Recherche avancée

Sur d’autres sites (3544)

• Privacy in Business : What Is It and Why Is It Important ?

  13 juillet 2022, par Erin — Privacy

  Privacy concerns loom large among consumers. Yet, businesses remain reluctant to change the old ways of doing things until they become an operational nuisance. 

  More and more businesses are slowly starting to feel the pressure to incorporate privacy best practices. But what exactly does privacy mean in business ? And why is it important for businesses to protect users’ privacy ? 

  In this blog, we’ll answer all of these questions and more. 

  What is Privacy in Business ?

  In the corporate world, privacy stands for the business decision to use collected consumer data in a safe, secure and compliant way. 

  Companies with a privacy-centred culture : 

  • Get explicit user consent to tracking, opt-ins and data sharing 
  • Collect strictly necessary data in compliance with regulations 
  • Ask for permissions to collect, process and store sensitive data 
  • Provide transparent explanations about data operationalisation and usage 
  • Have mechanisms for data collection opt-outs and data removal requests 
  • Implement security controls for storing collected data and limit access permissions to it 

  In other words : They treat consumers’ data with utmost integrity and security – and provide reassurances of ethical data usage. 

  What Are the Ethical Business Issues Related to Privacy ?

  Consumer data analytics has been around for decades. But digital technologies – ubiquitous connectivity, social media networks, data science and machine learning – increased the magnitude and sophistication of customer profiling.

  Big Tech companies like Google and Facebook, among others, capture millions of data points about users. These include general demographics data like “age” or “gender”, as well as more granular insights such as “income”, “past browsing history” or “recently visited geo-locations”. 

  When combined, such personally identifiable information (PII) can be used to approximate the user’s exact address, frequently purchased goods, political beliefs or past medical conditions. Then such information is shared with third parties such as advertisers. 

  That’s when ethical issues arise. 

  The Cambridge Analytica data scandal is a prime example of consumer data that was unethically exploited. 

  Over the years, Google also faced a series of regulatory issues surrounding consumer privacy breaches :

  • In 2021, a Google Chrome browser update put some 2.6 billion users at risk of “surveillance, manipulation and abuse” by providing third parties with data on device usage. 
  • The same year, Google was taken to court for failing to provide full disclosures on tracking performed in Google Chrome incognito mode. A $5 billion lawsuit is still pending.
  • As of 2022, Google Analytics 4 is considered GDPR non-compliant and was branded “illegal” by several European countries. 

  If you are curious, learn more about Google Analytics privacy issues. 

  The bigger issue ? Big Tech companies make the businesses that use their technologies (unknowingly) complicit in consumer data violations.

  In 2022, the Belgian data regulator found the official IAB Europe framework for user consent gathering in breach of GDPR. The framework was used by all major AdTech platforms to issue pop-ups for user consent to tracking. Now ad platforms must delete all data gathered through these. Biggest advertisers such as Procter & Gamble, Unilever, IBM and Mastercard among others, also received a notice about data removal and a regulatory warning on further repercussions if they fail to comply. 

  Big Tech firms have given brands unprecedented access to granular consumer data. Unrestricted access, however, also opened the door to data abuse and unethical use. 

  Examples of Unethical Data Usage by Businesses 

  • Data hoarding means excessively harvesting all available consumer data because a possibility to do so exists, often using murky consent mechanisms. Yet, 85% of collected Big Data is either dark or redundant, obsolete or trivial (ROT).
  • Invasive personalisation based on sensitive user information (or second-guesses), like a recent US marketing campaign, congratulating women on pregnancy (even if they weren’t expecting). Overall, 75% of consumers find most forms of personalisation somewhat creepy. 22% also said they’d leave for another brand due to creepy experiences.
  • Hyper-targeted advertising campaigns based on data consumers would prefer not to share. A recent investigation found that advertising platforms often assign sensitive labels to users (as part of their ad profiles), indicative of their religion, mental issues, history with abuse and so on. This allows advertisers to target such consumers with dubious ads. 

  Ultimately, excessive data collection, paired with poor data protection in business settings, results in major data breaches and costly damage control. Given that cyber attacks are on the rise, every business is vulnerable. 

