The project is a collaboration of the Open Source Security Foundation (OpenSSF), the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Homeland Security’s Science and Technology Directorate (DHS S&T).

“Vulnerabilities in software are a key risk in cybersecurity, with known exploits being a primary path for bad actors to inflict a range of harms. By leveraging SBOMs as key elements of software security, we can mitigate the risk to the software supply chain and respond to new risks faster, and more efficiently,” said Allan Friedman, senior advisor and strategist at CISA.

Protobom allows companies to read data from software specifications (SBOMs), create their own SBOMs, and translate SBOMs into a variety of standard formats.

According to OpenSSF, there are many SBOM formats and schemas, which can be challenging for companies. The goal of the new project is to provide “a format-neutral data layer on top of standards that allows applications to work seamlessly with any kind of SBOM.”

“Protobom is a step towards greater efficiency and interoperability by translating across the widely used formats so that tools and organizations can focus on what’s important. It is a positive solution that helps shape a more transparent software-driven world”, Allan Friedman added.

OpenSSF also explained that by integrating Protobom into applications that link SBOM and vulnerability information, organizations will be able to more quickly access the necessary patches and mitigations to keep their software supply chains safe.

According to Omhar Arasaratnam, General Manager of OpenSSF Protobom will enable organizations to proactively manage the risk of their open source dependencies.

This follows President Joe Biden’s executive order on artificial intelligence last month.

“In last month’s Executive Order, the President called on DHS to promote the adoption of AI safety standards globally and help ensure the safe, secure, and responsible use and development of AI,” said Alejandro N. Mayorkas, Secretary of Homeland Security.

“CISA’s roadmap lays out the steps that the agency will take as part of our Department’s broader efforts to both leverage AI and mitigate its risks to our critical infrastructure and cyber defenses”, he added.

Initially, the organization will conscientiously employ AI to fortify cyber defense in adherence to relevant laws and policies, encompassing those governing federal procurement, privacy, civil rights, and civil liberties.

Subsequently, there will be an evaluation of AI systems to ensure they are inherently secure. This initiative aims to promote the adoption of safe AI practices across federal civilian government agencies, private sector entities, and state, local, tribal, and territorial (SLTT) governments. CISA will pioneer the development of best practices for secure AI deployment and formulate recommendations for red-teaming generative AI.

Thirdly, the organization will actively engage with companies to safeguard critical infrastructure against malicious AI applications. Collaboration will revolve around identifying and addressing threats, vulnerabilities, and effective mitigations.

Furthermore, it will establish collaborative channels with other agencies, international partners, and the public to devise policy approaches concerning the intersection of security and AI.

“Our Roadmap for AI, focused at the nexus of AI, cyber defense, and critical infrastructure, sets forth an agency-wide plan to promote the beneficial uses of AI to enhance cybersecurity capabilities; ensure AI systems are protected from cyber-based threats; and deter the malicious use of AI capabilities to threaten the critical infrastructure Americans rely on every day”, said Jen Easterly, director of CISA.

And lastly, a key focus will be on expanding the pool of qualified AI professionals within its workforce. This will be achieved through educational initiatives covering AI systems and techniques, coupled with strategic recruitment of individuals possessing the requisite expertise. The internal training program will not only encompass the technical dimensions of AI but will also address the legal, ethical, and policy considerations.

As per the White House’s official statement, this EO sets forth groundbreaking measures to enhance the safety and security of AI technology, safeguard the privacy of American citizens, foster fairness and civil rights, advocate for the interests of consumers and workers, encourage innovation and healthy competition, and bolster the United States’ global leadership in this pivotal field.

The Executive Order details a comprehensive framework that outlines the establishment of new standards and best practices intended to guarantee the safety and security of AI, which includes:

• Requiring developers of AI systems to share safety test results with the government
• Establishing standards, tools, and tests to ensure safety, security, and trustworthiness of AI systems
• Making new standards for biological synthesis screening to prevent AI from being used to create dangerous biological materials
• Creating guidance and best practices for detecting AI-generated content
• Setting up a security program to develop tools that find and fix vulnerabilities using AI
• Developing a National Security Memorandum to guide the direction of further actions on AI and security

Within the EO, President Biden has taken a proactive stance in safeguarding the privacy of American citizens, recognizing the heightened vulnerability of personal data extraction and exploitation in the age of AI. To address these concerns, he is urging Congress to enact data privacy legislation that addresses these pressing issues. Furthermore, he underscores the need for intensified research into privacy-preserving technologies.

To facilitate this research endeavor, President Biden has not only established but also allocated funding for a Research Coordination Network.

