Previous work established that open source software (OSS) projects can benefit from the involvement of UX professionals, who offer user-centric perspectives and contributions to improve software usability. However, their participation in OSS issue discussions (places where design and implementation decisions are often made) is relatively scarce since those platforms are created with a developer-centric mindset. Analyzing a dataset sampled from five OSS projects, this study identifies UX professionals' distinct approaches to raising and following up on usability issues. Compared to other contributors, UX professionals addressed a broader range of usability issues, well-supported their stances, and were more factual than emotional. They also actively engage in discussions to provide additional insights and clarifications in comments following up on the issues they posted. Results from this study provide useful insights for increasing UX professionals' involvement in OSS communities to improve usability and end-user satisfaction.
How to search for bugs in 1,000 programs using a pre-existing fuzzer and a standard PC? We consider this problem and show that a well-designed strategy that determines which programs to fuzz and for how long can greatly impact the number of bugs found across the programs. In fact, the impact of employing an effective strategy is comparable to that of utilizing a state-of-the-art fuzzer. The considered problem is referred to as fuzzing at scale, and the strategy as scheduler. We show that besides a naive scheduler, that allocates equal fuzz time to all programs, we can consider dynamic schedulers that adjust time allocation based on the ongoing fuzzing progress of individual programs. Such schedulers are superior because they lead both to higher number of total found bugs and to higher number of found bugs for most programs. The performance gap between naive and dynamic schedulers can be as wide (or even wider) as the gap between two fuzzers. Our findings thus suggest that the problem of advancing schedulers is fundamental for fuzzing at scale. We develop several schedulers and leverage the most sophisticated one to fuzz simultaneously our newly compiled benchmark of around 5,000 Ub
Modern operating systems manage and abstract hardware resources, to ensure efficient execution of user workloads. The operating system must securely interface with often untrusted user code while relying on hardware that is assumed to be trustworthy. In this paper, we challenge this trust by introducing the eNVMe platform, a malicious NVMe storage device. The eNVMe platform features a novel, Linux-based, open-source NVMe firmware. It embeds hacking tools and it is compatible with a variety of PCI-enabled hardware. Using this platform, we uncover several attack vectors in Linux and Windows, highlighting the risks posed by malicious NVMe devices. We discuss available mitigation techniques and ponder about open-source firmware and open-hardware as a viable way forward for storage. While prior research has examined compromised existing hardware, our eNVMe platform provides a novel and unique tool for security researchers, enabling deeper exploration of vulnerabilities in operating system storage subsystems.
Software fault-proneness prediction is an active research area, with many factors affecting prediction performance extensively studied. However, the impact of the learning approach (i.e., the specifics of the data used for training and the target variable being predicted) on the prediction performance has not been studied, except for one initial work. This paper explores the effects of two learning approaches, useAllPredictAll and usePrePredictPost, on the performance of software fault-proneness prediction, both within-release and across-releases. The empirical results are based on data extracted from 64 releases of twelve open-source projects. Results show that the learning approach has a substantial, and typically unacknowledged, impact on the classification performance. Specifically, using useAllPredictAll leads to significantly better performance than using usePrePredictPost learning approach, both within-release and across-releases. Furthermore, this paper uncovers that, for within-release predictions, this difference in classification performance is due to different levels of class imbalance in the two learning approaches. When class imbalance is addressed, the performance di
Video dissemination through sites such as YouTube can have widespread impacts on opinions, thoughts, and cultures. Not all videos will reach the same popularity and have the same impact. Popularity differences arise not only because of differences in video content, but also because of other "content-agnostic" factors. The latter factors are of considerable interest but it has been difficult to accurately study them. For example, videos uploaded by users with large social networks may tend to be more popular because they tend to have more interesting content, not because social network size has a substantial direct impact on popularity. In this paper, we develop and apply a methodology that is able to accurately assess, both qualitatively and quantitatively, the impacts of various content-agnostic factors on video popularity. When controlling for video content, we observe a strong linear "rich-get-richer" behavior, with the total number of previous views as the most important factor except for very young videos. The second most important factor is found to be video age. We analyze a number of phenomena that may contribute to rich-get-richer, including the first-mover advantage, and
Hashtags in online social media have become a way for users to build communities around topics, promote opinions, and categorize messages. In the political context, hashtags on Twitter are used by users to campaign for their parties, spread news, or to get followers and get a general idea by following a discussion built around a hashtag. In the past, researchers have studied certain types and specific properties of hashtags by utilizing a lot of data collected around hashtags. In this paper, we perform a large-scale empirical analysis of elections using only the hashtags shared on Twitter during the 2019 Lok Sabha elections in India. We study the trends and events unfolded on the ground, the latent topics to uncover representative hashtags and semantic similarity to relate hashtags with the election outcomes. We collect over 24 million hashtags to perform extensive experiments. First, we find the trending hashtags to cross-reference them with the tweets in our dataset to list down notable events. Second, we use Latent Dirichlet Allocation to find topic patterns in the dataset. In the end, we use skip-gram word embedding model to find semantically similar hashtags. We propose popula
In Quantum Field Theory, we discuss the main features of the (non-local) contour gauge which extends the local axial-type gauge used in most approaches. Based on the gluon geometry, we demonstrate that the contour gauge does not suffer from the residual gauge. We discuss the useful correspondence between the contour gauge conception and the Hamiltonian (Lagrangian) formalism. Having compared the local and non-local gauges, we again advocate the advantage of the contour gauge use.
