GNU social (and its predecessor StatusNet) is a largely defunct free and open-source microblogging social networking service that implements the OStatus and ActivityPub standards for interoperability between installations. While offering similar functionality to social networks such as Twitter, GNU social seeks to provide the ability for open and federated communication between different microblogging communities, known as 'instances'. Both enterprises and individuals can install and control their own instances and user data. At its peak in popularity, GNU social had been deployed on hundreds of interconnected instances, however has since fallen into disuse as competing software like Mastodon and Pleroma have taken its position as the dominant federated microblogging services. Later on in its lifespan, the project split into two separate branches, with "v2" being a continuation of the original codebase for maintenance of existing instances, with "v3" being a complete redesign of the project meant to integrate further ActivityPub support and modernization of the user experience and its technological back-end. As of August 15, 2022, there had been no new commits to the v2 branch, with the v3 branch also no longer being actively developed not long after by November 25, 2022, with the project essentially abandoned. Despite its modern obsolescence and dated design compared to modern platforms, GNU social and StatusNet is regarded to be the origin of the Fediverse network and has had a major influence on the design of more modern decentralized social networks that succeeded it. == History == While being the main project within its lineage, GNU social originally began as a fork of StatusNet. The software was first developed for a service called identi.ca from Evan Prodromou, which offered free microblogging accounts to the public. The software quickly became one of the first popular examples of a decentralized social network, as identi.ca allowed any other server that was running the software to communicate with it, something which had not previously been attempted before in social media at such a large scale. === StatusNet === Originally, StatusNet (named Laconica at the time) was launched with a communication protocol designed specifically for the project called OpenMicroBlogging (OMB). With version 0.8.1, the name of the software was changed to StatusNet. Version 0.9.0 was released soon after in March 3, 2010, with the developers implementing a newly designed protocol dubbed OStatus, with support for OMB being dropped not long after. Compared to OpenMicroBlogging, OStatus could handle and federate more events and actions than the basic plaintext communication that OMB provided and was based on a variety of other web technologies, allowing for easier adoption of new implementations of the protocol for servers and clients compared to the fully custom architecture of OMB. With the StatusNet name change, the company developing both the software and OStatus as well as managing identi.ca rebranded from Control Yourself to StatusNet Inc. In August 2010, the company raised a new round of venture capital funds to establish a hosting service under the status.net domain from sources such as First Mark Capital, BOLDstart Ventures, iNovia Capital and Montreal Start Up, raising over $2.3 million in funding up to that point. The hosting service allowed anyone to establish their own StatusNet instance without maintaining a server, similar to WordPress.com and other blogging platforms. New registrations on identi.ca along with the ability to create new status.net instances was disabled in December 2012, in preparation for a migration to pump.io that has since been named by users of StatusNet and OStatus as "the Pumpocalypse". pump.io was a brand new software package like StatusNet, but with a new protocol designed for general purpose activity streams outside of microblogging and ease-of-use for developers building on the technology, much like the transition from OMB to OStatus. The announcement was seen as unexpected among identi.ca users, who were concerned about the possibility of their statuses being deleted with the transition. At the same time, server administrators running third-party instances and their users who were left behind on StatusNet were also worried, as it was unclear at the time whether future development of the software would be picked up by a new maintainer. The transition for identi.ca users to pump.io was completed on 12 July 2013. ==== Previous names ==== The original name of StatusNet was Laconica, a reference to the Laconic phrase; a particularly brief statement commonly attributed to the leaders of Sparta (Laconia being the Greek region containing Sparta). In microblogging, all messages are designed to be very short due to the traditional 140-character limit on message size, a limitation imported from SMS. Beginning with version 0.8.1, the name was changed to StatusNet. The developers said that the new name "simply reflects what our software does: send status updates into your social network." === GNU social === GNU social originally began as a side project of GNU FM (Libre.fm) maintainer Matt Lee, with the goal of being able to federate messages between Last.fm and other instances of GNU FM using StatusNet plugins. Around the same time, a developer named Mikael Nordfeldth forked StatusNet with the intention of maintaining it as a personal project, dubbing it "Free Social". However, following identi.ca's transition to pump.io and its developers' sudden abandonment of StatusNet, the projects received more attention from server administrators and other users looking for an actively updated alternative. Shortly after LibrePlanet 2012, a plan was formed to merge all three projects into a single service. On June 8, 2013, it was announced that along with Free Social, StatusNet would be merged into the GNU social project and stewarded by the Free Software Foundation, with the project since becoming the dominant variant of StatusNet. During GNU social's lifespan, a popular theme for the user interface named Quitter was used, which was similar to an earlier Twitter interface. Many instances were made specifically using the name Quitter such as Quitter.se, an instance created by the developer of the theme. Before the establishment of Mastodon's popularity and dominance within the network, Quitter was noted as a frequent location for users of Twitter to migrate to when users disagreed with moderation policies or feature updates, such as when an algorithmic feed was added to Twitter. A fork of GNU social was made called postActiv, which planned to rewrite the backend and user interface of GNU social, as well as to add compatibility for Diaspora's protocol. == Features == A basic GNU social instance takes the form of a microblogging service with a reverse chronological timeline that features status updates and small messages from followed accounts, similar to other services such as Twitter or Weibo. While users could see their own customized timeline, they could access another timeline that showcased every message that the instance knows of, including from other instances that were connected to each other if someone on the instance followed an account from it. Users could also create and join groups, which allows for discussion and collaboration on specific topics. Administrators can also customize their server via the plugin system, which allows developers to create new features or modify existing plugins to suit the needs of the instance via PHP. A notable plugin built for GNU social was Quitter, a revamp of the user interface that resembles an earlier version of Twitter's user interface.
