| IT |
ITmedia 総合記事一覧 |
[ITmedia Mobile] 「iOS 16.1.2」配信 「衝突事故検出」の最適化ほか、セキュリティ関連もあり |
https://www.itmedia.co.jp/mobile/articles/2212/02/news071.html
|
apple |
2022-12-02 06:42:00 |
| IT |
ITmedia 総合記事一覧 |
[ITmedia ビジネスオンライン] 「替え玉受験」で脚光 不正なくす「AI監視型Webテスト」とは? |
https://www.itmedia.co.jp/business/articles/2211/29/news137.html
|
ITmediaビジネスオンライン「替え玉受験」で脚光不正なくす「AI監視型Webテスト」とは就職活動のWebテストを代行する「替え玉受験」で、初めての逮捕者が出た事件。 |
2022-12-02 06:30:00 |
| IT |
ITmedia 総合記事一覧 |
[ITmedia ビジネスオンライン] JTに丸井、オリックス 人気企業の株主優待“廃止ラッシュ”が止まらないワケ |
https://www.itmedia.co.jp/business/articles/2212/02/news043.html
|
itmedia |
2022-12-02 06:15:00 |
| IT |
ビジネス+IT 最新ニュース |
Azure ADとは何か? その機能や料金、新サービス「Microsoft Entra」を解説 |
https://www.sbbit.jp/article/cont1/97858?ref=rss
|
AzureADとは何かその機能や料金、新サービス「MicrosoftEntra」を解説AzureADは、マイクロソフトが提供するクラウドベースの認証・ID管理サービスIDaaSIdentityasaServiceです。 |
2022-12-02 06:10:00 |
| Google |
カグア!Google Analytics 活用塾:事例や使い方 |
左手でも使えるマウス左右対称マウスおすすめ7選 |
https://www.kagua.biz/review/device/leftymuose.html
|
左右対称 |
2022-12-01 21:00:43 |
| js |
JavaScriptタグが付けられた新着投稿 - Qiita |
@babel/preset-envは必要なプラグインをどう判定しているのか調査した |
https://qiita.com/kyntk/items/2e7432c0bb01d8d99c2a
|
babelpresetenv |
2022-12-02 07:00:19 |
| js |
JavaScriptタグが付けられた新着投稿 - Qiita |
QRコードをスキャンして備品の補充申請! |
https://qiita.com/bugtrap/items/97f4c89c06d6d4eae811
|
adventcalendar |
2022-12-02 06:44:16 |
| GCP |
gcpタグが付けられた新着投稿 - Qiita |
【実践版】Rails アプリを Cloud Run で動かしてみよう |
https://qiita.com/kato-hiroaki/items/50cf247096bb6e5632c6
|
cloudrun |
2022-12-02 06:57:00 |
| Ruby |
Railsタグが付けられた新着投稿 - Qiita |
【実践版】Rails アプリを Cloud Run で動かしてみよう |
https://qiita.com/kato-hiroaki/items/50cf247096bb6e5632c6
|
cloudrun |
2022-12-02 06:57:00 |
| 技術ブログ |
Developers.IO |
Using AWS CodeCatalyst: I Created and Deployed a React SPA #reinvent |
https://dev.classmethod.jp/articles/using-aws-codecatalyst-i-created-and-deployed-a-react-spa-reinvent/
|
Using AWS CodeCatalyst I Created and Deployed a React SPA reinventIn this blog I am going to introduce AWS CodeCatalyst a new service that AWS announced at re Invent It i |
2022-12-01 21:38:56 |
| 技術ブログ |
Developers.IO |
Reflection RoomとSensory Roomに入ってみました #reinvent |
https://dev.classmethod.jp/articles/reinvent2022-reflection-room-and-sensory-room/
|
reflectionroom |
2022-12-01 21:29:55 |
| 海外TECH |
Ars Technica |
OpenAI invites everyone to test new AI-powered chatbot—with amusing results |
https://arstechnica.com/?p=1900972
|
harmless |
2022-12-01 21:22:50 |
| 海外TECH |
MakeUseOf |
Why Listening to Audiobooks Is as Good as Reading Books |
https://www.makeuseof.com/why-listening-audiobooks-counts-as-reading/
|
bookssome |
2022-12-01 21:31:16 |
| 海外TECH |
MakeUseOf |
The 7 Best AI Voice Generators |
https://www.makeuseof.com/best-ai-voice-generators/
|
generators |
2022-12-01 21:01:15 |
| 海外TECH |
DEV Community |
How to protect Apps and APIs in Kubernetes from zero day attacks? |
https://dev.to/openappsec/how-to-protect-apps-and-apis-in-kubernetes-from-zero-day-attacks-30k0
|
How to protect Apps and APIs in Kubernetes from zero day attacks Written by Eze OnukwubeA zero day attack is a cybersecurity incident that occurs when a hacker exploits a vulnerability before anyone else including key stakeholders like the product vendor or developers realize anything is wrong To counteract these attacks you can use open appsec a fully automated open source web application firewall WAF As a cutting edge cybersecurity tool open appsec prevents zero day attacks through its preemptive web app and API protection that leverages the dynamism of continuous machine learning ML However its ML based engine isn t a signature based solution This differentiates open appsec from most security products on the market especially antivirus intrusion detection systems IDS and existing WAF solutions that rely on discerning threat signatures to detect malware and malicious code As a result open appsec is ideal for remediating pen test results and protecting against zero day and other Open Web Application Security Project OWASP Top attacks such as broken access control data integrity failures authentication failures and code injections In this article you ll learn about zero day attacks and how to set up and use open appsec to secure your web application open appsec and MLThe key to open appsec s ability to prevent zero day attacks lies with its contextual ML engine It uses two machine ML models A supervised learning model that was trained offline based on millions of requests both malicious and benign An unsupervised model to train itself in real time on incoming HTTP S requests This allows it to establish a baseline of what constitutes normal or benign traffic for a specific web application or API In order to enable an ML engine to quickly learn how an application is used it should be allowed to run in learn detect mode for two to three days This typically provides ample time for the ML engine to train itself on a substantial amount of diverse traffic for better prediction accuracy As a result open appsec is able to detect suspicious patterns and anomalous behavior that is not in line with the web application or API s conventional traffic unlike most WAFs that are typically rule based This equips the ML engine to detect zero day attacks without having any prior knowledge of the attack vector threat signature or payload used In addition a security administrator can apply tuning suggestions to the ML engine to improve targeted accuracy Agents and Other Key Concepts of open appsecIn this tutorial you ll use agents to implement open appsec But before you begin this tutorial let s talk a bit more about what an open appsec agent is and what it does What Is an open appsec Agent Agents are the primary means of deployment in open appsec They re ideal for any infrastructure due to their light digital footprint minimal latency and the fact that they don t alter the existing infrastructure The first step in implementing open appsec for your application is deciding the type of agent deployment you want to use In order to make an informed decision it s imperative to understand how agents and their different deployment types work in open appsec While agents are designed as