  Why Should a Business Be Concerned About Protecting the Privacy of Its Customers ?

  Businesses must prioritise customer privacy because that’s what is expected of them. Globally, 89% of consumers say they care about their privacy. 

  As frequent stories about unethical data usage, excessive tracking and data breaches surface online, even more grow more concerned about protecting their data. Many publicly urge companies to take action. Others curtail their relationships with brands privately. 

  

  On average, 45% of consumers feel uncomfortable about sharing personal data. According to KPMG, 78% of American consumers have fears about the amount of data being collected. 40% of them also don’t trust companies to use their data ethically. Among Europeans, 41% are unwilling to share any personal data with businesses. 

  Because the demand for online privacy is rising, progressive companies now treat privacy as a competitive advantage. 

  For example, the encrypted messaging app Signal gained over 42 million active users in a year because it offers better data security and privacy protection. 

  ProtonMail, a privacy-centred email client, also amassed a 50 million user base in several years thanks to a “fundamentally stronger definition of privacy”.

  The growth of privacy-mindful businesses speaks volumes. And even more good things happen to privacy-mindful businesses : 

  • Higher consumer trust and loyalty 
  • Improved attractiveness to investors
  • Less complex compliance
  • Minimum cybersecurity exposure 
  • Better agility and innovation

  It’s time to start pursuing them ! Learn how to embed privacy and security into your operations.

• Approaches To Modifying Game Resource Files

  16 août 2016, par Multimedia Mike — Game Hacking

  I have been assisting The Translator in the translation of another mid-1990s adventure game. This one isn’t quite as multimedia-heavy as the last title, and the challenges are a bit different. I wanted to compose this post in order to describe my thought process and mental model in approaching this problem. Hopefully, this will help some others understand my approach since what I’m doing here often appears as magic to some of my correspondents.

  High Level Model
  At the highest level, it is valuable to understand the code and the data at play. The code is the game’s engine and the data refers to the collection of resources that comprise the game’s graphics, sound, text, and other assets.

  
  
  Simplistic high-level game engine model
  

  Ideally, we want to change the data in such a way that the original game engine adopts it as its own because it has the same format as the original data. It is very undesirable to have to modify the binary engine executable in any way.

  Modifying The Game Data Directly
  How to modify the data ? If we modify the text strings for the sake of language translation, one approach might be to search for strings within the game data files and change them directly. This model assumes that the text strings are stored in a plain, uncompressed format. Some games might store these strings in a text format which can be easily edited with any text editor. Other games will store them as binary data.
  

  In the latter situation, a game hacker can scan through data files with utilities like Unix ‘strings’ to find the resources with the desired strings. Then, use a hex editor to edit the strings directly. For example, change “Original String”…

  0098F800   00 00 00 00  00 00 00 4F  72 69 67 69  6E 61 6C 20  .......Original 
  0098F810   53 74 72 69  6E 67 00 00  00 00 00 00  00 00 00 00  String..........
  

  …to “Short String” and pad the difference in string lengths using spaces (0x20) :

  0098F800   00 00 00 00  00 00 00 53  68 6F 72 74  20 53 74 72  .......Short Str
  0098F810   69 6E 67 20  20 20 00 00  00 00 00 00  00 00 00 00  ing   ..........
  

  This has some obvious problems. First, translated strings need to be of equal our smaller length compared to the original. What if we want to encode “Much Longer String” ?

  0098F800   00 00 00 00  00 00 00 4D  75 63 68 20  4C 6F 6E 67  .......Much Long
  0098F810   65 72 20 53  74 72 00 00  00 00 00 00  00 00 00 00  er Str..........
  

  It won’t fit. The second problem pertains to character set limitations. If the font in use was only designed for ASCII, it’s going to be inadequate for expressing nearly any other language.

  So a better approach is needed.

  Understanding The Data Structures
  An alternative to the approach outlined above is to understand the game’s resources so they can be modified at a deeper level. Here’s a model to motivate this investigation :

  
  
  Model of the game resource archive format
  

  This is a very common layout for such formats : there is a file header, a sequence of resource blocks, and a trailing index which describes the locations and types of the foregoing blocks.

