Search results for Dehancer Color
The TechBeat: Outlier Detection: What You Need to Know (5/7/2024)
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ## Outlier Detection: What You Need to Know By @nataliaogneva [ 4 Min read ] Decisions are usually based on the sample mean, which is very sensitive to outliers and can dramatically change the value. So, it is crucial to manage outliers Read More. Using the Stratification Method for the Experiment Analysis By @nataliaogneva [ 8 Min read ] Learn how to improve experiment efficiency and metric sensitivity through stratified sampling in data analysis. Read More. Using T-tests for Abnormal Data in AB Testing By @nataliaogneva [ 5 Min read ] Discover the truth about using t-tests in AB testing for abnormal distributions in the IT industry. Read More. Mastering the Craft of Transforming Data into Engaging Visual Narratives in User Interfaces By @hacker329546 [ 7 Min read ] As data volumes grow, mastering the art of translating data into captivating visual narratives becomes even more important. Read More. How to Build an End-to-End ML Platform By @zangzhiya [ 6 Min read ] In this paper, readers will find an overview roadmap to generating a strong ML system that starts from data management to streamline operations efficiently. Read More. The Evolution of Data Center Cooling: From Air-Based Methods to Free Cooling By @egorkaritskii [ 9 Min read ] Explore the benefits, challenges, and industry trends shaping the future of data center cooling. Read More. Human-centric Crisis Management: Nurturing Resilient Teams in Hi-tech Environments By @dmitbagdasaryan [ 6 Min read ] Leaning back on the principles of this methodology, I suggest the following steps for taking precautionary care of your subordinates to foster their robustness Read More. Empowering AWS DevOps With Python and Machine Learning By @ribeiro00jd7jt [ 7 Min read ] This article is a direct result of the thoughts I shared at a recent talk with the same title, where I dissected Python and its extensive ecosystem Read More. Tech and Tradition in Established Universes: Goldie Returns to Riverdale By @sarahevans [ 5 Min read ] Archie Comics writer Goldie Chan's latest comic, "BETTY & VERONICA FRIENDS FOREVER: FAIRY TALES”: ‘The Frumpy Duckling," showcases this fusion. Read More. Software Regression Testing: Enhanced Regression Strategy and Zero Defects By @shad0wpuppet [ 6 Min read ] Learn about Zero Defects and advanced regression testing strategies to enhance software quality and testing efficiency Read More. The Genies Tool Kit: Everything You Need to Know By @genies [ 9 Min read ] The Genies Tool Kit is grounded in two core pillars: the Avatar Framework and the Traits Framework Read More. What's the Fate of the S&P 500 if Rate Cuts Don't Happen in 2024? By @dmytrospilka [ 5 Min read ] The change in sentiment surrounding Wall Street has been palpable as stubborn inflation continues in its refusal to subside. Read More. Read Code Like a Hacker With the SAST By @matejsmycka [ 4 Min read ] Static application security testing (SAST) is a subset of static code analysis used to increase the security and reliability of the code. Read More. Data Modeling in Elasticsearch: Using Nested Queries and Parent-Child Relationships By @rocksetcloud [ 10 Min read ] Managing relationships in Elasticsearch can be challenging, but we have nested queries and parent-child relationships to work around it, and more. Read More. Simple Wonders of RAG using Ollama, Langchain and ChromaDB By @arjunrao1987 [ 9 Min read ] Maximize your query outcomes with RAG. Learn how to leverage Retrieval Augmented Generation for domain-specific questions effectively. Read More. Obinna Odirionye: How This Founder Is Reimagining Cloud Computing in 2024 By @jonstojanmedia [ 4 Min read ] Obinna Odirionye, CEO and creator of Clouddley, wants to democratize the cloud. Read More. How to Create a CI/CD Pipeline Using GitHub and AWS EC2 By @wesleybaxterhuber [ 6 Min read ] Creating a CI / CD Pipeline for a webservice on github connected to an AWS Ec2 server Read More. Unicorns Crafting the Infrastructure for a Digital Nomad Nation By @raysvitla [ 3 Min read ] Explore how startups like Deel, SafetyWing and BubbleSwitch build the infrastructure for the thriving digital nomad nation. Read More. Dopple.ai Overtakes Mainstream Competitors With Unfiltered, Unbiased AI Chatbots By @jonstojanmedia [ 2 Min read ] Dopple.ai is a free AI chatbot that lets you interact with virtual characters based on real and fictional people. Read More. E Money Network Is a MiCA-Compliant Blockchain: Here's Why It's a Big Deal By @jonstojanmedia [ 4 Min read ] Market in Crypto Assets (MiCA) is a framework that came into force in June 2023 to regulate the crypto market across Europe. Read More. 🧑💻 What happened in your world this week? It's been said that writing can help consolidate technical knowledge, establish credibility, and contribute to emerging community standards. Feeling stuck? We got you covered ⬇️⬇️⬇️ ANSWER THESE GREATEST INTERVIEW QUESTIONS OF ALL TIME We hope you enjoy this worth of free reading material. Feel free to forward this email to a nerdy friend who'll love you for it. See you on Planet Internet! With love, The HackerNoon Team ✌️
The TechBeat: Outlier Detection: What You Need to...
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat...
Source: Hacker Noon
Top 10 Favorite Google Sheets Features for Everyday Work
It's been a while since my last appearance, but I'm excited to be back and to share something truly special with you. In this article, we'll explore my top 10 Google Sheets features that are guaranteed to boost your productivity, speed up your workflow, and make your data handling more efficient. So, without further ado, let's dive into these game-changing tools! https://youtu.be/iHAvhGO0Df0?si=j6ePVf_Y5814jupV&embedable=true Autofill One of the simplest yet most effective features in Google Sheets is Autofill. Imagine you need to input numbers from 1 to 100—instead of typing each one, simply start the sequence, grab the blue dot at the corner of the cell, and drag down. Google Sheets will fill the rest for you. This works not just with numbers, but with days of the week and months of the year too, saving you a significant amount of time. Removing Whitespace and Duplicates When working with large datasets, cleaning up data is crucial. Google Sheets makes this easy with tools to eliminate unwanted whitespace and duplicates. Just select your range, use the "Trim whitespace" option under Data Cleanup, and voilà—clean, tidy cells. Similarly, the "Remove duplicates" feature ensures that only unique values remain, streamlining your data for better analysis. Alternating Colors Enhancing readability can significantly improve the way you interact with your data. The "Alternating colors" feature applies different colors to alternating rows, making your spreadsheet easier to read and reducing errors when reviewing large blocks of data. Embedding Sheets in Web Pages For those who wish to integrate Google Sheets with their websites, the ability to embed sheets is invaluable. Simply choose to embed your document, copy the provided HTML code, and paste it into your website. This allows you to display live, interactive data directly on your web pages. Data Validation for Dates Data integrity can be maintained by restricting input to certain types of data. For example, you can set a cell to only accept dates. This is done through data validation, where you select "Date" as the criteria, and Google Sheets will provide a handy date picker to ensure accuracy. Importing HTML Need to pull data from a webpage into your spreadsheet? The "ImportHTML" function is your friend. Just write the formula, specify the URL, and choose the table you wish to import. This feature not only saves time but also ensures you can quickly update your spreadsheet with the latest web data. Extracting Unique Values To identify unique entries from a range, the "Unique" function is perfect. It extracts distinct values from your selected range, allowing you to see just the unique information without any repeats. Quick Sheet Creation If you need to create a new spreadsheet quickly, just type "sheets.new" in your Chrome address bar. This shortcut instantly opens a new Google Sheet, helping you get to work right away without navigating through menus. Import Range Sometimes, you might need to share data from a spreadsheet without giving access to the entire file. "Import Range" allows you to import specific ranges from one Google Sheet to another, keeping the data synchronized without manual intervention. Google Translate in Sheets Google Sheets can even translate text directly within cells using the "Google Translate" function. Simply specify the cell, the source language, and the target language, and the translation updates in real-time. Bonus Tip Column Stats For data analysts, the "Column Stats" add-on provides quick statistical insights into data columns without needing to apply complex formulas. This tool is excellent for a high-level overview of data characteristics. Inserting Images in Cells A lesser-known but handy feature is the ability to insert images directly into cells. This functionality allows for a more organized display of visual data, which can be particularly useful for inventory lists, directories, and catalogs. I hope you find these tips helpful for making the most out of Google Sheets. If you enjoyed this article, please consider liking and sharing it. Your feedback is always welcome, so feel free to drop a comment below. Don't forget to subscribe for more useful content, and I look forward to seeing you in future articles! Thank you for your support and happy sheeting!
