.
Reflection (computer graphics)
Reflection in computer graphics is used to render reflective objects like mirrors and shiny surfaces. Accurate reflections are commonly computed using ray tracing whereas approximate reflections can usually be computed faster by using simpler methods such as environment mapping. Reflections on shiny surfaces like wood or tile can add to the photorealistic effects of a 3D rendering. == Approaches to reflection rendering == For rendering environment reflections there exist many techniques that differ in precision, computational and implementation complexity. Combination of these techniques are also possible. Image order rendering algorithms based on tracing rays of light, such as ray tracing or path tracing, typically compute accurate reflections on general surfaces, including multiple reflections and self reflections. However these algorithms are generally still too computationally expensive for real time rendering (even though specialized HW exists, such as Nvidia RTX) and require a different rendering approach from typically used rasterization. Reflections on planar surfaces, such as planar mirrors or water surfaces, can be computed simply and accurately in real time with two pass rendering — one for the viewer, one for the view in the mirror, usually with the help of stencil buffer. Some older video games used a trick to achieve this effect with one pass rendering by putting the whole mirrored scene behind a transparent plane representing the mirror. Reflections on non-planar (curved) surfaces are more challenging for real time rendering. Main approaches that are used include: Environment mapping (e.g. cube mapping): a technique that has been widely used e.g. in video games, offering reflection approximation that's mostly sufficient to the eye, but lacking self-reflections and requiring pre-rendering of the environment map. The precision can be increased by using a spatial array of environment maps instead of just one. It is also possible to generate cube map reflections in real time, at the cost of memory and computational requirements. Screen space reflections (SSR): a more expensive technique that traces rays come from pixel data.This requires the data of surface normal and either depth buffer (local space) or position buffer (world space).The disadvantage is that objects not captured in the rendered frame cannot appear in the reflections, which results in unresolved and or false intersections causing artefacts such as reflection vanishment and virtual image. SSR was originally introduced as Real Time Local Reflections in CryENGINE 3. == Types of reflection == Polished - A polished reflection is an undisturbed reflection, like a mirror or chrome surface. Blurry - A blurry reflection means that tiny random bumps, or microfacets, on the surface of the material causes the reflection to be blurry. Metallic - A reflection is metallic if the highlights and reflections retain the color of the reflective object. Glossy - This term can be misused: sometimes, it is a setting which is the opposite of blurry (e.g. when "glossiness" has a low value, the reflection is blurry). Sometimes the term is used as a synonym for "blurred reflection". Glossy used in this context means that the reflection is actually blurred. === Polished or mirror reflection === Mirrors are usually almost 100% reflective. === Metallic reflection === Normal (nonmetallic) objects reflect light and colors in the original color of the object being reflected. Metallic objects reflect lights and colors altered by the color of the metallic object itself. === Blurry reflection === Many materials are imperfect reflectors, where the reflections are blurred to various degrees due to surface roughness that scatters the rays of the reflections. === Glossy reflection === Fully glossy reflection, shows highlights from light sources, but does not show a clear reflection from objects. == Examples of reflections == === Wet floor reflections === The wet floor effect is a graphic effects technique popular in conjunction with Web 2.0 style pages, particularly in logos. The effect can be done manually or created with an auxiliary tool which can be installed to create the effect automatically. Unlike a standard computer reflection (and the Java water effect popular in first-generation web graphics), the wet floor effect involves a gradient and often a slant in the reflection, so that the mirrored image appears to be hovering over or resting on a wet floor.
