DOCSLIB.ORG

{TEXTBOOK} Bug Hunter

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
{TEXTBOOK} Bug Hunter BUG HUNTER PDF, EPUB, EBOOK DK | 72 pages | 02 Mar 2006 | Dorling Kindersley Ltd | 9781405315128 | English | London, United Kingdom Urban Dictionary: bug hunter Monetary rewards aside, vulnerability reporters who work with us to resolve security bugs in our products will be credited on the Hall of Fame. If we file an internal security bug, we will acknowledge your contribution on that page. The following table outlines the usual rewards chosen for the most common classes of bugs. To read more about our approach to vulnerability rewards you can read our Bug Hunter University article here. The final amount is always chosen at the discretion of the reward panel. In particular, we may decide to pay higher rewards for unusually clever or severe vulnerabilities; decide to pay lower rewards for vulnerabilities that require unusual user interaction; decide that a single report actually constitutes multiple bugs; or that multiple reports are so closely related that they only warrant a single reward. We understand that some of you are not interested in money. We offer the option to donate your reward to an established charity. If you do so, we will double your donation - subject to our discretion. Any rewards that are unclaimed after 12 months will be donated to a charity of our choosing. When investigating a vulnerability, please, only ever target your own accounts. Never attempt to access anyone else's data and do not engage in any activity that would be disruptive or damaging to your fellow users or to Google. If you have found a vulnerability, please contact us at goo. Please be succinct : the contact form is attended by security engineers and a short proof-of-concept link is more valuable than a video explaining the consequences of an XSS bug. If necessary, you can use this PGP key. Note that we are only able to answer to technical vulnerability reports. Non-security bugs and queries about problems with your account should be instead directed to Google Help Centers. A: We expect that vulnerability reports sent to us have a valid attack scenario to qualify for a reward, and we consider it as a critical step when doing vulnerability research. Reward amounts are decided based on the maximum impact of the vulnerability, and the panel is willing to reconsider a reward amount, based on new information such as a chain of bugs, or a revised attack scenario. A: Please submit your report as soon as you have discovered a potential security issue. The panel will consider the maximum impact and will choose the reward accordingly. We routinely pay higher rewards for otherwise well-written and useful submissions where the reporter didn't notice or couldn't fully analyze the impact of a particular flaw. Q: I found an outdated software e. Apache or Wordpress. Does this qualify for a reward? A: Please perform due diligence: confirm that the discovered software had any noteworthy vulnerabilities, and explain why you suspect that these features may be exposed and may pose a risk in our specific use. Reports that do not include this information will typically not qualify. A: The reward panel consists of the members of the Google Security Team. In addition there is a rotating member from the rest of our team. Q: What happens if I disclose the bug publicly before you had a chance to fix it? A: Please read our stance on coordinated disclosure. In essence, our pledge to you is to respond promptly and fix bugs in a sensible timeframe - and in exchange, we ask for a reasonable advance notice. Reports that go against this principle will usually not qualify, but we will evaluate them on a case-by-case basis. Q: My report has not been resolved within the first week of submission. Why hasn't it been resolved yet? A: Reports that deal with potential abuse-related vulnerabilities may take longer to assess, because reviewing our current defense mechanisms requires investigating how a real life attack would take place and reviewing the impact and likelihood requires studying the type of motivations and incentives of abusers of the submitted attack scenario against one of our products. Q: I wish to report an issue through a vulnerability broker. Will my report still qualify for a reward? A: We believe that it is against the spirit of the program to privately disclose the flaw to third parties for purposes other than actually fixing the bug. Consequently, such reports will typically not qualify. A: First in, best dressed. You will qualify for a reward only if you were the first person to alert us to a previously unknown flaw. Can I report a problem privately? For SQL injection, for example, limit the number of rows returned. You must delete all your local, stored, or cached copies of data containing PII as soon as possible. We may ask you to sign a certificate of deletion and confidentiality agreement regarding the exact information you accessed. This agreement will not affect your bounty reward. Submissions must include written instructions for reproducing the vulnerability. Submissions without clear reproduction steps or which only include reproduction steps in video form may be ineligible for a reward. When reporting vulnerabilities you must keep all information on HackerOne. Do not post information to video-sharing or pastebin sites. Videos and images can be uploaded directly via HackerOne. For vulnerabilities involving personally identifiable information, please explain the kind of PII you believe is exposed and limit the amount of PII data included in your submissions. For textual information and screenshots, please