Scrolling
In computer displays, filmmaking, television production, video games and other kinetic displays, scrolling is sliding text, images or video across a monitor or display, vertically or horizontally. "Scrolling," as such, does not change the layout of the text or pictures but moves (pans or tilts) the user's view across what is apparently a larger image that is not wholly seen. A common television and movie special effect is to scroll credits, while leaving the background stationary. Scrolling may take place completely without user intervention (as in film credits) or, on an interactive device, be triggered by touchscreen or a keypress and continue without further intervention until a further user action, or be entirely controlled by input devices. Scrolling may take place in discrete increments (perhaps one or a few lines of text at a time), or continuously (smooth scrolling). Frame rate is the speed at which an entire image is redisplayed. It is related to scrolling in that changes to text and image position can only happen as often as the image can be redisplayed. When frame rate is a limiting factor, one smooth scrolling technique is to blur images during movement that would otherwise appear to "jump". == Computing == === Implementation === Scrolling is often carried out on a computer by the CPU (software scrolling) or by a graphics processor. Some systems feature hardware scrolling, where an image may be offset as it is displayed, without any frame buffer manipulation (see also hardware windowing). This was especially common in 8 and 16bit video game consoles. === UI paradigms === In a WIMP-style graphical user interface (GUI), user-controlled scrolling is carried out by manipulating a scrollbar with a mouse, or using keyboard shortcuts, often the arrow keys. Scrolling is often supported by text user interfaces and command line interfaces. Older computer terminals changed the entire contents of the display one screenful ("page") at a time; this paging mode requires fewer resources than scrolling. Scrolling displays often also support page mode. Typically certain keys or key combinations page up or down; on PC-compatible keyboards the page up and page down keys or the space bar are used; earlier computers often used control key combinations. Some computer mice have a scroll wheel, which scrolls the display, often vertically, when rolled; others have scroll balls or tilt wheels which allow both vertical and horizontal scrolling. Some software supports other ways of scrolling. Adobe Reader has a mode identified by a small hand icon ("hand tool") on the document, which can then be dragged by clicking on it and moving the mouse as if sliding a large sheet of paper. When this feature is implemented on a touchscreen it is called kinetic scrolling. Touch-screens often use inertial scrolling, in which the scrolling motion of an object continues in a decaying fashion after release of the touch, simulating the appearance of an object with inertia. An early implementation of such behavior was in the "Star7" PDA of Sun Microsystems ca. 1991–1992. Scrolling can be controlled in other software-dependent ways by a PC mouse. Some scroll wheels can be pressed down, functioning like a button. Depending on the software, this allows both horizontal and vertical scrolling by dragging in the direction desired; when the mouse is moved to the original position, scrolling stops. A few scroll wheels can also be tilted, scrolling horizontally in one direction until released. On touchscreen devices, scrolling is a multi-touch gesture, done by swiping a finger on the screen vertically in the direction opposite to where the user wants to scroll to. If any content is too wide to fit on a display, horizontal scrolling is required to view all of it. In applications such as graphics and spreadsheets there is often more content than can fit either the width or the height of the screen at a comfortable scale, and scrolling in both directions is necessary. === Infinite scrolling === In contrast to material divided into discrete pages, the web design approach of infinite scrolling dynamically adds new material to the user display, leading to a continuous, apparently bottomless or endless scrolling experience. === Text === In languages written horizontally, such