Kia India unveils the EV9 e-SUV and Carnival Limousine, blending cutting-edge technology, luxury, and sustainability

RL Cafe is run by Bindhu KV and her husband, Balachandran T, in Thiruvananthapuram

A video on ‘Halwa Veedu’, where a family has been crafting broken-wheat halwa for decades

Kainaz Messman of Theobroma talks about the learnings of traditional food from the food collaboration in Singapore

Chennai loves its biryani. We meet three celebrated cooks from the city’s biryani hubs: Triplicane, Royapuram, and Periamet

Bringing ingredients and flavours all the way from Italy, Chennai’s newest pizzeria aims to serve authentic Neapolitan pizzas with a side of hot wings, creamy shrimp and warm garlic breads

Nestled within the buffer zone of the Dandeli-Anshi Tiger Reserve and the Karwar Territorial Forest Division, the Kunbi community hopes to find a new market for their climate-resilient tubers as indigenous ingredients in city chefs’ menus

Chef Ton from Le Du in Bangkok, Chef Pam of Potong, also hailing from Bangkok, and Chef Varun Totlani from Masque in Mumbai, united in Bengaluru to co-host an elaborate ten-course meal

Kerala’s much-loved cookbook author, Annamma Mathew, more popularly known as Mrs K M Mathew’s culinary legacy comes alive in a new book

In Kolkata, there’s always room for you at the Christmas party. And a slice of rich plum cake

Located on the 10th floor in Egmore, and spread across 4,500 square feet, Irida Skky Lounge focusses on technique-driven dishes and cocktails

Sudanese entrepreneur brings Sudan’s culinary traditions to Egypt, aiming to introduce Egyptian palates to Sudanese culture

Rooted in Indian culture, the homegrown dark sipping rum is created and bottled in Jammu and will soon be available in bars and restaurants across the country

Circars Bistro, Visakhapatnam’s newest American and continental dining space, offers a smorgasbord of offerings for the palate

1. Virtual Yoga Classes Aid Chronic Low Back Pain  Physician's Weekly
2. Yoga may help reduce lower-back pain, study says  The Washington Post
3. Try Some at-Home Yoga for That Aching Back  Newser
4. Is Virtual Yoga Effective for Chronic Low Back Pain?  Physical Therapy Products

1. NASA's Jet Propulsion Lab laying off 5% of its workforce  Space.com
2. JPL Workforce Update  NASA Jet Propulsion Laboratory
3. NASA’s JPL to cut 325 positions amid budget tightening  The Pasadena Star-News
4. NASA's Jet Propulsion Lab announces hundreds of layoffs: 'Painful but necessary'  Fox Business

Pythons Have Surprising Social Lives  The New York Times

1. Mark Pope gets a big win as No. 19 Kentucky takes down No. 6 Duke in Champions Classic  WLKY Louisville
2. KU's precarious top spot, Flagg's costly turnovers, more from the Champions Classic  ESPN
3. Cooper Flagg's costly last-minute turnovers spoil his big night, doom Duke against Kentucky  Yahoo Sports
4. Kentucky delivers with its defense in the final seconds. Cats upset No. 6 Duke in Atlanta.  Lexington Herald Leader
5. Duke Falls to Kentucky, 77-72 - Duke University  GoDuke.com

1. Internet Divided as ‘People’ Names John Krasinski ‘Sexiest Man Alive’  Rolling Stone
2. John Krasinski named People magazine’s ‘Sexiest Man Alive’  CNN
3. Just a Bunch of Sexy Photos of John Krasinski  PEOPLE
4. John Krasinski Reveals Wife Emily Blunt's Hilarious Response to His Sexiest Man Alive Title - E! Online  E! NEWS
5. Emily Blunt reacts after husband is named 2024 Sexiest Man Alive  The Independent

1. Lego Horizon Adventures Sylens voice actor revealed following Lance Reddick’s passing  Video Games Chronicle
2. Lego Horizon Adventures Review  IGN
3. Lego Horizon Adventures: How Long to Beat (& Chapter List)  GameRant
4. Lego Horizon Adventures is a delightful, kid-friendly twist on Horizon Zero Dawn  Polygon
5. How LEGO Horizon Adventures was built with real LEGO bricks, out Nov 14  PlayStation

Exclusive: US scrutinizes Russia accounts UBS took over from Credit Suisse, sources say  ReutersView Full Coverage on Google News

1. Israel's West Bank settlers hope Trump's return will pave the way for major settlement expansion  ABC News
2. Ex-Trump aides warn Israeli ministers not to assume he’ll back annexation in 2nd term  The Times of Israel
3. This Is How Netanyahu Will Annex the West Bank  Haaretz
4. Eyeing Trump support, Israeli minister pushes for West Bank settlement annexation  CNN