only include redacted data in your submission. All reward amounts are determined by our severity guidelines. When duplicates occur, we only award the first report that was received provided that it can be fully reproduced. You are free to publish write-ups about your vulnerability and GitHub will not limit what you write. We may pay out your reward before the vulnerability is patched so we may ask that you delay publishing to keep other GitHub users safe. Medium, high, and critical severity issues will be written up on the GitHub Bug Bounty site and included in our leaderboard. You may prefer the reward go toward helping others. If you choose to do so, GitHub will donate your reward to an established c 3 charitable organization of your choice. GitHub will also match your donation - subject to our discretion. In addition to our scope , we want to share a high-level overview of GitHub's services:. GitHub runs a number of services but only submissions under the following domains are eligible for rewards. Any GitHub-owned domains not listed below are not in-scope, not eligible for rewards and not covered by our legal safe harbor. All bounty submissions are rated by GitHub using a purposefully simple scale. Each vulnerability is unique but the following is a rough guideline we use internally for rating and rewarding submissions:. Critical severity issues present a direct and immediate risk to a broad array of our users or to GitHub itself. For example:. High severity issues allow an attacker to read or modify highly sensitive data that they are not authorized to access. They are generally more narrow in scope than critical issues, though they may still grant an attacker extensive access. Medium severity issues allow an attacker to read or modify limited amounts of data that they are not authorized to access. They generally grant access to less sensitive information than high severity issues. Low severity issues allow an attacker to access extremely limited amounts of data. They may violate an expectation for how something is intended to work, but it allows nearly no escalation of privilege or ability to trigger unintended behavior by an attacker. Our security and development teams take many factors into account when determining a reward. These factors include the complexity of successfully exploiting the vulnerability, the potential exposure, as well as the percentage of impacted users and systems. Sometimes an otherwise critical vulnerability has a very low impact simply because it is mitigated by some other component, e. Additionally, at least two GitHub security engineers agree on the severity and amount before a payout is made. You can certainly attach a video if you believe it will clarify your submission. However, all submissions must also include step-by-step instructions to reproduce the bug. The security team will let you know if we think a video will clarify your report. Submissions which only include video reproduction steps will have a longer response time and we may close your submission as Not Applicable. You may get a response that appears to be from a bot. The bot does some work for us, but only when we tell it to. An application security engineer at GitHub triages each submission. In most cases, we use the bot to automate messaging and other tasks for us. Rest assured, a human did look at your submission. As a result, any vulnerabilities that are disclosed to third-party before being submitted to our program are ineligible for rewards. In addition to giving researchers money, we are trying to make this fun. We assign a point value to each vulnerability and list it on this site. The researchers with the most points are listed on our leaderboard. While we use many of the same metrics when determining point value as for dollar value, other non-tangible factors are considered as well. For example, if you provide an awesome writeup of a vulnerability with a functional POC that will be factored in. Please still send us your vulnerability! We will only publish your submission after your approval.
Load more

Recommended publications
  • Fast Download Browser for Pc Fulldive Browser: Fast Money Browser on PC / Windows and Mac
    fast download browser for pc Fulldive Browser: Fast Money Browser on PC / Windows and Mac. Do you want to Download Fulldive Browser: Fast Money Browser on PC (Windows & Mac) on PC (Windows & Mac). If it is the case you are on the right path. First you need to read this article in order to understand the requirments to Download Fulldive Browser: Fast Money Browser on PC (Windows & Mac). with the latest version of v4.78.3. It is developed by Browser by Fulldive Co. and is one of the best free Android App in Communication App category. Fulldive Browser: Fast Money Browser currently has a rating of 4.8 with 42,757 reviews and 500,000+ Total Installs on the play store; it requires a minimum of 5.0 and up Android version for it to function properly. It was last updated on January 4, 2021 . Fulldive Browser is a fast & secure mobile browser and empowers you to share goodness. With Fulldive Browser, you can earn money, cash rewards & gift cards just by browsing. It is a safe & private browser with adblocker. With customized feed and top news, you'll swipe through your favorite content quickly. Fulldive Browser is a cash rewards browser that earns you money & rewards in gift cards by doing what you love – listening to music, browsing, watching videos, video download, etc. Make money and get cash rewards! Fulldive web browser rewards you Coins, which you can spend on causes you support: feed children, plant trees, or save animals. Or you can spend on cash rewards & gift cards.