as most Western languages, text documents longer than will fit on the screen are often displayed wrapped and sized to fit the screen width, and scrolled vertically to bring desired content into view. It is possible to display lines too long to fit the display without wrapping, scrolling horizontally to view each entire line. However, this requires inconvenient constant line-by-line scrolling, while vertical scrolling is only needed after reading a full screenful. Software such as word processors and web browsers normally uses word-wrapping to display as many words in a single line as will fit the width of the screen or window or, for text organised in columns, each column. === Demos === Scrolling texts, also referred to as scrolltexts or scrollers, played an important part in the birth of the computer demo culture. The software crackers often used their deep knowledge of computer platforms to transform the information that accompanied their releases into crack intros. The sole role of these intros was to scroll the text on the screen in an impressive way. == Film and television == Scrolling is commonly used to display the credits at the end of films and television programs. Scrolling is often used in the form of a news ticker towards the bottom of the picture for content such as television news, scrolling sideways across the screen, delivering short-form content. In the dynamic layout of kinetic typography, scrolling typography can scroll across the flat screen, or can appear to recede or advance. An iconic example is the Star Wars opening crawl inspired by the Flash Gordon serials. == Video games == In computer and video games, scrolling of a playing field allows the player to control an object in a large contiguous area. Early examples of this method include Taito's 1974 vertical-scrolling racing video game Speed Race, Sega's 1976 forward-scrolling racing games Moto-Cross (Fonz) and Road Race, and Super Bug. Previously the flip-screen method was used to indicate moving backgrounds. The Namco Galaxian arcade system board introduced with Galaxian in 1979 pioneered a sprite system that animated pre-loaded sprites over a scrolling background, which became the basis for Nintendo's Radar Scope and Donkey Kong arcade hardware and home consoles such as the Nintendo Entertainment System. Parallax scrolling, which was first featured in Moon Patrol, involves several semi-transparent layers (called playfields), which scroll on top of each other at varying rates in order to give an early pseudo-3D illusion of depth. Belt scrolling is a method used in side-scrolling beat 'em up games with a downward camera angle where players can move up and down in addition to left and right. == Studies == A 1993 article by George Fitzmaurice studied spatially aware palmtop computers. These devices had a 3D sensor, and moving the device caused the contents to move as if the contents were fixed in place. This interaction could be referred to as “moving to scroll.” Also, if the user moved the device away from their body, they would zoom in; conversely, the device would zoom out if the user pulled the device closer to them. Smartphone cameras and “optical flow” image analysis utilize this technique nowadays. A 1996 research paper by Jun Rekimoto analyzed tilting operations as scrolling techniques on small screen interfaces. Users could not only tilt to scroll, but also tilt to select menu items. These techniques proved especially useful for field workers, since they only needed to hold and control the device with one hand. A study from 2013 by Selina Sharmin, Oleg Špakov, and Kari-Jouko Räihä explored the action of reading text on a screen while the text auto-scrolls based on the user's eye tracking patterns. The control group simply read text on a screen and manually scrolled. The study found that participants preferred to read primarily at the top of the screen, so the screen scrolled down whenever participants’ eyes began to look toward the bottom of the screen. This auto-scrolling caused no statistically significant difference in reading speed or performance. An undated study occurring during or after 2010 by Dede Frederick, James Mohler, Mihaela Vorvoreanu, and Ronald Glotzbach noted that parallax scrolling "may cause certain people to experience nausea."