  What use is understanding the data structures ? In doing so, it becomes possible to write new utilities that disassemble the data into individual pieces, modify the necessary pieces, and then reassemble them into a form that the original game engine likes.

  It’s important to take a careful, experimental approach to this since mistakes can be ruthlessly difficult to debug (unless you relish the thought of debugging the control flow through an opaque DOS executable). Thus, the very first goal in all of this is to create a program that can disassemble and reassemble the resource, thus creating an identical resource file. This diagram illustrates this complex initial process :

  
  
  Rewriting the game resource file
  

  So, yeah, this is one of the most complicated “copy file” operations that I can possibly code. But it forms an important basis, since the next step is to carefully replace one piece at a time.

  
  
  Modifying a specific game resource
  

  This diagram shows a simplistic model of a resource block that contains a series of message strings. The header contains pointers to each of the strings within the block. Instead of copying this particular resource block directly to the new file, a proposed modification utility will intercept it and rewrite the entire thing, writing new strings of arbitrary length and creating an adjusted header which will correctly point to the start of each new string. Thus, translated strings can be longer than the original strings.

  Further Work
  Exploiting this same approach, we can intercept and modify other game resources including fonts, images, and anything else that might need to be translated. I will explore specific examples in a later blog post.

  Followup

  • Translating Return to Ringworld, in which I apply the ideas expressed in this post.

• compiling ffmpeg for Mac OSX High Sierra 10.13

  29 juillet 2021, par Martin

  Hello I made an electron app that uses ffmpeg to combine audio and renders video, it works fine on windows, linux, and modern mac osx computers, but a user has reported to me that on an older version of mac osx such as High Sierra 10.13, the way that I have setup ffmpeg does not work.

  


  I have a virtual machine with High Sierra v10.13 where I install RenderTune-mac.dmg from my RenderTune releases page, then I download 2 audio files and the image from this link. I open RenderTune, and try render a video. My command to combine the audio files into a single mp3 works fine, but when I try to combine that mp3 with the image file, the ffmpeg build I have packaged with my electron app fails with this error :

  


  Command was killed with SIGABRT (Aborted): /Applications/RenderTune.app/Contents/Resources/ffmpeg -loop 1 -framerate 2 -i /Users/martin/Downloads/R-3777978-1344032418-8379.jpeg.jpg -i /Users/martin/Downloads/output-871140.mp3 -y -acodec copy -b:a 320k -vcodec libx264 -b:v 8000k -maxrate 8000k -minrate 8000k -bufsize 3M -filter:v scale=w=1920:h=1954 -preset medium -tune stillimage -crf 18 -pix_fmt yuv420p -shortest /Users/martin/Downloads/concatVideo-871140.mp4
ffmpeg version git-2021-03-24-13335df Copyright (c) 2000-2021 the FFmpeg developers
  built with Apple LLVM version 10.0.1 (clang-1001.0.46.4)
  configuration: --pkgconfigdir=/Users/martinbarker/Documents/projects/rendertune-0.5.0/workspace/lib/pkgconfig --prefix=/Users/martinbarker/Documents/projects/rendertune-0.5.0/workspace --pkg-config-flags=--static --extra-cflags='-I/Users/martinbarker/Documents/projects/rendertune-0.5.0/workspace/include -mmacosx-version-min=10.10' --extra-ldflags='-L/Users/martinbarker/Documents/projects/rendertune-0.5.0/workspace/lib -mmacosx-version-min=10.10' --extra-libs='-lpthread -lm' --enable-static --disable-securetransport --disable-debug --disable-shared --disable-ffplay --disable-lzma --disable-doc --enable-version3 --enable-pthreads --enable-runtime-cpudetect --enable-avfilter --enable-filters --disable-libxcb --enable-gpl --enable-nonfree --disable-libass --enable-libfdk-aac --enable-libmp3lame --enable-libx264
  libavutil      56. 66.100 / 56. 66.100
  libavcodec     58.128.100 / 58.128.100
  libavformat    58. 69.100 / 58. 69.100
  libavdevice    58. 12.100 / 58. 12.100
  libavfilter     7.107.100 /  7.107.100
  libswscale      5.  8.100 /  5.  8.100
  libswresample   3.  8.100 /  3.  8.100
  libpostproc    55.  8.100 / 55.  8.100
Input #0, image2, from '/Users/martin/Downloads/R-3777978-1344032418-8379.jpeg.jpg':
  Duration: 00:00:00.50, start: 0.000000, bitrate: 1758 kb/s
  Stream #0:0: Video: mjpeg (Progressive), yuvj444p(pc, bt470bg/unknown/unknown), 590x600 [SAR 1:1 DAR 59:60], 2 fps, 2 tbr, 2 tbn, 2 tbc
Input #1, mp3, from '/Users/martin/Downloads/output-871140.mp3':
  Metadata:
    title           : My Little Grass Shack
    album           : Our Hawaii - A Collection Of Personal Favorites
    artist          : Society Of Seven
    track           : 11
    encoder         : Lavf58.69.100
  Duration: 00:06:25.59, start: 0.025057, bitrate: 320 kb/s
  Stream #1:0: Audio: mp3, 44100 Hz, stereo, fltp, 320 kb/s
    Metadata:
      encoder         : Lavc58.12
Stream mapping:
  Stream #0:0 -> #0:0 (mjpeg (native) -> h264 (libx264))
  Stream #1:0 -> #0:1 (copy)
Press [q] to stop, [?] for help
[swscaler @ 0x7fbad9167600] deprecated pixel format used, make sure you did set range correctly
[libx264 @ 0x7fbad9040400] using SAR=2681/2679
dyld: lazy symbol binding failed: Symbol not found: ____chkstk_darwin
  Referenced from: /Applications/RenderTune.app/Contents/Resources/ffmpeg
  Expected in: /usr/lib/libSystem.B.dylib