Since 2016, all of four major U.S. operators have rolled out nationwide Wi-Fi calling services. They are projected to surpass VoLTE (Voice over LTE) and other VoIP services in terms of mobile IP voice usage minutes in 2018. They enable mobile users to place cellular calls over Wi-Fi networks based on the 3GPP IMS (IP Multimedia Subsystem) technology. Compared with conventional cellular voice solutions, the major difference lies in that their traffic traverses untrustful Wi-Fi networks and the Internet. This exposure to insecure networks may cause the Wi-Fi calling users to suffer from security threats. Its security mechanisms are similar to the VoLTE, because both of them are supported by the IMS. They include SIM-based security, 3GPP AKA (Authentication and Key Agreement), IPSec (Internet Protocol Security), etc. However, are they sufficient to secure Wi-Fi calling services? Unfortunately, our study yields a negative answer. We conduct the first study of exploring security issues of the operational Wi-Fi calling services in three major U.S. operators' networks using commodity devices. We disclose that current Wi-Fi calling security is not bullet-proof and uncover four vulnerabilit
The discovery of a biosphere on another planet would transform how we view ourselves, and our planet Earth, in relation to the rest of the cosmos. We now know Earth is one planet among eight circling our sun; our sun is part of a swirling galaxy of over one hundred billion other suns; and our galaxy is one of untold billions in the universe. While we do not yet know how many, if any, other biospheres exist on the countless worlds orbiting countless other suns, we stand at the precipice of a new era of discovery, enabled by powerful new facilities able to peer across the light years into the atmospheres of planets similar to our own. This article is an adaptation of a science case document (SCDD) developed for the NASA Astrophysics Flagship mission the Habitable Worlds Observatory (HWO) Science, Technology, and Architecture Review Team (START) Living Worlds Community Working Group.
In the process industry, the configuration of Safety Instrumented Systems (SIS) must comply with a defined set of safety requirements, typically documented in the Safety Requirements Specification (SRS). The functional safety standard IEC 61511 outlines the necessary content and quality criteria for the SRS. However, developing an effective SRS can be challenging. This article examines some of these challenges and proposes good practices to address them. It discusses SRS ownership, "staged" development of SRS, and the classification and traceability of requirements. Additionally, it explores the issue of untold "negative" requirements and suggests exploratory "inspection" of SIS Application Programs (APs) as a potential remedy.
Visual scenes are extremely diverse, not only because there are infinite possible combinations of objects and backgrounds but also because the observations of the same scene may vary greatly with the change of viewpoints. When observing a multi-object visual scene from multiple viewpoints, humans can perceive the scene compositionally from each viewpoint while achieving the so-called ``object constancy'' across different viewpoints, even though the exact viewpoints are untold. This ability is essential for humans to identify the same object while moving and to learn from vision efficiently. It is intriguing to design models that have a similar ability. In this paper, we consider a novel problem of learning compositional scene representations from multiple unspecified (i.e., unknown and unrelated) viewpoints without using any supervision and propose a deep generative model which separates latent representations into a viewpoint-independent part and a viewpoint-dependent part to solve this problem. During the inference, latent representations are randomly initialized and iteratively updated by integrating the information in different viewpoints with neural networks. Experiments on se
Fifth generation (5G) network and beyond envision massive Internet of Things (IoT) rollout to support disruptive applications such as extended reality (XR), augmented/virtual reality (AR/VR), industrial automation, autonomous driving, and smart everything which brings together massive and diverse IoT devices occupying the radio frequency (RF) spectrum. Along with the spectrum crunch and throughput challenges, such a massive scale of wireless devices exposes unprecedented threat surfaces. RF fingerprinting is heralded as a candidate technology that can be combined with cryptographic and zero-trust security measures to ensure data privacy, confidentiality, and integrity in wireless networks. Motivated by the relevance of this subject in the future communication networks, in this work, we present a comprehensive survey of RF fingerprinting approaches ranging from a traditional view to the most recent deep learning (DL)-based algorithms. Existing surveys have mostly focused on a constrained presentation of the wireless fingerprinting approaches, however, many aspects remain untold. In this work, however, we mitigate this by addressing every aspect - background on signal intelligence (S
The export of agricultural fertilizers to streams results in untold harms to downstream water quality and thus ecosystem. Understanding and simulating the export of these chemicals is the first step to control their transport to streams. In this paper, the export of ammonium and phosphate, two major contaminants resulted from agricultural activities, were simulated using artificial neural network (ANN) and daily sediment and runoff data. Results indicated that ANN could simulate the trend of the export of these chemicals to streams successfully; however, it could not simulate the extreme events well. This might be due to the complexity of the transport of ammonium and phosphate, which contains many different processes that could not be captured in daily sediment and runoff data.
