Curious about the best AI text-to-video tool? An AI text-to-video tool is software that uses machine learning to help you get more done — it combines speed, accuracy, and an interface that just works. Hands-on testing shows real-world results vary, so a short free trial is the smartest way to decide. Whether you are a beginner or a pro, the right AI text-to-video tool slots into your workflow and pays for itself fast. Read on for hands-on impressions, pricing tiers, and the standout features that matter.
Function representation
Function Representation (FRep or F-Rep) is used in solid modeling, volume modeling and computer graphics. FRep was introduced in "Function representation in geometric modeling: concepts, implementation and applications" as a uniform representation of multidimensional geometric objects (shapes). An object as a point set in multidimensional space is defined by a single continuous real-valued function f ( X ) {\displaystyle f(X)} of point coordinates X [ x 1 , x 2 , . . . , x n ] {\displaystyle X[x_{1},x_{2},...,x_{n}]} which is evaluated at the given point by a procedure traversing a tree structure with primitives in the leaves and operations in the nodes of the tree. The points with f ( x 1 , x 2 , . . . , x n ) ≥ 0 {\displaystyle f(x_{1},x_{2},...,x_{n})\geq 0} belong to the object, and the points with f ( x 1 , x 2 , . . . , x n ) < 0 {\displaystyle f(x_{1},x_{2},...,x_{n})<0} are outside of the object. The point set with f ( x 1 , x 2 , . . . , x n ) = 0 {\displaystyle f(x_{1},x_{2},...,x_{n})=0} is called an isosurface. == Geometric domain == The geometric domain of FRep in 3D space includes solids with non-manifold models and lower-dimensional entities (surfaces, curves, points) defined by zero value of the function. A primitive can be defined by an equation or by a "black box" procedure converting point coordinates into the function value. Solids bounded by algebraic surfaces, skeleton-based implicit surfaces, and convolution surfaces, as well as procedural objects (such as solid noise), and voxel objects can be used as primitives (leaves of the construction tree). In the case of a voxel object (discrete field), it should be converted to a continuous real function, for example, by applying the trilinear or higher-order interpolation. Many operations such as set-theoretic, blending, offsetting, projection, non-linear deformations, metamorphosis, sweeping, hypertexturing, and others, have been formulated for this representation in such a manner that they yield continuous real-valued functions as output, thus guaranteeing the closure property of the representation. R-functions originally introduced in V.L. Rvachev's "On the analytical description of some geometric objects", provide C k {\displaystyle C^{k}} continuity for the functions exactly defining the set-theoretic operations (min/max functions are a particular case). Because of this property, the result of any supported operation can be treated as the input for a subsequent operation; thus very complex models can be created in this way from a single functional expression. FRep modeling is supported by the special-purpose language HyperFun. == Shape Models == FRep combines and generalizes different shape models like algebraic surfaces skeleton based "implicit" surfaces set-theoretic solids or CSG (Constructive Solid Geometry) sweeps volumetric objects parametric models procedural models A more general "constructive hypervolume" allows for modeling multidimensional point sets with attributes (volume models in 3D case). Point set geometry and attributes have independent representations but are treated uniformly. A point set in a geometric space of an arbitrary dimension is an FRep based geometric model of a real object. An attribute that is also represented by a real-valued function (not necessarily continuous) is a mathematical model of an object property of an arbitrary nature (material, photometric, physical, medicine, etc.). The concept of "implicit complex" proposed in "Cellular-functional modeling of heterogeneous objects" provides a framework for including geometric elements of different dimensionality by combining polygonal, parametric, and FRep components into a single cellular-functional model of a heterogeneous object.