Comparison of user features of messaging platforms
Comparison of user features of messaging platforms refers to a comparison of all the various user features of various electronic instant messaging platforms. This includes a wide variety of resources; it includes standalone apps, platforms within websites, computer software, and various internal functions available on specific devices, such as iMessage for iPhones. This entry includes only the features and functions that shape the user experience for such apps. A comparison of the underlying system components, programming aspects, and other internal technical information, is outside the scope of this entry. == Overview and background == Instant messaging technology is a type of online chat that offers real-time text transmission over the Internet. A LAN messenger operates in a similar way over a local area network. Short messages are typically transmitted between two parties when each user chooses to complete a thought and select "send". Some IM applications can use push technology to provide real-time text, which transmits messages character by character, as they are composed. More advanced instant messaging can add file transfer, clickable hyperlinks, Voice over IP, or video chat. Non-IM types of chat include multicast transmission, usually referred to as "chat rooms", where participants might be anonymous or might be previously known to each other (for example collaborators on a project that is using chat to facilitate communication). Instant messaging systems tend to facilitate connections between specified known users (often using a contact list also known as a "buddy list" or "friend list"). Depending on the IM protocol, the technical architecture can be peer-to-peer (direct point-to-point transmission) or client-server (an Instant message service center retransmits messages from the sender to the communication device). By 2010, instant messaging over the Web was in sharp decline, in favor of messaging features on social networks. The most popular IM platforms were terminated, such as AIM which closed down and Windows Live Messenger which merged into Skype. Instant messaging has since seen a revival in popularity in the form of "messaging apps" (usually on mobile devices) which by 2014 had more users than social networks. As of 2010, social networking providers often offer IM abilities. Facebook Chat is a form of instant messaging, and Twitter can be thought of as a Web 2.0 instant messaging system. Similar server-side chat features are part of most dating websites, such as OkCupid or PlentyofFish. The spread of smartphones and similar devices in the late 2000s also caused increased competition with conventional instant messaging, by making text messaging services still more ubiquitous. Many instant messaging services offer video calling features, voice over IP and web conferencing services. Web conferencing services can integrate both video calling and instant messaging abilities. Some instant messaging companies are also offering desktop sharing, IP radio, and IPTV to the voice and video features. The term "Instant Messenger" is a service mark of Time Warner and may not be used in software not affiliated with AOL in the United States. For this reason, in April 2007, the instant messaging client formerly named Gaim (or gaim) announced that they would be renamed "Pidgin". In the 2010s, more people started to use messaging apps on modern computers and devices like WhatsApp, WeChat, Viber, Facebook Messenger, Telegram, Signal and Line rather than instant messaging on computers like AIM and Windows Live Messenger. For example, WhatsApp was founded in 2009, and Facebook acquired in 2014, by which time it already had half a billion users. === Concepts === ==== Backchannel ==== Backchannel is the practice of using networked computers to maintain a real-time online conversation alongside the primary group activity or live spoken remarks. The term was coined in the field of linguistics to describe listeners' behaviours during verbal communication. (See Backchannel (linguistics).) The term "backchannel" generally refers to online conversation about the conference topic or speaker. Occasionally backchannel provides audience members a chance to fact-check the presentation. First growing in popularity at technology conferences, backchannel is increasingly a factor in education where WiFi connections and laptop computers allow participants to use ordinary chat like IRC or AIM to actively communicate during presentation. More recent research include works where the backchannel is brought publicly visible, such as the ClassCommons, backchan.nl and Fragmented Social Mirror. Twitter is also widely used today by audiences to create backchannels during broadcasting of content or at conferences. For example, television drama, other forms of entertainment and magazine programs. This practice is often also called live tweeting. Many conferences nowadays also have a hashtag that can be used by the participants to share notes and experiences; furthermore such hashtags can be user generated. == Features == Various platforms and apps are distinguished by their strengths and features in regards to specific functions. === Group messaging === === Official channels === Some apps include a feature known as "official channels" which allows companies, especially news media outlets, publications, and other mass media companies, to offer an