Registration Set to Open for First Pre-Kindergarten Pilot Locations in Newfoundland and Labrador – News Releases – Government of Newfoundland and…

As part of the Government of Newfoundland and Labradors ongoing commitment to create approximately 3,100 new regulated Pre-Kindergarten early learning and child care spaces by 2025-26, waitlist registration will open for the first Pre-Kindergarten pilot locations on September 8, 2022:

YMCA of Newfoundland and Labrador (YMCA-NL), which was chosen as the not-for-profit operator for all 35 Pre-Kindergarten Pilot Locations, will open waitlist registration at http://www.ymcanl.com/pre-kindergarten-program beginning at9:00 a.m. NDT on September 8.More details regarding the waitlist registration can be found below.

Pre-Kindergarten locations will open in phases.These initial five locations are anticipated to open before the end of November, 2022. Second phase locations are targeted for opening between December, 2022 and early 2023. While global supply chain shortages continue to impact project schedules in all sectors, all parties continue to work toward the goal of opening all 35 pilot locations by March 31, 2023. These pilot locations will account for approximately 600 new regulated early learning and child care spaces.

The Federal-ProvincialEarly Learning and Child Care Action Planis increasing access to regulated child care through the creation of approximately 6,000 spaces by 2025-26, as well as improving affordability, inclusivity and the quality of early learning and child care programming in Newfoundland and Labrador. This plan is made possible by federal investments in the Canada-wide Early Learning and Child Care system. These include $306 million for the 2021-22 to 2025-26 Canada-Newfoundland and Labrador Canada-wide Early Learning and Child Care Agreement, a one-time investment of nearly $6.5 million in 2021-22 to support the early childhood workforce, as well as over $34 million for the 2021-22 to 2025-26 Early Learning and Child Care Extension Agreement.

Newfoundland and Labrador was one of the first provinces to make child care more affordable for families by introducing $25 per day regulated child care in January 2021. That work has continued through the Canada-wide Early Learning and Child Care Agreement, which has further reduced the cost for regulated child care to $15 per day in 2022 and with a scheduled reduction to $10 per day in 2023.

QuotesThis is an important milestone for our Pre-Kindergarten pilot program. These first locations will create additional child care spaces in five areas with significant need, and are just the beginning of significant growth in child care availability province wide through this program. I want to thank YMCA-NL for their diligence in getting this program off-the ground in just three short months, and I look forward to the opening of the remaining pilot locations in the months to come.Honourable John HaggieMinister of Education

Access to high-quality child care gives children the chance to turn their natural curiosity into a lifelong love of learning. It builds the intellectual foundation for their future success. Todays announcement marks a major step forward for many children in this province, and is a testament to the excellent partnership between the Governments of Canada and Newfoundland and Labrador.Honourable Karina GouldCanadas Minister of Families, Children and Social Development, Government of Canada

YMCA-NL has appreciated the work of the Provincial Government and the Newfoundland and Labrador English School District to get the Pre-Kindergarten Pilot Program to the point where we can now begin the waitlist registration process. While this is an important milestone, a pilot project is also about learning, and we expect to learn a great dealthat will help us in future phasesas we work to open the five Phase one sites across the province. We also look forward to the upcoming wage grid in January to help with the recruitment of Early Childhood Educators.Jason BrownCEO, YMCA-NL

-30-

Learn morePre-Kindergarten Pilot Set to Create Approximately 600 Regulated Early Learning Spaces in 2022-23

YMCA-NL to Act as Not-For-Profit Operator of Pre-Kindergarten Pilot Locations

$10 a day child care for families in Newfoundland and Labrador

Toward $10-a-Day: Early Learning and Child Care

Follow us on Twitter@GovNLand@EDU_GovNL

Like us on Facebook

Media contactsNancy HollettEducation709-729-1906, 327-7878nancyhollett@gov.nl.ca

Mohammad HussainPress SecretaryOffice of the Minister of Families, Children and Social Development, Karina GouldMohammad.a.hussain@hrsdc-rhdcc.gc.ca

Michelle NorthoverYMCA of Newfoundland and Labrador709-691-6610Michelle.northover@nl.ymca.ca

BACKGROUNDER

Waitlist Registration Details for Pre-Kindergarten Pilot ProgramWaitlist registration for the five phase one pilot locations will occur at ymcanl.com/pre-kindergarten-program. To register for the waitlist, you can select the link for your location and follow the instructions.

Waitlist registration will open at 9:00 a.m. Newfoundland Daylight Savings Time (NDT) on Thursday, September 8, 2022. All registrants will be placed on the waitlist according to their chosen school location. Successful applicants will be chosen from the waitlist once spaces are confirmed until all spaces are filled.

Priority will be given to those applicants who apply who reside within the catchment area for the school location. TheNLESD Bus Plannercan be used to identify the catchment area for your home address.

Anyone with questions about the waitlist application process is encouraged to email pre-k@nl.ymca.ca.

2022 09 011:25 pm

Visit link:
Registration Set to Open for First Pre-Kindergarten Pilot Locations in Newfoundland and Labrador - News Releases - Government of Newfoundland and...

What is Solana Firedancer and why is it important? – Geeks World Wide

Originally posted here.By: Az

Jump Crypto and the Solana Foundation have announced their plans to boost the throughput and reliability of the high-performance blockchain Solana. This will be done by developing a new open-source validator client for the network that will run alongside the existing one. Its name [] Firedancer. Firedancer is now Were excited about the opportunity []

Jump Crypto and the Solana Foundation have announced their plans to boost the throughput and reliability of the high-performance blockchain Solana. This will be done by developing a new open-source validator client for the network that will run alongside the existing one.

Its name [] Firedancer .

Firedancer is now

Were excited about the opportunity to help scale the Solana network by engaging our strong-arm in research and development. https://t.co/5wtlghONPG pic.twitter.com/WPRyJN7ior

jump_crypto (@jump_) August 16, 2022

Jump Crypto, which has always been a validator and RPC node operator within the Solana ecosystem, will not only create a second validator client, separate from the one originally built by Solana Labs but also propose important upgrades to Solanas existing open-source core software. Kevin Bowers, Jump Tradings Chief Science Officer, will oversee the process of building the new validator client.

But what is Firedancer, what does it do, and what will it achieve?

Lets take a look!

What is Firedancer?

Firedancer is a new validator client that has been built by Jump Crypto to help increase the efficiency of the Solana network.

It is a fully independent consensus node implementation for the Solana blockchain. A consensus node is the core piece of technology that validators use to agree on the chains state (blocks and transactions) ensuring its integrity and validity.