GeForce RTX 50 series
The GeForce RTX 50 series of consumer graphics cards is the successor of Nvidia's GeForce 40 series. Announced at CES 2025, it debuted with the release of the RTX 5070, RTX 5080 and RTX 5090 in January 2025. It is based on Nvidia's Blackwell architecture featuring Nvidia RTX's fourth-generation RT cores for hardware-accelerated real-time ray tracing, and fifth-generation deep learning–focused Tensor Cores. The GPUs are manufactured by TSMC on a custom 4N process node. == Background == In March 2024, Nvidia announced the Blackwell architecture for its datacenter products. Like Ampere, the architecture is shared by consumer and datacenter products rather than having distinct architectures released simultaneously like Ada Lovelace for consumers and Hopper for datacenter. At the Game Awards in December 2024, a cinematic trailer for The Witcher IV was shown that had been pre-rendered on an "unannounced Nvidia GeForce RTX GPU". This was assumed to be an upcoming GeForce RTX 50 series GPU. Following the RTX 50 series announcement, Nvidia confirmed that the trailer was "pre-rendered in Unreal Engine 5 on a GeForce RTX 5090". Later in the same month, it was reported that Nvidia had begun stockpiling GeForce RTX 50 series units in U.S. warehouses due to a threatened 10% import tariff and 60% tariff on Chinese imports that Donald Trump promised in his re-election campaign. === Announcement === On January 6, 2025, the GeForce RTX 50 series was officially announced for desktop and mobile devices during Nvidia's CES keynote in Las Vegas. The pricing announcement was met with surprise as the RTX 5080 at $999 was the same price that the RTX 4080 Super released at a year earlier despite the anticipated price increases. Nvidia CEO Jensen Huang falsely claimed that the RTX 5070 could reach "RTX 4090 performance at $549", a figure that relies on the use of DLSS 4 upscaling and Multi Frame generation, and is not an indication of raw performance. == Features == === Blackwell architecture === The GeForce RTX 50 series is powered by the Blackwell microarchitecture, which continues Ada Lovelace's emphasis on high graphics frequencies and large L2 caches. The Blackwell architecture introduces Nvidia RTX's fourth-generation RT cores for hardware-accelerated real-time ray tracing and fifth-generation Tensor Cores for AI compute and performing floating-point calculations. === GDDR7 === RTX 50 series GPUs are the first consumer GPUs to feature GDDR7 video memory for greater memory bandwidth over the same bus width compared to the GDDR6 and GDDR6X memory used in the GeForce 40 series. RTX 50 series desktop GPUs use GDDR7 modules from Samsung due to them being available for validation earlier than modules from SK Hynix and Micron. === 12V-2×6 connector === The GeForce RTX 50 series uses the 16-pin 12V-2×6 connector, which is a revision of the 12VHPWR connector featured on the GeForce 40 series. There were problems with the 12VHPWR connector melting on some RTX 4090 GPUs due to the connector not being fully seated and connector design flaws that did not implement a high enough safety and error tolerance. The 12V-2×6 connector revision, published by PCI-SIG in July 2023, addressed this by shortening the four sense pins so the connector will not push any power if it has not been fully seated. The 12VHPWR design would still draw up to 150W of power even if the sense pins were not making full contact. 12V-2×6 is backwards compatible with existing 12VHPWR cables and adapters. Nvidia has mandated to its AIB partners that the 16-pin 12V-2×6 connector be used on all RTX 50 series designs. With the GeForce 40 series, the 12VHPWR connector was only mandated on higher power cards such as the RTX 4070 Super, RTX 4070 Ti, RTX 4070 Ti Super, RTX 4080, RTX 4080 Super and RTX 4090 while RTX 4060, RTX 4060 Ti and RTX 4070 AIB designs had the option of using 8-pin PCIe connectors. The 600W-capable 12VHPWR connector would not have been necessary on sub-200W cards. === DLSS 4 === The fourth generation of Deep Learning Super Sampling (DLSS) was unveiled alongside the RTX 50 series. DLSS 4 upscaling uses a new vision transformer-based model for enhanced image quality with reduced ghosting and greater image stability in motion compared to the previous convolutional neural network (CNN) model. DLSS 4 also allows a greater number of frames to be generated and interpolated based on a single traditionally rendered frame. This form of frame generation called Multi Frame Generation is exclusive to the RTX 50 series while the GeForce 40 series is limited to one interpolated frame per traditionally rendered frame. Nvidia claims that DLSS 4's frame generation model uses 30% less video memory with the example of Warhammer 40,000: Darktide using 400 MB less memory at 4K resolution with frame generation enabled. Nvidia claims that 75 titles will integrate DLSS 4 Multi Frame Generation at launch, including Alan Wake 2, Cyberpunk 2077, Indiana Jones and the Great Circle, and Star Wars Outlaws. === Media Engine and I/O === The RTX 50 series includes DisplayPort 2.1b UHBR20 (80Gbps) with higher display output data