The document summarizes the privacy implementations of geolocation in various web browsers. It finds that iOS 4 has the least accessibility and control for users over privacy settings, with location prompts that are difficult to dismiss and privacy policies buried deep within settings. Firefox and Opera provide more control but have advanced options hidden away. Chrome provides the best accessibility and control overall with one-click access to settings and an indicator, though it also lacks options to change location providers. The document questions whether further standardization of privacy user interfaces across browsers may be needed.
The W3C's XML Binding Language 2.0 (XBL) is a declarative language that can be used together with existing or new web documents to enhance their presentation, behavior, accessibility, and maintainability.
Social Zombies Gone Wild: Totally Exposed and UncensoredTom Eston
Social networks have jumped onto the geolocation bandwagon with location-based tweets, status updates, check-ins, mayorships, and more. This doesn’t take into account EXIF, QR codes, and advancements in HTML 5 geo implementations, which are being built into these location-based services. This is often implemented and enabled without the user even knowing it. In fact, geolocation is one of the hottest technologies being used in everything from web browsers to mobile devices. As social networks throw our location coordinates around like candy, its only natural that bad things will happen and abuse will become more popular. This presentation will cover how social networks and other websites are currently using location-based services, what they plan on doing with it, and a discussion on the current privacy and security issues. We will also discuss the latest geolocation hacking techniques and will release custom code that can abuse all of the features being discussed.
Tom Eston is a Senior Security Consultant for SecureState. Tom focuses his research on the security of social media. Tom is also the founder of SocialMediaSecurity.com and co-host of the Security Justice and Social Media Security podcasts. Kevin Johnson is a security researcher with Secure Ideas. He has many years of experience performing security services for Fortune 100 companies, and leads a large number of open source security projects including BASE and SamuraiWTF. Kevin is also an instructor for SANS.
Presented at Notacon 8 in Cleveland Ohio.
The W3C's XML Binding Language 2.0 (XBL) is a declarative language that can be used together with existing or new web documents to enhance their presentation, behavior, accessibility, and maintainability.
Social Zombies Gone Wild: Totally Exposed and UncensoredTom Eston
Social networks have jumped onto the geolocation bandwagon with location-based tweets, status updates, check-ins, mayorships, and more. This doesn’t take into account EXIF, QR codes, and advancements in HTML 5 geo implementations, which are being built into these location-based services. This is often implemented and enabled without the user even knowing it. In fact, geolocation is one of the hottest technologies being used in everything from web browsers to mobile devices. As social networks throw our location coordinates around like candy, its only natural that bad things will happen and abuse will become more popular. This presentation will cover how social networks and other websites are currently using location-based services, what they plan on doing with it, and a discussion on the current privacy and security issues. We will also discuss the latest geolocation hacking techniques and will release custom code that can abuse all of the features being discussed.
Tom Eston is a Senior Security Consultant for SecureState. Tom focuses his research on the security of social media. Tom is also the founder of SocialMediaSecurity.com and co-host of the Security Justice and Social Media Security podcasts. Kevin Johnson is a security researcher with Secure Ideas. He has many years of experience performing security services for Fortune 100 companies, and leads a large number of open source security projects including BASE and SamuraiWTF. Kevin is also an instructor for SANS.
Presented at Notacon 8 in Cleveland Ohio.
Giving Firefox Users Control of Their DataDoNotLick
A talk given for the Mozilla Summit 2010 in Whistler, Canada about how Firefox can improve privacy be giving users better control over their personal data online.
Jared Smith - Introduction to Web AccessibilityPlain Talk 2015
Copyright 2011 by WebAIM, used with permission. "Introduction to Web Accessibility" was presented at the Center for Health Literacy Conference 2011: Plain Talk in Complex Times by Jared Smith, Associate Director, WebAIM.
Description: This training session will teach the principals of Web accessibility and demonstrate how users with disabilities interact with Web technologies. Participants will also learn about the legal guidelines and international standards for website accessibility compliance.
Building and Deploying a Global Intranet with Liferayrivetlogic
Enterprise 2.0 is no longer a hype but a necessity in a new era where more enterprises are starting to have a global presence. As users' expectations of intranets grow it has become crucial for global enterprises to rise to the challenge and stay competitive by providing their employees with an effective means of collaboration, communication and socialization to not just increase productivity, but also strengthen employee loyalty.
This presentation will discuss how Liferay Portal facilitates the architecture of global intranets that meet these challenges, along with practical examples of how it can be used to achieve the results expected from an Enterprise 2.0 intranet.