What does it do?

Currently, Solanas throughput is not limited by any hardware, but instead by software inefficiencies. This is what Firedancer looks to solve, in the process enhancing both the networks decentralisation and its performance drastically.

The truth is that there is one fatal flaw with some PoS consensus methods, and that issue is having the network overthrown by the majority of the stakers. But with just over a third of the stakers/staking power running on Firedancer, no single client will have a supermajority on the network. And the benefit of having a second validator eliminates the issue of having a single point of failure.

According to the Firedancer website, the team aims to make significant progress on the development of the new client over the next 12-24 months. Whats more, the development will be open source, allowing anyone to see what is taking place.

Firedancers core code will be written in the C/C++ programming languages. These languages were chosen due to their widespread use in writing code that needs low-level access to a computers hardware. Low-level access means faster operating times, hence higher throughput and transaction speed.

How does it help?

Firedancer will:

Improve network efficiency.

Help scale the network.

Make it cheaper to run a validator node.

Make the network more decentralised.

Efficiency will be improved due to Firedancer using zero-copy networking to bypass most of the operating systems kernel network stack, coming with its own queues and other concurrency primitives.

Scalability will be down to the core developers and their understanding of the networks capabilities and limitations. Mechanical sympathy is when you use a tool or system with an understanding of how it operates best. This is where the teams behind Jump Crypto and Solana Labs aim to excel (both have significant backgrounds in low-level programming and engineering).

Running a node will be cheaper with a secondary client due to less hardware being needed per node. Less hardware naturally translates to a lower cost. However, it is worth mentioning that existing node operators will eventually have to make changes to their validators, as Firedancer will become an entirely separate node implementation at some point.

Lastly, higher decentralisation is managed by making validation more accessible. Firedancer will achieve this by lowering implementation risks that would impact large portions of the stake at once, and at the same time, by having a second self-dependent team of core engineers.

To learn more, visitfiredancer.io

Join our

Telegram / Discord / Twitter

Read more here:
What is Solana Firedancer and why is it important? - Geeks World Wide

Is This The Oldest Open Source HVAC Project In Existence? – Hackaday

Homebrew HVAC systems are one of those projects that take such a big investment of time, effort and money that youve got to be a really dedicated (ideally home-owning) hacker with a wide variety of multidisciplinary skills to pull off an implementation that can work in reality. One such HVAC hacker is [Vadim Tkachenko] with his multi-zone Home Climate Control (HCC) project that we covered first back in 2007. We now have rare opportunity to look at the improvements fifteen years of part-time development can produce, when a project is used all day, all year round in their own home. At the start, things were simple, just opening and closing ventilators with none of those modern MQTT-driven cloud computing stuff.

The current implementation, called DZ (GitHub project link) has been rewritten using modern reactive programming techniques (which apparently is a good thing for an HVAC control system) with the HCC-core application running on anything UNIX, but fits nicely on the Raspberry Pi. Measurement data (temperature, humidity, etc.) can be taken from 1-wire devices as well as XBee modules, enabling wired and wireless sensing around the installation. The system can control various air management appliances, such as heaters, heat pumps and fans depending on the need for heating, cooling or ventilation. Dont forget that often neglected third leg of HVAC, the V part is critical for a healthy house. The remote control and monitoring is courtesy of an Android application (HCC-Remote) which allows users to visualise the current status and what the HCC is currently doing to keep the programmed climate in check.

Data are transported using the common MQTT protocol, allowing simple connectivity to any sensors or controllers that already exist in an installation, with HCC providing integrations for ESPHome as well as Home Assistant, so there are plenty of options for building a system around existing hardware. The project is fairly big (as youd expect for this length of time) but [Vadim] would like to stress that they see a lot of re-inventing of the wheel on this subject, and a good look at HCC may save some people a lot of pain implementing a system without such a solid grounding.

If your needs are more basic, perhaps this simple ESP8266-based smart vent will suffice? And, if the control system is less of a problem, and youre more interested in the actual physical implementation, why not check out this DIY Energy Recovery Ventilator (ERV) project?

The rest is here:
Is This The Oldest Open Source HVAC Project In Existence? - Hackaday

Preventing attacks on mobile applications in the enterprise – TechTarget

The use of mobile devices within enterprise organizations is commonplace, so organizations must prepare for all sorts of mobile threat vectors -- including attacks via mobile applications -- to avoid a cybersecurity breach.

As the COVID-19 pandemic and the trend of working from anywhere have pushed many people to work remotely, mobile devices have become a primary channel for employees to stay in touch with their employers and enterprise networks. While this shift has offered convenience and flexibility to workers, reliance on mobile devices brings new security risks to the table. Ransomware, malware and other types of attacks can target mobile devices to great effect, and organizations must account for this to keep data secure throughout the enterprise.

It only takes one compromised mobile device for an attacker to access an organization's network. Corporate-owned and BYOD mobile devices are the ultimate target for land-and-expand attacks, where an attack on a mobile device sets the stage for another attack on a back-end system or cloud application. A typical corporate user's mobile device may have business email, a unified communications application such as Slack or Teams, and a Salesforce or other customer relationship management (CRM) client. When attackers compromise such a device, they have full access to the corporate network resources -- as if they're authorized users of the device.

Because many workers resorted to using personal and corporate-owned mobile devices to get their jobs done amid the pandemic, the mobile attack surface has grown in recent years. A 2022 report from mobile security vendor Zimperium found that a global average of 23% of mobile devices encountered malicious applications in 2021. The firm also found that 75% of phishing sites specifically targeted mobile devices that year.

Additionally, with each new application a user installs on a mobile device, the attack surface grows. Threats to applications, such as exposed APIs and misconfigured code, leave customer data open to attack. Outdated mobile apps only add to these security vulnerabilities. Organizations can look to enterprise mobility management (EMM) and other endpoint management tools for better control over applications. These tools enable IT to create and manage policies, such as automating mobile OS and app updates, for better mobile security.

Attackers may also target mobile devices for reconnaissance. Bad actors can use a mobile device's microphone and camera to spy on organizations and learn corporate secrets, such as research and development plans and financials. Compromised mobile devices can eavesdrop on sales calls or meetings about an organization's next big product.

There are many ways that hackers can compromise mobile devices through mobile apps. Prevent and mitigate the damaging consequences of attacks on mobile applications by keeping the following threat vectors in mind.

Malware is malicious software that can steal login credentials while bypassing two-factor authentication (2FA). Viruses, worms and spyware are examples of malware targeting mobile devices.

The fight against mobile malware starts with mobile antivirus software. IT must tightly control remote access to the enterprise network via mobile devices.