1. Archbishop of Canterbury Justin Welby resigns in abuse fallout: All to know  Al Jazeera English
2. Archbishop of Canterbury Resigns Over U.K. Church Abuse Scandal  The New York Times
3. Why did Justin Welby fall so tragically short? Because he was preoccupied with efficiency, not listening  The Guardian
4. Church of England Leaders Kept Evangelical Beatings Secret  ChristianityToday.com
5. UK Priest Who Married Prince Harry And Meghan Markle Steps Down Over Child Abuse Scandal  NDTV

1. UPDATE: At least 2 people dead after massive factory explosion in Louisville  WHAS11.com
2. 2 people confirmed dead after large explosion in Louisville facility  WLKY Louisville
3. Video Investigation after explosion at Kentucky manufacturing plant kills 2  ABC News
4. 12 hospitalized, 2 in critical condition after workplace explosion in Clifton neighborhood  WAVE 3
5. Louisville explosion: 2 in critical condition, no fatalities  Courier Journal

1. Special Counsel Jack Smith plans to resign, file report before Trump can fire him: report  Fox News
2. Jack Smith expected to resign ahead of Trump inauguration  WAVY.com
3. Special counsel Jack Smith plans to retire before Trump takes office: report  New York Post

Believe it or not, Spanish is the second-most spoken language on the planet. Developing your Spanish-speaking skills is a great way to meet new people, communicate with Spanish speakers, and immerse yourself in a new way of thinking. If you want to speak Spanish, start by learning the common phrases and vocabulary terms. Once you feel a little more comfortable with the language, you can learn a lot more by immersing yourself in the language, taking classes, and practicing to develop fluency in the language.

Data gathered from several consulting firms by HT Digital indicated that Bengaluru has maintained its position as the top option for non-resident Indians wishing to invest in India’s residential real estate market, particularly those seeking affordable and mid-segment homes.  The … Continue reading →

Bengaluru’s rental housing market saw an average price correction of 5-10% during the April-June quarter of the current calendar year, according to local brokers who spoke with HT.com. This news should cheer up tenants in the city. The primary reasons … Continue reading →

Due to severe downturns in the global economy in 2023, the commercial real estate market saw a 66% annual decline in investments. Significant markets such as the US and Europe saw a 25% decline in leasing activity. The global commercial … Continue reading →

This year’s budget, which sets up the housing sector, will not only help the one crore urban poor and middle-class families who lack a place to reside.  It will also boost the real estate market and open new doors for … Continue reading →

The real estate industry in Mumbai has suffered the most as a result of the heavy rains and the numerous cases of waterlogging that have been reported. Real estate experts claim that between July and August, during the monsoon, walk-ins … Continue reading →

This budget’s extensive measures demonstrate the government’s dedication to the real estate industry’s overall growth, which makes it a major driver of the country’s economic expansion.  The Finance Minister, Nirmala Sitharaman, unveiled the 2024 Union Budget, which includes some ground-breaking … Continue reading →

Try these 12 incredible iPhone tips and tricks for 2024 that will change the way you use your iPhone! From a hidden sleep timer in the Clock app to bypassing annoying ads in Safari WITHOUT an ad blocker, these hacks will save you time and headaches!

Trump's flying car initiative gains momentum as UFO expert Dr. Michael Salla signals potential involvement, bringing advanced aerospace expertise to ambitious urban development plan.

A federal judge in Washington yesterday ordered the Interior Department to shut down most of its employees' Internet access and some of its public Web sites after concluding that the agency has failed to fix computer security problems that threaten...

One of the issues regarding information on the web is ensuring authenticity, especially in regards to government information. The GPO recently announced they will be soon begin using public-key infrastructure and digital signatures to ensure authenticity of documents released online....

Summary: The overhead of performing even simple tasks online is getting larger and larger. I question the security of almost all these supposedly "secure" messaging systems. And I'm tired of the 'Utopia of Rules' mindset pervasive in every organization. It's exhausting how they expect customers to constantly adapt to their needs.

I don't know if you recall the game Kerplunk. It's a classic children's game that has been around for decades. I remember playing it with my sister. The basic setup involves a transparent plastic tube, a number of sticks, and marbles. The sticks are threaded through the tube to form a web or nest at the bottom on which the marbles rest. We'd take turns removing a stick at a time, trying not to let any marbles fall through the web and out of the tube. At some point, the remaining sticks can't hold the marbles and everything falls down.