standalone components open appsec also gives you the option to connect them to the software as a service SaaS management portal more on this in the following sections Agents are generally deployed on any computing endpoint where client requests are received or routed such as a web server reverse proxy or Kubernetes Ingress Because of this the agent is best poised to detect and prevent malicious threats since the open appsec core ML engine is designed to process incoming HTTP S requests Agents are empowered to act as standalone entities since their security processing is done locally However they can be managed by a master SaaS component called a Fog The Fog is responsible for logging in addition to configuration and software updates necessary for ML learning data synchronization between agents To further bolster security agents communicate with the Fog only through encrypted and authenticated channels When the Fog is unreachable for one reason or another the agent is still capable of security enforcement However some administrative functions will be unavailable when the Fog is unattainable open appsec aims for flexibility and it provides three agent deployment types container NGINX addon and Kubernetes Ingress Controller Deploying an Agent Stand Alone vs Connected to the SaaS Management PortalAfter you ve deployed an open appsec agent you have the option of managing the deployment with the SaaS Central Management web user interface If you choose to use SaaS Central Management its portal allows you to centrally manage your open appsec deployment with more flexibility and comfort However there is a significant difference between deploying a standalone agent and deploying one connected to the SaaS management portal While the former is adequate for implementing open appsec security the latter offers more to users with its multilayered functionality that provides granular control and oversight of several agent deployments With the SaaS management portal you can edit your web application API security settings from the convenience of a user friendly web UI In addition to policy editing its web interface provides advanced situational awareness tools This is a huge benefit especially when you are managing large deployments As you can see it provides three major hubs namely Protection Central Management and Situational Visibility While deploying standalone open appsec for Kubernetes Ingress provides effective protection you have more opportunities and options when you connect to the management portal Implementing open appsec for Your API or Web ApplicationThe fastest way to set up open appsec for Ks is through the interactive Kubernetes CLI tool One of the best things about this tool is that it s easy to use and guides you through most of the common customizations needed However a certain amount of Kubernetes knowledge and system resources are needed before you can successfully install and run this interactive tool According to open appsec s documentation the following are the prerequisites required to use the Kubernetes CLI tool An understanding of Kubernetes Ingress in addition to knowing how to configure it or having previously deployed Ingress A Kubernetes cluster with role based access control RBAC enabled cluster admin permissions Access to command line tools such as wget and kubectl on either a bastion host or a cloud platform that provides you with a Kubernetes cluster Helm the Kubernetes package manager installed on your local machine You can also peruse the open appsec source code and information in this GitHub repo to gain more insight into the nuts and bolts of the system Deploying an Agent to Your ApplicationTo download and run the open appsec installer you can set up open appsec either in the Killercoda Playground which is what you ll use her or on your own Kubernetes cluster Please note The information given and explained in this section and subsequent ones can be found in the official open appsec documentation Setting Up open appsec to Use the Kubernetes CLI ToolKillercoda s Playground provides interactive environments As its name implies these playground environments can be used risk free for quick and easy deployment and first hands on experience with modern solutions like open appsec in immediately available ready to use environments You can launch open appsec s Playground by navigating to Killercoda s website or by clicking on the Playground menu item on the SaaS portal If you haven t logged in or if you don t have an open appsec Playground account you ll see an interface with various options to sign in or create an account using either GitLab GitHub Google or email The Playground provides you with a free computing environment through a terminal in your browser After you ve successfully logged in and the Playground has finished initializing you ll see a terminal interface similar to this To begin using open appsec you need to download the install script and adjust its permissions wget amp amp chmod x open appsec ks installIf you re using the Playground all you need to do is click on the link following Download open appsec install script to activate the download Then run the downloaded install script open appsec ks installIf you re using the interactive Playground you ll notice the script is run as open appsec ks install prevent However in a live environment you don t want to add the prevent attribute since you ll want to start open appsec in its learn detect mode This allows its ML engine to learn the traffic patterns of your application Once the install script has been successfully executed it may take some time you should see a message similar to this on the command line open appsec for Kubernetes Ingress Installer v Most likely you ll see a variation of the current Kubernetes version that open appsec is using After the Kubernetes installer version is displayed a subsequent line will give you a heads up and preview of what the installer will be doing next Below is a panoramic view of Playground after running the install script Adding the open appsec Agent to Kubernetes IngressAfter downloading and running the installer the next step involves adding open appsec to either a