rates to support high resolution and high refresh rate displays. The GeForce 40 series received criticism for only including DisplayPort 1.4a (32Gbps) while the competing Radeon RX 7000 series included DisplayPort 2.1 UHBR13.5 (54Gbps). At CES 2025, VESA announced a collaboration with Nvidia on the new DP80LL ("low loss") UHBR20 active cable standard. DP80LL allows for 80Gbps DisplayPort 2.1 cables up to 3 meters long as passive DP80 cables are limited in length due to signal integrity concerns. The RTX 50 series introduces the ninth-generation NVENC encoder and sixth-generation NVDEC video decoder. For the first time in a consumer GeForce GPU, encoding and decoding video in the 4:2:2 color format for professional-grade higher color depth is supported. == List of GPUs == === Desktop === GeForce RTX 50 series desktop GPUs are the second consumer GPUs to utilize a PCIe 5.0 interface and the first to feature GDDR7 video memory (except for the entry level RTX 5050 that still uses GDDR6). They are fabricated by TSMC using a custom 5 nm process dubbed 4N. === Mobile === Laptops featuring GeForce RTX 50 series laptop GPUs were shown at CES 2025. Laptops with RTX 50 series GPUs were paired with Intel's Arrow Lake-HX and AMD's Strix Point and Fire Range CPUs. Nvidia claims that Blackwell architecture's new Max-Q features can increase battery life by up to 40% over GeForce 40 series laptops. For example, Advanced Power Gating saves power by turning off areas of the GPU that are unused and the paired GDDR7 memory can run in an "ultra" low-voltage state. Initial RTX 50 series laptops will become available in March 2025 starting at $1,299. == Controversies == === 12V-2x6 power connector issue === The 12V-2x6 connector used by multiple 5090 cards faces criticism due to a design flaw that can potentially cause the connector to melt. The flaw primarily affect Nvidia's own RTX 5090 FE and RTX 5080 FE cards and are similar to the failures seen on the RTX 40 series but models by third party OEMs have been affected as well. === Availability and pricing === The releases of the RTX 5090, 5080 and 5070 Ti were marked by severe availability issues and pricing well above MSRP. Pricing became an issue again at the end of 2025 due to an ongoing memory supply shortage. Nvidia has been rumored to cut production of 16GB VRAM cards, affecting the availability of the RTX 5060 Ti 16GB and RTX 5070 Ti SKUs. === 32-bit support removal for CUDA, OpenCL, and GPU PhysX === Support for 32-bit OpenCL, and CUDA applications (and as a result 32-bit GPU-accelerated PhysX), was dropped for the GeForce RTX 50 series, which resulted in several applications encountering performance issues with GPU PhysX options or not being able to run at all, causing negative reactions from numerous gaming communities. On December 4, 2025, with the release of driver version 591.44, 32-bit GPU-accelerated PhysX support was restored for certain games. Support for more games was promised in the future. === Incomplete dies and missing ROPs === The dies of certain RTX 5090/5090D, 5080, and 5070 Ti cards were missing eight render output units (ROPs), resulting in slower graphics while pure compute and AI workloads are unaffected. Nvidia claimed that less than 0.5% of cards are affected and that the "production anomaly" has been rectified. === Black screen issues === Some RTX 5080 and 5090 users reported an issue where the system would boot into a black screen after installing Nvidia drivers. Nvidia confirmed the issue and said that a new driver update would fix it for people who hadn't received a VBIOS update yet. Released on February 27, 2025 Nvidia drivers version 572.60 claim to have fixed the issue. Nvidia has since released multiple hotfix and Game Ready drivers that contain additional fixes for the issue. === Windows driver branch quality and stabilit
Comet (programming)
Comet is a web application model in which a long-held HTTPS request allows a web server to push data to a browser, without the browser explicitly requesting it. Comet is an umbrella term, encompassing multiple techniques for achieving this interaction. All these methods rely on features included by default in browsers, such as JavaScript, rather than on non-default plugins. The Comet approach differs from the original model of the web, in which a browser requests a complete web page at a time. The use of Comet techniques in web development predates the use of the word Comet as a neologism for the collective techniques. Comet is known by several other names, including Ajax Push, Reverse Ajax, Two-way-web, HTTP Streaming, and HTTP server push among others. The term Comet is not an acronym, but was coined by Alex Russell in his 2006 blog post. In recent years, the standardisation and widespread support of WebSocket and Server-sent events has rendered the Comet model obsolete. == History == === Early Java applets === The ability to embed Java applets into browsers (starting with Netscape Navigator 2.0 in March 1996) made two-way sustained communications possible, using a raw TCP socket to communicate between the browser and the server. This socket can remain open