    [Show full text]
  • Garder Le Contrôle Sur Sa Navigation Web
    Garder le contrôle sur sa navigation web Christophe Villeneuve @hellosct1 @[email protected] 21 Septembre 2018 Qui ??? Christophe Villeneuve .21 Septembre 2018 La navigation… libre .21 Septembre 2018 Depuis l'origine... Question : Que vous faut-il pour aller sur internet ? Réponse : Un navigateur Mosaic Netscape Internet explorer ... .21 Septembre 2018 Aujourd'hui : ● Navigations : desktop VS mobile ● Pistage ● Cloisonnement .21 Septembre 2018 Ordinateur de bureau .21 Septembre 2018 Les (principaux) navigateurs de bureau .21 Septembre 2018 La famille… des plus connus .21 Septembre 2018 GAFAM ? ● Acronyme des géants du Web G → Google A → Apple F → Facebook A → Amazon M → Microsoft ● Développement par des sociétés .21 Septembre 2018 Exemple (R)Tristan Nitot .21 Septembre 2018 Firefox : ● Navigateur moderne ● Logiciel libre, gratuit et populaire ● Développement par la Mozilla Fondation ● Disponible pour tous les OS ● Respecte les standards W3C ● Des milliers d'extensions ● Accès au code source ● Forte communauté de développeurs / contributeur(s) .21 Septembre 2018 Caractéristiques Mozilla fondation ● Prise de décisions stratégiques pour leur navigateur Mozilla ● Mozilla Fondation n'a pas d'actionnaires ● Pas d'intérêts non Web (en-tête) ● Manifesto ● Etc. 2004 2005 2009 2013 2017 .21 Septembre 2018 Manifeste Mozilla (1/) ● Internet fait partie intégrante de la vie moderne → Composant clé dans l’enseignement, la communication, la collaboration,les affaires, le divertissement et la société en général. ● Internet est une ressource publique mondiale → Doit demeurer ouverte et accessible. ● Internet doit enrichir la vie de tout le monde ● La vie privée et la sécurité des personnes sur Internet → Fondamentales et ne doivent pas être facultatives https://www.mozilla.org/fr/about/manifesto/ .21 Septembre 2018 Manifeste Mozilla (2/) ● Chacun doit pouvoir modeler Internet et l’usage qu’il en fait.
    [Show full text]
  • Creating Trustworthy AI a Mozilla White Paper on Challenges and Opportunities in the AI Era
    Creating Trustworthy AI a Mozilla white paper on challenges and opportunities in the AI era December 2020 Draft v1.0 foundation.mozilla.org Established in 2003, guided by the Mozilla Manifesto, the Mozilla Foundation believes the internet is a global public resource that must remain open and accessible to all. The Mozilla Foundation is a not-for-profit organization that exists to support and collectively lead the open source Mozilla project. It views its work as part of a global movement for a digital environment that aims at putting people in charge of their own data and that makes the internet a more democratic place by mobilizing a critical mass of conscious internet users. Many staff, fellows, and allies of Mozilla generously contributed data and ideas alongside countless readers who participated. The report was written by Becca Ricks and Mark Surman. Contributing authors included: Abigail Cabunoc Mayes; Ashley Boyd; Brandi Geurkink; David Zeber; Frederike Kaltheuner; Ilana Segall; J.Bob Alotta; Jane Polak Scowcroft; Jess Stillerman; Jofish Kaye; Kevin Zawacki; Marshall Erwin; Martin Lopatka; Mathias Vermeulen; Muriel Rovira Esteva; Owen Bennett; Rebecca Weiss; Richard Whitt; Sarah Watson; and Solana Larsen. This work is licensed under the Creative Commons Attribution 4.0 (BY) license, which means that the text may be remixed, transformed and built upon, and be copied and redistributed in any medium or format even commercially, provided credit is given to the author. For details go to http://creativecommons.org/licenses/by/4.0/ Creative Commons license terms for re-use do not apply to any content (such as graphs, figures, photos, excerpts, etc.) not original to the Open Access publication and further permission may be required from the rights holder.