duplicate of an existing Ingress or directly to an existing Ingress Immediately after the successful installation of open appsec the installer displays a table of the existing ingresses detailing information pertaining to it As shown in a prior image depicting its successful installation Playground then provides you with two options to apply to the existing Ingress Duplicate an existing Ingress and add open appsec to it Add open appsec to an existing Ingress resource The first option allows the existing Ingress to operate without disruption to traffic while you add open appsec and conduct tests on the newly created Ingress The second option merely adds open appsec to the existing Ingress Due to the risk of disruption the second option is suited for testing purposes or use in a non critical production environment Select the option that corresponds to your situation and you ll be prompted to enter both the name and namespace of the existing or duplicate Ingress The next step gives you the opportunity to change the Ingress policy The CLI displays the default policy rules of the current Ingress You have the option of using the default Ingress policy as it is or selecting other options As you can see from the image below some of the options presented include changing a rule adding a rule deleting a rule or saving the current policy For instance if you decide to change the rule of the default policy and select option Change Rule in the previous screenshot you ll be asked to make further choices You can choose to set a new name namespace Ingress rule protection level mode or web response The final step of adding the open appsec agent to Kubernetes Ingress applies the configuration options you selected in the previous two steps to either a manifest YAML file or a Helm chart Finally save your current policy by selecting one of those options When executed the installer will apply your configuration to one of these three files The ingress yaml file which is the manifest created based on your instructions in the first step The open appsec policy yaml file which is created based on your selections in the second step The open appsec Helm chart which includes CRDs and other necessary files Because you selected to save your current policy your setup should be saved to the open appsec policy yaml file You may see something different depending on the prior options you chose Playground will then notify you it s time for the final configuration step This is initiated when you execute the Run now option After you execute the run command you will see the installation steps being executed for open appsec Helm chart Ingress resource and the open appsec policy custom resource Connect Your Deployment to the SaaS Web Based ManagementAs its name suggests the SaaS web based management portal provides the convenience of a graphical UI interface along with sophisticated functionality to oversee optimize and control the security configuration of open appsec deployed agents You can also analyze all security logs in a flexible way Before you can connect the deployed open appsec agent to the SaaS web based management portal you ll be required to first create an account on it Creating an Account on the open appsec PortalTo reach the open appsec portal s main page navigate to You should see a web form that asks you to create an open appsec account using your Google GitHub or email account Once you provide your credentials and are authenticated you will be taken to the Getting Started page After you create and deploy an agent to protect a website or app you have the option of connecting it to SaaS web based management The SaaS based management provides central policy editing using a web interface and other advanced situational awareness tools These are huge benefits when managing large deployments Once you ve logged in successfully you ll be redirected to the home page Once there you need to confirm your agent has been deployed Under the Protection box check I deployed an agent which will enable the Central Management box Then under Central Management select Manage and from the dropdown menu select Kubernetes Profile This creates a Kubernetes profile that represents and controls the agents deployed in your cluster In order to create secure communication between your agent and the SaaS management you need to connect to the SaaS application Onscreen instructions might advise you to enforce the policy if you haven t already done so Under Downloads amp Deployment you ll also see a message reiterating the need to enforce the policy if you haven t already done so After this message copy the commmand required to connect to your deployment from the Connect your deployment box which contains the open appsec token This token connects your agents deployment to the newly created profile and creates a secure communication channel between the open appsec deployment and the cloud Paste the command into the Kubernetes console which could be Playground or your own Kubernetes setup After it executes your deployment can now be centrally managed in the SaaS portal Monitoring Cybersecurity Events after You Simulate an AttackThe best way to understand how open appsec s event monitoring works is to simulate a cyber attack This enables you to see how it chronicles threat protection and other relevant sequences of actions Fortunately you don t have to come up with a cybersecurity incident on your own Through the Playground you can access open appsec s Acme Audit application to simulate a SQL injection attack Validating open appsec Protection and Events Monitoring After Attack SimulationIn open appsec event monitoring is done through the SaaS management portal You need to have previously configured it with a deployed open appsec agent protecting the website or the application This is why in the previous section you used the Playground interactive environment to simulate an attack on the Acme Audit application As you can see from the following image the SQL injection attack attack on the Acme Audit app failed HTTP error is shown indicating that open appsec successfully prevented the threat This signals that the Kubernetes Ingress and its services were