The modern web reminds me more and more of a big Kerplunk game and I think the marbles are about to fall. What started out as an easier way to do things like shop, bank, and get health care information has become increasingly complex over time. More and more of the email I receive seems to be simply directing me to log into some bespoke system to retrieve a message or engage in some workflow. And even with a password manager, the act of logging in is often a chore with different user interfaces, custom MFA requirements, and weird rules for passwords. Once you're on the system, session time-outs induce their own form of anxiety since stepping away for a few minutes to attend to something else might require going through the whole Kafkaesque process all over again. The modern web has turned into a dystopian theater of the absurd where even reading a simple appointment reminder from your doctor requires several minutes of stress-inducing interaction with baroque systems and processes.

And it's not just doctors, of course, banks, government agencies, hospitals, ecommerce sites, and customer service systems all adopt these special purpose messaging systems. If you ask these organizations why they use bespoke messaging systems, they'll list things like "timely and improved communication," "convenience," and "privacy and security." But the real reason is that it's more convenient for them because these systems are integrated with their backends and make their processes more manageable. There's certainly nothing about them that's more convenient, timely, or better than email for their customers¹.

I also question the privacy and security premise. Email can be insecure. And your email provider can see the contents of your emails. But the messaging system run by your doctor or bank is likely less secure than the email systems run by Apple, Google, and the others. And achieving privacy by making everything incompatible so that you have to use a different system for each correspondent is like chopping off your finger to prevent hangnails.

How did we get here? Bureaucracy. Not just government bureaucracy, but bureaucracy of all kinds. In Utopia of Rules², David Graeber talks about how power imbalances force the less powerful group to perform what he calls interpretive labor, the work of understanding and implementing what's better or more convenient for the more powerful partner. People are not equal participants in online interactions. We don't have the tools to be fully embodied online³. Because of this we are forced to play by the rules organizations online who are digitally embodied with servers, identity systems, customer management systems, and so on. And part of that is being forced to use their inconvenient and anemic messaging systems.

What's the answer? People need tools. I think digital wallets (a bad name for an important tool), autonomic (peer) identifiers with strong cryptography, and verifiable credentials are a huge step forward. These tools provide the means for people to be peers online rather that mere ghosts in someone else's machine. That's why I insist on using the term self-sovereign rather than decentralized to describe these systems. Cogito Ergo Sum.

Notes

1. For a deeper dive into why one-off messaging systems are never as good as email, see Rich Sharing and Personal Channels. Email and other useful messaging systems exhibit a property called rich sharing that makes them much more robust that the simple idea of "sharing a message" would bring to mind.
2. If you're interested in power imbalances and how they come about, I can't recommend Graeber's book highly enough. He had such a keen understanding of this problem and wrote about it in a way that's both informative and entertaining.
3. I talk about this in more detail in Chapter 17 of Learning Digital Identity when I discuss authentic digital relationships.

Photo Credit: Playing Kerplunk from DALL-E (public domain) Prompt: Draw a picture of a boy and girl playing kerplunk that's 1200x500 pixels

Tags: web identity authentication authorization verifiable+credentials

Summary: The abundance of X.509 certificate authorities who already perform identity proofing for businesses provides a rich resource that can be leveraged to boot the verifiable data ecosystem.

When you used a verifiable credential to prove something about yourself, the verifier can know cryptographically: (1) the identifiers for the issuer, (2) the credential hasn't been tampered with, (3) the credential was issued to you, and (4) the credential hasn't been revoked. These four checks are important because their establish the fidelity of the data being transferred. They don't, however, tell them whether they can trust the issuer. For that, they need to take the issuer's decentralized identifier (DID) that they got from credential presentation and determine who it belongs to.

At the most recent Internet Identity Workshop, Drummond Reed gave a session on how X.509 certificates could help with this. The first step, like always, is to resolve the DID and retrieve the DIDDoc that associates keys and endpoints with the DID. The endpoint can be an HTTP server and, of course, should have an X.509 certificate providing TLS security. That certificate, at the very least, has a a domain name to bind that to the certificate's public key. It can, if you pay for the feature, also include information about the entity that applied for the certificate. The certificate authority proofs that information and is vouching for it when they sign the certificate.

The key to making the X.509 certificate useful for checking the provenance of a DID lies in one key change. X.509 certificates can contain and extended field called a Subject Alternative Name. This following figure shows how it can help.