    [Show full text]
  • Riconoscimento Vocale Con Deepspeech by Mozilla
    Riconoscimento vocale con DeepSpeech by Mozilla Aggiornamenti, modello italiano e contest! 25/10/2020 Stefania Delprete Data Scientist Credit: ESA Agenda ❏ Mozilla e voice recognition ❏ Lo sviluppo di DeepSpeech ❏ Modello italiano e contest ❏ Common Voice e sprint Mozilla Confidential Chi sono? Stefania Delprete @astrastefania Data Scientist e tech tutor in TOP-IX/BIG DIVE. Ho lavorato con dati da Measumerent Lab anche usati da Mozilla for Internet Health Report. Organizzo MathsJam e gruppi di discussione di Altruismo Efficace, supporto a conferenze (PyCon, MERGE-it, Linux Day, … ) e sono una Mozillian! Vari talk su Rust in Firefox, Data Science, Common Voice e DeepSpeech. Co-organizzo eventi su Mozilla e Rust. 3 Cos'è Mozilla? Si tratta di una fondazione no profit di cui Mozilla Italia è la comunità linguistica e nazionale italiana. Nella prossima foto di gruppo potresti esserci anche tu! Manifesto Mozilla ➔ Internet è una risorsa pubblica globale che deve rimanere aperta e accessibile. ➔ Internet deve arricchire la vita di ogni essere umano. ➔ L’efficacia di Internet come risorsa pubblica dipende dal suo carattere di interoperabilità (relativamente a protocolli, formati di dati, contenuto), dal suo grado di innovazione e dalla partecipazione decentralizzata a livello mondiale. ➔ La partecipazione commerciale allo sviluppo di Internet è in grado di apportare numerosi benefici, ma è fondamentale un equilibrio tra profitto commerciale e benefici pubblici. ➔ La valorizzazione degli aspetti di pubblica utilità di Internet rappresenta un obiettivo
    [Show full text]
  • Journées Du Logiciel Libre Lyon Utopies Concrètes Et Accessibles
    www.jdll.org 21e édition Journées du Logiciel Libre Entrée libre et gratuite. Lyon Métro D Métro B Saxe Place Gambetta Guichard Dates / 4 et 5 Avril 2020 Samedi (10h à 18h) & Dimanche (11h à 18h) Lieu / Maison pour tous Salle des Rancy 249, rue Vendôme Lyon 3 Thème / Utopies concrètes et accessibles Informations Coronavirus [mises à jour, actualités, informations générales : jdll.org / twitter / mastodon] Colophon ! Ce programme est le fruit d'une année de travail par l'ensemble de l'équipe des JdLL, dans la joie et la bonne humeur des réunions mensuelles. Si jamais participer à l'organisation vous intéresse, nous accueillons tout le monde à bras ouverts :-7 ! N'hésitez pas à nous spammer par mails ou nous coincer durant les journées pour exiger que nous vous informions de la date pour la réunion de la rentrée. La mise en page de ce programme a été générée par BonjourMonde sans aucun logiciel de mise en page classique, mais grâce à une librairie javascript, Bindery.js et une bonne dose d'Html + Css. Imprimé en mars 2020, le caractère typographique employé est le Syne, typographie plus libre que la plus libre de tes fontes. Cette édition est dans le domaine public et ses sources sont disponibles librement sur le site des JdLL. ~/JdLL2020/ Logiciel Libre : Utopies concrètes et accessibles #Commun #Multiplicités #Inclusion #Dialogue #Humain #Transmission Au sein d'une société capitaliste, le numérique est pensé et construit comme un outil d'exclusion et d'oppression. Par la dématérialisation des services, il aggrave les inégalités et facilite la marchandisation du moindre recoin de nos vies.
