In cryptography, the white-box model refers to an extreme attack scenario, in which an adversary has full unrestricted access to a cryptographic implementation, most commonly of a block cipher such as the Advanced Encryption Standard (AES). A variety of security goals may be posed (see the section below), the most fundamental being "unbreakability", requiring that any (bounded) attacker should not be able to extract the secret key hardcoded in the implementation, while at the same time the implementation must be fully functional. In contrast, the black-box model only provides an oracle access to the analyzed cryptographic primitive (in the form of encryption and/or decryption queries). There is also a model in-between, the so-called gray-box model, which corresponds to additional information leakage from the implementation, more commonly referred to as side-channel leakage. White-box cryptography is a practice and study of techniques for designing and attacking white-box implementations. It has many applications, including digital rights management (DRM), pay television, protection of cryptographic keys in the presence of malware, mobile payments and cryptocurrency wallets. Examples of DRM systems employing white-box implementations include CSS and Widevine. White-box cryptography is closely related to the more general notions of obfuscation, in particular, to Black-box obfuscation, proven to be impossible, and to Indistinguishability obfuscation, constructed recently under well-founded assumptions but so far being infeasible to implement in practice. As of January 2023, there are no publicly known unbroken white-box designs of standard symmetric encryption schemes. On the other hand, there exist many unbroken white-box implementations of dedicated block ciphers designed specifically to achieve incompressibility (see § Security goals). == Security goals == Depending on the application, different security goals may be required from a white-box implementation. Specifically, for symmetric-key algorithms the following are distinguished: Unbreakability is the most fundamental goal requiring that a bounded attacker should not be able to recover the secret key embedded in the white-box implementation. Without this requirement, all other security goals are unreachable since a successful attacker can simply use a reference implementation of the encryption scheme together with the extracted key. One-wayness requires that a white-box implementation of an encryption scheme can not be used by a bounded attacker to decrypt ciphertexts. This requirement essentially turns a symmetric encryption scheme into a public-key encryption scheme, where the white-box implementation plays the role of the public key associated to the embedded secret key. This idea was proposed already in the famous work of Diffie and Hellman in 1976 as a potential public-key encryption candidate. Code lifting security is an informal requirement on the context, in which the white-box program is being executed. It demands that an attacker can not extract a functional copy of the program. This goal is particularly relevant in the DRM setting. Code obfuscation techniques are often used to achieve this goal. A commonly used technique is to compose the white-box implementation with so-called external encodings. These are lightweight secret encodings that modify the function computed by the white-box part of an application. It is required that their effect is canceled in other parts of the application in an obscure way, using code obfuscation techniques. Alternatively, the canceling counterparts can be applied on a remote server. Incompressibility requires that an attacker can not significantly compress a given white-box implementation. This can be seen as a way to achieve code lifting security (see above), since exfiltrating a large program from a constrained device (for example, an embedded or a mobile device) can be time-consuming and may be easy to detect by a firewall. Examples of incompressible designs include SPACE cipher, SPNbox, WhiteKey and WhiteBlock. These ciphers use large lookup tables that can be pseudorandomly generated from a secret master key. Although this makes the recovery of the master key hard, the lookup tables themselves play the role of an equivalent secret key. Thus, unbreakability is achieved only partially. Traceability (Traitor tracing) requires that each distributed white-box implementation contains a digital watermark allowing identification of the guilty user in case the white-box program is being leaked and distributed publicly. == History == The white-box model with initial attempts of white-box DES and AES implementations were first proposed by Chow, Eisen, Johnson and van Oorshot in 2003. The designs were based on representing the cipher as a network of lookup tables and obfuscating the tables by composing them with small (4- or 8-bit) random encodings. Such protection satisfied a property that each single obfuscated table individually does not contain any information about the secret key. Therefore, a potential attacker has to combine several tables in their analysis. The first two schemes were broken in 2004 by Billet, Gilbert, and Ech-Chatbi using structural cryptanalysis. The attack was subsequently called "the BGE attack". The numerous consequent design attempts (2005-2022) were quickly broken by practical dedicated attacks. In 2016, Bos, Hubain, Michiels and Teuwen showed that an adaptation of standard side-channel power analysis attacks can be used to efficiently and fully automatically break most existing white-box designs. This result created a new research direction about generic attacks (correlation-based, algebraic, fault injection) and protections against them. == Competitions == Four editions of the WhibOx contest were held in 2017, 2019, 2021 and 2024 respectively. These competitions invited white-box designers both from academia and industry to submit their implementation in the form of (possibly obfuscated) C code. At the same time, everyone could attempt to attack these programs and recover the embedded secret key. Each of these competitions lasted for about 4-5 months. WhibOx 2017 / CHES 2017 Capture the Flag Challenge targeted the standard AES block cipher. Among 94 submitted implementations, all were broken during the competition, with the strongest one staying unbroken for 28 days. WhibOx 2019 / CHES 2019 Capture the Flag Challenge again targeted the AES block cipher. Among 27 submitted implementations, 3 programs stayed unbroken throughout the competition, but were broken after 51 days since the publication. WhibOx 2021 / CHES 2021 Capture the Flag Challenge changed the target to ECDSA, a digital signature scheme based on elliptic curves. Among 97 submitted implementations, all were broken within at most 2 days. WhibOx 2024 / CHES 2024 Capture the Flag Challenge again targeted ECDSA. Among 47 submitted implementations, all were broken during the competition, with the strongest one staying unbroken for almost 5 days.