Malware attacks evolve with the support of state-sponsored and criminal hacking organizations. Some of these hacking groups have the technology and staff resources of a large software development shop. For example, a new and alarming trend in malware attacks against mobile banking apps is the dropper apps, which cybercriminals added to legitimate apps in the Google Play store. As hybrid work and BYOD policies blur the lines between personal and corporate devices, this is a significant threat to many organizations.

As DevOps and DevSecOps practices gain popularity, mobile app developers will increasingly have to move to mobile DevSecOps to build secure mobile apps. Many defense techniques will only grow in importance, such as code obfuscation to render app code or logic hard to understand and application shielding to guard against dynamic attacks, malicious debugging and tampering.

While IT teams can use obfuscation to protect data, hackers can also use this tactic to carry out ransomware attacks. A ransomware attack encrypts a compromised mobile device, locking the device user out. Ransomware attackers usually follow the same playbook with mobile devices as they do with PCs: Pay up if you want to regain access to your device and its data.

Ransomware was a part of nearly 25% of all data breaches in 2021 -- an almost 13% increase from the previous year -- according to findings from Verizon's "2022 Data Breach Investigations Report", and mobile devices are far from immune to such attacks.

Preventing ransomware starts with blocking corporate devices from downloading apps from any source other than their enterprise app store, the Apple App Store or Google Play. Some other critical steps to prevent mobile ransomware include the following:

Leaky mobile apps set the stage for a mobile device breach. As the name suggests, a leaky app is an app that corporate data seeps out of, like water leaking out of a cracked pipe. Poor programming practices create flawed code, which can enable the public and attackers to see application data such as corporate information and passwords.

It only takes one compromised mobile device for an attacker to access an organization's network.

Security flaws were a significant issue with the release of the Beijing 2022 Olympics app. The app was mandatory for all attendees and had flaws that could allow attackers to steal personal information and even spy on some communications. Common advice to the athletes and other attendees was to use a burner phone at the Olympics because of the mobile security threats that were present.

A similar threat emerged in January 2021, when Slack identified a bug in its Android app that logged cleartext user credentials on devices. While Slack did warn its users to change their passwords and purge the application data logs, potential access was wide open to attackers seeking corporate information. Although the bug did not lead to any headline-grabbing breaches, it shows that popular enterprise mobile apps are a potential attack vector.

To protect against flawed code and leaky mobile apps, organizations must train their mobile developers in secure coding practices and implement mobile application security testing as part of a DevOps methodology.

A software supply chain works similarly to an assembly line in a factory. It's a production cycle that pulls together partners, contractors and third-party vendors to produce software. Open source software components also travel the same supply chain.

Through the software supply chain, however, a cybersecurity vulnerability in one organization can lead to further damage for various other organizations. The SolarWinds software supply chain breach infamously showed this danger, with hackers gaining access to the networks, systems and data of thousands of the company's government and enterprise customers.

An attacker who compromises the software supply chain of a mobile app vendor can insert code in the app, which prompts an end user to download an update from a malicious site. A software supply chain compromise happens before an app hits a public or corporate app store.

Business application and service providers will no doubt ramp up their supply chain security to prevent these attacks.

Jailbroken iOS devices and rooted Android devices compromise the security posture of the entire device because they allow hackers to carry out privilege escalation attacks. When attackers gain access to a mobile OS, they can attack mobile applications indiscriminately.

EMM tools such as Jamf Private Access enable IT to set security policies that prevent jailbroken or rooted mobile devices from accessing enterprise resources.

As corporate applications migrate to the cloud, the prospect of man-in-the-middle (MitM) attacks -- where an attacker can intercept, delete or alter data sent between two devices -- becomes a reality. While there are other causes of MitM attacks, mobile applications using unencrypted HTTP can traffic sensitive information, which attackers can utilize for their nefarious purposes.

To prevent MitM attacks, organizations should start by training their development teams in secure coding standards and architecture. The same standards must also apply to vendors in their software supply chain.

To ensure the safety of mobile users and sensitive corporate resources, IT must know how attacks on mobile applications can take place and proactively defend against them. As an organization's use of BYOD and corporate devices evolves, so must its mobile security strategies. The key to creating such effective security policies is making the most of working relationships to share best practices among desktop and mobile teams, as well as the end users the organization supports.

Read the rest here:
Preventing attacks on mobile applications in the enterprise - TechTarget

Political Notes: The Biden rally and counter-programming, Moore’s new fans, Raskin’s ambition, and more – Josh Kurtz

President Joe Biden walks along the Colonnade of the White House on May 4, 2022, to the Oval Office. Official White House photo by Adam Schultz.

Maryland Democrats are gearing up for their big rally Thursday evening with President Joe Biden at Richard Montgomery High School in Rockville.

Their opponents are gearing up as well.

The president is the headliner, but other scheduled speakers at what promises to be a lengthy rally include Democratic National Committee Chair Jaime Harrison; Democratic gubernatorial nomineeWes Moore and his running mate, former state Del.Aruna Miller; Del. Brooke Lierman (D-Baltimore City), the partys nominee for state comptroller; U.S.Ben Cardin; U.S. HouseMajority Leader Steny Hoyer; U.S. Rep. JamieRaskin; andMaryland Democratic Party Chair Yvette Lewis.

But Republicans and conservatives also plan to have a presence, virtually and in person, for counter-programming.

Del. Dan Cox (R-Frederick), the GOP nominee for governor, plans to hold a news conference Thursday afternoon outside the Montgomery County Circuit Court, just a few blocks from the rally site. Earlier in the afternoon, the Republican National Committee is hosting a press call with Del. Neil Parrott (R-Washington), who is in a rematch with U.S. Rep. David Trone (D-Md.).

And the conservative group Help Save Maryland has put out an electronic flier inviting people to a counter-protest outside the high school, urging them to Rally Against Open Borders Joe Biden and His Sanctuary Cronies.

Rockville should be a fun place Thursday afternoon and evening but the traffic could be murder.

Wes week

Not surprisingly, the Moore campaign has kept the pedal to the metal on the fundraising front this week. We know of at least two major fundraisers that he held this week in Maryland.

On Tuesday evening, the Moore campaign had an event at the Woodmore Country Club near Mitchellville with several local and regional business leaders. The list included Everett Browning, a government contractor; John Clyburn, a business consultant and brother of South Carolina Rep. Jim Clyburn, the third-ranking Democrat in the House of Representatives; Gwen McCall, a business and leadership consultant; Emerick Peace, who runs a real estate firm; Terry Spiegner, who runs an IT company; and Freddie Winston, a construction company owner.

