DOCSLIB.ORG

Microsoft Edge

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Microsoft Edge 20-F/A 1 f20f2018a1_retoecosolutions.htm AMENDMENT TO FORM 20-F UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washington, D.C. 20549 FORM 20-F/A (Amendment No. 1) ☐ REGISTRATION STATEMENT PURSUANT TO SECTION 12(b) OR (g) OF THE SECURITIES EXCHANGE ACT OF 1934 OR ☒ ANNUAL REPORT PURSUANT TO SECTION 13 or 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the Fiscal Year Ended December 31, 2018 OR ☐ TRANSITIONAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 OR ☐ TRANSITIONAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 Date of event requiring this shell company report _________ For the transition period from _________ to __________ Commission file number 001-38307 RETO ECO-SOLUTIONS, INC. (Exact Name of registrant as specified in its charter) Not Applicable (Translation of Registrant’s name into English) British Virgin Islands (Jurisdiction of incorporation or organization) c/o Beijing REIT Technology Development Co., Ltd. 24th Floor, Tower B, 60 Anli Road, Chaoyang District, Beijing People’s Republic of China 100101 (Address of principal executive offices) Hengfang Li c/o Beijing REIT Technology Development Co., Ltd. 24th Floor, Tower B, 60 Anli Road, Chaoyang District, Beijing People’s Republic of China 100101 (+86) 10-64827328 Email: [email protected] (Name, Telephone, E-mail and/or Facsimile number and Address of Company Contact Person) Securities registered or to be registered pursuant to Section 12(b) of the Act: Title of each class Trading Symbol(s) Name of each exchange on which registered Common Shares, $0.001 par value per share RETO The Nasdaq Capital Market Securities registered or to be registered pursuant to Section 12(g) of the Act: None Securities for which there is a reporting obligation pursuant to Section 15(d): None Indicate the number of outstanding shares of each of the issuer’s classes of capital or common stock as of the close of the period covered by the annual report: 22,760,000 outstanding common shares Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes ☐ No ☒ If this report is an annual or transition report, indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934. Yes ☐ No ☒ Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ☒ No ☐ Indicate by check mark whether the registrant has submitted electronically and posted on its corporate Web site, if any, every Interactive Data File required to be submitted and posted pursuant to Rule 405 of Regulation S-T during the preceding 12 months (or for such shorter period that the registrant was required to submit and post such files). Yes ☒ No ☐ Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or an emerging growth company. See definition of “large accelerated filer,” accelerated filer,” and “emerging growth company” in Rule 12b-2 of the Exchange Act. (Check one): Large accelerated filer ☐ Accelerated filer ☐ Non-accelerated filer ☒ Emerging growth company ☒ If an emerging growth company that prepares its financial statements in accordance with U.S. GAAP, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards† provided pursuant to Section 13(a) of the Exchange Act. ☒ † The term “new or revised financial accounting standard” refers to any update issued by the Financial Accounting Standards Board to its Accounting Standards Codification after April 5, 2012. Indicate by check mark which basis of accounting the registrant has used to prepare the financial statements included in this filing: U.S. GAAP ☒ International Financial Reporting Standards as issued Other ☐ By the International Accounting Standards Board ☐ If “Other” has been checked in response to the previous question, indicate by check mark which financial statement item the registrant has elected to follow. Item 17 ☐ Item 18 ☐ If this is an annual report, indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes ☐ No ☒ (APPLICABLE ONLY TO ISSUERS INVOLVED IN BANKRUPTCY PROCEEDINGS DURING THE PAST FIVE YEARS) Indicate by check mark whether the registrant has filed all documents and reports required to be filed by Sections 12, 13, or 15(d) of the Securities Exchange Act of 1934 subsequent to the distribution of securities under a plan confirmed by a court. Yes ☐ No ☐ EXPLANATORY NOTE This Amendment No. 1 to Form 20-F (the “Form 20-F/A”) amends the annual report on Form 20-F of ReTo Eco-Solutions, Inc, (“ReTo”) for the fiscal year ended December 31, 2018, originally filed with the U.S. Securities and Exchange Commission (“SEC”) on May 14, 2019 (the “Form 20-F”). This Form 20-F/A is being filed to correct the inadvertent error of ReTo’s CEO, Mr. Li’s beneficial ownership in the share ownership table under Item 6.E, to correct the share ownership percentage in the risk factor captioned “Our employees, officers and/or directors will control a sizeable amount of our common shares, decreasing your influence on shareholder decisions,” and to correct the inadvertent omission of Exhibit 4.24 Shareholder Voting Proxy Agreement to the exhibit index under item 8(a). No other changes have been made to the Form 20-F. The Form 20-F, as amended by this Form 20-F/A, speaks as of the original filing date of the Form 20-F, is not intended to reflect events that may have occurred subsequent to the original filing date of the Form 20-F, and is not intended to update in any way the disclosures made in the Form 20-F. Table of Contents PART I 1 Item 1. Identity of Directors, Senior Management and Advisers 1 Item 2. Offer Statistics and Expected Timetable 1 Item 3. Key Information 1 Item 4. Information on the Company 29 Item 4A. Unresolved Staff Comments 53 Item 5. Operating and Financial Review and Prospects 53 Item 6. Directors, Senior Management and Employees 71 Item 7. Major Shareholders and Related Party Transactions 80 Item 8. Financial Information 83 Item 9. The Offer and Listing 83 Item 10. Additional Information 84 Item 11. Quantitative and Qualitative Disclosures About Market Risk 92 Item 12. Description of Securities Other Than Equity Securities 93 PART II 94 Item 13. Defaults, Dividends Arrearages and Delinquencies 94 Item 14. Material Modifications to the Rights of Security Holders and Use of Proceeds 94 Item 15. Controls and Procedures 94 Item 15T. Controls and Procedures 94 Item 16. [Reserved] 94 Item 16A. Audit Committee and Financial Expert 94 Item 16B. Code of Ethics 95 Item 16C. Audit-Related Fees 95 Item 16D. Exemptions form the Listing Standards for the Audit Committee 95 Item 16E. Purchase of Equity Securities by the Issuer and the Affiliated Purchasers 95 Item 16F. Change in Registrant’s Certifying Accountant 95 Item 16G. Corporate Governance 95 Item 16H. Mine Safety Disclosure 96 PART III 97 Item 17. Financial Statements 97 Item 18. Financial Statements 97 Item 19. Exhibits 97 i Defined Terms and Conventions Except where the context otherwise requires and for purposes of this annual report on Form 20-F/A only: ● The terms “we,” “us,” “Company” “our company,” and “our” refers to ReTo Eco-Solutions, Inc. and its subsidiaries; ● ReTo Eco-Solutions, Inc., a British Virgin Islands holding company (“ReTo Eco-Solutions”); ● REIT Holdings (China) Limited, a Hong Kong limited company (“REIT Holdings”), and a wholly owned subsidiary of ReTo Eco-Solutions; ● Beijing REIT Technology Development Co., Ltd., a China limited company (“Beijing REIT”) and a wholly owned subsidiary of REIT Holdings; ● Xinyi REIT Ecological Technology Co., Ltd (“REIT Ecological”) and a wholly owned subsidiary of REIT Holdings; ● Gu’an REIT Machinery Manufacturing Co., Ltd., a China limited company (“Gu’an REIT”) and a wholly owned subsidiary of Beijing REIT; ● Beijing REIT Ecological Engineering and Technology Co., Ltd., a China limited company (“REIT Eco Engineering”) and a wholly owned subsidiary of Beijing REIT; ● Langfang Ruirong Mechanical and Electrical Equipment Co., Ltd., a China limited company (“Ruirong”) and a wholly owned subsidiary of Beijing REIT; ● Nanjing Dingxuan Environment Protection Technology Development Co., Ltd., a China limited company (“Dingxuan”) and a wholly owned subsidiary of Beijing REIT; ● REIT Technology Development (America), Inc., a California corporation (“REIT US”) and a wholly owned subsidiary of Beijing REIT; ● REIT MingSheng Environment Protection Construction Materials (Changjiang) Co., Ltd., a China limited company (“REIT Changjiang”) and 84.32% owned by Beijing REIT and 15.68% owned by REIT Holdings; ● Hainan REIT Construction Project Co., Ltd., a China limited company (“REIT Construction”) and a wholly owned subsidiary of REIT Changjiang; ● Horgos Ta-REIT Environment Technology Co., Ltd., a China limited company (“Horgos Ta-REIT”) and a wholly owned subsidiary of REIT Eco Engineering; ● REIT Xinyi New Material Co., Ltd, a China limited company (“REIT Xinyi”) and a 70% owned subsidiary of Beijing REIT; ● REIT Q GREEN Machines Private Limited, an India limited company (“REIT India”) and a 51% owned subsidiary of Beijing REIT. ● REIT Ecological Technology Co., Ltd. (“REIT Yancheng”) and a wholly owned subsidiary of REIT Holdings.