In alignment with this comprehensive approach, the EO outlines an intent to evaluate the data collection and utilization practices within government agencies. The goal is to strengthen privacy guidelines for these agencies, further enhancing data protection for citizens.

Moreover, the initiative places a strong emphasis on promoting equity and civil rights in the context of AI. The EO underscores the potential for irresponsible AI usage to exacerbate discrimination, bias, and other injustices within sectors such as justice, healthcare, and housing.

“America already leads in AI innovation—more AI startups raised first-time capital in the United States last year than in the next seven countries combined. The Executive Order ensures that we continue to lead the way in innovation and competition,” the Biden/Harris administration wrote in the EO.

This initiative will establish a multifaceted approach, including the development of a resource tool to grant AI researchers access to essential AI resources and data. This include technical support to small startups and entrepreneurs seeking to bring AI innovations to the commercial market. In addition, the initiative aims to streamline and modernize visa criteria, interviews, and reviews, with a specific focus on broadening opportunities for skilled immigrants engaged in the field of AI technology.

Several AI experts have weighed in on the new executive order.

“We firmly believe in the need to protect AI equivalent to the immense value it can deliver. In order to build and ship AI that is secure and trusted, organizations must rigorously test (“red team”) their AI and understand the total composition of elements used to create that AI, said Ian Swanson, CEO of Protect AI and former head of AI at Amazon.

Nadia Gonzalez, chief marketing officer at Scibids, a company that combines AI and advertising campaigns, believes that the Executive Order is encouraging. It signals that the White House is taking AI seriously and is “moving us away from the patchwork approach that has so far occurred at a state-by-state level,” she said. “AI has the potential to drastically improve how governments operate, protect privacy at large, and promote innovation, but care must be taken to ensure that the regulations go far enough.”

“This executive order from the Biden administration – while directed at federal organizations – follows similar plans by other countries and the EU and is an important step towards ensuring responsible AI use. It will force many organizations to reevaluate their own processes and how they ethically leverage the technology”, added Michael Berthold, CEO of data analysis company KNIME.

In a significant development, the administration is set to provide comprehensive guidance to government agencies on effectively collaborating with Artificial Intelligence (AI). This guidance will encompass facilitating the procurement of AI products and services, as well as expediting the recruitment of AI professionals within the government ranks.

SCPS Assam piques the reader’s curiosity, with its theories – does Elon Musk have appearance enhancements?

We are sure that there is not a single person in the world who has not heard the name Elon Musk at least once in his life. His forward-thinking concepts and lofty goals have made him the CEO of SpaceX, Tesla, Neural Ink, The Boring Company, and, since last October, he has headed one of the most popular social media platforms, Twitter, which recently changed its name and logo to “X.”

Known for his distinctive personality, today Musk is one of the richest people in the world, and his net worth is estimated in the billions of dollars.

Gifted with a keen mind and a flair for entrepreneurship, he has undergone a remarkable physical transformation, leading people in recent years to create numerous theories and speculations about whether Musk had plastic surgery to improve his appearance.

Elon Musk//before and after//source: SCPS ASSAM

Facelift, rhinoplasty, contour…
According to some assumptions, the billionaire entrepreneur has rhinoplasty, as his nose looks thinner and contoured than before.

Others have noticed a change in the contour of his face, raising suspicions of a facelift procedure.

However, it is difficult to say, let alone prove for sure, whether Musk has had plastic surgeries, as so far no plastic surgeon has confirmed these rumors, nor has he himself.

What is clearly visible can hardly be denied
It is an undeniable fact, however , that there are several obvious changes in the appearance of Elon Musk between the photos from the beginning of his career and now. Today his face looks more pronounced, fresher and slightly artificial, which tilts the scales towards the plastic changes of the entrepreneur. But whether it’s really so – we can’t claim 100 percent.

Does Musk have rhinoplasty?
Many people think Musk may have had a nose job. In recent years, this intervention has been extremely popular and has become like a trend from the beauty world. Without confirmation from Musk, it’s hard to say for sure if he had rhinoplasty, but it is a fact that his nose looks much different today than it did before.

Elon Musk’s facelift procedure?
A facelift is a cosmetic treatment that can help improve the appearance and visibly make the skin much fresher and smoother. It is one of the favorite treatments of women, and apparently of Musk as well. In addition, improving the overall contour of the face can help minimize the appearance of wrinkles and fine lines. This is exactly what Ilon’s face looks like today. But whether he underwent this beauty procedure still remains a secret to us mere mortals.

Is there more?
In addition to the facelift and rhinoplasty, Elon Musk’s surgical enhancements include eyelid surgery, a brow lift and chin lengthening, the existence of which has also been speculated.

Elon Musk: before and after
Susceptible to the perception of beauty today – this is how some define him, while others fully accept his desire to look better, even if it means seeking the help of a plastic surgeon.

Do you think Musk really got plastic surgery? You can share your guesses at [email protected]

Daniel Rosenwasser, TypeScript program manager, says in a Microsoft blog post that these experimental decorators were extremely useful, but they modeled an older version and always required a compiler selection flag called –experimentalDecorators. He also stated that developers who used “–experimentalDecorators” were already aware that in the past, any attempt to use decorators in TypeScript without enabling this flag resulted in an error message.

The new decorator offering in TypeScript 5.0 allows developers to write cleaner, more maintainable code with the added benefit of being able to customize classes and their members in a reusable way. Although the new decorator proposal is incompatible with –emitDecoratorMetadata and does not support parameter decoration, Microsoft expects that future ECMAScript proposals may be able to address these limitations.

TypeScript 5.0 also includes several enhancements, such as more precise type checking for parameter decorators in constructors, const annotations, and the ability for the extended field to accept multiple entries. Also included are a new option to resolve modules in TS, performance improvements, and exhaustive switch/case completions.

Xiaomi appointed TRUSTe LLC to conduct an independent audit of its data protection and security management. The review comprehensively evaluated whether the processing of personal information conducted by Xiaomi is performed in compliance with the General Data Protection Regulation (GDPR) of the European Union (EU). Cui Baoqiu, Xiaomi Vice President and Chairman of Xiaomi Security and Privacy Committee said:

“We regularly engage with TRUSTe, as well as other credible institutions globally to warrant that Xiaomi’s user privacy protection, including GDPR compliance, keeps improving and perfecting its practices to offer our users reliable and trustworthy products and services. I’m very pleased to see that Xiaomi has completed TRUSTe’s annual audit of GDPR privacy compliance, which demonstrates our commitment to privacy protection.”

Xiaomi continues to submit to outside scrutiny when it comes to data protection and user privacy, adopting the GDPR of the EU compliance assessment in 2018.

The Validation Requirements focus on program-level measures in eight areas: Integrated Governance, Risk Management, Resource Allocation, Policies and Standards, Processes, Awareness and Training, Monitoring and Assurance, and Reporting and Certification.

The programming language offers a unique and powerful feature to develop blockchain applications in the form of special packages, told Data Science Central.

The simplicity and speed which Python has, makes it a popular language for developing blockchain. You can create your simple cryptocurrency to use on any other network that accepts it, in just 50 lines or less.

Developers have everything they need to develop an efficient blockchain. This is possible thanks to the many libraries available at their fingertips.

A fact that we should not forget is that Python boasts an easy-to-learn syntax with quick turnaround times, making this toolkit perfect without sacrificing quality standards.

It’s true that Python blockchain programming has many advantages. But many established blockchains are still running on platforms like C++ and Java.

However, Several major platforms, including Ethereum, are adopting Python. Satoshi Nakamoto used C++ for Bitcoin blockchain, but Python is opening up new ways to adopt the technology.

In conclusion and all of the presented facts, we could truly say that Python is a good idea when it comes to blockchain programming.

Under the agreement, DARPA and the LF will create a broad collaboration umbrella US Government Open Programmable Secure (US GOV OPS) that allows United States Government projects, their ecosystem, and open community to participate in accelerating innovation and security in the areas of 5G, Edge, AI, Standards, Programmability, and IOT among other technologies. The project formation encourages ecosystem players to support US Government initiatives to create the latest in technology software.

The project will launch as a standard open source project with neutral governance and a charter similar to other projects within the Linux Foundation. Additionally, the agreement enables collaboration with upstream and downstream communities such as LF Networking, LF Edge, and Zephyr, among others, to build on a secure code base for use by the US Government.

“DARPA’s use of open source software in the Open Programmable Secure 5G (OPS-5G) program leverages transparency, portability and open access inherent in this distribution model,” said Dr. Jonathan Smith, DARPA Information Innovation Office Program Manager. “Transparency enables advanced software tools and systems to be applied to the code base, while portability and open access will result in decoupling hardware and software ecosystems, enabling innovations by more entities across more technology areas.”

 

“We are eager to ally with DARPA and its intent to accelerate secure, open source innovation and US competitiveness across breakthrough technologies,” said Arpit Joshipura, general manager, Networking, Edge, & IOT, the Linux Foundation. “This partnership enables transformational change across open software and systems, leveraging the best shared resources across the ecosystem.”

The new US GOV OPS umbrella will include the Open Programmable Secure- 5G (OPS-5G) program as its first project, currently in formation with the help of DARPA, the US Navy and additional performers. The goal of OPS-5G is to create open source software and systems enabling secure end to end 5G and follow-on mobile networks. OPS-5G will create capabilities to address feature velocity in open source software, mitigating large scale Botnet of Things (BoT), network slicing on suspect gear, and adaptive adversaries operating at scale.

DARPA’s Dr. Jonathan Smith will be presenting at the upcoming Open Networking and Edge Executive Forum (ONEEF) a virtual event taking place March 10-12. This special Executive Edition of Open Networking & Edge Summit, the industry’s premier open networking & edge computing event, will feature executive leadership across the networking and edge ecosystems sharing their visions with a global audience in the Telco, Cloud and Enterprise verticals.

The current vaccination record system does not readily support convenient access, control and sharing of verifiable vaccination records.

VCI coalition members are working to enable digital access to vaccination records using the open, interoperable SMART Health Cards specification, based on W3C Verifiable Credential and HL7 FHIR standards.

VCI’s vision is to empower individuals to obtain an encrypted digital copy of their immunization credentials to store in a digital wallet of their choice. Those without smartphones could receive paper printed with QR codes containing W3C verifiable credentials.

“The goal of the Vaccination Credential Initiative is to empower individuals with digital access to their vaccination records so they can use tools like CommonPass to safely return to travel, work, school, and life, while protecting their data privacy,” said Paul Meyer, CEO of The Commons Project Foundation.

He said that Open standards and interoperability were at the heart of VCI’s efforts and they were looking forward to supporting the World Health Organization and other global stakeholders in implementing and scaling open global standards for health data interoperability.

“As we explore the many use cases for the vaccination credential, we are working to ensure that underserved populations have access to this verification,” said Dr. Brian Anderson, chief digital health physician at MITRE. “Just as COVID-19 does not discriminate based on socio-economic status, we must ensure that convenient access to records crosses the digital divide. MITRE is an independent advisor and trusted source for managing third-party data and proud to be joining with The Commons Project and other coalition members to deliver an open-source credential.”

 

“A secure, convenient solution to verify COVID-19 vaccination will play an important role in accelerating a healthy and safe return to work, school and life in general,” said Joan Harvey, president of care solutions at Evernorth, Cigna’s health services business. “Evernorth is helping to lead this important work because the digital vaccine certification made possible by this collaboration will put people in charge of their own health data through innovative technology. It furthers our mission to tackle healthcare’s biggest challenges.”

 

“As the world begins to recover from the pandemic, having electronic access to vaccination, testing, and other medical records will be vital to resuming travel and more,” said Mike Sicilia, executive vice president of Oracle’s Global Business Units. “This process needs to be as easy as online banking. We are committed to working collectively with the technology and medical communities, as well as global governments, to ensure people will have secure access to this information where and when they need it.”

 

“Salesforce is proud to join the Vaccination Credential Initiative to help organizations easily and safely customize all aspects of the vaccination management lifecycle and integrate closely with other coalition members’ offerings, which will help us all get back to public life,” said Bill Patterson, executive vice president and general manager, CRM Applications at Salesforce. “With a single platform to help deliver safe and continuous operations and deepen trust with customers and employees, this coalition will be crucial to support public health and wellbeing.”

 

“The standards being developed by the Vaccination Credential Initiative, combined with availability of inexpensive smartphone-enabled rapid tests the FDA is now beginning to authorize for home use, will enable application developers to create privacy-preserving health status verification solutions that can be seamlessly integrated into existing ticketing workflows,” said Ken Mayer, founder and CEO of Safe Health. “SAFE is currently working with Hedera to develop a blockchain-enabled crowd safety solution using the VCI standards designed to help get concerts and sporting events going again.”

 

“Cerner is already providing tools to clinics, hospitals and other venues that provide health care to support the rapid COVID-19 vaccination process and ensure a safe, streamlined experience. This initiative will grow the standards around data exchange and help patients have access to and easily share verified vaccination information via their mobile device in situations where proof-of-vaccine is necessary,” said David Bradshaw, senior vice president of Consumer and Employer Solutions, Cerner. “Cerner is committed to continuing to be an industry advocate for standards-based access to health information.”

 

“We are kicking off the most significant vaccination effort in the history of the United States. Now more than ever, individuals need access to their own vaccination and health information in a portable format to begin to move about the country safely and comfortably,” said Ryan Howells, principal, Leavitt Partners and program manager of the CARIN Alliance. “The CARIN Alliance is supportive of MITRE’s effort to provide individuals with access to their vaccination information in a secure and trusted way and looks forward to advising the VCI initiative on ways to leverage the CARIN code of conduct and other best practices to facilitate consumer-directed exchange that we have developed consensus on over the last few years.”

The Vaccination Credential Initiative has created an informational website at vaccinationcredential.org for more information.