Del. Darryl Barnes (D-Prince Georges), the chair of the Legislative Black Caucus in Annapolis who supported Comptroller Peter Franchot, not Moore, in the Democratic gubernatorial primary was also listed as a sponsor of the event.

On Thursday evening, Moore traveled to Annapolis for a fundraiser at the Red Red Wine Bar sponsored by uber-lobbyist Gerard Evans and his multiple clients.

Other individuals and organizations that endorsed Moores Democratic primary foes are quickly falling in line. This week, the Maryland chapter of the Sierra Club, which had endorsed former U.S. Education Secretary John King in the Democratic primary, announced its support for Moore.

Wes Moore and Aruna Miller are a dynamic duo with diverse experience and lots of enthusiasm for bringing people together to solve problems. It doesnt get bigger than an existential climate crisis and threats on democracy from extremists, said Rosa Hance, chair of the Sierra Club Maryland Chapter. We are excited to endorse Wes Moore and work with him and Aruna to meet the challenges head-on.

On Friday, four locals of the Service Employees International Union, which had backed former U.S. Labor Secretary Tom Perez for governor, will endorse Moore in Baltimore. The unions represent health care, education workers, janitors, security guards and workers at BWI Marshall Airport.

Raskin eyes top committee slot

Tuesdays New York primary results were barely 12 hours and already ambitious House Democrats were jockeying to become the top Democrat on the House Committee on Oversight and Reform following the primary defeat of veteran Rep. Carolyn Maloney (D-N.Y.), who has held the committee gavel since the death of the late Maryland Congressman Elijah Cummings (D).

One of those jockeying: Maryland Rep. Jamie Raskin (D).

Raskin, according to Punchbowl News, Politico and other Capitol Hill-focused publications, is one of four Democrats eyeing the vacancy. But he has less seniority in Congress and on the committee than two of the other aspirants, Rep. Steven Lynch (D-Massachusetts) and Rep. Gerry Connolly (D-Virginia). Rep. Ro Khanna (D-California) is also seen as a possibility, but according to Politico, he is urging Raskins selection.

Raskin told Politico that he is actively exploring it and will have something to say this week.

The oversight panel is the venue for great political battles and when its run by the party opposite the White House it is often the center for partisan-tinged investigations. Even though the political environment has changed some over the past few months, the Republicans are still favored to seize control of the House in January, meaning Raskin and his colleagues are likely competing to become ranking member of the committee rather than committee chair.

Depending on how the congressional game of musical chairs turns out following the election, Raskin could also be in line to be the top Democrat on the House Committee on Administration.

Event-hopping in Howard Co.

Two Republicans running in the 9th legislative district, which Democrats have targeted for takeover, are holding back-to-back fundraisers on Sunday evening.

First, Del. Reid Novotny (R-Howard), who is hoping to oust Sen. Katie Fry Hester (D) in November, has an event scheduled at Circle D Farm in Woodbine, from 4-6 p.m. Then, from 6-8 p.m., Del. Trent Kittleman (R-Howard), who is seeking a third term representing the subdistrict District 9A, at a farm in West Friendship, a seven-mile drive away.

Kittleman and the other Republican in the two-seat district, Jianning Jenny Zeng, are running against Democrats Chao Wu and Natalie Ziegler. During the latest round of redistricting, Democrats made the district more favorable to their candidates by substituting a portion of Carroll County for a portion of Montgomery County.

Read more from the original source:
Political Notes: The Biden rally and counter-programming, Moore's new fans, Raskin's ambition, and more - Josh Kurtz

Here’s why Wii U emulator Cemu going open source is a big deal for emulationand for the Steam Deck – PC Gamer

On Tuesday, the creator of Wii U emulator Cemu announced a major 2.0 version release, introducing Linux builds for the first time and open sourcing eight years of work.

In 2017, Wii U emulator Cemu made history by pulling in thousands of dollars per month on Patreon to help fund development. Cemu's high profile Patreon, which was briefly earning $25,000 at its peak, raised questions about the ethics of emulation, particularly when money is involved, and when a project is "closed source" instead of open source, meaning their source code isn't publicly available. Closed source emulator development isn't inherently wrong, but it can be controversialone of the key ways the emulation community protects itself from lawsuits is by keeping its source code public, so litigious companies like Nintendo can study it and confirm that none of its proprietary code is used in the reverse-engineering process.

Dolphin emulator developer Pierre Bourdon broke it down for me back in 2017. "You can save a lot of time if you cheat and look at proprietary documentation (console SDKs, leaks, etc.) while trying to understand how a console works," he said. "This is in general frowned upon in many emulation projects: it puts the whole project at the risk of a lawsuit. It's one of the things where we have no doubts about the legality: it's clearly illegal. With open source projects the development process is usually very open."

Despite some worries in the community that Cemu would attract legal scrutiny thanks to its closed source code, lucrative Patreon and 4K Breath of the Wild videos, Nintendo never came knocking. And now worries that Cemu's source code could be lost if developer exzap ever disappeared are moot, too. The project in its entirety is available on Github, including Linux builds for the new 2.0 release.

Cemu's move to open source marks the end of the most prominent fan-made closed source emulator in existence. It's a great day for the continued preservation of Nintendo's games long into the future, considering the company's own emulation efforts are often disappointingly bad.

Exzap notes that the Linux support is "still very rough around the edges," but hopes that changes quickly as other emulator developers familiarize themselves with Cemu and begin to chip in on the project. Cemu previously only ran on Windows, but its Linux support now opens the door to easy installation on the Steam Deck, my favorite emulation system. It won't be easy to get going on the Deck until Cemu adds flatpak support for one-click installation, but that's already being discussed on the Github.

Cemu's creator used the 2.0 announcement to talk a bit about the emulator's historythey've been the sole developer for much of its run, and said that in the last couple years the project has been especially draining.

"Whenever I tell myself to make time for other things, I end up feeling guilty because my self-inflicted sense of responsibility drives me to always prioritize Cemu over my own interests. This year was especially intense because I single-handedly ported Cemu to Linux while also trying to deliver somewhat constant feature and bug fix updates," they wrote. "In the end, opening up development seems like the logical decision. It has always been the long-term plan anyway. With Cemu being open-source, the hope is that new contributors will pick up where I left off."

Exzap will still be contributing, but hopes having more developers will help with some significant features, like pausing and restarting emulation and improving performance on older hardware.