Rise of Mobile and Web Runtimes - for Standards-NextDaniel Appelquist
Presentation slides for Standards.next event (http://standards-next.org) on June 12, 2010. These slides cover a number of topics related to Web standards on mobile, including widgets, device APIs, HTML5, and geolocation.
Introduction to Accessibility Testing - CSUN14Patrick Dunphy
Intended for people new to accessibility testing, this session details freely available testing tools and how they relate to identifying different user issues.
Presentation slides from Charleston Library Conference, November 10, 2017 on the Resource Access in the 21st Century Initiative #RA21 presented by Todd Carpenter, Robert Kelshian, Don Hemparian and Ann Gabrail.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Giving Firefox Users Control of Their DataDoNotLick
A talk given for the Mozilla Summit 2010 in Whistler, Canada about how Firefox can improve privacy be giving users better control over their personal data online.
Jared Smith - Introduction to Web AccessibilityPlain Talk 2015
Copyright 2011 by WebAIM, used with permission. "Introduction to Web Accessibility" was presented at the Center for Health Literacy Conference 2011: Plain Talk in Complex Times by Jared Smith, Associate Director, WebAIM.
Description: This training session will teach the principals of Web accessibility and demonstrate how users with disabilities interact with Web technologies. Participants will also learn about the legal guidelines and international standards for website accessibility compliance.
Building and Deploying a Global Intranet with Liferayrivetlogic
Enterprise 2.0 is no longer a hype but a necessity in a new era where more enterprises are starting to have a global presence. As users' expectations of intranets grow it has become crucial for global enterprises to rise to the challenge and stay competitive by providing their employees with an effective means of collaboration, communication and socialization to not just increase productivity, but also strengthen employee loyalty.
This presentation will discuss how Liferay Portal facilitates the architecture of global intranets that meet these challenges, along with practical examples of how it can be used to achieve the results expected from an Enterprise 2.0 intranet.
Rise of Mobile and Web Runtimes - for Standards-NextDaniel Appelquist
Presentation slides for Standards.next event (http://standards-next.org) on June 12, 2010. These slides cover a number of topics related to Web standards on mobile, including widgets, device APIs, HTML5, and geolocation.
Introduction to Accessibility Testing - CSUN14Patrick Dunphy
Intended for people new to accessibility testing, this session details freely available testing tools and how they relate to identifying different user issues.
Presentation slides from Charleston Library Conference, November 10, 2017 on the Resource Access in the 21st Century Initiative #RA21 presented by Todd Carpenter, Robert Kelshian, Don Hemparian and Ann Gabrail.
Similar to Privacy of Geolocation Implementations (20)
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Privacy of Geolocation Implementations
1. Privacy of Geolocation
Implementations
Marcos Cáceres, Opera Software ASA
W3C Workshop on Privacy of Advance Web APIs
12 July, 2010. London, United Kingdom.
3. Critical Framework
• Accessibility: Can the end-user access
options and information pertaining to
privacy?
• Control: Does the system afford control
over privacy settings? How much?
• Confidentiality: Does the system afford
anonymity or alternative means of
protecting their privacy?
4. iOS 4
• All apps must get the
user’s express permission
(DAP take note!)
5. iOS 4
• No indication as to how
location is being derived
• Modal prompts: user
cannot explore page.
• Risk “click fatigue”
• No link to privacy policy
6. iOS 4
• Privacy Policy 3 Levels
deep
• ~50 pages (!)
• No links, search, send
• iHardToReadLegalGrey™
9. iOS 4
• Accessibility: Not very. Modal dialog.
Hard to find privacy controls and policy.
Indicator is helpful!
• Control: kinda. Requires full reset. No
control over provider (ability to lie).
• Confidentiality: Kinda. Location
services can be disabled + Airplane mode.
12. Firefox
• Accessibility: Hard to find. Lacks way of
managing sites. No indicator.
• Control: Yes, but advanced options are
hidden. Hard to change.
• Confidentiality: Hard. Ability to disable
and change provider.
14. Opera - First time
• After accept, lacks
way to view privacy
policy.
15. Opera - Location
Provider
• Not very accessible: “opera:config”
• Provides decent control
• Lacks info about choices
16. Opera
• Accessibility: Yes. One click. But lacks
good way of managing sites.
• Control: Yes, but advanced options are
hidden.
• Confidentiality:Yes, ability to disable
and change provider.
19. Chrome
• Accessibility: Yes. One click. But lacks
good way of managing sites.
• Control: Yes. But no control over
provider.
• Confidentiality:Yes. But no ability to
change provider?
20. Do we need...
• Further standardization of UI?
• To leave it to the market?