Top 10 Favorite Google Sheets Features for Everyday...
It's been a while since my last appearance, but I'm excited to be back and to share...
Source: Hacker Noon
The TechBeat: Mastering the Craft of Transforming Data into Engaging Visual Narratives in User Interfaces (5/5/2024)
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ## Mastering the Craft of Transforming Data into Engaging Visual Narratives in User Interfaces By @hacker329546 [ 7 Min read ] As data volumes grow, mastering the art of translating data into captivating visual narratives becomes even more important. Read More. How to Build an End-to-End ML Platform By @zangzhiya [ 6 Min read ] In this paper, readers will find an overview roadmap to generating a strong ML system that starts from data management to streamline operations efficiently. Read More. The Evolution of Data Center Cooling: From Air-Based Methods to Free Cooling By @egorkaritskii [ 9 Min read ] Explore the benefits, challenges, and industry trends shaping the future of data center cooling. Read More. Human-centric Crisis Management: Nurturing Resilient Teams in Hi-tech Environments By @dmitbagdasaryan [ 6 Min read ] Leaning back on the principles of this methodology, I suggest the following steps for taking precautionary care of your subordinates to foster their robustness Read More. Empowering AWS DevOps With Python and Machine Learning By @ribeiro00jd7jt [ 7 Min read ] This article is a direct result of the thoughts I shared at a recent talk with the same title, where I dissected Python and its extensive ecosystem Read More. Tech and Tradition in Established Universes: Goldie Returns to Riverdale By @sarahevans [ 5 Min read ] Archie Comics writer Goldie Chan's latest comic, "BETTY & VERONICA FRIENDS FOREVER: FAIRY TALES”: ‘The Frumpy Duckling," showcases this fusion. Read More. The Genies Tool Kit: Everything You Need to Know By @genies [ 9 Min read ] The Genies Tool Kit is grounded in two core pillars: the Avatar Framework and the Traits Framework Read More. Data Modeling in Elasticsearch: Using Nested Queries and Parent-Child Relationships By @rocksetcloud [ 10 Min read ] Managing relationships in Elasticsearch can be challenging, but we have nested queries and parent-child relationships to work around it, and more. Read More. Software Regression Testing: Enhanced Regression Strategy and Zero Defects By @shad0wpuppet [ 6 Min read ] Learn about Zero Defects and advanced regression testing strategies to enhance software quality and testing efficiency Read More. What's the Fate of the S&P 500 if Rate Cuts Don't Happen in 2024? By @dmytrospilka [ 5 Min read ] The change in sentiment surrounding Wall Street has been palpable as stubborn inflation continues in its refusal to subside. Read More. Will AI Be the End of Programmers? What Happens to the IT Industry? By @rusanov [ 6 Min read ] It has become particularly difficult for juniors to secure positions, and the situation is further exacerbated by mass layoffs and hiring freezes. Read More. Read Code Like a Hacker With the SAST By @matejsmycka [ 4 Min read ] Static application security testing (SAST) is a subset of static code analysis used to increase the security and reliability of the code. Read More. Obinna Odirionye: How This Founder Is Reimagining Cloud Computing in 2024 By @jonstojanmedia [ 4 Min read ] Obinna Odirionye, CEO and creator of Clouddley, wants to democratize the cloud. Read More. Understanding sync.Cond in Go: A Guide for Beginner's By @ivanlemeshev [ 9 Min read ] Understanding sync.Cond in Go that is a synchronization primitive used for coordinating goroutines by allowing them to wait for a specific condition. Read More. Unveiling the Architecture: Key Papers to Understand Distributed Systems! By @bhavdeepsethi [ 6 Min read ] Top papers on distributed systems; distributed system papers every software engineer should read. Read More. Enhancing Chemistry Learning with ChatGPT, Bing Chat, Bard, and Claude as Agents-to-Think-With By @textmodels [ 5 Min read ] Discover how GenAIbots like ChatGPT, Bing Chat, Bard, and Claude are transforming Chemistry education. Read More. Dopple.ai Overtakes Mainstream Competitors With Unfiltered, Unbiased AI Chatbots By @jonstojanmedia [ 2 Min read ] Dopple.ai is a free AI chatbot that lets you interact with virtual characters based on real and fictional people. Read More. How to Create a CI/CD Pipeline Using GitHub and AWS EC2 By @wesleybaxterhuber [ 6 Min read ] Creating a CI / CD Pipeline for a webservice on github connected to an AWS Ec2 server Read More. Unicorns Crafting the Infrastructure for a Digital Nomad Nation By @raysvitla [ 3 Min read ] Explore how startups like Deel, SafetyWing and BubbleSwitch build the infrastructure for the thriving digital nomad nation. Read More. USD is Milking BTC Big Time By @maken8 [ 4 Min read ] USG spends more debt dollars, BTC gains value. But capital gains shall be taxed so USG gets back the dollars it spent. Read More. 🧑💻 What happened in your world this week? It's been said that writing can help consolidate technical knowledge, establish credibility, and contribute to emerging community standards. Feeling stuck? We got you covered ⬇️⬇️⬇️ ANSWER THESE GREATEST INTERVIEW QUESTIONS OF ALL TIME We hope you enjoy this worth of free reading material. Feel free to forward this email to a nerdy friend who'll love you for it. See you on Planet Internet! With love, The HackerNoon Team ✌️
The TechBeat: Mastering the Craft of Transforming...
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat...
Source: Hacker Noon
The Noonification: Read Code Like a Hacker With the SAST (5/4/2024)
How are you, hacker? 🪐What's happening in tech this week: The Noonification by HackerNoon has got you covered with fresh content from our top 5 stories of the day, every day at noon your local time! Set email preference here. ## EigenLayer Airdrop Has Highlighted the Problems in the Crypto Market By @dariavolkova [ 6 Min read ] Eigen Layer airdrop illustrates a mismatch in users expectations and market conditions. Why is the community angry with the biggest Ethereum restaking platform Read More. Working With Wav2vec2 Part 1: Finetuning XLS-R for Automatic Speech Recognition By @pictureinthenoise [ 29 Min read ] Step-by-step guide on how to finetune wav2vec2 XLS-R for automatic speech recognition using a Spanish language training dataset. Read More. Read Code Like a Hacker With the SAST By @matejsmycka [ 4 Min read ] Static application security testing (SAST) is a subset of static code analysis used to increase the security and reliability of the code. Read More. 🧑💻 What happened in your world this week?It's been said that writing can help consolidate technical knowledge, establish credibility, and contribute to emerging community standards. Feeling stuck? We got you covered ⬇️⬇️⬇️ ANSWER THESE GREATEST INTERVIEW QUESTIONS OF ALL TIME We hope you enjoy this worth of free reading material. Feel free to forward this email to a nerdy friend who'll love you for it.See you on Planet Internet! With love, The HackerNoon Team ✌️
The Noonification: Read Code Like a Hacker With the...
How are you, hacker?