official channel, which users can join, and thereby receive regular updates, published articles, or news updates from companies or news outlets. Two apps which have a large amount of such channels available are Line and Telegram. === Video group calls === == Basic default platforms == Basic platforms which are common across entire categories of mobile devices, computers, or operating systems. === SMS === SMS (short message service) is a text messaging service component of most telephone, Internet, and mobile device systems. It uses standardized communication protocols to enable mobile devices to exchange short text messages. An intermediary service can facilitate a text-to-voice conversion to be sent to landlines. SMS, as used on modern devices, originated from radio telegraphy in radio memo pagers that used standardized phone protocols. These were defined in 1985 as part of the Global System for Mobile Communications (GSM) series of standards. The first test SMS message was sent on December 3, 1992, when Neil Papwort, a test engineer for Sema Group, used a personal computer to send "Merry Christmas" to the phone of colleague Richard Jarvis. It commercially rolled out to many cellular networks that decade. SMS became hugely popular worldwide as a way of text communication. By the end of 2010, SMS was the most widely used data application, with an estimated 3.5 billion active users, or about 80% of all mobile phone subscribers. The protocols allowed users to send and receive messages of up to 160 characters (when entirely alpha-numeric) to and from GSM mobiles. Although most SMS messages are sent from one mobile phone to another, support for the service has expanded to include other mobile technologies, such as ANSI CDMA networks and Digital AMPS. Mobile marketing, a type of direct marketing, uses SMS. According to a 2018 market research report the global SMS messaging business was estimated to be worth over US$100 billion, accounting for almost 50 percent of all the revenue generated by mobile messaging. A Flash SMS is a type of SMS that appears directly on the main screen without user interaction and is not automatically stored in the inbox. It can be useful in emergencies, such as a fire alarm or cases of confidentiality, as in delivering one-time passwords. ==== Threaded SMS format ==== Threaded SMS is a visual styling orientation of SMS message history that arranges messages to and from a contact in chronological order on a single screen. It was first invented by a developer working to implement the SMS client for the BlackBerry, who was looking to make use of the blank screen left below the message on a device with a larger screen capable of displaying far more than the usual 160 characters, and was inspired by threaded Reply conversations in email. Visually, this style of representation provides a back-and-forth chat-like history for each individual contact. Hierarchical-threading at the conversation-level (as typical in blogs and on-line messaging boards) is not widely supported by SMS messaging clients. This limitation is due to the fact that there is no session identifier or subject-line passed back and forth between sent and received messages in the header data (as specified by SMS protocol) from which the client device can properly thread an incoming message to a specific dialogue, or even to a specific message within a dialogue. Most smart phone text-messaging-clients are able to create some contextual threading of "group messages" which narrows the context of the thread around the common interests shared by
Security.txt
security.txt is an accepted standard for website security information that allows security researchers to report security vulnerabilities easily. The standard prescribes a text file named security.txt in the well known location, similar in syntax to robots.txt but intended to be machine and human readable, for those wishing to contact a website's owner about security issues. security.txt files have been adopted by Google, GitHub, LinkedIn, and Facebook. == History == The Internet Draft was first submitted by Edwin Foudil in September 2017. At that time it covered four directives, "Contact", "Encryption", "Disclosure" and "Acknowledgement". Foudil expected to add further directives based on feedback. In addition, web security expert Scott Helme said he had seen positive feedback from the security community while use among the top 1 million websites was "as low as expected right now". In 2019, the Cybersecurity and Infrastructure Security Agency (CISA) published a draft binding operational directive that requires all US federal agencies to publish a security.txt file within 180 days. The Internet Engineering Steering Group (IESG) issued a Last Call for security.txt in December 2019 which ended on January 6, 2020. A study in 2021 found that over ten percent of top-100 websites published a security.txt file, with the percentage of sites publishing the file decreasing as more websites were considered. The study also noted a number of discrepancies between the standard and the content of the file. In April 2022 the security.txt file has been accepted by Internet Engineering Task Force (IETF) as RFC 9116. == File format == security.txt files can be served under the /.well-known/ directory (i.e. /.well-known/security.txt) or the top-level directory (i.e. /security.txt) of a website. The file must be served over HTTPS and in plaintext format.