protected However it s also beneficial to see how the threat protection worked by viewing the actions and events generated by the attack To do this log in to the SaaS portal and select Monitoring and the All Events tab This will display the relevant actions triggered by the attack and its threat prevention As you can see a table is displayed with rows containing all the events that occurred within a certain time range It includes the timestamps of the individual events along with their level of severity source IP address and several other details You can see that there was a critical severity event that occurred precisely on Oct at PM It reports that the incident type was a SQL injection attack that was prevented When you scroll horizontally to the right across the table you ll find other granular details that help you better understand the nature of the threat and attack vector used For instance the text command used for the SQL injection attack is revealed under the Matched String field while HTTP URI Path shows the exploit was carried out during a login procedure Alternatively you can select the Important Events tabs to display only those security events with critical and high severity To target event types more narrowly filters are activated by checking the box options you want to view Additionally the portal provides you with a panoramic and graphical appsec dashboard through which you can access various sections with important security sections These sections include security actions overall HTTP traffic malicious activity attack levels and top attacked assets You can drill down for more information by clicking on individual sections ConclusionML based threat prevention is the best and most practical defense against zero day attacks In this article you learned how to configure and deploy an open appsec in Kubernetes You also learned how to leverage open appsec s SaaS management portal as an effective agent monitoring dashboard to provide centralized logging events analysis and handling of multiple deployments in a scalable manner |
2022-12-01 21:45:16 |
| 海外TECH |
DEV Community |
Web Accessibility Testing Explained for Product Owners |
https://dev.to/alinaaksentseva/web-accessibility-testing-explained-for-product-owners-h0j
|
Web Accessibility Testing Explained for Product OwnersWeb accessibility testing aims to ensure that each and any person can use a product without any obstacles It expands the target audience of applications by making them accessible to people with disabilities ーhearing loss vision problems like a weakening of color perception physical cognitive or other disabilities However product owners should discover and enhance web accessibility not only to be inclusive of people with disabilities but to keep the application in line with current legislation and to gain other competitive advantages Typically non compliance results in incrementing web accessibility lawsuits as in the UsableNet research indicates lawsuits filed in September So in this article we re going to highlight legal provisions related to web accessibility scrutinize real life examples explain what tools are used to test a website for web accessibility and what benefits are reaped with their help Web Accessibility Importance Explained with ExamplesThe digital journey starts when a user opens a web application Further running into hurdles while making a purchase watching a video or navigating a website means that the user will close the tab and leave for a competitor With web accessibility barriers it s a traditional scenario According to WebAIM Million of the world s top one million websites didn t offer full accessibility in It hasn t changed much in though And because of that inability to accommodate users companies are losing out potential customers Is it possible to make a difference The best way to get the most out of web accessibility is to understand the type of difficulties that people are grappling with and the type of approaches we can use to mitigate these challenges Hence let s sort out the types of disabilities and dive deeper into digital exclusion examples PEOPLE WITH VISION IMPAIRMENTSBlindness color blindness low or blurry vision are all disabilities of one group that may significantly differ in terms of visual perception of web content For instance blind people can t get along without screen readers and might face difficulties if the navigation isn t consistent or there is no description for visual elements and multimedia At the same time people with low vision need screen magnification or text reading software to use a web application efficiently They can t read inscriptions or deal with UI elements if content isn t resizable or the quality of the magnified text and images is poor Low contrast text is recognized as a widespread accessibility issue common to of home pages The light gray text and light desaturated background are anything but an ideal marriage the content becomes unreadable for many users As for common challenges affecting all people with vision impairments these are inconsistency of navigation lack of time for completing particular tasks and unexpected action on the page including a redirect PEOPLE WITH HEARING DISABILITIESDeafness and impairments related to hearing cause complexities in perception of audio content and multimedia presented in web apps By billion people will have some degree of hearing loss which means that web accessibility is becoming of paramount importance Captions and subtitles transcripts and sign language translations seem to be useful for any web content A lot of platforms including Youtube and TED have already introduced transcripts and captions for videos However automatically generated captions aren t that accurate and we can see a great room for improvement of web accessibility for people with hearing impairments not only through the use of assistive technologies There are also other less obvious steps to be taken for web accessibility enhancement Provide different contact optionsGive preference to plain English Implement intuitive navigationReview captions manually PEOPLE WITH PHYSICAL LITERACY AND COGNITIVE DISABILITIESIf a person has physical