Load more

Recommended publications
  • On the Incoherencies in Web Browser Access Control Policies
    On the Incoherencies in Web Browser Access Control Policies Kapil Singh∗, Alexander Moshchuk†, Helen J. Wang† and Wenke Lee∗ ∗Georgia Institute of Technology, Atlanta, GA Email: {ksingh, wenke}@cc.gatech.edu †Microsoft Research, Redmond, WA Email: {alexmos, helenw}@microsoft.com Abstract—Web browsers’ access control policies have evolved Inconsistent principal labeling. Today’s browsers do piecemeal in an ad-hoc fashion with the introduction of new not have the same principal definition for all browser re- browser features. This has resulted in numerous incoherencies. sources (which include the Document Object Model (DOM), In this paper, we analyze three major access control flaws in today’s browsers: (1) principal labeling is different for different network, cookies, other persistent state, and display). For resources, raising problems when resources interplay, (2) run- example, for the DOM (memory) resource, a principal is time changes to principal identities are handled inconsistently, labeled by the origin defined in the same origin policy and (3) browsers mismanage resources belonging to the user (SOP) in the form of <protocol, domain, port> [4]; but principal. We show that such mishandling of principals leads for the cookie resource, a principal is labeled by <domain, to many access control incoherencies, presenting hurdles for > web developers to construct secure web applications. path . Different principal definitions for two resources are A unique contribution of this paper is to identify the com- benign as long as the two resources do not interplay with patibility cost of removing these unsafe browser features. To do each other. However, when they do, incoherencies arise. For this, we have built WebAnalyzer, a crawler-based framework example, when cookies became accessible through DOM’s for measuring real-world usage of browser features, and used “document” object, DOM’s access control policy, namely the it to study the top 100,000 popular web sites ranked by Alexa.
    [Show full text]
  • Using Replicated Execution for a More Secure and Reliable Web Browser
    Using Replicated Execution for a More Secure and Reliable Web Browser Hui Xue Nathan Dautenhahn Samuel T. King University of Illinois at Urbana Champaign huixue2, dautenh1, kingst @uiuc.edu { } Abstract Unfortunately, hackers actively exploit these vulnerabil- ities as indicated in reports from the University of Wash- Modern web browsers are complex. They provide a ington [46], Microsoft [61], and Google [49, 48]. high-performance and rich computational environment Both industry and academia have improved the se- for web-based applications, but they are prone to nu- curity and reliability of web browsers. Current com- merous types of security vulnerabilities that attackers modity browsers make large strides towards improving actively exploit. However, because major browser plat- the security and reliability of plugins by using sandbox- forms differ in their implementations they rarely exhibit ing techniques to isolate plugins from the rest of the the same vulnerabilities. browser [62, 33]. However, these browsers still scatter In this paper we present Cocktail, a system that uses security logic throughout millions of lines of code, leav- three different off-the-shelf web browsers in parallel to ing these systems susceptible to browser-based attacks. provide replicated execution for withstanding browser- Current research efforts, like Tahoma [32], the OP web based attacks and improving browser reliability. Cock- browser [36], the Gazelle web browser [59], and the Illi- tail mirrors inputs to each replica and votes on browser nois Browser Operating System [58] all propose build- states and outputs to detect potential attacks, while con- ing new web browsers to improve security. Although tinuing to run.