Reflection (computer graphics)
Reflection in computer graphics is used to render reflective objects like mirrors and shiny surfaces. Accurate reflections are commonly computed using ray tracing whereas approximate reflections can usually be computed faster by using simpler methods such as environment mapping. Reflections on shiny surfaces like wood or tile can add to the photorealistic effects of a 3D rendering. == Approaches to reflection rendering == For rendering environment reflections there exist many techniques that differ in precision, computational and implementation complexity. Combination of these techniques are also possible. Image order rendering algorithms based on tracing rays of light, such as ray tracing or path tracing, typically compute accurate reflections on general surfaces, including multiple reflections and self reflections. However these algorithms are generally still too computationally expensive for real time rendering (even though specialized HW exists, such as Nvidia RTX) and require a different rendering approach from typically used rasterization. Reflections on planar surfaces, such as planar mirrors or water surfaces, can be computed simply and accurately in real time with two pass rendering — one for the viewer, one for the view in the mirror, usually with the help of stencil buffer. Some older video games used a trick to achieve this effect with one pass rendering by putting the whole mirrored scene behind a transparent plane representing the mirror. Reflections on non-planar (curved) surfaces are more challenging for real time rendering. Main approaches that are used include: Environment mapping (e.g. cube mapping): a technique that has been widely used e.g. in video games, offering reflection approximation that's mostly sufficient to the eye, but lacking self-reflections and requiring pre-rendering of the environment map. The precision can be increased by using a spatial array of environment maps instead of just one. It is also possible to generate cube map reflections in real time, at the cost of memory and computational requirements. Screen space reflections (SSR): a more expensive technique that traces rays come from pixel data.This requires the data of surface normal and either depth buffer (local space) or position buffer (world space).The disadvantage is that objects not captured in the rendered frame cannot appear in the reflections, which results in unresolved and or false intersections causing artefacts such as reflection vanishment and virtual image. SSR was originally introduced as Real Time Local Reflections in CryENGINE 3. == Types of reflection == Polished - A polished reflection is an undisturbed reflection, like a mirror or chrome surface. Blurry - A blurry reflection means that tiny random bumps, or microfacets, on the surface of the material causes the reflection to be blurry. Metallic - A reflection is metallic if the highlights and reflections retain the color of the reflective object. Glossy - This term can be misused: sometimes, it is a setting which is the opposite of blurry (e.g. when "glossiness" has a low value, the reflection is blurry). Sometimes the term is used as a synonym for "blurred reflection". Glossy used in this context means that the reflection is actually blurred. === Polished or mirror reflection === Mirrors are usually almost 100% reflective. === Metallic reflection === Normal (nonmetallic) objects reflect light and colors in the original color of the object being reflected. Metallic objects reflect lights and colors altered by the color of the metallic object itself. === Blurry reflection === Many materials are imperfect reflectors, where the reflections are blurred to various degrees due to surface roughness that scatters the rays of the reflections. === Glossy reflection === Fully glossy reflection, shows highlights from light sources, but does not show a clear reflection from objects. == Examples of reflections == === Wet floor reflections === The wet floor effect is a graphic effects technique popular in conjunction with Web 2.0 style pages, particularly in logos. The effect can be done manually or created with an auxiliary tool which can be installed to create the effect automatically. Unlike a standard computer reflection (and the Java water effect popular in first-generation web graphics), the wet floor effect involves a gradient and often a slant in the reflection, so that the mirrored image appears to be hovering over or resting on a wet floor.
Sanchar Saathi
Sanchar Saathi (lit. 'Communication Partner' or 'Communication Companion') is an Indian state-owned app and web portal, operated by the Department of Telecommunications, designed to assist Indian mobile users in tracking and blocking stolen or lost mobile devices. In late 2025, a government order requiring Sanchar Saathi to be pre-installed on all mobile devices sold nationwide, with explicit provisions on preventing users from deleting the app or disabling any of its broad functionalities, triggered widespread backlash. The order was subsequently withdrawn. == Background == The Telecommunications Act 2023 introduced an exceptionally broad definition of the term "telecommunications" and conferred wide-ranging powers on the government. Although the Department of Telecommunications (DoT) assured reporters that this definition would not be used to justify government overreach, a November 2024 amendment to the Telecom Cyber Security Rules expanded it further and introduced the concept of the Telecommunication Identifier User Entity (TIEU), enabling users to be personally identified through their phone numbers. Sanchar Saathi was launched amid a widespread rise in cybercrime and hacking, as part of the Indian government's effort to prevent stolen phones from being used for fraud and to promote a state-backed application. In an official statement, the DoT said, "India has big second-hand mobile