    [Show full text]
  • Arxiv:2008.09606V1 [Cs.CL] 21 Aug 2020
    Howl: A Deployed, Open-Source Wake Word Detection System Raphael Tang,1∗ Jaejun Lee,1∗ Afsaneh Razi,2 Julia Cambre,2 Ian Bicking,2 Jofish Kaye,2 and Jimmy Lin1 1David R. Cheriton School of Computer Science, University of Waterloo 2Mozilla Abstract To this end, we have previously developed Hon- kling, a JavaScript-based keyword spotting sys- We describe Howl, an open-source wake word tem (Lee et al., 2019). Leveraging one of the light- detection toolkit with native support for open est models available for the task from Tang and Lin speech datasets, like Mozilla Common Voice (2018), Honkling efficiently detects the target com- and Google Speech Commands. We report benchmark results on Speech Commands and mands with high precision. However, we notice our own freely available wake word detec- that Honkling is still quite far from being a sta- tion dataset, built from MCV. We operational- ble wake word detection system. This gap mainly ize our system for Firefox Voice, a plugin arises from the model being trained as a speech enabling speech interactivity for the Firefox commands classifier, instead of a wake word de- web browser. Howl represents, to the best tector; its high false alarm rate results from the of our knowledge, the first fully production- limited number of negative samples in the training ized yet open-source wake word detection toolkit with a web browser deployment target. dataset (Warden, 2018). Our codebase is at https://github.com/ In this paper, to make a greater practical impact, castorini/howl. we close this gap in the Honkling ecosystem and present Howl, an open-source wake word detec- 1 Introduction tion toolkit with support for open datasets such as Mozilla Common Voice (MCV; Ardila et al., 2019) Wake word detection is the task of recognizing an and the Google Speech Commands dataset (War- utterance for activating a speech assistant, such as den, 2018).
    [Show full text]
  • Make Firefox Into a Self-Voicing Browser
    Make Firefox Into A Self-voicing Browser Make Firefox Into A Self-voicing Browser 1 / 3 Voice control over electronic devices, once a sci-fi idea, is increasingly common as we talk to our digital doodads to make calendar appointments, .... In 2004, Opera Software created a self-voicing and speech-recognition ... capabilities to the Mozilla Firefox web browser on Mac, Windows, or Linux. ... In 2004, she made her film debut with a role in the teen comedy Confessions of a …. It's supported in all major browsers: IE 8, Mozilla 3, Opera 9.5, and Safari 4. ... also created Fire Vox, an add-on to Firefox that makes it a self-voicing browser. Fire Vox is a Firefox extension that uses the CLC-4-TTS and CLC-Utils library to make Firefox a self-voicing browser as well as provide extra accessiblity .... To be able to issue voice commands directly to a web page and have the ... this, to make sure each browser gets fed the right object (nom nom.). 28.1.3.7 Self-Voicing Programs A screen reader is an approach to create a ... A more recent approach uses self-voicing capabilities added to browsers or other ... Firefox has the FireVox9 (Thiessen and Chen, 2007) plug-in for voice access ... Chromizer, tweak que anade nuevas funciones a Google Chrome en iOS @LOCOSDEL136 Read Aloud: A Text to Speech Voice Readerby Hai Phan. Read out loud the current web-page article with one click. ... Click a button, jump on your bed, and have the article read aloud to you.