    [Show full text]
  • HTTP Cookie - Wikipedia, the Free Encyclopedia 14/05/2014
    HTTP cookie - Wikipedia, the free encyclopedia 14/05/2014 Create account Log in Article Talk Read Edit View history Search HTTP cookie From Wikipedia, the free encyclopedia Navigation A cookie, also known as an HTTP cookie, web cookie, or browser HTTP Main page cookie, is a small piece of data sent from a website and stored in a Persistence · Compression · HTTPS · Contents user's web browser while the user is browsing that website. Every time Request methods Featured content the user loads the website, the browser sends the cookie back to the OPTIONS · GET · HEAD · POST · PUT · Current events server to notify the website of the user's previous activity.[1] Cookies DELETE · TRACE · CONNECT · PATCH · Random article Donate to Wikipedia were designed to be a reliable mechanism for websites to remember Header fields Wikimedia Shop stateful information (such as items in a shopping cart) or to record the Cookie · ETag · Location · HTTP referer · DNT user's browsing activity (including clicking particular buttons, logging in, · X-Forwarded-For · Interaction or recording which pages were visited by the user as far back as months Status codes or years ago). 301 Moved Permanently · 302 Found · Help 303 See Other · 403 Forbidden · About Wikipedia Although cookies cannot carry viruses, and cannot install malware on 404 Not Found · [2] Community portal the host computer, tracking cookies and especially third-party v · t · e · Recent changes tracking cookies are commonly used as ways to compile long-term Contact page records of individuals' browsing histories—a potential privacy concern that prompted European[3] and U.S.
    [Show full text]
  • Lime Rock Gazette
    L 1M E R 0 C K GAZETTE. DEVOTED TO COMMERCE, AGRICULTURE, ART, SCIENCE, MORALITY AND GENERAL INTELLIGENCE. PUBLISHED WEEKLY, BY RICHARDSON & PORTER. Tpiihs, $1,50 in Advance, $1.75 in six monllis $2.00 afleiv-Adverliseinenls inserted al Hie ciisloniarv prices VOL J- LAST—TIIOIIASTOV, TlllltSO AV 1IOILVIA«L O< TOK I it 15. 1840 AO. »». i.j_ - xi u f c i . b.w rjw vjwcyxayztt i TIlC Relllllied Pastor. *,o,n v*cw> nn,l 0,1 *Gc morning of the 'themselves together for family worship.— from nine o’clock in the morning to three 'Aint I a man now. Miss Tabitha, I ’d only, however, who knew the former level- twenty-second of the same month he look- Ho was told that twenty missionaries might I in the nOcrnoon; and from live to nine in like to know ,’ said Jotliam , rising with ness o f the spot. Ct will be recollected By many ol otn renders, that (,d ,|p0„ ,bc s|,((1.es of England—on the find employment there. the eveninu. There were twelve hundred spirit and putting his hat on his head, ‘ I f The Lieutenant, who had c ritic a lly the Kcv. Mr. Vomroy, Tastor ot the livst ( j following day ho landed. He wished to; Mr. l’omroy enumerated the places of | persons composing the convention, about I aint a man now. and a whole hog o f a watched the manoeuvring of the men, grognltonnl Church ol Bangor, lelt his people see ns much of the land of our fathers as interest ho visited in the Holy Land.— nine hundred of whom were clergymen, one too, I think it darned strange.’ congratulated the Orderly on the perfec- sonic sixteen months Since, for an European possible— a land that should lie dear to ! Sidon, Sarepta, Tyre.