disabilities using a keyboard or a mouse may be challenging Literacy disabilities in turn imply challenges related to reading and finding appropriate words Complex language and unstructured content on the website are common barriers for people with literacy disabilities And as for cognitive disabilities they cause memory impairment and difficulties in expressing thoughts As we have already gotten acquainted with some types of disabilities it s time to grasp the significance of web accessibility testing and find out barriers that prevent people from using a web application Here are widespread examples of such barriers Low contrast colors the text blends with a background thus becoming unreadable for people with vision impairments Color as the only feature to provide clues about the web app s functionality color blindness hinders people from distinguishing colors and screen readers don t address this challenge so there might be a problem if the UI text color is intended to convey specific information No tags for the images any picture or chart should have so called “alt text description otherwise people with vision impairments won t understand their meaning No subtitles or captions for the video content people with hearing impairments won t catch the intent and the content of the video Sophisticated online forms without labels for fields and indicators of errors the form looks unclear to people with disabilities who can t fill it out or submit Navigation limitations or inconsistency when your web application doesn t support keyboard navigation those who can use only a trackpad or mouse will face difficulties People with disabilities can partially overcome barriers by using specific assistive technology that s gaining traction these days Assistive technology includes speech recognition modules screen readers magnification systems and specialized keyboardsーall software that is beneficial for particular groups of users However without being tested for accessibility web applications won t be fully available to people with disabilities regardless of what software they use So let s figure out how to ensure that the web application you are building is accessible to people with disabilities and elaborate on what benefits it may bring Web Accessibility Guidelines Standards and BenefitsDigital inclusion and web accessibility are governed by WCAG Web Content Accessibility Guidelines Section Standards of The Americans with Disabilities Act ADA and other documents WCAG consists of global regulations on web accessibility Not only has WCAG set standards in the field of content accessibility but it has proved to be a reliable source that doesn t change after publishing And Gartner reveals that by digital products in full WCAG compliance are expected to outperform their market competitors by WCAG includes three assessment levels estimating success compliance with WCAG A AA and AAA Taking into account WCAG criteria WebAIM has tested a top one million homepages and discovered that of them have failures Section Standards of The Americans with Disabilities Act ADA establishes requirements that aim at improving the accessibility of software apps websites mobile apps and electronics for people with disabilities These standards are relevant for federal agencies companies that act as their contractors and educational institutions Those who want to go beyond expectations and take a step ahead of their competitors consider web accessibility testing in accordance with WCAG and ADA compliance Nevertheless the accessibility importance will grow and bring the following benefits Alignment of the web product with legal requirementsPotential growth of business through attracting a new audienceHigh positions in search resultsImproved user experienceSince the significance of web accessibility testing is clear it s about time to deal with relevant tools and explain how to test a website for accessibility Web Accessibility Testing Approaches and ToolsTo perform accessibility testing we can use two approaches MANUAL TESTINGQA engineers manually test the application with the help of keyboard and screen readers while applying different scenarios and finding potential barriers for people with disabilities Manual testing implies review of content and its scaling UI elements styles disablement It s notable that to test a website or an application QA engineers mostly do not use a mouse and may rely on additional tools that increase accuracy and reduce the time for testing However human WCAG testing is essential for ADA compliance since automated testing detects issues only partially But what does automated testing actually stands for AUTOMATED TESTINGAutomated testing tools allow engineers to catch errors across applications and web pages So it s an appropriate tool to analyze image contrasting design styling and an app s functionality Automated testing can foresee testing on physical devices to check how assistive technology works in particular cases and whether the web accessibility is sufficient enough To get acquainted with testing tools you don t need to look further than the next section Case Study Testing Web Accessibility With ToolsThe MobiDev team was supposed to check web accessibility of the HR portal amp automated employee management system This solution represents a corporate social network with company structure We decided to perform web accessibility testing using the most popular testing tools and then evaluate the outcomes Actually accessibility checks are available even in Chrome DevTools under the Lighthouse panel aXe extension or the Accessibility pane you can view the accessibility tree ARIA attributes and computed accessibility properties of DOM nodes However we ve investigated tools and browser extensions to do away with some of them choose the best ones and apply them for real accessibility testing on the project Let s take a closer look at the following web accessibility tools that were investigated WAVEAXEJAWSWeb Accessibility Toolbar WAT for IEaViewer Accessibility Viewer Functional Accessibility Evaluator FAE TenonNVDAColor Contrast Analyser Chrome extension Color Contrast Analyser tool WAVE Evaluation