In this figure:

1. The issuer (Attestor) creates the DID they will use to issue the certificate along with its associated DIDDoc, including an HTTP endpoint for DID verification.
2. Attestor applies for a X.509 certificate for that endpoint, including in the application the DID they created in (1).
3. The certificate authority does it's usual proofing of the application and issues a certificate that includes the DID in the Subject Alternative Name field.
4. The issuer creates a credential definition in the usual way that includes their DID and writes it to whatever Verifiable Data Registry their DID method dictates.
5. Attestor issues a credential to a holder (Alice) using that credential definition.
6. At some later time, Alice presents the credential to the verifier (Certiphi).
7. Certiphi resolves the DID to get the DIDDoc and retrieves the verfication endpoint from the DIDDoc
8. Certiphi retrieves the certificate for that endpoint¹.
9. Certiphi verifies the certificate by checking it's signature and ensures that the DID in the DIDDoc for the credential matches the one in certificate.²

The issuer's DID has now been tied in a verifiable way to whatever information is in the certificate. Provided the certificate includes information about the entity beyond the domain name, the verifier can use that information to determine whether or not the credential is authentic (i.e., issued by who the credential definition purports issued it). That might be all the evidence they need to determine whether to trust the entity. Certificate authorities could also issue verifiable credentials to the customer attesting the same verified claims—after all, it's one more product they can offer.

The benefit of doing issuer validation using X.509 certificates is that there are already many trusted X.509 certificate authorities in business who already do proofing of attributes about businesses. That's a huge chunk of the verifiable data ecosystem that doesn't need to be built because it can be leveraged. To make this work, digital certificate authorities would need to start offering to validate DIDs and include them in a certificate as a Subject Alternative Name. I don't discount that this will take some bureaucratic maneuvering. Certificate authorities will need to see a business opportunity. I'd love to see Digitcert or someone do a pilot on this.

Notes

1. Note that this step might be combined with the previous step if the Verifiable Data Registry is the same server as the endpoint, but that's not necessarily going to be the case for a number of reasons.
2. Note that this does not create a call back wherein Attestor can determine which credential was used, preserving the privacy of the presentation. Attestor does know one of its credentials has been presented to Certiphi. If this information leakage bothers you, then any web-based DID method is potentially a problem.

Tags: identity ssi decentralized+identifiers verifiable+credentials x.509

Michael Franco, New Atlas, Nov 13, 2024

The depth and detail in this paper (8 page PDF) are daunting, but the gist, as summarized in this post, is straightforward: provided only with observations of a human cleaning (" using a so-called instrumented tool, which is a standard tool equipped with additional sensors") the front of an ordinary sink, a robot arm learn to clean entire sinks with varying surface topology. "The model implicitly learned the correct
tool orientation and position w.r.t. the freeform 3D surface." Michael Franco speculates, "a fleet of robots could learn the basic moves from each other through what's known as 'federated learning' and then they could apply those moves to their individual, specified tasks."

Paul Sawers, TechCrunch, Nov 13, 2024

According to this article, "Meta has launched a new partnership with a slew of universities in the U.S. and U.K., as it looks to ingrain VR across the education system." I guess it's a big deal (per Mixed, Upload, Social Media Today, Technopedia, ReadWrite, etc etc) but it's hard for me to stifle a yawn. It's not simply that I was here for the Second Life hype, it's that their product is a "digital twin" of the university - "environments that directly replicate their real-world campus counterparts" - the least imaginative use of any media ever. I think there's a lot of room for VR in education, but this announcement isn't it.

It's Christmas. See the cool search tool set that Santa has left under the tree for you and your website!

Steve Faulkner recently released a tool for Internet Explorer called the Accessibility Toolbar. It provides one-click access to accessibility validators and has features that go beyond simple accessibility checks.

ITS has recently polled State agency developers for their ideas for a more collaborative eDG site that will better serve...

The eDG Website is nearing another milestone. In a past meeting, we polled members to learn what improvements could make The eDG more useful. All present expressed interest in having a more interactive site. The new eDG, available April 21, is a PHP portal-driven site with more interactive features.

Pssst… have you noticed your site loading a bit faster than usual? It’s not your imagination! We’re happy to let you know that we’ve rolled out Brotli to all of your WPMU DEV hosted sites, giving you on average 11.62% better compression than before (and faster sites as a result!) It’s a change that’ll make […]

Read to the end to see a cat who is definitely asleep and not up to ANYTHING suspicious… In today’s edition: Cheers to the WordPress Plugin Review Team for digging themselves out of one hell of a backlog. HeroPress celebrates folks who have used WordPress to make the world a better place, and we’re here […]

Great news for agencies, developers and freelancers! We’ve heard that while many of you love our Webmail service, the 5GB storage limit is getting tight. That’s why we’re introducing our new range of expanded Webmail plans to help take your email capabilities to the next level. More Space, More Flexibility, More Power We’re expanding our […]