dyld: Symbol not found: ____chkstk_darwin
  Referenced from: /Applications/RenderTune.app/Contents/Resources/ffmpeg
  Expected in: /usr/lib/libSystem.B.dylib

    at makeError (/Applications/Render…eca/lib/error.js:59)
    at handlePromise (/Applications/Render…/execa/index.js:114)
    at async file:/Applicat…js/newindex.js:1323


  


  These files will render fine on windows/linux and recent mac versions. In order to package ffmpeg in my electron app on mac computers I had to build a custom sandboxed version with no dynamically linked libraries. I have a .sh file that automatically downloads ffmpeg and builds it with all the necessary flags for mac computers.
https://github.com/MartinBarker/RenderTune/blob/master/buildffmpeg.sh
Inside this .sh file is where I compile ffmpeg using these flags :

  


  ./configure \
    --pkgconfigdir="$WORKSPACE/lib/pkgconfig" \
    --prefix=${WORKSPACE} \
    --pkg-config-flags="--static" \
    --extra-cflags="-I$WORKSPACE/include -mmacosx-version-min=${MACOS_MIN}" \
    --extra-ldflags="-L$WORKSPACE/lib -mmacosx-version-min=${MACOS_MIN}" \
    --extra-libs="-lpthread -lm" \
        --enable-static \
        --disable-securetransport \
        --disable-debug \
        --disable-shared \
        --disable-ffplay \
        --disable-lzma \
        --disable-doc \
        --enable-version3 \
        --enable-pthreads \
        --enable-runtime-cpudetect \
        --enable-avfilter \
        --enable-filters \
        --disable-libxcb \
        --enable-gpl \
        --enable-nonfree \
        --disable-libass \
        --enable-libfdk-aac \
        --enable-libmp3lame \
        --enable-libx264 


  


  If I try to run this script in my High Sierra VM, it fails with this message :

  


  Unknown option "-extra-libs=-lpthread"

  


  if I remove that flag it fails with a different message :

  


  Unknown option "--enable-static"

  


  I need this flag in order to release my electron app on the mac apple store, can anyone help me compile a static version of ffmpeg that works on old versions like High Sierra 10.13 as well as works on modern mac os systems ?