ToolWeb accessibility evaluation tool WAVE enables us to seek out and eliminate accessibility issues With WAVE you can easily get visual feedback on the content So what it does is facilitate the evaluation process rather than completely automate it The process takes place in the Chrome browser security measures related to passwords and sensitive information are taken into account WAVE issues are aligned with WCAG failures Evaluation is simplified due to its user friendly interface which allows checking the compliance with Web Content Accessibility Guidelines and Section This is how it looks like on the real project As you can see WAVE highlights different types of accessibility issues also contrast errors some alerts etc Axe DevToolsAxe DevTools is an extension available for Chrome and Firefox It s free and lightweight and intended for testing whole pages or their parts Accessibility issues here are graded according to their severity while code snippets facilitate debugging Compared to other tools Axe DevTools helps to spot more issues because of the Intelligent Guided Tests feature which identifies areas to be tested Axe core is the crucial component under the hood of Axe DevTools That s why you are supposed to use Axe DevTools separately from tools with a similar tech stack to avoid double scanning The tool clearly shows the results issues in total All problems are categorized by severity Critical Serious Moderate and Minor JAWSJAWS is known as one of the most sought after screen readers for Microsoft Windows The primary purpose of JAWS is to allow people with vision problems to understand the text displayed on the screen with the help of speech synthesizers or braille displays JAWS provides speech outputs for websites documents applications and emails Also it simplifies navigation and form filling for those who use Windows computers As for the distribution of browsers among JAWS users most of them prefer Chrome FireFox or Internet Explorer In the U S a JAWS Annual License costs from per year Web Accessibility Toolbar WAT for IEWeb Accessibility Toolbar WAT is designed for manual testing of web pages and can be added to Internet Explorer IE as a toolbar It was developed by the Web Accessibility Tools Consortium but currently isn t considered as an undergoing development project In general we can consider it as an obsolete tool for the outdated browser Accessibility Viewer aViewer The Accessibility Viewer aViewer shows the accessibility API information which can be analyzed by assistive technology devices and operating systems A web browser exposes the following API data MSAA IAccessible UI Automation ARIA HTML DOM It s notable that aViewer UIA properties are displayed only if the browser supports them For instance IE doesn t support IA The last version of aViewer available on GitHub is dated by May Therefore this tool is also outdated and hasn t been used in web accessibility testing on the project Functional Accessibility Evaluator FAE The Functional Accessibility Evaluator FAE checks the compliance of web pages with the WC Web Content Accessibility Guidelines Level A and AA Success Criteria FAE uses the OpenAjax Evaluation Library rules and rulesets Its primary purpose is to be used in conjunction with AInspector WCAG for Firefox and Accessibility Bookmarklets to help people understand the accessibility features issues and potential issues of a web resource There is a direct interrelation between rules of FAE and WCAG Success Criterion requirements Moreover these rules imply the support of usable web design for people with disabilities The latest version is available on GitHub Also a free online service with Functional Accessibility Evaluator is currently available on That service has some limitations take a glimpse of the following screenshots to catch them Generated report available on the website also could be saved as CSV file Also you can use the following form or AInspector for Firefox to evaluate a single web page without creating an account Results on the Page summary are really informative On the Rule category tab you can see all the rules categorized according to the given Rule Group TenonTenon is an automated accessibility testing tool that can be integrated with third party apps to run unit testing acceptance testing system testing and issue tracking With Tenon you can fix any accessibility issues within the website or application It evaluates web accessibility for WCAG and Section compliance Tenon is a paid tool with a free trial period It provides the possibility to test a URL without registration yet the result seemed to be a bit alarming to us So we haven t used this tool for real web accessibility testing in production NVDANVDA is a free screen reader for Windows Nearly of users prefer NVDA treating it as the primary screen reader Having NVDA at their disposal people with visual impairments can navigate Windows or interact with third party appsーfrom chat software to music player and office apps NVDA includes a built in speech synthesizer supporting over languages It also supports braille displays can be run on Windows logon or other secure screens and includes paid services like telephone support and training materials Color Contrast Analyser Chrome extension Crafted as a Chrome extension Color Contrast Analyser verifies whether a webpage has issues related to the text color contrast and aligns with WCAG The functionality allows users to assess entire web pages or any visible content of tabs Also it can check images and PDF documents that are easily opened in Chrome Users decide on the type of conformance AA or AAA and specify the size of the text to be analyzed In output you can see a map consisting of edges identifying color contrasts which meet requirements This output is available as a PNG fileーyou can download it on your computer Before starting to use Color Contrast Analyser you should be aware that the extension can access data related to your websites tabs and browsing activity Color Contrast Analyser CCA tool CCA is a free color contrast checker for determining the contrast ratio of two colors by using an eyedrop tool It enables content optimization both images and text in such a way that people with vision impairments easily explore it CCA offers rich functionality including indicators of compliance with WCAG color blindness simulator and different to select colors The tool allows you to see clean results of the color contrast for AA or AAA conformance On the screenshot the contrast validation for particular foreground and background colors has “Pass status Which Testing Tools Really Work In most cases tools will be enough to provide complete and sophisticated testing and assure a high level of website accessibility Here what we have used in our case WAVE ーuseful and convenient tool which facilitates human evaluation of many aspects of accessibility and Web Content Accessibility Guidelines and Section compliance AXE ーconvenient tool for finding additional issues if WAVE doesn t suit you as the only one source of web accessibility information AXE and WAVE may work well together and be a great combo JAWS ーone of the best screen readers It s not free though We used min JAWS sessions to double check if there was anything that hadn t been found with NVDA NVDA ーscreen reader which is almost as good as JAWS but absolutely FREE Color Contrast Analyser ーChrome extension for most general contrast testing allowing us to see the big picture Color Contrast Analyser tool ーtool for precise Colors and Contrast analysis AVOIDING PITFALLSBe aware that different test tools could produce different test results So it s better to double check issues in some cases e g NVDA can read elements in a different way than JAWS Always discuss all the edge cases with the client team Sometimes it could be better to change some requirements than fix them Correct your primary estimates if needed because you never know how many issues you ll find and how many times you ll need to re test them Document all the issues to provide a customer with a complete report of testing results Summing Up Results of Web Accessibility TestingWe leveraged different tools to perform accessibility testing for the project and find out trust and true solutions With these tools the Mobidev team can keep web projects in line with existing web accessibility requirements ensuring zero critical or major issues So this approach could be robust and effective for solving real tasks in accessibility testing |
2022-12-01 21:19:15 |
| Apple |
AppleInsider - Frontpage News |
Apple AR, VR operating system now called 'xrOS' |
https://appleinsider.com/articles/22/12/01/apple-ar-vr-operating-system-now-called-xros?utm_medium=rss
|
Apple AR VR operating system now called x xrOS x Apple has reportedly changed the name of its mixed reality operating system to xrOS signaling that the company may be close to releasing a mixed reality headset Apple s realityOS the suspected operating system for its dedicated AR and VR platform has potentially been renamed to xrOS According to Bloomberg s Mark Gurman Apple may release its combination AR VR headset as early as next year Read more |
2022-12-01 21:39:27 |
| Apple |
AppleInsider - Frontpage News |
Deals: Apple's 1TB 14-inch MacBook Pro with 16-core GPU is on sale for $1,949 ($550 off) |
https://appleinsider.com/articles/22/12/01/deals-apples-1tb-14-inch-macbook-pro-with-16-core-gpu-is-on-sale-for-1949-550-off?utm_medium=rss
|
Deals Apple x s TB inch MacBook Pro with core GPU is on sale for off Apple s inch MacBook Pro equipped with an upgraded M Pro chip core CPU core GPU is discounted to ーa record low and less than the retail cost of the base GB model Plus save on AppleCare Save on Apple s MacBook ProSave on this MacBook Pro Read more |
2022-12-01 21:33:15 |
| 海外TECH |
Engadget |
Facebook failed to stop test ads from threatening midterm election workers |
https://www.engadget.com/facebook-failed-test-of-ads-threatening-election-workers-215001463.html?src=rss
|
Facebook failed to stop test ads from threatening midterm election workersMeta s election integrity efforts on Facebook may not have been as robust as claimed Researchers at New York University s Cybersecurity for Democracy and the watchdog Global Witness have revealed that Facebook s automatic moderation system approved out of test ads threatening election workers ahead of last month s US midterms The experiments were based on real threats and used clear language that was potentially easy to catch In some cases the social network even allowed ads after the wrong changes were made ーthe research team just had to remove profanity and fix spelling to get past initial rejections The investigators also tested TikTok and YouTube Both services stopped all threats and banned the test accounts In an earlier experiment before Brazil s election Facebook and YouTube allowed all election misinformation sent during an initial pass although Facebook rejected up to percent in follow up submissions In a statement to Engadget a spokesperson said the ads were a small sample that didn t represent what users saw on platforms like Facebook The company maintained that its ability to counter election threats exceeds that of rivals but only backed the claim by pointing to quotes that illustrated the amount of resources committed to stopping violent threats not the effectiveness of those resources The ads wouldn t have done damage as the experimenters had the power to pull them before they went live Still the incident highlights the limitations of Meta s partial dependence on AI moderation to fight misinformation and hate speech While the system helps Meta s human moderators cope with large amounts of content it also risks greenlighting ads that might not be caught until they re visible to the public That could not only let threats flourish but invite fines from the UK and other countries that plan to penalize companies which don t quickly remove extremist content |
2022-12-01 21:50:01 |
| 海外TECH |
Engadget |
Epic Games’ app that turns photos into 3D models now available on iOS |
https://www.engadget.com/epic-games-realityscan-ios-213549896.html?src=rss
|