    [Show full text]
  • Dragon Installation and User Guide
    Installation and User Guide Version 12 Dragon 12 Installation and User Guide Copyright 1991 - 2012. Dragon Professional Version 12.0. This material may not include some last-minute technical changes and/or revisions to the software. Changes are periodically made to the information described here. Future ver- sions of this material will incorporate these changes. Nuance Communications, Inc. may have patents or pending patent applications covering subject matter in this document. The furnishing of this document does not give you any license to such patents. No part of this material or software may be reproduced in any form or by any means, including, without limitation, electronic or mechanical, such as photocopying or recording, or by any information storage and retrieval systems, without the express written consent of Nuance Communications, Inc. Specifications are subject to change without notice. Copyright © 2012 Nuance Communications, Inc. All rights reserved. Nuance, the Nuance logo, ScanSoft, Dragon, DragonBar, the Dragon logo, Nat- urallySpeaking, RealSpeak, Nothing But Speech (NBS), Natural Language Technology, Full Text Control, BestMatch, MouseGrid, and Vocabulary Editor are registered trade- marks or trademarks of Nuance Communications, Inc. All other names and trademarks ref- erenced herein are trademarks of Nuance Communications, Inc., or their respective owners. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks, including the following: Pentium is a registered
    [Show full text]
  • Il Riconoscimento Vocale Nella Lingua Piú Bella Del Mondo Contribuisci Anche Tu a Mozilla
    Il riconoscimento vocale nella lingua piú bella del mondo Contribuisci anche tu a Mozilla 27/10/2018 Daniele Scasciafratte Full Stack Developer/CTO - Codeat SRLS Chi sono ● Co-Founder Codeat (Web Agency) ● WordPress Community Translator/Developer ● WordPress/ClassicPress Core Contributor ● Industria Italiana del Software Libero ● Mozilla ● Mozillian & Mozilla Rep ○ & Mozilla Reps Council ○ & Mozilla Tech Speaker ● Mi piace collezionare fumetti e libri gialli e di fantascienza ● Mi piace l’open source perché mi permette di essere parte attiva nell’evoluzione dei progetti ● Contribuisco a Mozilla perché si preoccupa della salute di internet e di potenziare le possibilità di accesso a questo strumento 2 Manifesto Mozilla ● Internet è una risorsa pubblica globale che deve rimanere aperta e accessibile. ● Internet deve arricchire la vita di ogni essere umano. ● L’efficacia di Internet come risorsa pubblica dipende dal suo carattere di interoperabilità (relativamente a protocolli, formati di dati, contenuto), dal suo grado di innovazione e dalla partecipazione decentralizzata a livello mondiale. ● La partecipazione commerciale allo sviluppo di Internet è in grado di apportare numerosi benefici, ma è fondamentale un equilibrio tra profitto commerciale e benefici pubblici. ● La valorizzazione degli aspetti di pubblica utilità di Internet rappresenta un obiettivo importante, che merita tempo, attenzione e impegno. https://www.mozilla.org/it/about/manifesto/ Cos'è Mozilla? Si tratta di una fondazione no profit di cui Mozilla Italia è la comunità linguistica oltreché nazionale Italiana. Nella prossima foto di gruppo potresti esserci anche tu! 4 Common Voice voice.mozilla.org Progetto di Mozilla incentrato sul raccoglimento di registrazioni vocali, per poter creare un riconoscitore vocale basato su un dataset e modello di pubblico dominio per tutte le lingue che partecipano al progetto.
    [Show full text]
  • Mozilla Download New Version Update to the Latest Version of Firefox for Android
    mozilla download new version Update to the latest version of Firefox for Android. In order to use all the latest features and keep your information safe and secure, it's a good idea to update to the newest version of Firefox for Android. Firefox for Android lets you know when an update is available through Google Play, but you can also check it manually using the steps below. Follow the steps below to find out what version you're using, and ways to update it if needed. Check your version of Firefox. Tap the menu button. Update via Google Play. The easiest way to update Firefox is via Google Play, here you can see if your version is out of date and update it. Open the Google Play Store app on your device and tap the menu in the upper left. Tap My apps & games to see your list of installed apps. This list indicates which apps need to be updated. Firefox will appear in the Updates list if an update is available. Tap the corresponding Update button to initiate the update. These fine people helped write this article: Volunteer. Grow and share your expertise with others. Answer questions and improve our knowledge base. Mozilla download new version. Soraya Osorio – Дизайнер мебели, поклонник Firefox. Мы делаем Интернет безопаснее, здоровее, быстрее и ответственнее. Mozilla — некоммерческая организация, создавшая Firefox, оригинальный альтернативный браузер. Мы создаём продукты и поддерживаем политику, что Интернет создан для людей, а не для прибыли. Наше влияние. Когда вы используете Firefox, вы помогаете Mozilla бороться с ложной информацией в сети, обучать цифровым технологиям и делать комментарии более человечными.