"I have been working on Cemu for almost 8 years now, watching the project grow from an experiment that seemed infeasible, to something that, at its peak, was used by more than a million people," exzap wrote on Tuesday. "Even today, when the Wii U has been mostly forgotten, we still get a quarter million downloads each month. There are still so many people enjoying Wii U games with Cemu and I will be eternally grateful that I got the chance to impact so many people's life in a positive way, even if just a tiny bit."

Link:

Here's why Wii U emulator Cemu going open source is a big deal for emulationand for the Steam Deck - PC Gamer

New Open Source Tool Shows Code Injected Into Websites by In-App Browsers – SecurityWeek

A researcher has conducted an analysis to see how major companies could track user activity through their mobile in-app browsers, and released a free and open source tool that allows anyone to check what code is being injected by such browsers.

Some mobile applications use built-in browsers to allow users to quickly access third-party websites. Other apps include a browser to load their own resources, which may be needed to perform various activities. However, these internal browsers could also pose security and privacy risks.

Researcher Felix Krause published a blog post earlier this month claiming that the iOS apps of Instagram and Facebook could monitor everything a user does on an external website opened through the applications internal browser. This claim was based on the JavaScript code the applications inject into the website displayed by the in-app browser.

Later tests showed that TikTok also injects JavaScript code that modifies the content of the third-party websites opened through the social media app. TikTok appears to monitor all keyboard inputs and screen taps, potentially allowing the company to collect passwords and other sensitive information entered via the built-in browser.

Meta said the code is being injected as part of an App Tracking Transparency (ATT) mechanism that helps the company respect users privacy choices. TikTok confirmed that the keylogging code exists, but said its not actually being used.

However, Krause says his analysis highlights the potential security and privacy risks associated with JavaScript code getting injected by in-app browsers into third-party websites. That is why last week he released a free and open source tool that anyone can use to check what code is being executed through these in-app browsers.

The online tool, named InAppBrowser, displays the JavaScript code that is injected when the website inappbrowser.com is opened with an in-app browser. It also provides information on what each command does.

While the tool can provide some useful information, Krause pointed out that it cannot detect all the JavaScript executed by the browser and it also does not provide any information on the tracking mechanisms implemented using native code. In addition, some applications can hide their JavaScript activities, including by using Apples WKContentWorld object, which is designed to separate the app from the webpages and scripts it executes.

On the other hand, the researcher noted, Just because an app injects JavaScript into external websites, doesnt mean the app is doing anything malicious. There is no way for us to know the full details on what kind of data each in-app browser collects, or how or if the data is being transferred or used.

Users who are concerned about the potential risks should always open websites in their phones browser rather than the in-app browser. Popular apps often provide the Open in browser option for this task, or users could simply copy and paste the URL.

Krause also noted that some iOS apps follow Apples recommendation and use Safari or the Safari view controller for accessing external websites, and this prevents them from injecting their own code.

The InAppBrowser source code is available on GitHub. The app can work for both Android and iOS applications.

Related: Apple to Tighten App Privacy, Remove Apps That Don't Comply

Related: Google Details New Privacy and Security Policies for Android Apps

Related: Google Introduces 'Privacy Sandbox' for Ads on Android

Read the original here:

New Open Source Tool Shows Code Injected Into Websites by In-App Browsers - SecurityWeek

Microsoft employees love Figma, and it’s testing the company’s cozy relationship with Adobe – CNBC

Dylan Field, co-founder and CEO of Figma, speaks at the startup's Config conference in San Francisco on May 10, 2022.

Figma

Microsoft and Adobe have been friendly bedfellows for decades. Microsoft's dominant PC operating system has been the gateway for Adobe to reach millions of business users with its design software.

The companies' CEOs even attended the same high school in India, and both moved to the U.S. in the 1980s for graduate school in computer science. They share a common bond over the successful transition from desktop software to the cloud.

But inside Microsoft, an emerging challenge to Adobe is catching fire and raising questions about the future of one of the tech industry's most intimate relationships.

Figma, a San Francisco-based startup that celebrated its 10th anniversary in August, is being used by tens of thousands of employees inside Microsoft and, for many, is at the heart of their daily work. The number of users has steadily increased in recent years, though neither company will say how many of them are editors with paid accounts.

The cloud-based design software came in the door in 2016, when Microsoft acquired mobile app development platform Xamarin and brought in a 350-person team that, months after the deal closed, would become Figma power users. The product has since become so central to how Microsoft's designers do their jobs that Jon Friedman, corporate vice president of design and research, said Figma is "like air and water for us." It's also used by engineers, marketers and data scientists across Microsoft.

"Figma's become, I would say, sort of the No. 1 common tool we use to collaborate across all of the design community in the community and beyond," said Friedman, who's worked at Microsoft for over 18 years. It's "really great at helping us collaborate at scale, and at global scale. I can collaborate with teams we have in India, China, Europe, Israel and Africa."

Venture investors have been all in on the growth.

In June 2021, during the heyday of mega financings, Figma was valued at $10 billion in a funding round that included participation from Morgan Stanley's Counterpoint Global. That was before the 2022 market plunge sent many cloud stocks down by more than half and largely halted pre-IPO rounds.

Figma hasn't announced plans for a stock market debut, and shareholders aren't pressing for one anytime soon, in large part because the market for new offerings has dried up this year.

The company, backed by the likes of Index Ventures, Greylock Partners and Kleiner Perkins, now has the size and growth trajectory to land solidly on the radar of public investors. Annualized recurring revenue has more than doubled in consecutive years and is poised to top $400 million in 2022, according to people with knowledge of the company's financials who asked not to be named because the numbers are confidential. Figma's workforce has swelled to 800.

While Microsoft has served as a growth driver for Figma, spending millions a year on its deployment, the company's software has also taken off at Google, Oracle and Salesforce, where it started small and grew organically as fans touted it to their colleagues. Other customers include Airbnb, Dropbox, Herman Miller, Stripe and Twitter.

After Figma founder and CEO Dylan Field tweeted earlier this month about the company turning 10 years old, he received flattering responses from Salesforce co-CEO Bret Taylor and Atlassian co-CEO Mike Cannon-Brookes. Taylor started his response with, "I [heart emoji] Figma."

For Figma, getting traction inside big companies, particularly within Microsoft, has required going head-to-head with Adobe's competing XD program, and winning its fair share of deals. That doesn't mean the market has completely flipped, or that Adobe is being fully supplanted.

"We're still heavy on Adobe Illustrator, Photoshop and XD," Friedman said.

Adobe and Microsoft have worked together for more than two decades. In addition to Adobe gaining ubiquity by distributing across Windows machines, the two companies have been syncing their products in desktop, cloud and mobile computing, with over 50 integrations listed on Microsoft's website.