🪐What's happening in tech this week:
The Noonification...
Source: Hacker Noon
The TechBeat: Portfolio Management: All The Ways AI Is Transforming Modern Asset Strategies (5/3/2024)
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ## Portfolio Management: All The Ways AI Is Transforming Modern Asset Strategies By @kustarev [ 9 Min read ] The industry was highly impacted by AI in recent years, as machine learning and artificial intelligence have made predictive analytics more accurate. Read More. Step-by-Step Guide on How to Define Your Startup MVP and Save Time and Money By @fayanastasia [ 7 Min read ] This guide will help you identify the core features of your product, enabling you to avoid wasting time and money. Read More. Product Hypothesis Validation: Best Practices & Examples By @fayanastasia [ 9 Min read ] Follow these simple steps to clearly formulate your product hypothesis and test it quickly and affordably. Read More. 8 Factors To Pay Attention to When Pitching a Startup to an Investor By @fayanastasia [ 7 Min read ] The article explains 8 key factors that can help your startup get considered by investors, especially in the early stages. Read More. Exit Strategies For Tech Entrepreneurs: Knowing When And How To Sell By @fayanastasia [ 7 Min read ] An exit strategy is often developed at an early stage and outlined in a business plan so that investors understand how they will receive a return of investments Read More. Mastering the Craft of Transforming Data into Engaging Visual Narratives in User Interfaces By @hacker329546 [ 7 Min read ] As data volumes grow, mastering the art of translating data into captivating visual narratives becomes even more important. Read More. How to Build an End-to-End ML Platform By @zangzhiya [ 6 Min read ] In this paper, readers will find an overview roadmap to generating a strong ML system that starts from data management to streamline operations efficiently. Read More. The Evolution of Data Center Cooling: From Air-Based Methods to Free Cooling By @egorkaritskii [ 9 Min read ] Explore the benefits, challenges, and industry trends shaping the future of data center cooling. Read More. Human-centric Crisis Management: Nurturing Resilient Teams in Hi-tech Environments By @dmitbagdasaryan [ 6 Min read ] Leaning back on the principles of this methodology, I suggest the following steps for taking precautionary care of your subordinates to foster their robustness Read More. Tech and Tradition in Established Universes: Goldie Returns to Riverdale By @sarahevans [ 5 Min read ] Archie Comics writer Goldie Chan's latest comic, "BETTY & VERONICA FRIENDS FOREVER: FAIRY TALES”: ‘The Frumpy Duckling," showcases this fusion. Read More. Empowering AWS DevOps With Python and Machine Learning By @ribeiro00jd7jt [ 7 Min read ] This article is a direct result of the thoughts I shared at a recent talk with the same title, where I dissected Python and its extensive ecosystem Read More. The Genies Tool Kit: Everything You Need to Know By @genies [ 9 Min read ] The Genies Tool Kit is grounded in two core pillars: the Avatar Framework and the Traits Framework Read More. Data Modeling in Elasticsearch: Using Nested Queries and Parent-Child Relationships By @rocksetcloud [ 10 Min read ] Managing relationships in Elasticsearch can be challenging, but we have nested queries and parent-child relationships to work around it, and more. Read More. Software Regression Testing: Enhanced Regression Strategy and Zero Defects By @shad0wpuppet [ 6 Min read ] Learn about Zero Defects and advanced regression testing strategies to enhance software quality and testing efficiency Read More. Profilence & RemotiveLabs Set a New Benchmark in Infotainment Quality Testing By @pressreleases [ 3 Min read ] Profilence & RemotiveLabs set a new benchmark in infotainment quality testing: by combining user behavior with vehicle signals. Read More. Will AI Be the End of Programmers? What Happens to the IT Industry? By @rusanov [ 6 Min read ] It has become particularly difficult for juniors to secure positions, and the situation is further exacerbated by mass layoffs and hiring freezes. Read More. Unlocking DePIN Potential with StorX Network: Revolutionizing Decentralized Cloud By @pressreleases [ 3 Min read ] Unlocking DePIN Potential with StorX Network: Revolutionizing Decentralized Cloud Read More. ChangeNOW Set to Enhance Web3 Payments with Upcoming USDT Listing By @pressreleases [ 2 Min read ] ChangeNOW announces the upcoming listing of USDt on Telegram's TON Network, a collaboration with Tether that promises advancements in digital transactions. Read More. What's the Fate of the S&P 500 if Rate Cuts Don't Happen in 2024? By @dmytrospilka [ 5 Min read ] The change in sentiment surrounding Wall Street has been palpable as stubborn inflation continues in its refusal to subside. Read More. The #crypto-api Writing Contest by CoinGecko and HackerNoon By @hackernooncontests [ 2 Min read ] Join the #crypto-api Writing Contest by CoinGecko and HackerNoon. Stand a chance to win the 00 grand prize! Read More. 🧑💻 What happened in your world this week? It's been said that writing can help consolidate technical knowledge, establish credibility, and contribute to emerging community standards. Feeling stuck? We got you covered ⬇️⬇️⬇️ ANSWER THESE GREATEST INTERVIEW QUESTIONS OF ALL TIME We hope you enjoy this worth of free reading material. Feel free to forward this email to a nerdy friend who'll love you for it. See you on Planet Internet! With love, The HackerNoon Team ✌️
The TechBeat: Portfolio Management: All The Ways AI...
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat...
Source: Hacker Noon
Your Google Account allows you to create passkeys on your phone, computer and security keys
Sriram Karra and Christiaan Brand, Google product managersLast year, Google launched passkey support for Google Accounts. Passkeys are a new industry standard that give users an easy, highly secure way to sign-in to apps and websites. Today, we announced that passkeys have been used to authenticate users more than 1 billion times across over 400 million Google Accounts.As more users encounter passkeys, we're often asked questions about how they relate to security keys, how Google Workspace administrators can configure passkeys for the user accounts that they manage, and how they relate to the Advanced Protection Program (APP). This post will seek to clarify these topics.Passkeys and security keysPasskeys are an evolution of security keys, meaning users get the same security benefits, but with a much simplified experience. Passkeys can be used in the Google Account sign-in process in many of the same ways that security keys have been used in the past — in fact, you can now choose to store your passkey on your security key. This provides users with three key benefits:Stronger security. Users typically authenticate with passkeys by entering their device's screen lock PIN, or using a biometric authentication method, like a fingerprint or a face scan. By storing the passkey on a security key, users can ensure that passkeys are only available when the security key is plugged into their device, creating a stronger security posture.Flexible portability. Today, users rely on password managers to make passkeys available across all of their devices. Security keys provide an alternate way to use your passkeys across your devices: by bringing your security keys with you.Simpler sign-in. Passkeys can act as a first- and second-factor, simultaneously. By creating a passkey on your security key, you can skip entering your password. This replaces your remotely stored password with the PIN you used to unlock your security key, which improves user security. (If you prefer to continue using your password in addition to using a passkey, you can turn off “Skip password when possible” in your Google Account security settings.)Passkeys bring strong and phishing-resistant authentication technology to a wider user base, and we're excited to offer this new way for passkeys to meet more user needs.Google Workspace admins have additional controls and choiceGoogle Workspace accounts have a domain level “Allow users to skip passwords at sign-in by using passkeys” setting which is off by default, and overrides the corresponding user-level configuration. This retains the need for a user's password in addition to presenting a passkey. Admins can also change that setting and allow users to sign-in with just a passkey.When the domain-level setting is off, end users will still see a “use a security key” button on their “passkeys and security keys” page, which will attempt to enroll any security key for use as a second factor only. This action will not require the user to set up a PIN for their security key during registration. This is designed to give enterprise customers who have deployed legacy security keys additional time to make the change to passkeys, with or without a password.Passkeys for Advanced Protection Program (APP) usersSince the introduction of passkeys in 2023, users enrolled in APP have been able to add any passkey to their account and use it to sign in. However users are still required to present two security keys when enrolling into the program. We will be updating the enrollment process soon to enable a user with any passkey to enroll in APP. By allowing any passkey to be used (rather than only hardware security keys) we expect to reach more high risk users who need advanced protection, while maintaining phishing-resistant authentication.
Your Google Account allows you to create passkeys...
Sriram Karra and Christiaan Brand, Google product managersLast year, Google launched...
Source: Google Online Security Blog
Ex-NSA employee sentenced to 262 months for attempting to transfer classified documents to Russia
A former U.S. NSA employee has been sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia. Jareh Sebastian Dalke (32), of Colorado Springs, is a former employee of the U.S. National Security Agency (NSA) who has been sentenced to nearly 22 years (262 months) in prison for attempting to […]
Ex-NSA employee sentenced to 262 months for attempting...
A former U.S. NSA employee has been sentenced to nearly 22 years in prison for attempting...
Source: Security Affairs
GenAIbots Explain Animated Representation of Water Molecules Undergoing Phase Changes
:::info Authors: (1) Renato P. dos Santos, CIAGE – Centre for Generative Artificial Intelligence in Cognition and Education. ::: Table of Links Abstract and Introduction Materials And Methods Results and Analyses Prompts and generated texts Conceptualizing chemical reactions Deepening on understanding of chemical reactions Question about combustion Question about a graph of gases turning into water over time Question about the difference between atoms, molecules, and moles Deepening on the concept of mole Question about changing of state Question about an animated representation of water molecules undergoing phase changes Question about plasma, a state of matter Question about chemical bondings Question about illustration of chemical bonds Question about the essence of the type of chemical bonding Further analysis Conclusions Limitations of the study and possible future studies Author Contributions, Conflicts of interest, Acknowledgements, and References Question about an animated representation of water molecules undergoing phase changes P1*: hmmm. you made a nice graph before. Could you build something more dynamic than a static diagram, an animated representation of water molecules undergoing phase changes?* ChatGPT*: Got it! Creating an animated representation of water molecules undergoing phase changes requires defining the behavior of the molecules for each phase and then transitioning between these phases.* I'll follow these steps: 1. Represent the molecules as small circles. 2. Define their behavior in the solid phase. 3. Transition to the melting phase. 4. Define behavior in the liquid phase. 5. Transition to the boiling phase. 6. Define behavior in the gas phase. 7. Compile these animations into a continuous GIF. [Some internal code working] Here's the animated representation of water molecules undergoing phase changes: Here's the animated representation of water molecules undergoing phase changes: 1. Solid (Ice): Molecules are closely packed and vibrating in place. 2. Melting: Molecules start to move more freely but remain close. 3. Liquid (Water): Molecules move more fluidly and slide past each other. 4. Boiling: Molecules gain energy and move more rapidly. 5. Gas (Steam): Molecules spread out and move freely and rapidly. You can download the GIF here. [link provided] BingChat*: Sure, I can try to create an animated representation of water molecules undergoing phase changes. I found some web simulations that show how different types of molecules form a solid, liquid, or gas, and how they change their state when heat is added or removed [123]. Youcan also change the temperature or volume of a container and see a pressure-temperature diagram respond in real time [1]. These simulations might help you understand the molecular behavior of water in different phases.* Bard*: Sure. Here is a simple animated representation of water molecules undergoing phase changes:* [Animated GIF of water molecules undergoing phase changes] The animation shows two groups of water molecules. The group on the left is in the liquid phase, and the group on the right is in the gas phase. The animation starts with the water molecules in the liquid phase. The water molecules are close together and interacting with each other. As the animation progresses, some of the water molecules in the liquid phase gain enough energy to overcome the forces that are holding them together. These water molecules escape from the liquid phase and form the gas phase. The water molecules in the gas phase are far apart and not interacting with each other. The animation also shows how water molecules can condense from the gas phase to the liquid phase. When a water molecule in the gas phase loses energy, it can attract to other water molecules and form a liquid droplet. The animation can be used to illustrate the different phase changes of water, such as melting, boiling, evaporation, and condensation. I hope this is helpful! Claude*: Sure, animated visualizations can be really helpful for understanding dynamic processes like phase changes! Here is a simple animated illustration showing water molecules in different states:* In this animation: • The solid ice molecules are stationary and packed together • The liquid molecules flow and move closer together • The gas molecules bounce around freely at large distances To transition between states: • Heating causes more vigorous movement - melting ice or boiling water • Cooling causes slower movement - freezing water or condensing vapor Let me know if an animated illustration like this helps visualize the molecular differences between solids, liquids and gases! I can build more complex animations or use online tools to create interactive phase change simulations. Visuals can really aid understanding of physical chemistry concepts. ChatGPT was able to recur again to its Advanced Data Analysis resources to generate an animated GIF as an Instructional Strategies, which, albeit a bit simple and crude, sufficiently illustrated the “water molecules undergoing phase changes” to provide Engagement & Interactivity. Furthermore, crafting an original GIF could be seen as Personalization & Personable Touch. After promising “to create an animated representation”, BingChat opted to search the internet, offering links to “some web simulations” that “might help” understand the molecular behavior. This approach aligns with Instructional Strategies and Detail Depth & Content Recommendation. However, by leaning on pre-existing resources rather than crafting custom content, it could lessen the immediate Engagement & Interactivity and potentially diminish the Personalization & Personable Touch. Bard made an assurance to deliver “a simple animated representation” as a commitment to Instructional Strategies, Personalization & Personable Touch and Engagement & Interactivity, but this ultimately falls short as neither a visible animation nor a download link for such a GIF was provided. Meanwhile, while Claude acknowledges that “Visuals can really aid understanding” and “animated visualizations can be really helpful” as Instructional Strategies, its attempt was limited to the of a static image, devoid of the requested animation or dynamic representation and lessening Engagement & Interactivity and Detail Depth & Content Recommendation. :::info This paper is available on arxiv under CC BY-SA 4.0 DEED license. :::
Molecules Molecules Undergoing Phase Undergoing Phase Water Molecules
GenAIbots Explain Animated Representation of Water...
:::info
Authors:
(1) Renato P. dos Santos, CIAGE – Centre for Generative Artificial...
Source: Hacker Noon
SysWings - Cloud & Managed services
Founded in 2017 to support startups in their IT strategy, in France and abroad, SysWings has extended its activities to the cloud and managed services. The team is made up of heterogeneous profiles, mixing employees and consultants, scaled according to your projects.
SysWings - Cloud & Managed services
Founded in 2017 to support startups in their IT strategy, in France and abroad,...
Detecting browser data theft using Windows Event Logs
Posted by Will Harris, Chrome Security Team .code { font-family: "Courier New", Courier, monospace; font-size: 11.8px; font-weight: bold; background-color: #f4f4f4; padding: 2px; border: 1px solid #ccc; border-radius: 2px; white-space: pre-wrap; display: inline-block; line-height: 12px; } .highlight { color: red; } Chromium's sandboxed process model defends well from malicious web content, but there are limits to how well the application can protect itself from malware already on the computer. Cookies and other credentials remain a high value target for attackers, and we are trying to tackle this ongoing threat in multiple ways, including working on web standards like DBSC that will help disrupt the cookie theft industry since exfiltrating these cookies will no longer have any value. Where it is not possible to prevent the theft of credentials and cookies by malware, the next best thing is making the attack more observable by antivirus, endpoint detection agents, or enterprise administrators with basic log analysis tools. This blog describes one set of signals for use by system administrators or endpoint detection agents that should reliably flag any access to the browser's protected data from another application on the system. By increasing the likelihood of an attack being detected, this changes the calculus for those attackers who might have a strong desire to remain stealthy, and might cause them to rethink carrying out these types of attacks against our users. Background Chromium based browsers on Windows use the DPAPI (Data Protection API) to secure local secrets such as cookies, password etc. against theft. DPAPI protection is based on a key derived from the user's login credential and is designed to protect against unauthorized access to secrets from other users on the system, or when the system is powered off. Because the DPAPI secret is bound to the logged in user, it cannot protect against local malware attacks — malware executing as the user or at a higher privilege level can just call the same APIs as the browser to obtain the DPAPI secret. Since 2013, Chromium has been applying the CRYPTPROTECT_AUDIT flag to DPAPI calls to request that an audit log be generated when decryption occurs, as well as tagging the data as being owned by the browser. Because all of Chromium's encrypted data storage is backed by a DPAPI-secured key, any application that wishes to decrypt this data, including malware, should always reliably generate a clearly observable event log, which can be used to detect these types of attacks. There are three main steps involved in taking advantage of this log: Enable logging on the computer running Google Chrome, or any other Chromium based browser. Export the event logs to your backend system. Create detection logic to detect theft. This blog will also show how the logging works in practice by testing it against a python password stealer. Step 1: Enable logging on the system DPAPI events are logged into two places in the system. Firstly, there is the 4693 event that can be logged into the Security Log. This event can be enabled by turning on "Audit DPAPI Activity" and the steps to do this are described here, the policy itself sits deep within Security Settings -> Advanced Audit Policy Configuration -> Detailed Tracking. Here is what the 4693 event looks like: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
 <System>
 <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{...}" />
 <EventID>4693</EventID>
 <Version>0</Version>
 <Level>0</Level>
 <Task>13314</Task>
 <Opcode>0</Opcode>
 <Keywords>0x8020000000000000</Keywords>
 <TimeCreated SystemTime="2015-08-22T06:25:14.589407700Z" />
 <EventRecordID>175809</EventRecordID>
 <Correlation />
 <Execution ProcessID="520" ThreadID="1340" />
 <Channel>Security</Channel>
 <Computer>DC01.contoso.local</Computer>
 <Security />
 </System>
 <EventData>
 <Data Name="SubjectUserSid">S-1-5-21-3457937927-2839227994-823803824-1104</Data>
 <Data Name="SubjectUserName">dadmin</Data>
 <Data Name="SubjectDomainName">CONTOSO</Data>
 <Data Name="SubjectLogonId">0x30d7c</Data>
 <Data Name="MasterKeyId">0445c766-75f0-4de7-82ad-d9d97aad59f6</Data>
 <Data Name="RecoveryReason">0x5c005c</Data>
 <Data Name="RecoveryServer">DC01.contoso.local</Data>
 <Data Name="RecoveryKeyId" />
 <Data Name="FailureId">0x380000</Data>
 </EventData>
</Event> The issue with the 4693 event is that while it is generated if there is DPAPI activity on the system, it unfortunately does not contain information about which process was performing the DPAPI activity, nor does it contain information about which particular secret is being accessed. This is because the Execution ProcessID field in the event will always be the process id of lsass.exe because it is this process that manages the encryption keys for the system, and there is no entry for the description of the data. It was for this reason that, in recent versions of Windows a new event type was added to help identify the process making the DPAPI call directly. This event was added to the Microsoft-Windows-Crypto-DPAPI stream which manifests in the Event Log in the Applications and Services Logs > Microsoft > Windows > Crypto-DPAPI part of the Event Viewer tree. The new event is called DPAPIDefInformationEvent and has id 16385, but unfortunately is only emitted to the Debug channel and by default this is not persisted to an Event Log, unless Debug channel logging is enabled. This can be accomplished by enabling it directly in powershell: $log = `
 New-Object System.Diagnostics.Eventing.Reader.EventLogConfiguration `
 Microsoft-Windows-Crypto-DPAPI/Debug
$log.IsEnabled = $True
$log.SaveChanges()
 Once this log is enabled then you should start to see 16385 events generated, and these will contain the real process ids of applications performing DPAPI operations. Note that 16385 events are emitted by the operating system even for data not flagged with CRYPTPROTECT_AUDIT, but to identify the data as owned by the browser, the data description is essential. 16385 events are described later. You will also want to enable Audit Process Creation in order to be able to know a current mapping of process ids to process names — more details on that later. You might want to also consider enabling logging of full command lines. Step 2: Collect the events The events you want to collect are: From Security log: 4688: "A new process was created." From Microsoft-Windows-Crypto-DPAPI/Debug log: (enabled above) 16385: "DPAPIDefInformationEvent" These should be collected from all workstations, and persisted into your enterprise logging system for analysis. Step 3: Write detection logic to detect theft. With these two events is it now possible to detect when an unauthorized application calls into DPAPI to try and decrypt browser secrets. The general approach is to generate a map of process ids to active processes using the 4688 events, then every time a 16385 event is generated, it is possible to identify the currently running process, and alert if the process does not match an authorized application such as Google Chrome. You might find your enterprise logging software can already keep track of which process ids map to which process names, so feel free to just use that existing functionality. Let's dive deeper into the events. A 4688 event looks like this - e.g. here is Chrome browser launching from explorer: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
 <System>
 <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{...}" />
 <EventID>4688</EventID>
 <Version>2</Version>
 <Level>0</Level>
 <Task>13312</Task>
 <Opcode>0</Opcode>
 <Keywords>0x8020000000000000</Keywords>
 <TimeCreated SystemTime="2024-03-28T20:06:41.9254105Z" />
 <EventRecordID>78258343</EventRecordID>
 <Correlation />
 <Execution ProcessID="4" ThreadID="54256" />
 <Channel>Security</Channel>
 <Computer>WIN-GG82ULGC9GO.contoso.local</Computer>
 <Security />
 </System>
 <EventData>
 <Data Name="SubjectUserSid">S-1-5-18</Data>
 <Data Name="SubjectUserName">WIN-GG82ULGC9GO$</Data>
 <Data Name="SubjectDomainName">CONTOSO</Data>
 <Data Name="SubjectLogonId">0xe8c85cc</Data>
 <Data Name="NewProcessId">0x17eac</Data>
 <Data Name="NewProcessName">C:\Program Files\Google\Chrome\Application\chrome.exe</Data>
 <Data Name="TokenElevationType">%%1938</Data>
 <Data Name="ProcessId">0x16d8</Data>
 <Data Name="CommandLine">"C:\Program Files\Google\Chrome\Application\chrome.exe" </Data>
 <Data Name="TargetUserSid">S-1-0-0</Data>
 <Data Name="TargetUserName">-</Data>
 <Data Name="TargetDomainName">-</Data>
 <Data Name="TargetLogonId">0x0</Data>
 <Data Name="ParentProcessName">C:\Windows\explorer.exe</Data>
 <Data Name="MandatoryLabel">S-1-16-8192</Data>
 </EventData>
</Event>
 The important part here is the NewProcessId, in hex 0x17eac which is 97964. A 16385 event looks like this: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
 <System>
 <Provider Name="Microsoft-Windows-Crypto-DPAPI" Guid="{...}" />
 <EventID>16385</EventID>
 <Version>0</Version>
 <Level>4</Level>
 <Task>64</Task>
 <Opcode>0</Opcode>
 <Keywords>0x2000000000000040</Keywords>
 <TimeCreated SystemTime="2024-03-28T20:06:42.1772585Z" />
 <EventRecordID>826993</EventRecordID>
 <Correlation ActivityID="{777bf68d-7757-0028-b5f6-7b775777da01}" />
 <Execution ProcessID="1392" ThreadID="57108" />
 <Channel>Microsoft-Windows-Crypto-DPAPI/Debug</Channel>