as long as the browser is at the document hosting the applet. Event notifications can be sent in any format – text or binary – and decoded by the applet. === The first browser-to-browser communication framework === The very first application using browser-to-browser communications was Tango Interactive, implemented in 1996–98 at the Northeast Parallel Architectures Center (NPAC) at Syracuse University using DARPA funding. TANGO architecture has been patented by Syracuse University. TANGO framework has been extensively used as a distance education tool. The framework has been commercialized by CollabWorx and used in a dozen or so Command&Control and Training applications in the United States Department of Defense. === First Comet applications === The first set of Comet implementations dates back to 2000, with the Pushlets, Lightstreamer, and KnowNow projects. Pushlets, a framework created by Just van den Broecke, was one of the first open source implementations. Pushlets were based on server-side Java servlets, and a client-side JavaScript library. Bang Networks – a Silicon Valley start-up backed by Netscape co-founder Marc Andreessen – had a lavishly financed attempt to create a real-time push standard for the entire web. In April 2001, Chip Morningstar began developing a Java-based (J2SE) web server which used two HTTP sockets to keep open two communications channels between the custom HTTP server he designed and a client designed by Douglas Crockford; a functioning demo system existed as of June 2001. The server and client used a messaging format that the founders of State Software, Inc. assented to coin as JSON following Crockford's suggestion. The entire system, the client libraries, the messaging format known as JSON and the server, became the State Application Framework, parts of which were sold and used by Sun Microsystems, Amazon.com, EDS and Volkswagen. In March 2006, software engineer Alex Russell coined the term Comet in a post on his personal blog. The new term was a play on Ajax (Ajax and Comet both being common household cleaners in the USA). In 2006, some applications exposed those techniques to a wider audience: Meebo’s multi-protocol web-based chat application enabled users to connect to AOL, Yahoo, and Microsoft chat platforms through the browser; Google added web-based chat to Gmail; JotSpot, a startup since acquired by Google, built Comet-based real-time collaborative document editing. New Comet variants were created, such as the Java-based ICEfaces JSF framework (although they prefer the term "Ajax Push"). Others that had previously used Java-applet based transports switched instead to pure-JavaScript implementations. == Implementations == Comet applications attempt to eliminate the limitations of the page-by-page web model and traditional polling by offering two-way sustained interaction, using a persistent or long-lasting HTTP connection between the server and the client. Since browsers and proxies are not designed with server events in mind, several techniques to achieve this have been developed, each with different benefits and drawbacks. The biggest hurdle is the HTTP 1.1 specification, which states "this specification... encourages clients to be conservative when opening multiple connections". Therefore, holding one connection open for real-time events has a negative impact on browser usability: the browser may be blocked from sending a new request while waiting for the results of a previous request, e.g., a series of images. This can be worked around by creating a distinct hostname for real-time information, which is an alias for the same physical server. This strategy is an application of domain sharding. Specific methods of implementing Comet fall into two major categories: streaming and long polling. === Streaming === An application using streaming Comet opens a single persistent connection from the client browser to the server for all Comet events. These events are incrementally handled and interpreted on the client side every time the server sends a new event, with neither side closing the connection. Specific techniques for accomplishing streaming Comet include the following: ==== Hidden iframe ==== A basic technique for dynamic web application is to use a hidden iframe HTML element (an inline frame, which allows a website to embed one HTML document inside another). This invisible iframe is sent as a chunked block, which implicitly declares it as infinitely long (sometimes called "forever frame"). As events occur, the iframe is gradually filled with script tags, containing JavaScript to be executed in the browser. Because browsers render HTML pages incrementally, each script tag is executed as it is received. Some browsers require a specific minimum document size before parsing and execution is started, which can be obtained by initially sending 1–2 kB of padding spaces. One benefit of the iframes method is that it works in every common browser. Two downsides of this technique are the lack of a reliable error handling method, and the impossibility of tracking the state of the request calling process. ==== XMLHttpRequest ==== The