Webull
Webull Corporation, often stylized as simply Webull, is a U.S.-based financial services holding company headquartered in St. Petersburg, Florida. It owns and operates the Webull electronic trading platform for self-directed retail investors. Depending on jurisdiction, the Webull platform offers trading in stocks, exchange-traded funds (ETFs), options, margin, bonds, cryptocurrency and futures, as well as market-data tools. Webull began operations in 2016 under Hunan Fumi Information Technology, a China-based financial technology company founded by Wang Anquan. It launched U.S. brokerage services through Webull Financial LLC in 2018 and expanded during the retail-trading boom of 2020 and 2021. In April 2025, Webull became a publicly traded company on the Nasdaq through a merger with special-purpose acquisition company SK Growth Opportunities Corporation. The company's U.S. brokerage revenue relies substantially on payment for order flow, with options trading accounting for the larger share of its order-flow rebates in 2025. Webull has faced regulatory actions related to options customer approvals, complaint handling, suspicious activity reporting, social-media marketing and customer disclosures. It has also faced scrutiny from U.S. lawmakers and state officials over its historical and operational ties to China and the handling of U.S. customer data. == History == === Founding === Webull was founded in 2016 under Hunan Fumi Information Technology, a China-based financial technology company, by Wang Anquan, a former employee of Alibaba Group and Xiaomi. Hunan Fumi Information Technology received backing from Xiaomi, Shunwei Capital, and other investors in China. Fumi Technology was a Hunan-based fintech start-up incubated by Xiaomi and raised about CNY200 million (approximately US$30 million) in a Series B financing round in 2018. On May 24, 2017, Webull Financial LLC was established as a Delaware limited liability company. It began offering brokerage services in the United States in May 2018. Wang hired Anthony Denier as CEO of the U.S. brokerage that year and the two mapped out their strategy on napkins at a Mexican restaurant in New York City. Webull Corporation was incorporated in the Cayman Islands in September 2019 as the group's holding company. === Retail trading boom === In May 2020, the company received SEC approval to launch a robo-advisor on its platform. By August 2020, the platform had over 11 million registered users, and in October 2020, it had 750,000 daily active users. Webull introduced options trading in 2020 and later added cryptocurrency trading through a separate digital-asset business. In November 2020, Webull began supporting cryptocurrency transactions. In December 2020, Webull launched trading services in Hong Kong. During the GameStop short squeeze in January 2021, Webull gained attention as some retail traders looked for alternatives to Robinhood. On January 27, 2021, Webull recorded its highest-ever number of active daily users, at 952,000, and the Webull app was downloaded across the Apple App and Google Play stores an estimated 100,000 times. That week, approximately 1.2 million people downloaded the Webull mobile app, which the company reported as a 1,548% week-over-week increase. On January 28, 2021, Webull was directed by its clearing house to temporarily halt buy orders for stocks affected by the GameStop short squeeze. In June 2021, Webull was reported to be considering a U.S. initial public offering that could raise up to $400 million. === Restructuring and expansion === Webull restructured its China-related corporate arrangements in 2022 and later stated that Hunan Fumi was no longer affiliated with the group. In 2022 and 2023, Webull expanded in several non-U.S. markets, including Singapore, Australia, South Africa, Japan, the United Kingdom and Indonesia. In June 2023, Webull moved cryptocurrency trading to a separate app called Webull Pay. By the end of 2023, Webull had 4.3 million funded accounts and US$8.2 billion in customer assets. In January 2024, Anthony Denier was promoted to group president of Webull Corporation. In November 2024, Webull launched overnight, or extended-hours, trading, expanding the trading window of U.S. stocks for users inside and outside the United States. === SPAC merger and Nasdaq listing === On February 28, 2024, Webull agreed to go public through a business combination with SK Growth Opportunities Corporation (NASDAQ: SKGR), a special-purpose acquisition company, in a deal that valued the company at approximately US$7.3 billion. The proposed valuation drew scrutiny because of Webull's limited financial disclosure at announcement, reliance on payment for order flow and small expected public float. SK Growth shareholders approved the business combination on March 30, 2025, and the transaction closed on April 10, 2025. Webull's Class A ordinary shares and warrants began trading on the Nasdaq on April 11, 2025 under the ticker symbols BULL and BULLW (incentive warrants traded under BULLZ until