device market. Cases have also been observed where stolen or blacklisted devices are being re-sold. It makes the purchaser abettor in crime and causes financial loss to them." == Launch == Sanchar Saathi was originally launched as a web portal in May 2023. It was later launched as a mobile app in January 2025. Describing itself as a "citizen-centric" safety tool, Sanchar Saathi allows users to check a device's IMEI, report and block lost or stolen phones, and flag suspected fraud communications. Under Sanchar Saathi's privacy policy, it can make and manage phone calls, view and send messages, read call logs, access photos and files, access the location and camera of the device in which the app is used, as well as read and write into the device's storage. According to official government data, by December 2025, the Sanchar Saathi app had helped recover more than 700,000 lost and stolen mobile devices across India. Users report around 2,000 fraud incidents through the app each day. == Pre-installation controversy == On 28 November 2025, the Bharatiya Janata Party government, led by prime minister Narendra Modi, privately ordered phone manufacturers, including Apple, Samsung, Xiaomi, Vivo, Oppo, among others, to pre-install the Sanchar Saathi app on new devices sold in the country, alongside mandating that old devices get issued a software update for the installation of the app. The order had a 90-day deadline and further included explicit provisions to ensure that the app is to be "readily visible and accessible to the end users at the time of first use or device setup" and that users should neither be able to delete the app nor disable or restrict any of its broad functionalities. The order caused widespread political backlash. K. C. Venugopal, a general secretary of the main opposition party, the Indian National Congress (or simply the Congress), called the order "beyond unconstitutional" and said, "A pre-loaded government app that cannot be uninstalled is a dystopian tool to monitor every Indian. It is a means to watch over every movement, interaction and decision of each citizen", adding, "Big Brother cannot watch us." Another Congress general secretary, Priyanka Gandhi, termed Sanchar Saathi a "snooping app", and attacked the government for "turning this country into a dictatorship". Uddhav Thackeray, former chief minister of Maharashtra, compared Sanchar Saathi to the Pegasus spyware. Sanjay Hegde, a senior advocate at the Supreme Court of India, said "Here in the garb of security, the intrusion is vast, unfettered, unguided and is totally disproportionate. The app ought to be struck down on that account". The Internet Freedom Foundation (IFF), an Indian digital rights advocacy organisation, said, "Forcing every smartphone to carry a permanent government app for a simple verification task is excessive and violates the Puttaswamy proportionality standard", referring to Puttaswamy v. Union of India, a 2017 landmark decision of the Supreme Court, which asserted that the right to privacy should be protected as a fundamental right. The IFF further said, "For this to work in practice, the app will almost certainly need system level or root level access, similar to carrier or OEM system apps, so that it cannot be disabled. That design choice erodes the protections that normally prevent one app from peering into the data of others, and turns Sanchar Saathi into a permanent, non-consensual point of access sitting inside the operating system of every Indian smartphone user." Moreover, the organisation said that while the app was being "framed as a benign IMEI checker", a server-side update could allow the app to engage in "client side scanning for 'banned' applications, flag VPN usage, correlate SIM activity, or trawl SMS logs in the name of fraud detection. Nothing in the order constrains these possibilities." In reaction to the controversy, Jyotiraditya Scindia, the union minister of communications, said, "There is no snooping or call monitoring", adding, "Obviously you can delete it. There is no problem. This is a matter of customer protection. It is not mandatory. If you don't want to register, and don't want to use the app, don't use it; don't register, and it will lay dormant." Scindia compared the app to other pre-installed mobile apps such as Google Maps, which he said could be deleted if users wished so. However, contrary to Scindia's statement, on many phone brands, such pre-installed apps cannot be deleted, although users can disable them. Furthermore, upon enquiry, Scindia did not clarify whether his remarks applied to the app after the order took effect, making no comment on the provision in the order that would prevent users from deleting the app. When Congress member Renuka Chowdhury submitted an adjournment motion notice in the Rajya Sabha seeking the suspension of all other matters to discuss the Sanchar Saathi issue, Kiren Rijiju, the union minister of parliamentary affairs, accused the opposition of "manufacturing issues" to stall session proceedings. By 2 December, it had been reported that Apple did not plan to comply with the order, citing privacy and security concerns for the iOS ecosystem and the fact that the order would violate its internal policy against the pre-installation of third-party software in iPhones. Although it was clarified that Apple did not intend to take the matter to court or publicly oppose the government, it was said that Apple "can't do this. Period." The order would have also required Google to create a custom version of Android solely for India which would include the Sanchar Saathi app, a requirement described to "not be acceptable to the company". Following the backlash, the order was revoked on 3 December 2025. In a press release, the government said, "Given Sanchar Saathi's increasing acceptance, Government has decided not to make the pre-installation mandatory for mobile manufacturers".