Penetrating that alliance has not always been smooth for Figma. In 2016, Microsoft acquired Sunrise, a startup with a popular calendar app. The Sunrise team relied on Figma and continued to use it after the deal closed.

Sunrise co-founder Jeremy Le Van said his employees were among the lucky ones at Microsoft. He said some Microsoft staffers weren't able to use Figma because of the business relationship with Adobe and were stuck using products such as Photoshop and XD. Despite executive resistance in certain departments, some designers snuck out of the Adobe ecosystem to use Figma anyway, said Le Van, who stayed on as a design director at Microsoft until 2018.

Friedman said he wasn't aware of examples of Figma being shut out. "We have a great relationship with Adobe as well and love their products for many use cases at Microsoft," he said.

The same year of the Sunrise deal, Adobe said it would make Microsoft's Azure its preferred cloud for Creative Cloud, as well as the Marketing Cloud and Document Cloud. To mark the occasion, Microsoft CEO Satya Nadella and Adobe CEO Shantanu Narayen, who both went to high school at India's Hyderabad Public School, appeared at Microsoft's Ignite conference for IT professionals under a banner declaring that Adobe loves Azure.

Figma's collaborative capabilities are central to its popularity. Multiple editors of a document can see one another working in real time, and non-editors can view designs and leave comments. Companies pay for Figma based on the number of editors they have for their files.

"Any designer, product manager or engineer can jump in and see the design system at play in any particular product," Friedman said.

Last week, Figma released a version of its service that people can use in Microsoft's Teams communication app, removing the need to open a browser tab.

"We both wanted it," said Field, who started Figma after scoring a Thiel Fellowship, which came with a $100,000 grant from venture investor Peter Thiel on the condition that he drop out of college (Brown University) and pursue a new project.

The Teams integration is a tool that benefits any user of Microsoft products, not just employees. Adobe, which offers Teams apps for Acrobat and Creative Cloud, knows all about the power of tying into the Microsoft ecosystem. It's been a big part of the company's success in its 40-year run up to almost $17 billion in annual revenue.

Figma had to start small. Like many organizations, Microsoft began using it for free. Today, a customer can pay Figma each month based on the number of people who make changes to files, while a more limited version of the service is available at no cost.

In 2017, a year after the Xamarin acquisition, Field hosted Friedman at his company's San Francisco headquarters. Field says he remembers asking Friedman why Microsoft didn't want to keep using the free version of Figma.

"'Look, we're all worried you're going to die as a company," Field recalled Friedman telling him. "We can't spread it inside Microsoft as a company even though we like it, because you're not charging."

It wasn't just about keeping Figma alive. As a big-spending customer, Microsoft was in position to start asking for more features.

A workspace inside Building 21 at the Microsoft campus in Redmond, Washington, on March 3, 2022. Microsoft Corp. has begun calling employees back to its headquarters in recent weeks, but its return-to-office strategy hinges on hybrid work.

Chona Kasinger | Bloomberg | Getty Images

Field said Microsoft's feedback led to several improvements. For example, Figma engineers worked to make it easier to move from screen to screen in a single Figma file. The company also added support for input from Xbox game controllers and made prototype previews work faster on mobile devices.

Ultimately, Microsoft's requests helped Figma develop its top-tier enterprise plan, Field said, adding to the free version and paid monthly premium packages that range from $12 to $45 per editor per month. The enterprise package runs at $75 per editor and includes dedicated account managers and advanced password management.

Vclav Vanura remembers when things were very different.

Vanura was a senior designer at Xamarin, whose software helped companies build Android and iOS apps with Microsoft's C# programming language.

When Figma announced its launch in late 2015, Vanura was impressed with the company's idea for shared design component libraries. He signed up for a preview release and received access in the summer of 2016. He encouraged his colleagues to jump on board, starting with David Siegel, Xamarin's head of design.

Vanura and Siegel encountered snags while sharing files from design competitor Sketch. After one Xamarin employee uploaded a file to a Dropbox folder, their teammates sometimes struggled to get it running on their computers, either because they didn't have the right fonts installed or because they had different versions of the software.

Unlike Sketch, which was only available on MacOS, Figma was on the browser. That meant fewer sharing issues. You grant others access by copying a link or entering their email addresses, just like in Google Docs. But performance was a problem.

Vanura made complex designs in Figma, causing the software to slow down, freeze and crash. The Xamarin workers sent Vanura's files to Figma engineers, who made Figma speedier and more stable.

In 2017, Vanura flew from the Czech Republic, where he lives, to Seattle, and then made the short trek to Microsoft's headquarters in Redmond. He took the opportunity to show Figma to his team, many of whom were accustomed to working in Photoshop and Illustrator.

"It was amazing. It was like watching Formula 1," Vanura said. "There were so many mouse pointers on the screen, and everybody designed something, even if it meant they were pasting GIFs or drawing rectangles. All of them were so blown away. I think that was the moment these people figured out this was a huge time saver."

Siegel, who had become Microsoft's head of design for developer services, wanted to get the word out more broadly that Microsoft was evolving and wasn't stuck to its old isolated ways. In 2018, he posted a manifesto of sorts online.

"We use PCs, Macs, Figma, Sketch, GitHub, JavaScript, ZEIT, and other modern tools to design, prototype, and build the future of software development," Siegel wrote on Xamarin's website. There was a link to a Figma file that Microsoft employees could open.

The website reached the front page of Hacker News, a discussion board for software developers.

"This is some incredible self-awareness," one commenter wrote.

Soon after, Benedikt Lehnert, a Microsoft product design director, told Friedman that the company needed everyone on the same program, whether it was Figma or XD. Microsoft chose Figma, Lehnert said.

Scott Belsky, chief product officer and executive vice president for Creative Cloud at Adobe and then a venture partner at Benchmark, speaks onstage at the TechCrunch Disrupt conference in San Francisco on Sept. 13, 2016.

Steve Jennings | TechCrunch | Getty Images

Vanura said that at Microsoft, "Figma spread across the company so fast that I don't think Adobe was even able to catch up."

Figma isn't shy about going up against an industry heavyweight. On its website, Figma says, "Dont sync to the cloud with Adobe XD. Work in the cloud withFigma." It asserts that designers are moving away from Adobe's Creative Cloud bundle, the product that accounts for 59% of Adobe's revenue.

in 2020, Adobe added Figma to the list of competitors it publishes in its annual report.

Analysts have raised questions about Figma to Adobe executives on at least three occasions this year. Alex Zukin of Wolfe Research asked during a January fireside chat with Adobe executives Scott Belsky and David Wadhwani if Figma was taking market share.