Epic Games app that turns photos into D models now available on iOSEpic Games released RealityScan for iOS today The free app previously available in a closed beta lets anyone scan real world objects with their phone and turn them into high fidelity D models The app is the fruit of Epic s purchase of Capturing Reality a company specializing in photogrammetry software Like the company s desktop software RealityScan combines D images to make seamless D assets for games and other virtual environments The idea is to enable game developers and other creatives to scan real world objects at any time and any place for their projects If the metaverse ever takes off you can imagine tools like this becoming essential The scanning process begins with signing into your Epic Games account and taking at least photos of an object from all sides As you move your phone around a real time quality map shows how well you ve covered it green denotes well covered areas yellow could use more attention and red needs the most additional photos It visualizes the places from which you ve snapped each picture as something akin to little Polaroids floating around your item Epic GamesThe app uploads and automatically aligns the images in the cloud as you take the photos You can preview the model through the camera view and switch between the quality map and an in progress full color render When you want to crop it it pops up D handles for you to drag around ensuring it captures only the item not the floor beneath it or background objects The process works best with simple items captured in even indirect lighting reflective or wet surfaces won t capture well It also appears to work best with larger objects as my attempt to capture a small Mr T action figure resulted in something that looks more like a pointillistic painting than a usable model Once you re happy with the capture you can export it to Sketchfab a D asset platform Epic bought last year where you can use it for D virtual reality and augmented reality projects Optionally if you ve captured something unique you could try to sell your D model Game developers needing a specific item for a virtual environment are the most logical audience here RealityScan is available today as a free download for iOS and iPadOS on the App Store Earlier this year Epic said an Android version would arrive later in the year although the company is running short on time to meet that deadline |
2022-12-01 21:35:49 |
| 海外TECH |
Engadget |
Cadillac says its new electric race car is almost ready for 24 Hours of Daytona |
https://www.engadget.com/cadillac-racing-electric-car-24-hours-daytona-competition-210402542.html?src=rss
|
Cadillac says its new electric race car is almost ready for Hours of DaytonaCadillac Racing says its first electric race car is almost ready for the Hours of Daytona event in January after passing critical testing and development milestones Since July the V LMDh has gone through nearly miles km of on track testing including a hour test at Sebring International Raceway Cadillac collected data on nighttime operation and durability on the bumpy mile circuit Program manager Laura Wontrop Klauser claimed Sebring was the perfect testing ground for the V LMDh ahead of its competitive debut at Daytona “To complete that endurance test was extra motivation for our team and provided a sense of accomplishment Klauser said in a statement “We still have a lot to do in a short time but we are at the point where we are fine tuning many things The car is also slated to take part in the hour race at Le Mans in June Cadillac plans to run it in the IMSA WeatherTech SportsCar Championship and the FIA World Endurance Championship A final test will take place next week at Daytona as part of mandatory evaluations for all manufacturers intending to take part in the IMSA s new Grand Touring Prototype class Cadillac Racing will reveal the final competition version of the three V LMDh race cars including liveries and hopefully a new name in mid January |
2022-12-01 21:04:02 |
| 海外ニュース |
Japan Times latest articles |
Japan defeats Spain to advance in shock World Cup upset |
https://www.japantimes.co.jp/sports/2022/12/02/soccer/world-cup/japan-spain-2/
|
qatar |
2022-12-02 06:19:57 |
| ニュース |
BBC News - Home |
Ukraine war: Kyiv displays dummy nuclear-capable missile fired by Russia |
https://www.bbc.co.uk/news/world-europe-63826082?at_medium=RSS&at_campaign=KARANGA
|
defences |
2022-12-01 21:13:22 |
| ニュース |
BBC News - Home |
Stephanie Frappart: When might a woman referee a Premier League game? |
https://www.bbc.co.uk/sport/football/63827280?at_medium=RSS&at_campaign=KARANGA
|
Stephanie Frappart When might a woman referee a Premier League game After Stephanie Frappart took charge of a men s World Cup match could the Premier League see a first female referee in the next few seasons |
2022-12-01 21:44:25 |
| ニュース |
BBC News - Home |
World Cup 2022 - Costa Rica 2-4 Germany: Four-time champions out of World Cup despite victory over Costa Rica |
https://www.bbc.co.uk/sport/football/63739248?at_medium=RSS&at_campaign=KARANGA
|
World Cup Costa Rica Germany Four time champions out of World Cup despite victory over Costa RicaGermany crashed out of the World Cup on a remarkable night of drama despite victory over Costa Rica at Al Bayt Stadium |
2022-12-01 21:44:11 |
| ニュース |
BBC News - Home |
World Cup 2022: Japan 2-1 Spain: Japan and Spain both through on dramatic night |
https://www.bbc.co.uk/sport/football/63739246?at_medium=RSS&at_campaign=KARANGA
|
World Cup Japan Spain Japan and Spain both through on dramatic nightJapan stage another extraordinary World Cup comeback to reach the last with Spain fortunate to join them in the knockout stage |
2022-12-01 21:50:39 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
ウクライナ産穀物を密輸か、ロシア商社の関与濃厚 - WSJ発 |
https://diamond.jp/articles/-/313883
|
関与 |
2022-12-02 06:15:00 |
| ビジネス |
東洋経済オンライン |
米国の株価を大きく下落させる「2つのリスク」 市場のソフトランディング予想は楽観的すぎる | 市場観測 | 東洋経済オンライン |
https://toyokeizai.net/articles/-/636159?utm_source=rss&utm_medium=http&utm_campaign=link_back
|
東洋経済オンライン |
2022-12-02 06:30:00 |
| 海外TECH |
reddit |
POSTGAME THREAD: Japan vs. Spain |
https://www.reddit.com/r/JLeague/comments/z9zqmt/postgame_thread_japan_vs_spain/
|
POSTGAME THREAD Japan vs Spain to be edited submitted by u dokool to r JLeague link comments |
2022-12-01 21:05:11 |
コメント
コメントを投稿