    [Show full text]
  • The Multi-Principal OS Construction of the Gazelle Web Browser
    The Multi-Principal OS Construction of the Gazelle Web Browser Helen J. Wang, Chris Grier, Alex Moshchuk, Sam King, Piali Choudhury, Herman Venter Browser as an application platform • Single stop for many computing needs – banking, shopping, office tasks, social networks, entertainment • Static document browsing rich programs – obtained from mutually distrusting origins – same-origin policy: a browser is a multi-principal platform where web sites are principals • Browser = prime target of today’s attackers Your valuables are online! • Existing browser security mentality: – valuables on local machine – protect local machine from the web Browser OS • This work’s mentality: – valuables online – must also protect web site principals from one another Browser OS Browser design requires OS thinking • Cross-principal protection is an essential function of an operating system • Fundamental flaw with existing browser designs: – OS logic is intermingled with application-specific content processing – consequences: HTML • unreliable cross-principal protection JS engine parsing • many vulnerabilities DOM same-origin rendering protection Persistent network state access browser Gazelle • An OS exclusively manages: HTML JS engine – protection across principals parsing DOM – resource allocation same-origin – resource access control rendering protection Persistent network state access • Our approach for designing Gazelle: Browser kernel – take all OS functionality out of content processing logic – put it into a small, simple browser kernel Gazelle • Build
    [Show full text]
  • Gibraltar: Exposing Hardware Devices to Web Pages Using AJAX
    Gibraltar: Exposing Hardware Devices to Web Pages Using AJAX Kaisen Lin David Chu James Mickens Jian Qiu UC San Diego Li Zhuang Feng Zhao National University of Singapore Microsoft Research Abstract tion language (e.g, the Win32 API for Windows machines, Gibraltar is a new framework for exposing hardware devices or Java for Android). Both choices limit the portability of to web pages. Gibraltar’s fundamental insight is that Java- the resulting applications. Furthermore, moving to native Script’s AJAX facility can be used as a hardware access pro- code eliminates a key benefit of the web delivery model— tocol. Instead of relying on the browser to mediate device in- applications need not be installed, but merely navigated to. teractions, Gibraltar sandboxes the browser and uses a small device server to handle hardware requests. The server uses 1.1 A Partial Solution native code to interact with devices, and it exports a stan- To remedy these problems, the new HTML5 specifica- dard web server interface on the localhost. To access hard- tion [10] introduces several ways for JavaScript to access ware, web pages send device commands to the server using hardware. At a high-level, the interfaces expose devices as HTTP requests; the server returns hardware data via HTTP special objects embedded in the JavaScript runtime. For responses. example, the <input> tag [24] can reflect a web cam ob- Using a client-side JavaScript library, we build a simple ject into a page’s JavaScript namespace; the page reads or yet powerful device API atop this HTTP transfer protocol. writes hardware data by manipulating the properties of the The API is particularly useful to developers of mobile web object.
    [Show full text]
  • On the Disparity of Display Security in Mobile and Traditional Web Browsers
    On the Disparity of Display Security in Mobile and Traditional Web Browsers Chaitrali Amrutkar, Kapil Singh, Arunabh Verma and Patrick Traynor Converging Infrastructure Security (CISEC) Laboratory Georgia Institute of Technology Abstract elements. The difficulty in efficiently accessing large pages Mobile web browsers now provide nearly equivalent fea- on mobile devices makes an adversary capable of abusing tures when compared to their desktop counterparts. How- the rendering of display elements particularly acute from a ever, smaller screen size and optimized features for con- security perspective. strained hardware make the web experience on mobile In this paper, we characterize a number of differences in browsers significantly different. In this paper, we present the ways mobile and desktop browsers render webpages that the first comprehensive study of the display-related security potentially allow an adversary to deceive mobile users into issues in mobile browsers. We identify two new classes of performing unwanted and potentially dangerous operations. display-related security problems in mobile browsers and de- Specifically, we examine the handling of user interaction vise a range of real world attacks against them. Addition- with overlapped display elements, the ability of malicious ally, we identify an existing security policy for display on cross-origin elements to affect the placement of honest el- desktop browsers that is inappropriate on mobile browsers. ements and the ability of malicious cross-origin elements Our analysis is comprised of eight mobile and five desktop to alter the navigation of honest parent and descendant el- browsers. We compare security policies for display in the ements. We then perform the same tests against a number candidate browsers to infer that desktop browsers are signif- of desktop browsers and find that the majority of desktop icantly more compliant with the policies as compared to mo- browsers are not vulnerable to the same rendering issues.
    [Show full text]
  • The Multi-Principal OS Construction of the Gazelle Web Browser by Helen J. Wang, Et Al
    The Multi-Principal OS Construction of the Gazelle Web Browser by Helen J. Wang, et al. (USENIX Security Symposium, 2009) presented by Jedidiah R. McClurg Northwestern University April 16, 2012 presented by Jedidiah McClurg Gazelle Web Browser by Helen Wang, et al. Background The nature of the web is changing Originally, web pages featured static content Increasingly, web pages are dynamic applications Since the browser is the environment which loads/executes web pages, it needs to acommodate these changes This new browser structure should look familiar... presented by Jedidiah McClurg Gazelle Web Browser by Helen Wang, et al. Motivation An operating system! Multitasking Inter-process communication Window management A browser OS structure has several major advantages Site (process) memory isolation Error recovery Centralized policy enforcement (in the browser kernel) presented by Jedidiah McClurg Gazelle Web Browser by Helen Wang, et al. Motivation (Cont.) The Gazelle web browser [1] is based on this browser OS approach. The browser kernel is the sole entity in charge of... Fair sharing of system resources Cross-site resource protection (addressed in this paper) This main concern regarding resource protection is the SOP (same-origin policy) An origin or (principal) is defined as <protocol, domain-name, port> Different origins should be in different browser OS \processes" Note that news.google.com is a different origin than google.com presented by Jedidiah McClurg Gazelle Web Browser by Helen Wang, et al. Related Work Unfortunately, the popular browsers don't quite work this way Example: the Google Chrome browser Its origin policy is more lax, i.e. an origin is defined in terms of the top-level domain It has a per-site-instance process model, i.e.
    [Show full text]
  • Go Web App Example
    Go Web App Example Titaniferous and nonacademic Marcio smoodges his thetas attuned directs decreasingly. Fustiest Lennie seethe, his Pan-Americanism ballasts flitted gramophonically. Flavourless Elwyn dematerializing her reprobates so forbiddingly that Fonsie witness very sartorially. Ide support for web applications possible through gvm is go app and psych and unlock new subcommand go library in one configuration with embedded interface, take in a similar Basic Role-Based HTTP Authorization in fare with Casbin. Tools and web framework for everything there is big goals. Fully managed environment is go app, i is a serverless: verifying user when i personally use the example, decentralized file called marshalling which are both of. Simple Web Application with light Medium. Go apps into go library for example of examples. Go-bootstrap Generates a gait and allowance Go web project. In go apps have a value of. As of December 1st 2019 Buffalo with all related packages require Go Modules and. Authentication in Golang In building web and mobile. Go web examples or go is made against threats to run the example applying the data from the set the search. Why should be restarted for go app. Worth the go because you know that endpoint is welcome page then we created in addition to get started right of. To go apps and examples with fmt library to ensure a very different cloud network algorithms and go such as simple. This example will set users to map support the apps should be capable of examples covers both directories from the performance and application a form and array using firestore implementation.