Belsky, Adobe's product chief and executive vice president for Creative Cloud, didn't answer the question directly. But he acknowledged that venture capitalists have been funneling money into the space.

"ItisexcitingthatVCsseethesamethingwe're seeing," Belsky said. "Five-plus years ago, you didn't see any material dollarsgoingintothecreativetools.Ithinknoweveryoneseesthat."

Belsky said Adobe can take advantage of an opportunity to bring Creative Cloud to the web, which it's done for Illustrator and Photoshop but not XD, a product that was launched in preview in 2016.

An Adobe spokesperson declined to talk about plans for a web version of XD, and said the company will talk about plans for Creative Cloud at its Max conference in October.

"We do not see an impact to the Photoshop business resulting from players in the product design category," the spokesperson said. "We developed and have evolved Adobe XD to address the needs of our core design customers, who are designing marketing experiences for screens, rather than the distinct category of product design and development."

Still, the pressure on Adobe is intensifying.

In the past three months, Figma's app for iOS devices has consistently ranked above Adobe XD in the graphics and design section of Apple's App Store, according to figures from Data.ai, formerly known as App Annie.

Wells Fargo analyst Michael Turrin said Figma has potential to expand.

"What Figma is trying to create is more of a broader platform that could become more of a system of record within this market, and that's why I think this could become more important," he said.

Figma isn't the only upstart in the space making waves. An open-source alternative called Penpot, which can automatically generate the underlying source code for designs people make in the software, is also gaining momentum.

Microsoft employees are using Penpot and have contributed to it, said Pablo Ruiz-Muzquiz, who co-founded the project. Of the people who test Penpot, almost 20% are coming from Figma, he said.

Penpot's code lives on GitHub, which Microsoft owns, under an open-source license, allowing people to download the code, modify it and run it on their own servers. That's not true of Figma, which keeps its own source code private.

But Figma is evolving. One job description suggests Figma is considering a significant update to its iPad app that would provide a space to make new designs and not just view or share them.

And Figma has been busy expanding its executive ranks. In June, the company promoted Praveer Melwani, its head of business operations and finance, to the finance chief position. The next month, former Deutsche Bank and Goldman Sachs executive Kate DeLeo joined Figma as vice president of investor relations and business operations.

As the company marches toward an eventual introduction to Wall Street, getting more out of its relationship with Microsoft presents an opportunity for growth. Expanding the number of ways Figma gets used is one avenue.

"It works great as a presentation tool," Friedman said.

Figma probably won't ever replace Microsoft's homegrown PowerPoint software or Adobe's PDF format, but Field said his product boasts distinct advantages. For one, Figma avoids the problem of the non-stop back-and-forth emailing of a presentation by letting people simply share a link. A Microsoft spokesperson said PowerPoint users can also use links to send documents.

"I'd be surprised if there's no salespeople at Microsoft that use it. My guess is there's some," Field said, regarding Figma. "Is it significant? No, probably not."

Not yet, anyway.

WATCH: Adobe CEO reacts to Q1 earnings: Our fundamentals continue to be extremely strong

See the article here:

Microsoft employees love Figma, and it's testing the company's cozy relationship with Adobe - CNBC

How unauthorized access to Git became a big headache for Twitter – Security Boulevard

You would think organizations would want to know when ex-employees have access to the crown jewels.

No one wants to end up in the news like Twitter did due to lack of access controls for repositories that contain source code just as they are locked in a battle of wits and a highly publicized lawsuit about an acquisition gone awry.

The software supply chain has become one of the biggest attack vectors. Attackers will find any means to access the repositories where source code is stored. Additionally, software today is often built via a combination of internally developed code, open source code or third-party developed code. All this code generally resides in git repositories.

These repositories also contain Infrastructure as code and git configuration rules to make it easier for developers to move their code down the CI/CD development pipeline. Individuals with unauthorized access to these repositories may not be seeking to pilfer code. They may be after something far more sinister.

While everyone is concerned about source code being stolen by individuals with unauthorized access, the real danger is that the code can divulge a blueprint of the application architecture. Where critical information is stored and what other resources are being leveraged. This information can be used to mount devastating asynchronous attacks that result in the exfiltration of large volumes of PII or cause debilitating operational disruptions.

In an article published by Wired magazine on August 23, 2022, the author notes, Al Sutton, cofounder and chief technology officer of Snapp Automotive, was a Twitter staff software engineer from August 2020 to February 2021.

The article also carried a tweet from Al Sutton himself which stated, An aspect Ive not seen discussed much about my long-past-leaving membership of the Twitter GitHub group, is that it left me with access to the private and public membership list of the group which could have been used as a social engineering starter list (33 public, 267 private).

The Wired article further mentions that Twitter never removed him from the employee GitHub group that can submit software changes to code the company manages on the development platform. Sutton had access to private repositories for 18 months after being let go from the company.

Access to repositories by developers and operations teams is a key tenet to developing a more comprehensive view of code security. In order to understand risk from code, BluBracket believes that enterprise teams must seek answers to three key questions:

What high risk content is present in your code?

Who has access to your code?

Where is your code going?

It is clear from above that unmonitored access to code repos can lead to both external and insider threat. Malicious code can be introduced into repositories and become a threat to the organizations most critical assets.

In addition to identifying exposed secrets like passwords, credentials and API tokens in source code, BluBracket enforces policies for trusted access to repositories. BluBracket also monitors developer access to repositories with built-in support for single sign-on (SSO) and multi-factor authentication (MFA).

BluBrackets solutions help developer and application security teams Identify who has access to what, calling out the best-practice configuration of everything from git hooks to branch protection rules helps guide teams to continuous improvement and ongoing operational security. When teams know they can automatically and continuously audit access, theyre both more productive because they can more easily grant access, and more secure because they have tools to revoke access when employees roles change, they leave or are terminated.

For more information on the BluBracket code security solution, please visit https://blubracket.com/products/enterprise-edition/

To get started for free with BluBracket please visit https://blubracket.com/contact/get-started/

*** This is a Security Bloggers Network syndicated blog from BluBracket: Code Security & Secret Detection authored by Pan Kamal. Read the original post at: https://blubracket.com/how-unauthorized-access-to-git-became-a-big-headache-for-twitter/

Read the original post:

How unauthorized access to Git became a big headache for Twitter - Security Boulevard

SIGGRAPH 2022: A tale of USD, Hydra, and the sheer power of Dreamworks MoonRay – RedShark News

Why DreamWorks' releasing MoonRay under the Apache open source license is akin to Panavision giving away Millennium DXLs along with the blueprints.