Automated penetration testing
Automated penetration testing (also known as autonomous penetration testing or automated offensive security) is the application of software-driven workflows and orchestration to simulate cyberattack techniques. These methods are used to identify, validate, and exploit security vulnerabilities in IT assets such as networks, applications, and cloud infrastructure. Automated penetration testing is the use of software to simulate cyberattacks in order to rapidly identify exploitable vulnerabilities across systems without relying solely on human testers. In technical literature, the term describes a spectrum of activities ranging from scripted exploit orchestration to experimental systems designed for fully autonomous attack planning. Automated Penetration Testing falls short of testing using manual experts in terms of discovery of deep complex vulnerabilities and contextual business logic vulnerabilities. == Terminology and scope == The label “automated penetration testing” appears frequently in vendor and practitioner writing but lacks a single, neutral, standards-based definition. In the literature the term’s scope varies: some authors use it to mean automation of specific penetration-testing tasks (scanning, exploitation attempts, evidence collection), others to describe integrated, repeatable assessment pipelines, and a smaller body of work investigates autonomous decision-making agents that select attack steps algorithmically. To avoid implying consensus, this article describes common techniques and architectures reported in the literature and industry, and it notes where claims are primarily found in practitioner publications or early-stage research. Its important to note the differences between automated penetration testing and traditional penetration testing using human skill. The most important difference is scope and speed. Automated penetration testing generally fails at discovering exposures and weakness associated with business logic due to a lack of contextual understanding. The benefit of Automated Penetration testing is speed at which it can be conducted. Traditional penetration testing also is expected to be accurate and contain no false positives. This is due to the human validation aspect of the test. Automated approaches are expected to contain mistakes and false positives which need to be validated upon completion of the test. == History == Automated offensive techniques build on decades of tools and scripting that aided vulnerability discovery and exploitation. Early vulnerability scanners and community scripting in the 1990s and 2000s created the first layers of automation. Later, modular exploitation frameworks (notably Metasploit) integrated scanning and exploitation modules and made automated proof-of-concept attacks more accessible. Over the 2010s–2020s, as cloud platforms, APIs and continuous delivery practices increased the need for frequent validation, academic and industry interest in formalizing automated approaches also grew. == Methodologies and architectures == Descriptions in the literature and technical reports cluster automated capabilities into several overlapping models: Scripted/engineered playbooks (task automation): Predefined workflows or playbooks encode common attack paths (for example, web application exploit sequences or lateral-movement chains). These playbooks are designed to reproduce known techniques in a controlled way to validate exploitability and reduce manual repetition. Exploit-oriented orchestration: Automation orchestrates exploitation modules from established frameworks to perform controlled proof-of-concept attacks that confirm exploitability rather than simply flagging potential weaknesses. This approach can reduce false positives versus passive scanning when tests are run in an appropriately controlled environment. Orchestrated multi-tool pipelines: A coordinated toolchain integrates reconnaissance, vulnerability scanning, credential testing, exploitation modules and reporting. Data and state persist across stages so that multi-step workflows (e.g., discover → escalate → pivot) can be executed repeatably, approximating manual penetration-test methodologies at larger scale. Continuous / CI-integrated testing: Automation embedded in build or deployment pipelines (CI/CD) triggers assessments automatically on new builds, configuration changes, or on a schedule, supporting frequent, repeatable validation aligned with DevOps practices. Academic theses and experimental work describe CI/CD-integrated proof-of-concept systems for web applications and internal networks. Research on autonomous planning and learning: Recent academic work explores machine learning and reinforcement-learning approaches to select or prioritise attack steps, generate attack sequences, or optimize the testing path; these approaches are largely experimental and raise distinct validation and safety questions. == Tools and vendors == Automated penetration testing is provided by a mix of open-source projects, commercial platforms, and professional services. These often follow the penetration testing as a service (PTaaS) model, which integrates automated scanning with manual validation by security analysts. Examples of widely known tools and vendors in the space include exploitation frameworks such as Metasploit, commercial automated platforms and PTaaS providers, and specialist vendors that offer breach-and-attack simulation (BAS) or continuous testing capabilities. == Applications and deployment models == In industry practice, some organizations deploy automated techniques through dedicated security validation platforms rather than bespoke toolchains. These platforms are typically used for continuous or scheduled validation in pre-production or controlled environments and are often positioned alongside, rather than in place of, human-led penetration testing. Examples discussed in secondary literature include platforms such as Pentera, which are commonly classified under breach-and-attack simulation or automated security validation rather than as standalone penetration-testing methodologies.