    [Show full text]
  • GURPS Third Edition Jack Vance's Planet of Adventure by James L
    GURPS Third Edition Jack Vance's Planet of Adventure By James L. Cambias Introduction Far off in space floats a planet with ale-colored skies… Jack Vance took us there. Vance introduced delighted Earthlings to the people, creatures, and customs of Tschai. It's a world of danger, where humans are ruled and exploited by strange alien races. With Vance's hero Adam Reith as your tour guide, learn the awful secrets of the Chasch, foil the treacherous agents of the Wanek, escape the hunters of the Dirdir, venture into the underworld labyrinth of the Pnume, and meet vivid characters like Traz Onmale, Zap 210, and the appalling Aila Woudiver. GURPS Planet of Adventure lets you plan your own excursions on Tschai. Retrace Adam Reith's footsteps as intrepid scouts for Earth, or play natives of Tschai just trying to survive and make a few sequins. Tschai's depth and variety cry out for a long visit, with time to admire the scenery and get a feel for the place. A talented author like Vance can imply a tremendous amount in just a few sentences. The game designer has to turn those references into rules and complete explanations. He can invent some things, but not too much… the feel of the original novels must shine through. If any errors remain, they are entirely the designer's fault. Some of Tschai's mysteries have been left unsolved. What's the connection among the Pnume, the Phung, and the night-hounds? What are the goals of the Wanek? What will Earth do when it learns about Tschai? Those are for individual GMs to decide.
    [Show full text]
  • The Multi-Principal OS Construction of the Gazelle Web Browser
    The Multi-Principal OS Construction of the Gazelle Web Browser Helen J. Wang, Chris Grier, Alexander Moshchuk, Samuel T. King, Piali Choudhury, Herman Venter Microsoft Research, University of Illinois at Urbana-Champaign, University of Washington fhelenw, pialic, [email protected], fgrier, [email protected], [email protected] MSR Technical Report MSR-TR-2009-16 Abstract Web browsers originated as applications that people used to view static web sites sequentially. As web sites evolved into dynamic web applications composing content from various web sites, browsers have become multi-principal operating environments with resources shared among mutually distrusting web site principals. Nevertheless, no existing browsers, including new architectures like IE 8, Google Chrome, and OP, have a multi-principal operating system construction that gives a browser-based OS the exclusive control to manage the protection of all system resources among web site principals. In this paper, we introduce Gazelle, a secure web browser constructed as a multi-principal OS. Gazelle’s Browser Kernel is an operating system that exclusively manages resource protection and shar- ing across web site principals. This construction exposes intricate design issues that no previous work has identified, such as legacy protection of cross-origin script source, and cross-principal, cross-process display and events protection. We elaborate on these issues and provide comprehensive solutions. Our prototype implementation and evaluation experience indicates that it is realistic to turn an ex- isting browser into a multi-principal OS that yields significantly stronger security and robustness with acceptable performance. Our security policies pose some incompatibility, the cost of which requires further investigation.
    [Show full text]
  • 2017-Competitive-Edge.Pdf
    The Competitive Edge: A Policymaker’s Guide to Developing a National Strategy BY ROBERT D. ATKINSON | DECEMBER 2017 In a deeply integrated global economy with a growing number of Few nations, including industries tradeable across borders, more nations are competing for high- the United States, value-added, traded-sector industries. These nations know that losing the have developed sophisticated competitiveness race means fewer jobs and slower growth. Despite this, competitiveness few nations, including the United States, have developed sophisticated strategies. competitiveness strategies. Rather, most competitiveness strategies focus on broad measures such as improving the business environment or supporting better factor inputs for firms. While necessary, these steps do not constitute an effective competitiveness strategy. Policymakers must go much deeper. An effective competitiveness strategy starts with a detailed “SWOT” analysis—assessing strengths, weaknesses, opportunities, and threats—for key traded industries and the country’s overall innovation system. It then tailors policy responses according to the findings. Part I of this report provides an overview of competitiveness, including what it is, why nations need it, and how countries become more or less competitive. It then examines the past and current competitiveness performance of the United States and a selection of other developed and developing nations, highlighting how much less competitive the U.S. economy is today compared to two decades ago. It then discusses the history of competitiveness policies since World War II, how they have evolved, and how they differ between nations. INFORMATION TECHNOLOGY & INNOVATION FOUNDATION | DECEMBER 2017 PAGE 1 Part II provides a framework for thinking about competitiveness and national competitiveness policies, including whether nations actually compete and, if they do, on what basis.
    [Show full text]