 <Computer>WIN-GG82ULGC9GO.contoso.local</Computer>
 <Security UserID="S-1-5-18" />
 </System>
 <EventData>
 <Data Name="OperationType">SPCryptUnprotect</Data>
 <Data Name="DataDescription">Google Chrome</Data>
 <Data Name="MasterKeyGUID">{4df0861b-07ea-49f4-9a09-1d66fd1131c3}</Data>
 <Data Name="Flags">0</Data>
 <Data Name="ProtectionFlags">16</Data>
 <Data Name="ReturnValue">0</Data>
 <Data Name="CallerProcessStartKey">32651097299526713</Data>
 <Data Name="CallerProcessID">97964</Data>
 <Data Name="CallerProcessCreationTime">133561300019253302</Data>
 <Data Name="PlainTextDataSize">32</Data>
 </EventData>
</Event>
 The important parts here are the OperationType, the DataDescription and the CallerProcessID. For DPAPI decrypts, the OperationType will be SPCryptUnprotect. Each Chromium based browser will tag its data with the product name, e.g. Google Chrome, or Microsoft Edge depending on the owner of the data. This will always appear in the DataDescription field, so it is possible to distinguish browser data from other DPAPI secured data. Finally, the CallerProcessID will map to the process performing the decryption. In this case, it is 97964 which matches the process ID seen in the 4688 event above, showing that this was likely Google Chrome decrypting its own data! Bear in mind that since these logs only contain the path to the executable, for a full assurance that this is actually Chrome (and not malware pretending to be Chrome, or malware injecting into Chrome), additional protections such as removing administrator access, and application allowlisting could also be used to give a higher assurance of this signal. In recent versions of Chrome or Edge, you might also see logs of decryptions happening in the elevation_service.exe process, which is another legitimate part of the browser's data storage. To detect unauthorized DPAPI access, you will want to generate a running map of all processes using 4688 events, then look for 16385 events that have a CallerProcessID that does not match a valid caller – Let's try that now. Testing with a python password stealer We can test that this works with a public script to decrypt passwords taken from a public blog. It generates two events, as expected: Here is the 16385 event, showing that a process is decrypting the "Google Chrome" key. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
 <System>
 < ... >
 <EventID>16385</EventID>
 < ... >
 <TimeCreated SystemTime="2024-03-28T20:28:13.7891561Z" />
 < ... >
 </System>
 <EventData>
 <Data Name="OperationType">SPCryptUnprotect</Data>
 <Data Name="DataDescription">Google Chrome</Data>
 < ... >
 <Data Name="CallerProcessID">68768</Data>
 <Data Name="CallerProcessCreationTime">133561312936527018</Data>
 <Data Name="PlainTextDataSize">32</Data>
 </EventData>
</Event> Since the data description being decrypted was "Google Chrome" we know this is an attempt to read Chrome secrets, but to determine the process behind 68768 (0x10ca0), we need to correlate this with a 4688 event. Here is the corresponding 4688 event from the Security Log (a process start for python3.exe) with the matching process id: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
 <System>
 < ... >
 <EventID>4688</EventID>
 < ... >
 <TimeCreated SystemTime="2024-03-28T20:28:13.6527871Z" />
 < ... >
 </System>
 <EventData>
 < ... >
 <Data Name="NewProcessId">0x10ca0</Data>
 <Data Name="NewProcessName">C:\python3\bin\python3.exe</Data>
 <Data Name="TokenElevationType">%%1938</Data>
 <Data Name="ProcessId">0xca58</Data>
 <Data Name="CommandLine">"c:\python3\bin\python3.exe" steal_passwords.py</Data>
 < ... >
 <Data Name="ParentProcessName">C:\Windows\System32\cmd.exe</Data>
 </EventData>
</Event> In this case, the process id matches the python3 executable running a potentially malicious script, so we know this is likely very suspicious behavior, and should trigger an alert immediately! Bear in mind process ids on Windows are not unique so you will want to make sure you use the 4688 event with the timestamp closest, but earlier than, the 16385 event. Summary This blog has described a technique for strong detection of cookie and credential theft. We hope that all defenders find this post useful. Thanks to Microsoft for adding the DPAPIDefInformationEvent log type, without which this would not be possible.
Detecting browser data theft using Windows Event Logs...
Posted by Will Harris, Chrome Security Team
.code {
font-family: "Courier...
Source: Google Online Security Blog
Scaling Bitcoin On-Chain with Omnity
After five years of restless building in the cross-chain interoperability space, Octopus Network, the development team behind Omnity, has created a perfect, invisible omnichain hub that can connect any L1/L2/L3 and even ZK technology once it advances enough. Omnity's 100% end-to-end on-chain tech stack offers fast finality, fungible token persistence, and negligible user fees (even for Bitcoin.) n Omnity launches on April 28th with its first Bitcoin asset, Runes, on the Internet Computer. Omnity's ability to connect any chain without relying on centralized multi-sig or off-chain components adds unprecedented potential to Bitcoin's scalability, enabling Bitcoin Layer2 solutions. Bitcoin in the Spotlight Bitcoin's been in the spotlight this year — ETFs, Ordinals, Runes, and the Halving. The surge in NFT trading, fueled by the popularity of Ordinals and BRC-20 tokens, prompted Binance and other cryptocurrency exchanges to integrate Layer 2 solutions like the Lightning Network to sidestep network congestion. Binance eventually decided to cease support for Ordinals altogether because Bitcoin NFT transactions clogged the network, increasing fees and slowing processing times. The Runes initiative sought to draw more developers and conventional users to Bitcoin—and it worked. The launch of Runes triggered intensive activity on the Bitcoin network, crippling the network and boasting some outrageous transaction fees. Bitcoin miners blew past record daily transaction fees of million. Within the first 60 blocks following the halving, miners amassed 860.20 BTC, roughly million in transaction fees alone. Many view this as benevolent in compensating for miners for suffering the halving fee cut from 6.25 BTCto 3.125 BTC. However, Bitcoin's useability is the broader issue. Scaling Bitcoin Over the years, the multilevered challenge of scaling Bitcoin without compromising its inherent characteristics has continued to drive the development of many innovative projects, all contributing to our collective, open-source, voluminous history of head-banging against the blockchain trilemma. Every solution balances trade-offs between decentralization, security, and scalability. On Layers, SegWit, and Taproot The concept of "separate layers" to expand Bitcoin functionality was mentioned as far back as 2012 in the Colored Coins whitepaper, years before the Lightning Network was launched. So, the issue has been kicking around the block for over a decade (pun intended). The Lightning Network wouldn't work before SegWit. The security and functionality of its off-chain transactions depend on the immutability of on-chain transaction identifiers, leaving it open to attack while transaction malleability exists. SegWit was successfully activated in 2017, increasing available block space and addressing transaction malleability. Taproot, implemented in 2021, brought several enhancements that improved privacy, efficiency, and flexibility in scripting. The core of Taproot is the introduction of Schnorr Signatures, which allow for key and signature aggregation. This means multiple parties can combine their keys to a single public key, allowing them to sign a single message. (Schnorr Signatures come into play later in this discussion.) Taproot also introduced MAST (Merkelized Abstract Syntax Trees). Traditional Bitcoin scripts are bulky and fully expose the script upon transaction execution, compromising user privacy. MAST improves this by structuring the script as a binary Merkle tree, revealing only the essential parts needed for transactions, thereby boosting scalability and privacy. While Taproot's primary goal wasn't directly focused on enabling specific Layer 2 solutions, its introduced features could facilitate and improve various Layer 2 protocols and applications by enabling more complex smart contracts on Layer 2 solutions. Bitcoin Layer2s Technically, Bitcoin's Layer 2 solutions still need to be fully developed. Conceptually, Layer 2 solutions emerged in the Ethereum ecosystem. However, Bitcoin's Ecosystem has only two methods for expanding from L1. One is through ZK/BitVM technology, which represents a significant breakthrough. However, ZK Proofs aren't practical on Bitcoin yet. Another method involves leasing security, exemplified by Babylon, where some of Bitcoin's classic security is shared with other chains. (Strictly speaking, this second method isn't considered Bitcoin L2.) This is not to say that Bitcoin Layer 2 developers aren't hard at work. Building a Layer 2 that does not rely on off-chain components is incredibly difficult. So, when talking about Bitcoin L2s today, we refer to any execution environment primarily dealing with Bitcoin assets. They can be independent chains leveraging security leasing or even Ethereum L2s. Currently, the most active chains often derive their security not from Bitcoin but from Ethereum. Suppose they're connected to the Bitcoin ecosystem. In