WorkingPoint
WorkingPoint is a web-based application that provides a suite of small business management tools. It is designed to serve as a single point of access for various business operations, featuring a user-friendly interface. WorkingPoint's functionalities include double-entry bookkeeping, contact management, inventory management, invoicing, and bill and expense management. == Company == WorkingPoint, formerly Netbooks Inc, is a privately held corporation based in San Francisco, CA. The company is backed by CMEA Capital, also based in San Francisco. WorkingPoint has about ten employees and is led by CEO Tate Holt and Chairman Tom Proulx. Proulx is a co-founder of Intuit and an original author of that company’s Quicken personal finance software. The company was founded in 2007 under its original name Netbooks by co-creator Ridgely Evers. Evers set out to design a product that was more user-friendly than Intuit’s Quickbooks, which he also co-created. In mid-2009 the company officially rebranded itself and its flagship product “WorkingPoint”. The purpose of the re-branding was to disassociate the company from the product category of small laptops also known as netbooks. == Social Media Presence == WorkingPoint maintains a daily blog geared toward small business owners and managers. Each week the blog is updated with 3 WorkingPoint product feature or “how-to” posts, 2 subscriber company profiles, and 2 small business coaching posts. The company also maintains a Twitter page and a Facebook page. == Product Description (Free Version) == WorkingPoint allows businesses to invoice up to five customers (repeatedly) and provides account access for up to two individual users free of charge. Online Invoicing WorkingPoint allows users to create customized quotes and invoices online. The invoices can be used to bill customers via email or hardcopy post. WorkingPoint compiles the info from these invoices so users can track customer payments, inventory costs, shipping charges, accounts receivable and sales taxes. Users can also manage customer overpayments, provide customer loyalty discounts, and view a customer invoice history. Bill & Expense Management Users can track their bills and expenses by entering info into the WorkingPoint interface. WorkingPoint compiles this info so users can track categorized expenses, accounts paid, accounts payable, and vendor purchase history. The interface also allows users to add to their inventory while entering billing info. Double-Entry Bookeeping WorkingPoint automatically records entries under the double-entry bookkeeping system (also known as debits and credits) when the user completes invoicing and expense forms. Users can view transactions in general ledger format and perform closing entries if necessary. This functionality is designed for users who do not have an accounting background. Business Contact Management WorkingPoint provides an interface for users to manage their customer and vendor contact info. The software automatically tracks the user’s relationship with contacts, so users can track a contact’s sales and purchase history. Contacts can be imported and exported via numerous email clients including Microsoft Outlook, Yahoo! Mail, Google Gmail, and Mac Address Book. Inventory Management The software automatically adjusts inventory quantities after every purchase and sale. Users can track their current inventory quantity, average cost of inventory on-hand, cost of goods sold (COGS) and top-selling products. Users can also make manual adjustments to inventory when necessary. Financial Reporting Users can view a balance sheet, income statement, or cash flow statement pertaining to their business. The software automatically manages accruals to produce the balance sheet and income statement. Users can choose a data range from which to draw any of these reports. Financial reports can be converted to pdf format or exported (with formulas intact) to OpenOffice or Microsoft Excel. Cash Management WorkingPoint enables users to monitor cash balances on their bank accounts. The software automatically tracks cash inflows and outflows when users manage their accounts payable and accounts receivable. Business Dashboard The Business Dashboard visually and graphically displays key real-time business data. Users can customize the Dashboard to display data of their choosing. Online Company Profile Users can create an online company profile in order to have a presence on the Internet and as a basis for participation in WorkingPoint’s small business community features. Public profiles are featured in the WorkingPoint Company Directory and can be viewed externally using the URL format: https://businessname.workingpoint.com. == Product Description (Premium Version) == The premium version of WorkingPoint costs $10 per month. It includes all of the functionalities of the free version, allowing unlimited invoicing and account access. It also offers the following functions: 1099 Tax Reporting, invoice payment collection via PayPal, Email Marketing via VerticalResponse, and the Premium Reports & Accounting Package. 1099 Tax Reporting Users can identify qualifying companies and individuals for IRS Form 1099 or IRS Form 1096 reporting. WorkingPoint automatically tracks payments made to these companies and individuals. Users can then generate 1099 reports for distribution. Premium Reports & Accounting Package This includes: a Daily Operating Report providing users with sales and cash flow information, customizable accounts categorization, and cash flow statements using the indirect method of reporting. Invoice Payment Collection via PayPal Users can collect payment on their invoices via PayPal. Email Marketing via VerticalResponse The WorkingPoint premium package includes 500 email credits with the email marketing firm VerticalResponse.