XMLHttpRequest (XHR) object, a tool used by Ajax applications for browser–server communication, can also be pressed into service for server–browser Comet messaging by generating a custom data format for an XHR response, and parsing out each event using browser-side JavaScript; relying only on the browser firing the onreadystatechange callback each time it receives new data. === Ajax with long polling === None of the above streaming transports work across all modern browsers without negative side-effects. This forces Comet developers to implement several complex streaming transports, switching between them depending on the browser. Consequently, many Comet applications use long polling, which is easier to implement on the browser side, and works, at minimum, in every browser that supports XHR. As the name suggests, long polling requires the client to poll the server for an event (or set of events). The browser makes an Ajax-style request to the server, which is kept open until the server has new data to send to the browser, which is sent to the browser in a complete response. The browser initiates a new long polling request in order to obtain subsequent events. IETF RFC 6202 "Known Issues and Best Practices for the Use of Long Polling and Streaming in Bidirectional HTTP" compares long polling and HTTP streaming. Specific technologies for accomplishing long-polling include the following: ==== XMLHttpRequest long polling ==== For the most part, XMLHttpRequest long polling works like any standard use of XHR. The browser makes an asynchronous request of the server, which may wait for data to be available before responding. The response can contain encoded data (typically XML or JSON) or Javascript to be executed by the client. At the end of the processing of the response, the browser creates and sends another XHR, to await the next event. Thus the browser always keeps a request outstanding with the server, to be answered as each event occurs. ==== Script tag long polling ==== While any Comet transport can be made to work across subdomains, none of the above transports can be used across different second-level domains (SLDs), due to browser security policies designed to prevent cross-site scripting attacks. That is, if the main web page is served from one SLD, and the Comet server is located at another SLD (which does not have cross-origin resource sharing enabled), Comet events cannot be used to modify the HTML and DOM of the main page, using those transports. This problem can be sidestepped by creating a proxy server in
Creepiness
Creepiness is the state of being creepy, or causing an unpleasant feeling of fear or unease to someone and/or something. Certain traits or hobbies may make people seem creepy to others; interest in horror or the macabre might come across as 'creepy', and often people who are perverted or exhibit predatory behavior are called 'creeps'. The internet, especially some functions of social media, has been described as increasingly creepy. Adam Kotsko has compared the modern conception of creepiness to the Freudian concept of unheimlich. The term has also been used to describe paranormal or supernatural phenomena. Some people have phobias which are irrational fears, which can make them perceive something as creepy. == History and studies == "Creepiness" is subjective: for example some dolls have been described as creepy, while what makes something "creepy" or "strange" to someone might seem normal to someone else. The adjective "creepy", referring to a feeling of creeping in the flesh, was first used in 1831, but it was Charles Dickens who coined and popularized the term "the creeps" in his 1849 novel David Copperfield. In the 20th century, association was made between involuntary celibacy and creepiness. The concept of creepiness has only recently been formally addressed in social media marketing. The sensation of creepiness has only recently been the subject of psychological research, despite the widespread colloquial use of the word throughout the years. Francis T. McAndrew of Knox College is the first psychologist to do an empirical study on creepiness. == Causes == The state of creepiness has been associated with "feeling scared, nervous, anxious or worried", "awkward or uncomfortable", "vulnerable or violated" in a study conducted by Watt et al. This state arises in the presence of a creepy element, which can be an individual or, as recently observed, new technologies. === Individuals === Creepiness can be caused by the appearance of an individual. Another study investigated the characteristics that make people creepy. Creepy people were thought to be more often male than female by an overwhelming majority of participants (around 95% of both male and female participants). Another study conducted by Watt et al. also found that participants associated the ectomorphic body type (more linear) with creepiness, more than the other two body types (51% vs mesomorphic, 24% and endomorphic, 23%). Other cues of creepiness included low hygiene, especially according to female participants, and a disheveled appearance. Participants also identified the face as an area with potentially creepy features: in particular the eyes and the teeth. Both of those physical features were deemed creepy not only for their unpleasant appearance (ex. squinty eyes or crooked teeth) but also for the movements and expressions they engaged it (ex. darting eye movements and odd smiles). In fact, appearance does not seem to be the only factor making an individual creepy: behaviors provide cues as well. Behaviors such as "being unusually quiet and staring (34%), following or lurking (15%), behaving abnormally (21%), or in a socially awkward, "sketchy" or suspicious way (20%)" are all contributing to a feeling of creepiness, as described by Watt et al.'s study. === Technology === In addition to other individuals, new technologies, such as marketing's targeted ads and AI, have been qualified as creepy. A study by Moore et al. described what aspect of marketing participants considered creepy. The main three reasons are the following: using invasive tactics, causing discomfort and violating of norms. Invasive tactics are practiced by marketers that know so much about the consumer that the ads are "creepily" personalized. Secondly, some ads create discomfort by making the consumer question "the motives of the company advertising the product". Finally, some ads violate social norms by having inappropriate content, for example by unnecessarily sexualizing it. It is marketing's extensive knowledge used in an improper way, together with a certain loss of control over our data, that creates a feeling of creepiness. Another creepy aspect of technology is human-looking AI: this phenomenon is called the uncanny valley. Humans find robots creepy when they start closely resembling humans. It has been hypothesized that the reason why they are viewed as creepy is because they violate our notion of how a robot should look. A study focusing on children's responses to this phenomenon found evidence to support the hypothesis. == Evolutionary explanation == Several studies have hypothesized that creepiness is an evolutionary response to potentially dangerous situations. It could be linked to a mechanism called agent detection which makes individuals expect malignant agents to be responsible for small changes in the environment. McAndrew et al. illustrates the idea with the example of a person hearing some noises while walking in a dark alley. That person would go in high alert, fearing that some dangerous individual was there. If that was not the case the loss would be small. If, on the other hand, a dangerous individual was actually in the alley and the person had not been alerted by this creepy feeling, the loss could have been significant. Creepiness would therefore serve the purpose of alerting us in situations in which the danger is not outright obvious but rather ambiguous. In this case, ambiguity both refers to the possible presence of a threat and to its nature, sexual or physical for example. Creepiness "may reside in between the unknowing and the fear" in the sense that individuals experiencing it are unsure if there truly is something to fear or not. Creepy characteristics are not simply caused by threat potential: in fact, ectomorphic body types are not the most powerful bodies and facial expressions are not a proxy of physical strength either. Therefore, creepiness is not only related to how threatening a characteristic is, in the sense of how dangerous and strong the individual can be. There are more facets to consider. Another characteristic of creepiness is unpredictable behavior. Unpredictability links back to this idea of ambiguity. When an individual is unpredictable it is not possible to tell when their behavior will turn violent: this adds to the ambiguity of a potentially dangerous situation. This theory is endorsed by studies. Not only is unpredictability directly listed as a creepy characteristic, but other behaviors, such as norm-breaking behaviors are indirectly linked with unpredictability. Such behaviors show that the individual does not conform to some social standards others would expect in a given situation. For example, the aforementioned staring at strangers or lack of hygiene—behaviors that make us uneasy or creeped out because they do not fit the norm and therefore are not expected. More generally, participants tended to define creepiness as "different" in the sense of not behaving, or looking, socially acceptable. Such differences point towards a "social mismatch". Humans have a natural system of detection of such mismatch: a physical feeling of coldness. When an individual is creeped out, they report feeling those "cold chills". This phenomenon has been studied by Leander et al, with relation to nonverbal mimicry in social interactions, meaning the unintentional copying of another's behavior. Inappropriate mimicry may leave a person feeling like something is off about the other. Absence of non-verbal mimicry in a friendly interaction, or the presence of it in a professional setting, raises suspicion as it does not follow the relevant social norms. Individuals are left wondering what other unusual behavior the other might engage in.
Security type system
In computer science, a type system can be described as a syntactic framework which contains a set of rules that are used to assign a type property (int, boolean, char etc.) to various components of a computer program, such as variables or functions. A security type system works in a similar way, only with a main focus on the security of the computer program, through information flow control. Thus, the various components of the program are assigned security types, or labels. The aim of a such system is to ultimately be able to verify that a given program conforms to the type system rules and satisfies non-interference. Security type systems is one of many security techniques used in the field of language-based security, and is tightly connected to information flow and information flow policies. In simple terms, a security type system can be used to detect if there exists any kind of violation of confidentiality or integrity in a program, i.e. the programmer wants to detect if the program is in line with the information flow policy or not. == A simple information flow policy == Suppose there are two users, A and B. In a program, the following security classes (SC) are introduced: SC = {∅, {A}, {B}, {A,B}}, where ∅ is the empty set. The information flow policy should define the direction that information is allowed to flow, which is dependent on whether the policy allows read or write operations. This example considers read operations (confidentiality). The following flows are allowed: → = {({A}, {A}), ({B}, {B}), ({A,B}, {A,B}), ({A,B}, {A}), ({A,B}, {B}), ({A}, ∅), ({B}, ∅), ({A,B}, ∅)} This can also be described as a superset (⊇). In words: information is allowed to flow towards stricter levels of confidentiality. The combination operator (⊕) can express how security classes can perform read operations with respect to other security classes. For example: {A} ⊕ {A,B} = {A} — the only security class that can read from both {A} and {A,B} is {A}. {A} ⊕ {B} = ∅ — neither {A} nor {B} are allowed to read from both {A} and {B}. This can also be described as an intersection (∩) between security classes. An information flow policy can be illustrated as a Hasse diagram. The policy should also be a lattice, that is, it has a greatest lower-bound and least upper-bound (there always exists a combination between security classes). In the case of integrity, information will flow in the opposite direction, thus the policy will be inverted. == Information flow policy in security type systems == Once the policy is in place, the software developer can apply the security classes to the program components. Use of a security type system is usually combined with a compiler that can perform the verification of the information flow according to the type system rules. For the sake of simplicity, a very simple computer program, together with the information flow policy as described in the previous section, can be used as a demonstration. The simple program is given in the following pseudocode: if y{A} = 1 then x{A,B} := 0 else x{A,B} := 1 Here, an equality check is made on a variable y that is assigned the security class {A}. A variable x with a lower security class ({A,B}) is influenced by this check. This means that information is leaking from class {A} to class {A,B}, which is a violation of the confidentiality policy. This leak should be detected by the security type system. === Example === Designing a security type system requires a function (also known as a security environment) that creates a mapping from variables to security types, or classes. This function can be called Γ, such that Γ(x) = τ, where x is a variable and τ is the security class, or type. Security classes are assigned (also called "judgement") to program components, using the following notation: Types are assigned to read operations by: Γ ⊢ e : τ. Types are assigned to write operations by: Γ ⊢ S : τ cmd. Constants can be assigned any type. The following bottom-up notation can be used to decompose the program: assumption1 ... assumptionn/conclusion. Once the program is decomposed into trivial judgements, by which the type can easily be determined, the types for the less trivial parts of the program can be derived. Each "numerator" is considered in isolation, looking at the type of each statement to see if an allowed type can be derived for the "denominator", based on the defined type system "rules". ==== Rules ==== The main part of the security type system is the rules. They say how the program should be decomposed and how type verification should be performed. This toy program consists of a conditional test and two possible variable assignments. Rules for these two events are defined as follows: Applying this to the simple program introduced above yields: The type system detects the policy violation in line 2, where a read operation of security class {A} is performed, followed by two write operations of a less strict security class {A,B}. In more formalized terms, {A} ⋢ {A,B}, {A,B} (from the rule of the conditional test). Thus, the program is classified as "not typeable". === Soundness === The soundness of a security type system can be informally defined as: If program P is well typed, P satisfies non-interference. Volpano, Smith and Irvine were the first to prove soundness of a security type system for a deterministic imperative programming language with a standard (non-instrumented) semantics using the notion of non-interference.