Back in the 90s, when someone mentioned RenderMan most would think of a rendering engine from Pixar. In reality however, RenderMan wasn't actually a rendering engine at all, but rather an open standard for rendering engines; Pixar's version was called PhotoRealistic RenderMan (PRMan).

The heart of the RenderMan standard was a scene description language and a shader language. Being open, anyone developing a rendering engine could write a parser for both, and anyone developing a 3D animation system could implement an exporter for them.

Open source software is a very different beast. One of the most famous open source applications on the internet is Blender3D. Anyone can download the source code for Blender, including the well loved Cycles rendering engine. Some studios have even taken advantage of Blender's open source nature to customize it for their own in-house production pipelines.

Because of the license that Blender is released under, in spite of having huge amounts of funding from companies like Epic, Ubisoft, and Bethesda, the application is still completely open source. The pace of Blender improvements now rivals that of DaVinci Resolve, yet the source code remains freely available.

Pixar has developed a new standard for 3D animation systems to share data called USD: Universal Scene Description. Along with that are the Open Shading Language (OSL) and ILM's MaterialX specification. Part of the specification includes what is termed a USD Hydra Delegate, which is a much simpler idea than it sounds like; it's essentially a plug-in interface for a rendering engine.

SideFX Software got on board with USD early and has a mature, production ready implementation of it now in Solaris, which is a Houdini workspace designed for scene assembly, look development, lighting, and rendering. Since Solaris is based on USD, it can render to any Hydra Delegate. From the user's point of view, switching renderers requires no more effort than dropping down an appropriate node in the Solaris environment.

Houdini has two production rendering engines now. One is the older, CPU only Mantra which is well respected for image quality, features, and robustness. It does not however use GPU compute, so it falls well short of most of its contemporaries in the speed department thanks to the meteoric rise of GPU computing power in recent years. The second option now available is Karma, which is faster than Mantra but more importantly includes an XPU option which uses both the CPU and GPU compute. Karma is also a USD Hydra delegate with (beta) support for MaterialX shaders.

For SIGGRAPH 2022, a few of Intel's developers implemented a prototype USD Hydra delegate using Intel's open source Embree rendering system. Being a Hydra delegate, it sits in Solaris just like Karma does, allowing Intel an opportunity to tease us with the might of its next generation GPU.

Because USD is an open standard, a certain well known and well loved open source 3D animation system supports it also: Blender. AMD has implemented full USD Hydra delegate support as one of the features of ProRender for Blender.

Dreamworks is well known for its stylized animation, but the studio also does photorealistic visual effects for film, commercials, and TV. Rather than relying on a 3rd party production renderer, DreamWorks developed its own in house.

Called MoonRay, DreamWorks in house renderer is a state of the art distributed path tracer. It supports the usual laundry list of features like Cryptomatte, and deep output, a flexible and extensible suite of layerable shaders, light filters, volumetric rendering, and light filters.

While the rendering features by themselves don't set MoonRay apart from the likes of Arnold, V-Ray, Redshift, and even Cycles, there are a few areas where MoonRay is leading the pack.

First is its XPU mode. One of the challenges that render engine developers face is that CPUs and GPUs handle math slightly differently. While in a purely integer world there would be no differences, that's not the case in floating point; it's entirely possible to have two different processors execute exactly the same instructions and end up with different results. Because there are standards for floating point arithmetic defined by the IEEE, the nature of floating point arithmetic makes it nearly impossible for every compute architecture to deliver identical results. The differences are not large by any means, they're typically limited to the last few decimal points in each operand, but over the course of several iterations they can add up. If every node is the same, there's nothing to worry about, but if the GPU is running 200 iterations of a shader and the CPU is running the other 200, then the two sets of resulting pixels can look different enough to manifest as a rendering glitch.

Because of this, most of the GPU accelerated rendering systems on the market currently use either the CPU or the GPU, and rarely both. In most cases both means render on the CPU and then use the GPU for output filters like noise reduction, so that the issue of differences in rounding affect the entire image, and in a way that is consistent throughout an image sequence.

SideFX and Isotropix are working on XPU renderers that can use both the CPU and the GPU to render an image with pixel perfect accuracy, so that there will be no difference between pixels rendered on the GPU vs pixels rendered on the CPU.

DreamWorks is already there with MoonRay; its XPU mode is able to use the GPU as a supplemental compute node, instead of only as a stage in the rendering process.

This is actually a bigger deal than it sounds at first, because GPU rendering actually performs pretty poorly unless the entire scene and all of its textures is able to reside in the GPU's memory. Being able to efficiently load balance the rendering effort across the CPU and GPU is a big deal for performance, because it lets the renderer boost performance by using the GPU but without being limited by GPU memory.

MoonRay's other banner feature set is also performance oriented. It's vectorized from the bottom up, and has been from the start of development. MoonRay uses Intel's Embree for ray tracing, and DreamWork's own vectorized ray integrator and shading and texturing engines.

The other side of MoonRay's performance feature set is its cloud based distributed rendering framework called Arras. The Arras SDK is designed to simplify connecting to a renderfarm, and also to integrate MoonRay with a client application. The MoonRay demos show examples of artists interactively working in Houdini connected to a 32-node MoonRay cluster that uses the system GPU for denoising, and the result is a blazing fast interactive viewport render, a tremendous boon for look development.

Another feature of MoonRay is that it supports the Hydra Render Delegate standard, so out of the box artists with applications like Houdini and Katana will be able to use MoonRay as an interactive as well as production rendering engine.

Since DreamWorks is releasing MoonRay under the Apache open source license and the USD Hydra specification is open, expect to see MoonRay pretty much everywhere in the near future.

Choosing a render engine for an animation project is akin to choosing a camera for a film project, such as Eevee for realtime, interactive work which makes it great for look development and Cycles for final rendering to take advantage of the physically based ray traced output.

In that analogy, DreamWorks' releasing MoonRay under the Apache open source license is akin to Panavision giving away Millennium DXLs, along with the blueprints.

DreamWorks uses MoonRay in Linux, so the Windows and OSX ports are currently in limited beta. There are some application developers already working on integrating MoonRay into their software as well.

Since it's in beta testing, DreamWorks doesn't have a time table for releasing MoonRay to the public yet, but it's a good bet that it's going to become very popular very quickly when it launches and raises the bar for third party rendering engines.

Excerpt from:

SIGGRAPH 2022: A tale of USD, Hydra, and the sheer power of Dreamworks MoonRay - RedShark News