that case, they're considered execution chains for Bitcoin, while their mainnet is also responsible for asset issuance and settlement, akin to the relationship between central and commercial banks. What does Omnity bring to the Bitcoin community? Omnity establishes a trustless and highly secure asset bridge between Bitcoin's mainnet and Layer 2 solutions with a 100% end-to-end on-chain protocol stack. Omnity runs on the Internet Computer Protocol (ICP) and integrates Bitcoin's network into a specialized subnet within ICP, where all nodes are connected with the Bitcoin network via P2P. In this respect, Omnity is a Bitcoin Layer 2 enabler. To explain how the Omnity development team accomplished this, we need to take a step back. Who built Omnity? The development team behind Omnity has been tirelessly attacking interoperability issues for years. In line with our philosophy of a more open, secure, and fair Internet, the team, called cdot back then, adopted and built on IBC (Inter-Blockchain Communication), receiving a grant in 2020 from ICF to implement IBC on Substrate. Cdot rebranded to Octopus as we released our first product, a multi-chain network featuring shared security to Substrate-based appchains on NEAR Protocol. With substantial support from DCG, Electric Capital, NEAR Foundation, and dozens of leading venture capitalists, the Octopus mainnet launched in October 2021 and became the first Shared Security network, preceding Cosmos's Shared Security by just under two years. The Birth of a Perfect Invisible Hub As Octopus, we proposed Substrate IBC (ICS10) of the Cosmos IBC specification and have been its maintainer since. In 2023, we implemented the first Restaking AVS on NEAR, enabling users to directly restake from Octopus to Shared Security. Next, we proposed NEAR IBC ICS12, connecting NEAR to Cosmos. While pioneering a NEAR IBC light client, we chose the Internet Computer to test verification proxies. Then, we realized the Internet Computer was much more capable than we knew. We discovered that by leveraging ICP's unique capabilities, such as Chain Key cryptography and HTTPS Outcalls, we could fulfill IBC's unfinished ambition by presenting a perfect but invisible hub, leading to the interoperability endgame. Specific primitives of ICP's advanced technology allowed the Omnity team to solve some of IBC's stickiest limitations. A full discussion of this discovery is beyond the scope of this article but can be found here. The diagram below shows a high-level view of our modifications to IBC/TAO by applying ICP tech. TLDR: In the Omnity network, ICP smart contracts called Customs and Routes replace IBC's peg zones and light clients, respectively, and the browser/wallet takes over the job of the relayer. In Omnity, IBC's peg zones are replaced with ICP Customs smart contracts, eliminating the need for an independent security and incentive model. Smart contract runtime on the hub chain enables heterogeneous blockchain extensibility. Now, various types of light clients, in the form of smart contracts, can run on the hub to facilitate communication with different blockchains. Customs acts like a customs checkpoint by handling user asset locking and routing assets to various chains — connecting L1/L2/L3, or appchains. IBC light clients are replaced with ICP Route smart contracts in Omnity. Because Cosmos designed the Tendermint consensus (now CometBFT) with the IBC light client in mind, a ready-to-use on-chain light client existed for Cosmos SDK chains. This isn't true for other blockchains. In addition, light client verification isn't good enough for settlement chains, which are cornerstones of Omnity security — especially considering that some light clients, including Eth2, are not designed for high-stake use cases like bridges. Finally, the Omnity User's browser/wallet takes over for the relayer. ICP's reverse gas model allows Omnity to get rid of off-chain relayers. Users don't need to pay gas fees to interact with smart contracts on ICP. So, the User's front end takes the first half of the Relayer's work, relaying cross-chain messages from the source chain to ICP. Users don't need to install a wallet and hold $ICP beforehand. How Does Omnity Work with Bitcoin? Canisters are ICP smart contracts containing a program's code and state. Canisters can carry out complex computations, such as verifying a block header with hundreds of signatures or storing a few hundred GB of data on a chain, all at a very affordable cost, which is simply impossible on any other blockchain. ICP builds 100% on-chain end-to-end tech stacks, so its Bitcoin integration is similar to running a Bitcoin node on-chain. ICP is integrated with the Bitcoin network at the protocol level, maintaining BTC code for easy transitions and data consumption. Canisters can read and write to the Bitcoin network. The diagram below shows the Bitcoin Adapter and Bitcoin Canister, which have been live on the ICP mainnet for almost a year while Omnity built the other components. A dedicated Bitcoin subnet with each node runs a Bitcoin Adapter daemon and is independently connected with the Bitcoin p2p network. If a Canister wants to make a Bitcoin transaction, a request is sent to the Bitcoin subnet that hosts the Bitcoin Canister containing ICP's on-chain Bitcoin state. Once the subnet nodes reach consensus on a new Bitcoin block, the block is fed to Bitcoin Canister, a UTXO indexer that continuously updates a whole UTXO set. The request is then sent to the Bitcoin network through the Bitcoin Adapter and is processed by the Bitcoin Network asynchronously. Omnity BTI: The first fully on-chain Bitcoin Indexer Omnity will deploy the Bitcoin Token Indexer (BTI) parallel to the Bitcoin Canister to support BRC20, Runes, and other Bitcoin assets. Omnity BTI will be the world's first fully on-chain Bitcoin token indexer, facilitating the fully trustless transfer of Bitcoin tokens to other blockchains and strengthening Bitcoin's position as a universal settlement layer. What is ckBTC? ICP's Chain Fusion Technology enables ICP smart contracts to directly hold, receive, and send BTC and facilitate the creation of a ckBTC token that is backed 1:1 by BTC. However, the great value of chain-key tokens, like ckBTC, is that they can be transferred within seconds for a fraction of that cost on the token's native network. ICP's ckBTC is like a Bitcoin twin in that it shares Bitcoin's network state. It's an ICRC-2 token that is backed 1:1 by BTC held 100% on the mainnet, securely incorporating BTC into DeFi and Web3 services on the Internet Computer blockchain as if ICP and the Bitcoin network were one blockchain. Omnity is a BTC Layer2 Enabler for All Chains ICP's on-chain Bitcoin integration is essential because it brings smart contract functionality to Bitcoin, opening up new possibilities for DeFi and Dapp development without congesting the Bitcoin network and driving up transaction fees. Omnity will facilitate token transfers so tokens do not need to return to Bitcoin. They can be transferred to any chain connected to the ICP protocol fully on-chain with no witnesses or verifiers — the first fully on-chain token bridge. Omnity only incorporates a settlement chain when full-node security can be achieved. For now, Bitcoin, Ethereum, and ICP itself meet this standard. However, almost all blockchains, including various types of L2, can be connected with Omnity as execution chains. Meanwhile, any token issued on a connected settlement chain will have unparalleled cross-chain interoperability through Omnity without liquidity provisions. As discussed, Schnorr signatures allow for easy aggregation of multi-signatures and threshold signatures. ICP's recent announcement of the integration of threshold-Schnorr signatures will enable Canisters to obtain their own Schnorr public keys and addresses, request ICP to compute Schnorr signatures for arbitrary messages, and support both BIP-340 and Ed25519. This extends Omnity's scope of cross-chain assets trading to Ordinals and other asset types, along with future potential integrations with other chains that use Ed25519 variants, such as Solana, Polkadot, or Cardano. Omnity is Anti-Fragile and Future-Proof Omnity is a vast improvement over multi-signature or other external verification cross-chain bridges. It offers a trustless omnichain hub that enhances user experience and exhibits anti-fragileness against the vulnerabilities seen in centralized models. Skeptics of our IBC design might question the need for verification proxies and suggest relying solely on external verification cross-chain bridges instead. However, because IBC is an open, layered protocol, it allows for the continuous evolution of the verification layer while maintaining IBC interoperability. So, Omnity can seamlessly integrate future advancements, such as replacing the proxy client with a ZK verifier once the technology matures, without disrupting any existing applications. Omnity is poised to both keep pace with technological progress and lead it, ensuring that all connected blockchains can effectively function as Layer 2 solutions to Bitcoin. This vision for a secure, fully on-chain, cross-chain protocol underscores our dedication to adopting and advancing the best available technologies for Bitcoin scalability. Suzanne Leigh is the Editor of Omnity Network. This article was written in collaboration with Louis Liu, CEO and Founder of Omnity Network.