their redemption in June 2025). The merger brought Webull to the public market but generated little cash for the company: after shareholder redemptions, Webull disclosed net proceeds of US$430,066 from the transaction. After the listing, Webull's shares experienced extreme volatility, rising as much as 500% to US$79.56 on April 14, 2025, after closing at US$13.25 on the prior trading day. The initial post-listing surge increased the value of Webull holdings owned by earlier investors, including RIT Capital Partners, which had first invested in Webull in 2021. In April 2026, after Webull's shares had fallen about 70% over the previous year, the company authorized a US$100 million share repurchase program. == Business model and financials == Webull provides a self-directed electronic trading platform available through mobile, desktop and web applications. Depending on jurisdiction, the platform offers trading in stocks, exchange-traded funds, options, margin, futures, fixed income products, cryptocurrency, cash management features and market data tools. In the United States, Webull Financial LLC is a registered broker-dealer and member of FINRA and the Securities Investor Protection Corporation, while Webull operates in other markets through locally licensed brokerage subsidiaries. Webull operates a commission-free or low-cost brokerage model for self-directed retail investors. In the United States, a substantial part of its trading-related revenue comes from payment for order flow, while in some non-U.S. markets the company more commonly charges commissions directly to customers. The platform is aimed at more active retail investors, including users seeking options tools, extended-hours trading and real-time market data. For 2025, Webull reported total revenue of US$571.0 million, up from US$390.2 million in 2024. Equity and option order-flow rebates accounted for US$304.1 million, or 53.3% of revenue, making order-flow rebates the company's largest reported revenue category. Interest-related income accounted for US$154.3 million, handling charge income for US$87.3 million and other revenue for US$25.3 million. Options were the larger component of the company's order-flow rebates in 2025, generating US$210.0 million compared with US$94.2 million from equities. Webull also generates revenue from interest-related activities, including margin financing, customer bank deposits, stock lending and corporate bank deposits. The company has stated that its interest-related income is affected by interest rates, customer cash balances, margin balances and demand for stock lending. The company had approximately 20 million registered users worldwide as of February 2024. As of December 31, 2025, it reported 26.8 million registered users, 5.0 million funded accounts and US$24.6 billion in customer assets. As of March 2025, Webull operated in Hong Kong, Singapore, Australia, South Africa, Japan, the United Kingdom, the United States, Indonesia, Canada, Brazil, Thailand, Malaysia and Mexico. == Marketing and sponsorships == Webull has used paid digital advertising, referral incentives, free-stock promotions, affiliate marketing and sports sponsorships to acquire customers and promote its brand. In its 2025 annual filing, the company reported marketing and branding expenses of US$152.3 million in 2023, US$138.7 million in 2024 and US$135.9 million in 2025. Webull said most of its advertising and promotion costs were related to paid search and paid social advertising, and that it had reduced free-stock promotions while shifting toward deposit- and asset-transfer-based incentives. In September 2021, BSE Global, the parent company of the Brooklyn Nets and New York Liberty, entered into a global multi-year agreement with Webull. Under the agreement, Webull became an official sponsor and online brokerage partner of the teams, with branding that included a jersey patch on Brooklyn Nets uniforms. Spo
Sunspring
Sunspring is a 2016 experimental science fiction short film entirely written by an artificial intelligence bot using neural networks. It was conceived by BAFTA-nominated filmmaker Oscar Sharp and NYU AI researcher Ross Goodwin and produced by film production company, End Cue along with Allison Friedman and Andrew Swett. It stars Thomas Middleditch, Elisabeth Grey, and Humphrey Ker as three people, namely H, H2, and C, living in a future world and eventually connecting with each other through a love triangle. The script of the film was authored by a recurrent neural network called long short-term memory (LSTM) by an AI bot named Benjamin. Originally made for the Sci-Fi-London film festival's 48hr Challenge, it was released online by technology news website Ars Technica on 9 June 2016. == Premise == Sunspring narrates the story of three people - H (Middleditch), H2 (Grey), and C (Ker) - set in a futuristic world and entangled with murder and love. == Cast == Thomas Middleditch as H Elisabeth Grey as H2 Humphrey Ker as C == Production == Oscar Sharp originally created the film for the 48hr