Anti-social Media Bill (Nigeria)
Anti-social Media Bill was introduced by the Senate of the Federal Republic of Nigeria on 5 November 2019 to criminalise the use of the social media in peddling false or malicious information. The original title of the bill is Protection from Internet Falsehood and Manipulations Bill 2019. It was sponsored by Senator Mohammed Sani Musa from the largely conservative northern Nigeria. After the bill passed second reading on the floor of the Nigeria Senate and its details were made public, information emerged on the social media accusing the sponsor of the bill of plagiarising a similar law in Singapore which is at the bottom of global ranking in the freedom of speech and of the press. But the senator denied that he plagiarised Singaporean law. == Opposition to the bill == Angry reactions trailed the introduction of the bill, and a number of civil society organisations, human rights activists, and Nigerian citizens unanimously opposed the bill. International rights group, Amnesty International and Human Rights Watch condemned the proposed legislation saying it is aimed at gagging freedom of speech which is a universal right in a country of over two hundred million people. Opposition political parties are very critical of the bill and accused the government of attempting to strip bare, Nigerian citizens of their rights to free speech and destroying same social media on whose power and influence the ruling All Progressives Congress, APC came to power in 2015. Nigeria Information Minister, Lai Mohammed has been at the center of public criticism because he is suspected to be the brain behind the proposed act. Lai was a former spokesman of then opposition All Progressives Congress. A "Stop the Social Media Bill! You can no longer take our rights from us" online petition campaign to force the Nigeria parliament to drop the bill received over 90,000 signatures within 24 hours. In November 2019, after the bill passed second reading in the senate, Akon Eyakenyi, a senator from Akwa Ibom State publicly said he would resist the bill. === Support for the bill === Those who support the proposed act especially Senators have often argued that the law would help curtail hate speech. President Muhammad Buhari who is seen as a beneficiary of the influence and power of the social media and free speech has been mute about it. But the president's senior aides and family members have publicly spoken in support of the bill. In November 2019, the wife of the president, Aisha Buhari, told a gathering at the Nigeria's National Mosque in the capital, Abuja that if China with over one billion people could regulate the social media, Nigeria should do same. But Nigerians reacted saying Nigeria is not a one-party communist state like China. Days later, a daughter to the president, Zahra Indimi told a gathering of young people in Abuja that social media had become a potent weapon for bullying those they thought were doing better than them in terms of social class and called for a critical regulation. == Key provisions of the bill == === Title === Protection from Internet Falsehoods, Manipulations and Other Related Matters Bill 2019. === Explanatory memorandum === This Act is to prevent Falsehoods and Manipulations in Internet transmission and correspondences in Nigeria. To suppress falsehoods and manipulations and counter the effects of such communications and transmissions and to sanction offenders with a view to encouraging and enhancing transparency by Social Media Platforms using the internet correspondences. === Objectives === One objective of the bill is to prevent the transmission of false statements or declaration of facts in Nigeria. Another objective of the bill is to end the financing of online mediums that transmit false statements. Measures will be taken to detect and control inauthentic behaviour and misuse of online accounts (parody accounts). When paid content is posted towards a political end, there will be measures to ensure the poster discloses such information. There will be sanction for offenders. === Transmission of false statement === According to the bill, a person must not: Transmit a statement that is false or, Transmit a statement that might: i. Affect the security or any part of Nigeria. ii. Affect public health, public safety or public finance. iii. Affect Nigeria's relationship with other countries. iv. influence the outcome of an election to any office in a general election. v. Cause enmity or hatred towards a person or group of persons. Anyone guilty of the above is liable to a fine of N300,000 or three years' imprisonment or both (for individual); and a fine not exceeding ten million naira (for corporate organisations). Same punishment applies for fake online accounts that transmit statements listed above. === Parody accounts === The bill says a person shall not open an account to transmit false statement. Anyone found guilty will be fined N200,000 or three years' imprisonment or both (for an individual) or five million naira (for corporate organisations). If such accounts transmit a statement that will affect security or influence the outcome of an election, such a person will be fined N300,000 or three years' imprisonment or both. If a person receives payment or reward to help another to transmit false statements knowingly, he/she is liable to a fine of N150,000 or three years' imprisonment or both. If a person receives payment or reward to help another to transmit a statement affects security or influence the outcome of an election, the fine is N300,000 or three years' imprisonment or both (for individual) and ten million naira for organisations. === Declaration === According to the bill, a law enforcement department can issue a "declaration" to offenders. And this declaration will be issued even if the "false statement" has been corrected or pulled down. The offender will be required to publish a "correction notice" in a specified newspaper, online location or other printed publication of Nigeria. Failure to comply, a person is liable to N200,000 or 12 months' imprisonment or both (for individual) and five million naira for organisations. === Access blocking order === The bill says the law enforcement department will also issue an access blocking order to offenders. The law enforcement department may direct the NCC to order the internet access service provider to disable access by users in Nigeria to the online location and the NCC must give the internet access service provider an access blocking order. An internet access service provider that does not comply with any access blocking order is liable on conviction to a fine not exceeding ten million naira for each day during any part of which that order is not fully complied with, up to a total of five million naira.