Scaling Bitcoin On-Chain with Omnity
After five years of restless building in the cross-chain interoperability space,...
Source: Hacker Noon
How I Tried to Automate Job Applications as a Software Engineer in Canada (and Failed)
Starting my job hunt in a new country felt like stepping into a massive library with no idea where to find the book I needed. Coming right after the neighboring country's violent invasion of Ukraine in 2022, I arrived with high hopes but quickly encountered a wall. The job market here was a whole new world, and my usual approach just wasn't cutting it. Friends and settlement organizations suggested trying online job boards such as Job Bank Canada and Indeed. The concept of Job Application Automation with a Human Touch I wasn't aiming to spam companies with my resume. Instead, I sought to automate certain aspects of the process to save time and target suitable jobs for me in a more personalized manner. Moreover, it wasn't solely about finding a job; it was also about learning how to use technology and AI, in particular. In sharing this story, I hope to inspire others to look at their challenges differently and maybe even find new ways to tackle them. Here's how I pieced it together, combining RSS feeds, server-side scripts, custom Chrome extensions, and the innovative use of AI to enrich data and personalize applications: Step 1: RSS for Job Listings Daily, a script on a Linux server I set up would fetch RSS feeds from Job Bank Canada, filtering opportunities based on my predefined keywords. It would store the data gathered into a cache file that another part of the system would work with later. This step appreciates the enduring value of RSS, allowing me and other old-school guys to stay updated with minimal effort. So a big special thank you to the services and platforms like Job Bank for maintaining it. Technologies used PHP PHP Simple XML Linux Bash Scripting Crontabs Step 2: The Manual Touch: Reviewing Matches Despite the automation intention, I chose to review the matches manually, ensuring that only the most relevant opportunities were considered, at least at the beginning. This blend of automation and personal oversight was enough to maintain quality in the job hunt. I figured out there were too many vague jobs that didn't sound legit to me. Technically, the script reads the cached file and displays the number of items found for each keyword. At first, I was copying job posting details manually, but I gave up doing so for each listing. Even so, sometimes the same position can be seen twice or more if it contains different keywords, so… Technologies used PHP Step 3: Crafting a Custom Chrome Extension Screenshot of the extracted data (link) ..to expedite the review process and eliminate duplicates, I developed a simple parsing Chrome extension. The details it captured included the position name, salary range, contact info, and other essential data. I opted to automate this aspect in later versions of the system and either discard or repurpose the extension. Once I obtained the data, if I deemed the listing worthwhile, a click would save it directly to a Google Spreadsheet. Initially, I didn't want to set up a separate database for this project. Therefore, this convenient and widely used Google product suited my needs, allowing me to maintain simplicity The extension: Install the extension View Github source code Technologies used Google Spreadsheets API Google Chrome's extension JavaScript Step 4: Enriching Data with Server-Side Scripts and AI I then enhanced my spreadsheet's listings using a server-side script to extract insights from employer websites, such as career page addresses, additional contact details, and social media links. More technical details were also gathered, like the server software and programming languages used. The major breakthrough came from integrating OpenAI's API, which summarized websites and classified industries, enriching each saved job listing with valuable context. To optimize OpenAI token usage, I trimmed the content to focus on the most relevant sections for analysis, avoiding excess from footers or irrelevant links. Technologies used PHP cURL Prompt Engineering OpenAI API Google Spreadsheets API Step 5: Personalizing Cover Letters and resumes objectives To avoid the impersonal nature of mass applications, I used OpenAI's API selectively to tailor cover letters, inserting placeholders for the company name, industry, and the software they utilize. When you know the product or service the company produces, you understand the value you may provide to it. That was the only way to stand out among other applicants who used the semi-cold outreach approach. This strategy demonstrated a genuine interest in each employer even if I visited the website automatically in less than a second. Technologies used OpenAI API PHP Step 6: Generating PDFs for Applications Aware of the limitations and risks associated with direct links in emails, I opted for a more conservative approach: converting resumes and cover letters into PDFs. Despite my preference for digital simplicity, the goal was to ensure my applications reached their destination with a reduced chance of being sidelined into spam folders or worse. The generated PDF files were cached on the server side and attached to my emails. Technologies used PHP DomPDF Ubuntu Linux JavaScript Step 7: Enhancing Communication and Email Dispatch After the initial steps of data enrichment and personalization, it is now time for the critical phase — communication. Upon selecting a potential opportunity, a predefined email template is loaded into a text area, ready for any final, personal touches. The interface was similar to Gmail's one, where email addresses and subject lines were populated automatically. I used the position name, my name, and the company name in the subject. Sometimes I had to visit the website of a company of my interest again to ensure I don't like or sound mistaken. Anyway, I reviewed and, if necessary, customized each message before proceeding. This part can be automated later too. At least I thought I would do so. To further avoid the stigma of automated spam, emails were dispatched at random intervals. This careful timing was designed to mimic human irregularity, reducing the likelihood of triggering spam filters and increasing the chance of email deliverability. Technologies used Gmail's SMTP CronJobs Water.css PHP Step 8: Refining Email opening Tracking Another gem of my job application toolkit was an email tracking system. I implemented a technique to outsmart tracker caching, subtly changing the tracking image's color scheme embedded in my email signature with each dispatch. This ensured each email open was uniquely recorded, triggering a script to log the activity directly into my Google Spreadsheet against the respective employer. This method provided precise insights into who engaged with my emails and how many times, significantly informing the effectiveness of my approach. While this tactic faced limitations with Gmail, it proved highly effective with other providers, particularly corporate ones. Technologies used cURL Google Spreadsheets API PHP Conclusion Sending each resume out of over 400 felt like giving away a great book to someone who's already received 400 others. The rare responses I got were like small beams of light—rare but motivating. Adding a tracking system helped me see if my book even stood out in the pile. It was a journey of patience, perseverance, and a personal test showing that job platforms like Job Bank might not be the best for IT jobs. It seems employers prefer traditional methods like recruiters, LinkedIn, or employee referrals. Automating my job search was a huge learning curve. It was more than just speeding up applications; it was about making technology an ally in a personal quest. By blending RSS feeds, a Chrome extension, AI, and clever email strategies, I made my job hunt more efficient yet personal. The experience taught me valuable lessons about using technology wisely and staying true to myself. It's not about replacing the personal touch with technology but enhancing it, showing that with the right approach, we can push beyond what we thought was possible.
How I Tried to Automate Job Applications as a Software...
Starting my job hunt in a new country felt like stepping into a massive library...
Source: Hacker Noon