This work demonstrates how to leverage previous network expert demonstrations of UAV deployment to automate the drones placement in civil applications. Optimal UAV placement is an NP-complete problem: it requires a closed-form utility function that defines the environment and the UAV constraints, it is not unique and must be defined for each new UAV mission. This complex and time-consuming process hinders the development of UAV-networks in civil applications. We propose a method that leverages previous network expert solutions of UAV-network deployment to learn the expert's untold utility function form demonstrations only. This is especially interesting as it may be difficult for the inspection expert to explicit his expertise into such a function as it is too complex. Once learned, our model generates a utility function which maxima match expert UAV locations. We test this method on a Wi-Fi UAV network application inside a crowd simulator and reach similar quality-of-service as the expert. We show that our method is not limited to this UAV application and can be extended to other missions such as building monitoring.
The Internet of Things (IoT) is becoming an indispensable part of everyday life, enabling a variety of emerging services and applications. However, the presence of rogue IoT devices has exposed the IoT to untold risks with severe consequences. The first step in securing the IoT is detecting rogue IoT devices and identifying legitimate ones. Conventional approaches use cryptographic mechanisms to authenticate and verify legitimate devices' identities. However, cryptographic protocols are not available in many systems. Meanwhile, these methods are less effective when legitimate devices can be exploited or encryption keys are disclosed. Therefore, non-cryptographic IoT device identification and rogue device detection become efficient solutions to secure existing systems and will provide additional protection to systems with cryptographic protocols. Non-cryptographic approaches require more effort and are not yet adequately investigated. In this paper, we provide a comprehensive survey on machine learning technologies for the identification of IoT devices along with the detection of compromised or falsified ones from the viewpoint of passive surveillance agents or network operators. We
Driven by outstanding success stories of Internet startups such as Facebook and The Huffington Post, recent studies have thoroughly described their growth. These highly visible online success stories, however, overshadow an untold number of similar ventures that fail. The study of website popularity is ultimately incomplete without general mechanisms that can describe both successes and failures. In this work we present six years of the daily number of users (DAU) of twenty-two membership-based websites - encompassing online social networks, grassroots movements, online forums, and membership-only Internet stores - well balanced between successes and failures. We then propose a combination of reaction-diffusion-decay processes whose resulting equations seem not only to describe well the observed DAU time series but also provide means to roughly predict their evolution. This model allows an approximate automatic DAU-based classification of websites into self-sustainable v.s. unsustainable and whether the startup growth is mostly driven by marketing & media campaigns or word-of-mouth adoptions.
In October 2017, there happened the uprising of an unprecedented online movement on social media by women across the world who started publicly sharing their untold stories of being sexually harassed along with the hashtag #MeToo (or some variants of it). Those stories did not only strike the silence that had long hid the perpetrators, but also allowed women to discharge some of their bottled-up grievances, and revealed many important information surrounding sexual harassment. In this paper, we present our analysis of about one million such tweets collected between October 15 and October 31, 2017 that reveals some interesting patterns and attributes of the people, place, emotions, actions, and reactions related to the tweeted stories. Based on our analysis, we also advance the discussion on the potential role of online social media in breaking the silence of women by factoring in the strengths and limitations of these platforms.
Visual scenes are extremely rich in diversity, not only because there are infinite combinations of objects and background, but also because the observations of the same scene may vary greatly with the change of viewpoints. When observing a visual scene that contains multiple objects from multiple viewpoints, humans are able to perceive the scene in a compositional way from each viewpoint, while achieving the so-called "object constancy" across different viewpoints, even though the exact viewpoints are untold. This ability is essential for humans to identify the same object while moving and to learn from vision efficiently. It is intriguing to design models that have the similar ability. In this paper, we consider a novel problem of learning compositional scene representations from multiple unspecified viewpoints without using any supervision, and propose a deep generative model which separates latent representations into a viewpoint-independent part and a viewpoint-dependent part to solve this problem. To infer latent representations, the information contained in different viewpoints is iteratively integrated by neural networks. Experiments on several specifically designed syntheti
In a survey of quasar candidates selected by matching the FIRST and 2MASS catalogs, we have found two extraordinarily red quasars. FIRST J013435.7-093102 is a 1 Jy source at z=2.216 and has B-K > 10, while FIRST J073820.1+275045 is a 2.5 mJy source at z=1.985 with B-K = 8.4. FIRST J073820.1+275045 has strong absorption lines of MgII and CIV in the rest frame of the quasar and is highly polarized in the rest frame ultraviolet, strongly favoring the interpretation that its red spectral energy distribution is caused by dust reddening local to the quasar. FIRST J073820.1+275045 is thus one of the few low radio-luminosity, highly dust-reddened quasars known. The available observational evidence for FIRST J013435.7-093102 leads us to conclude that it too is reddened by dust. We show that FIRST J013435.7-093102 is gravitationally lensed, increasing the number of known lensed, extremely dust-reddened quasars to at least three, including MG0414-0534 and PKS1830-211. We discuss the implications of whether these objects are reddened by dust in the host or lensing galaxies. If reddened by their local environment, then we estimate that between 10 and 20% of the radio-loud quasar population i