Film Challenge contest of Sci-Fi-London, a film festival which focuses on science fiction. For the challenge, contestants are given a set of prompts (mostly props and lines) that have to appear in a movie they make over the next two days. It eventually contested in the festival and was nominated among the final top ten films Sharp collaborated with his longtime associate Ross Goodwin, an AI researcher in New York University to create the AI bot, which was initially called Jetson. The bot, which later came to call itself Benjamin, wrote the screenplay including stage directions and dialog. The garbled script was then interpreted by Sharp who directed the actors to construe the plot points themselves and enact the play. According to Ars Technica, the final plot turned out to be a tale of romance and murder, set in a dark future world. === Benjamin, the automatic screenwriter === Called the world's first automatic screenwriter, Benjamin is a self-improving LSTM RNN machine intelligence trained on human screenplays conceived by Goodwin and Sharp. It was trained to write the screenplay by feeding it with a corpus of dozens of sci-fi screenplays found online—mostly movies from the 1980s and 90s. == Music == The film contains a song from Brooklyn-based electro-acoustic duo Tiger and Man, with lyrics written by Benjamin using a database of 30,000 folk songs. As well as a score written by composer Andrew Orkin. == Reception == CNet called it "a beautiful, bizarre sci-fi novelty." Critic Amanda Kooser said, "...probably won't start a rush for replacing human screenwriters with machines. Some day, neural networks may get better at imitating the art of coherent storytelling, but we're not there yet. That doesn't mean "Sunspring" isn't entertaining or worthy of viewing. It is. It's a thought experiment come to life, a novelty." As of April 2019, it has surpassed 1 million views on YouTube.
Argument Interchange Format
The Argument Interchange Format (AIF) is an international effort to develop a representational mechanism for exchanging argument resources between research groups, tools, and domains using a semantically rich language. AIF traces its history back to a 2005 colloquium in Budapest. The result of the work in Budapest was first published as a draft description in 2006. Building on this foundation, further work then used the AIF to build foundations for the Argument Web. AIF-RDF is the extended ontology represented in the Resource Description Framework Schema (RDFS) semantic language. The Argument Interchange Format introduces a small set of ontological concepts that aim to capture a common understanding of argument -- one that works in multiple domains (both domains of argumentation and also domains of academic research), so that data can be shared and re-used across different projects in different areas. These ontological concepts are: Information (I-nodes) Applications of Rules of Inference (RA-nodes) Applications of Rules of Conflict (CA-nodes) Applications of Rules of Preference (PA-nodes) extended by: Schematic Forms (F-nodes) that are instantiated by RA, CA and PA nodes The AIF has reifications in a variety of development environments and implementation languages including MySQL database schema RDF Prolog JSON as well as translations to visual languages such as DOT and SVG. AIF data can be accessed online at AIFdb.
Orion's Arm
The Orion's Arm Universe Project (OA) is a multi-authored online hard science fiction world-building project, first established in 2000 by M. Alan Kazlev, Donna Malcolm Hirsekorn, Bernd Helfert and Anders Sandberg and further co-authored by many people since. Anyone can contribute articles, stories, artwork, or music to the website. The first published Orion's Arm book, a collection of five novellas set within the OA universe, called Against a Diamond Sky, was released in September 2009. == Canon == The fictional setting of Orion's Arm takes place about 10,000 years in the future, where an interstellar civilization spread across thousands of light-years, with inhabited planets and space habitats. Its inhabitants range from humans to extensively modified human beings, including superhumans with advanced augmentations and internal AI systems, while most people exist as softwares. Engineered wormholes are used for interstellar travel and transport, although not for time travel. The setting also includes several alien civilizations and evidence of more advanced alien societies in the past. At its highest levels, directed human evolution has produced vast godlike beings linked across interstellar distances, capable of understanding and creating technologies beyond ordinary minds. == Reception == Orion's Arm has been reviewed in the role-playing magazine Knights of the Dinner Table, as well as on Boing Boing by transhumanist science fiction author Cory Doctorow. References to the Encyclopaedia Galactica have been made in a book on overcoming Librarian stereotypes. The Orion's Arm website has also been recommended in a children's teaching guide.