    [Show full text]
  • January 12, 2019
    January 12, 2019 Autoprefixer: Autoprefixer warns you if you use deprecated CSS properties, e.g., text- decoration-skip: ink instead of text-decoration-skip-ink: auto . Josh Aas: Let’s Encrypt has stopped checking domains against the Google Safe Browsing API before issuance (content safety is outside the scope of certificates). Rachel Andrew: CSS multi‑column layout (e.g., column-count: 4 ) is currently the only layout method that can create Masonry‑style layouts with unequal height items. Zach Leatherman: On macOS, buttons seem to lose their native styles if they become multi‑ line. Anne van Kesteren: The DOM Standard lists the 18 built‑in HTML elements that can be shadow hosts (the attachShadow method works on them). Rick Viscomi: The median Lighthouse accessibility score is only 62%. January 11, 2019 Sven Wolfermann: A “spinbutton” is an input widget that restricts its value to a set or range of discrete values (screenshot). Heydon Pickering: Firefox supports the CSS gutter properties ( row-gap , column-gap , and gap ) in flexbox layouts as well. Rob Dodson: Reminder: Shadow DOM provides style encapsulation, but CSS custom properties do pierce the shadow boundary (as an exception). Potch: The CSS next‑sibling combinator ( + ) is underrated (e.g., li + li is more concise than undoing things with :first-child ). Carie Fisher: The most reliable way to add additional descriptive content to SVG graphics is <svg> + role="img" + <title> + <desc> + aria-labelledby="[ID]" . Nicolas Steenhout: Opening links in new windows or tabs (without warning) is an accessibility barrier because it changes the context which can be disorienting for some people; if you can’t avoid it, notify the user via an “Opens in a new window” message.
    [Show full text]
  • Deepspeech @ Websummercamp
    DeepSpeech @ WebSummerCamp DeepSpeech @ WebSummerCamp Workshop Alexandre Lissy [email protected] 2019-08-28 • Welcome and thanks for attending ! DeepSpeech @ WebSummerCamp • I’m Alexandre, working on the DeepSpeech team in the Paris Mozilla Office • The purpose of the workshop is an introduction to leveraging Speech Recognition for the Workshop Web • I want this to be interactive and as much as possible “hands-on” Alexandre Lissy [email protected] #websc | DeepSpeech @ WebSummerCamp 1/21 Outline DeepSpeech @ WebSummerCamp 1 Why is Mozilla working on speech ? What is DeepSpeech ? DeepSpeech status 2 Tooling and description Virtual machine Outline 3 NodeJS DeepSpeech service Basic NodeJS CLI A DeepSpeech REST API Capturing audio from a Webpage Using WebSocket and Streaming API 1 Why is Mozilla working on speech ? Outline 4 Producing a custom language model DeepSpeech models Command-specific language model What is DeepSpeech ? 2019-08-28 DeepSpeech status • Our workshop will follow this outline 2 Tooling and description Virtual machine 3 NodeJS DeepSpeech service Basic NodeJS CLI A DeepSpeech REST API Capturing audio from a Webpage Using WebSocket and Streaming API 4 Producing a custom language model DeepSpeech models Command-specific language model #websc | DeepSpeech @ WebSummerCamp 2/21 Next DeepSpeech @ WebSummerCamp 1 Why is Mozilla working on speech ? What is DeepSpeech ? DeepSpeech status Why is Mozilla working on speech ? 2 Tooling and description Virtual machine Next 3 NodeJS DeepSpeech service Basic NodeJS CLI A DeepSpeech REST API
    [Show full text]