Issue 2023-W24

Published on

Subscribe to new issues of the bulletin via the RSS feed or via email.

This week has been about a SurrealDB playground, PDF annotation in Obsidian, snapshot testing in Rust, the new EU AI Act, CSS blend modes and weaknesses in OOXML signatures.

# Mastering CSS Blend Modes

An article introducing what is in offer in the Candidate Recommendation for CSS blend modes.

# Every Signature is Broken: On the Insecurity of Microsoft Office's OOXML Signatures (pdf)

A papers on the results of researching the integrity of Microsoft OOXML signatures including verification and forgery. Notice that the paper also says:

The vulnerabilities have been acknowledged by Microsoft. However, Microsoft has decided that the vulnerabilities do not require immediate attention.

# EU AI Act: first regulation on artificial intelligence

An article summarising the new EU AI Act and their risk classification for mitigating potential harm derived from AI. Don't get your hopes too high, the article does not define "AI" in any meaningful way. Their best is this:

No single definition of artificial intelligence is accepted by the scientific community and the term 'AI' is often used as a 'blanket term' for various computer applications based on different techniques, which exhibit capabilities commonly and currently associated with human intelligence.

If you go a few levels into the EU Commission rabbithole you can find pearls like the definition in the White Paper on Artificial Intelligence: a European approach to excellence and trust (what a title right?).

Simply put, AI is a collection of technologies that combine data, algorithms and computing power.

You can also follow the A definition of Artificial Intelligence: main capabilities and scientific disciplines (don't bother, it's a 404).

Ok, ok. They do say they want to have a specific definition for AI. They quote the following: that is developed with [specific] techniques and approaches [listed in Annex 1] and can, for a given set of human-defined objectives, generate outputs such as content, predictions, recommendations, or decisions influencing the environments they interact with.

Still useless. The Annex 1 is yet another level of vagueness. It's funny if you don't think of the potential devastating consequences.

Enough ranting. I'm sure I missed the important bit in this legal maze. Let me know if you find something remotely useful.

# Obsidian Annotator

An Obsidian plugin for annotating PDF and EPUB files. Based on how stores annotations but offline.

# Insta

A snapshot testing tool for Rust with a range of snapshot formats to choose from, decent diffs and interactive reviews.

# Surrealist

A playground for querying SurrealDB for the Browser and the Desktop.