Digital Darkroom
Digital Darkroom was a graphics program for editing gray-scale photos, published by Silicon Beach Software for the Macintosh in 1987. It was programmed by Ed Bomke and Don Cone. Digital Darkroom was the first Macintosh program to incorporate a plug-in architecture. Silicon Beach and Ed Bomke are credited with having coined the term "plug-in". Another innovation of Digital Darkroom was the Magic Wand tool, which also appeared later in Photoshop. When Silicon Beach Software was acquired by Aldus Corporation, Digital Darkroom continued to be published by the Aldus Consumer Division, but was never updated to include color. The trademark "Digital Darkroom" was acquired by MicroFrontier in 1997 and used for a completely new image-editing program that does work with color. The software was acquired by Digimage Arts in 2002 and was sold for both Windows and Mac systems.
Mobile Fortify
Mobile Fortify is a mobile app used by United States Immigration and Customs Enforcement (ICE) on their government-issued phones. The app allows agents to take a photo in order to gather biometrics, including contactless fingerprints and faceprints, for the purpose of identifying an individual and their potential immigration status. The app was created by NEC. == History == In June 2025, use of Mobile Fortify by ICE was uncovered through leaked emails and the user manual, reported by 404 Media. The app is internally developed, and details of the parent company and developer were initially unknown. In January 2026, the DHS's 2025 AI Use Case Inventory revealed the vendor as NEC Corporation, an international conglomerate with subsidiaries in Argentina, Australia, China, India and Malaysia. Later that month, several senators demanded transparency around the app and its origins, and that ICE stop using it. A second letter was sent again in November, after hearing no response to the previous letter from ICE. == Technology == Unlike other facial recognition software, Fortify uses federally linked databases. By contrast, Clearview AI uses public social media databases for biometric scanning. Federal databases include DHS's automated biometric identification system (IDENT), containing more than 270 million biometric records, and Customs and Border Protection's Traveler Verification Service. The State Department's visa and passport photo database, the FBI's National Crime Information Center, National Law Enforcement Telecommunications Systems, and CBP's TECS and Seized Assets and Case Tracing System (SEACATS). == Oversight == Several senators urged ICE to stop using the app for fear of infringing on fourth amendment and first amendment rights, and requested details on who developed the app, when it was deployed, whether the app was tested for accuracy, and policies and practices governing its use. In June 2025, they sent an open letter to Todd Lyons, ICE acting director, signed by senators Cory Booker, Chris Van Hollen, Ed Markey, Bernie Sanders, Adam Schiff, Tina Smith, Elizabeth Warren, and Ron Wyden. On November 3, a second letter was sent to the ICE by senators, after not receiving answers to questions from the previous letter deadlined for October 2. == Criticism == Mobile Fortify, and ICE's use of similar biometric identification technologies (such as Mobile Identify, an app similar to Mobile Fortify to be used by local or regional law enforcement to assist in immigration enforcement ) has faced scrutiny from a variety of digital rights organizations, politicians, and news outlets. The criticism is already considered to potentially be a reason why the similar Mobile Identify app was pulled from the Google Play Store. Facial recognition technologies are known to produce false-positives and generally unreliable results, especially on those with darker skin tones. ICE has already previously mistakenly arrested a U.S. citizen under the belief he was illegally in the country, and later stated that he "could be deported based on biometric confirmation of his identity" prior to his release. U.S. representative Bennie Thompson, ranking member of the House Homeland Security Committee has previously commented that "ICE officials have told us that an apparent biometric match by Mobile Fortify is a ‘definitive’ determination of a person's status and that an ICE officer may ignore evidence of American citizenship—including a birth certificate—if the app says the person is an alien," and that "Mobile Fortify is a dangerous tool in the hands of ICE, and it puts American citizens at risk of detention and even deportation," On January 19, 2026, 404 Media reported on a case where a woman, identified in court documents as "MJMA", was scanned by Mobile Fortify twice in the same interaction, and two entirely different names were provided by the app. According to the Innovation Law Lab, whose attorneys are representing MJMA, both of the names were incorrect. ICE has stated that they will not allow people to decline to be scanned by Mobile Fortify, and that photos taken, even those of U.S. citizens, will be stored for 15 years, something that has been criticized primarily because ICE has not performed a Privacy Impact Assessment (PIA) for Mobile Fortify, the right to decline other forms of biometric verification to the U.S. government is often available under other circumstances, and the 15 year window is viewed as unnecessarily large.