Supertoroid
In geometry and computer graphics, a supertoroid or supertorus is usually understood to be a family of doughnut-like surfaces (technically, a topological torus) whose shape is defined by mathematical formulas similar to those that define the superellipsoids. The plural of "supertorus" is either supertori or supertoruses. The family was described and named by Alan Barr in 1994. Barr's supertoroids have been fairly popular in computer graphics as a convenient model for many objects, such as smooth frames for rectangular things. One quarter of a supertoroid can provide a smooth and seamless 90-degree joint between two superquadric cylinders. However, they are not algebraic surfaces (except in special cases). == Formulas == Alan Barr's supertoroids are defined by parametric equations similar to the trigonometric equations of the torus, except that the sine and cosine terms are raised to arbitrary powers. Namely, the generic point P(u, v) of the surface is given by P ( u , v ) = ( X ( u , v ) Y ( u , v ) Z ( u , v ) ) = ( ( a + C u s ) C v t ( b + C u s ) S v t S u s ) {\displaystyle P(u,v)=\left({\begin{array}{c}X(u,v)\\Y(u,v)\\Z(u,v)\end{array}}\right)=\left({\begin{array}{c}(a+C_{u}^{s})C_{v}^{t}\\(b+C_{u}^{s})S_{v}^{t}\\S_{u}^{s}\end{array}}\right)} where C θ ε = sgn ( cos θ ) | cos θ | ε , S θ ε = sgn ( sin θ ) | sin θ | ε , {\displaystyle {\begin{aligned}C_{\theta }^{\varepsilon }&=\operatorname {sgn} (\cos \theta )\,\left|\,\cos \theta \,\right|^{\varepsilon },\\S_{\theta }^{\varepsilon }&=\operatorname {sgn} (\sin \theta )\ \left|\,\sin \theta \ \right|^{\varepsilon },\end{aligned}}} sgn is the sign function, and the parameters u, v range from 0 to 360 degrees (0 to 2π radians). In these formulas, the parameter s > 0 controls the "squareness" of the vertical sections, t > 0 controls the squareness of the horizontal sections, and a, b ≥ 1 are the major radii in the x and y directions. With s = t = 1 and a = b = R one obtains the ordinary torus with major radius R and minor radius 1, with the center at the origin and rotational symmetry about the z-axis. In general, the supertorus defined as above spans the intervals: − ( a + 1 ) ≤ x ≤ + ( a + 1 ) − ( b + 1 ) ≤ y ≤ + ( b + 1 ) − 1 ≤ z ≤ + 1 {\displaystyle {\begin{array}{rcccl}-(a+1)&\leq &x&\leq &+(a+1)\\[4pt]-(b+1)&\leq &y&\leq &+(b+1)\\[4pt]-1&\leq &z&\leq &+1\end{array}}} The whole shape is symmetric about the planes x = 0, y = 0, and z = 0. The hole runs in the z direction and spans the intervals − ( a − 1 ) ≤ x ≤ + ( a − 1 ) − ( b − 1 ) ≤ y ≤ + ( b − 1 ) − ∞ ≤ z ≤ + ∞ {\displaystyle {\begin{array}{rcccl}-(a-1)&\leq &x&\leq &+(a-1)\\[4pt]-(b-1)&\leq &y&\leq &+(b-1)\\[4pt]-\infty &\leq &z&\leq &+\infty \end{array}}} A curve of constant u on this surface is a horizontal Lamé curve with exponent 2 t , {\displaystyle {\tfrac {2}{t}},} scaled in x and y and displaced in z. A curve of constant v, projected on the plane x = 0 or y = 0, is a Lamé curve with exponent 2 s , {\displaystyle {\tfrac {2}{s}},} scaled and horizontally shifted. If v = 0, the curve is planar and spans the intervals: a − 1 ≤ x ≤ a + 1 − 1 ≤ z ≤ + 1 {\displaystyle {\begin{array}{rcccl}a-1&\leq &x&\leq &a+1\\[4pt]-1&\leq &z&\leq &+1\end{array}}} and similarly if v = 90°, 180°, 270°. The curve is also planar if a = b. In general, if a ≠ b and v is not a multiple of 90 degrees, the curve of constant v will not be planar; and, conversely, a vertical plane section of the supertorus will not be a Lamé curve. The basic supertoroid shape defined above is often modified by non-uniform scaling to yield supertoroids of specific width, length, and vertical thickness. == Plotting code == The following GNU Octave code generates plots of a supertorus: