Blog
Total news: 10
London announced as host city for World Design Congress 2025
London has been announced as the host city for 34th edition of the World Design Organisation’s (WDO) biannual World Design Congress (WDC), which is due to take place from 17-19 September 2025 in conjunction with London Design Festival. The capital’s win – unanimously voted for by the board of the WDO – was officially announced last night (29 October) at the close of the 33rd edition of the Congress, hosted in Tokyo for 2023. It will mark the first time the UK has hosted the event since the 6th World Design Congress held at the South bank Centre in 1969, which was attended by almost 1,000 delegates from 39 countries and featured Princess Margaret as the guest of honour. A collective of design-focused organisations supported the 2025 bid , including London Design Festival, the Design Museum, Design Council, Design Business Association, the Creative Industries Council, the Royal College of Art, and University of Greenwich. There was also government support from UKRI, the Greater London Authority, the Mayor of London and DCMS. Culture secretary Lucy Frazer says she recognises the UK’s “long history as a home of great design” and expresses the government’s desire to “maximise the potential of today’s creative talent”. She believes that hosting the World Design Congress in London will present “the perfect opportunity to showcase the best of British design on a global stage”. While the event will be held in London – home to a third of all design businesses in the UK – it will look to champion design from all areas of the UK and showcase the UK’s design economy. Currently, the design sector is growing at twice the UK average, contributing £97.4bn in GVA to the UK economy and employing over 1.97 million people, according to the Design Council. Design Council CEO Minnie Moll dubbed the Congress the “Olympics of design”, defining it as “the must-attend moment for 2025, full of optimism and innovation for the future”. The Design Council’s intent is to make the London World Design Congress 2025 a festival-like celebration of British design, comprising exhibitions, workshops, talks and more, available for the design community and the public. Well known British designers will be headlining the three-day event – such as designer and architect Thomas Heatherwick and fashion designer Anya Hindmarch – but there will be opportunity for emerging talent to take the stage, according to the Design Council. The theme is set to be Design for Planet, following on from the Design Council’s annual festival which brings together over 4,000 members of the global design community, in a bid to highlight the crucial role that design plays in addressing the climate crisis. Moll explains that, while “design is not separate from being one of the causes of climate change”, the industry is in “a unique position to help fix the problem” and help people “make informed choices around circularity, modularity, materiality, repairability and lifecycle analysis”. Acknowledging the theme The Mayor of London Sadiq Khan says that the World Design Congress is “an excellent opportunity to showcase the talents of [the UK’s] creative community, as leaders from across the world unite to put design at the heart of our efforts to address climate change”. He adds, “We all have a role to play in creating a more sustainable world, and I will continue to do all I can to support the industry as we build a greener and more prosperous London for all.” The Congress and lead up campaign will aim to showcase “examples of where design is making a difference, proving what is possible and profiling London’s incredible design talent”, says the Design Council.
Date: 2023-10-30
Category: Design
SomeOne designs lattice-inspired identity for Graff
SomeOne has developed a new design system for diamond jewellery brand Graff, which was inspired by looking back at its archives and visiting its London workshop.Established in the capital in 1960, Graff jewellery is known for its “deceptive simplicity, perfect balance and proportion, and sensuous, feminine power”, according to SomeOne founder and executive strategic creative director Simon Manchipp.Graff had approached SomeOne directly, appointing it to create a new visual identity for the company – which formerly had never used a monogram or “ownable signifier”.The new branding was designed to build on Graff’s “incredible foundations”, Manchipp adds; and while “nothing was broken” in the previous identity, the project saw SomeOne change all aspects of the visual language, from photographic sets, 3D modelling, and typographic systems to colour palettes, imagery and animations.The SomeOne team initially visited Graff’s London workshop, where century-old traditional processes meet “cutting-edge innovations”, says Manchipp. Since Graff trainees learn skills and techniques unique to the company, “becoming a Graff master craftsman is akin to being entrusted with a book of secrets”, he continues.At the workshop, SomeOne’s designers were shown the details of the precious metalwork that holds the jewellery pieces’ diamonds in place.This directly informed the new brand pattern, which is inspired by the unique Graff lattice found only on the back of its signature pieces.The pattern “uniquely balances strength, elegance and the ability to suspend diamonds and gemstones above the skin”, meaning that light can shine through the gem “with even greater allure”, says Manchipp.Graff’s new monogram – the first time it’s used any such symbol or mark – is also derived from the shapes used to make the Graff lattice.
Date: 2023-12-08
Category: Design
How design helped OpenAI transition from niche to mainstream
With AI still one of the biggest talking points of the present – recently crowned the “word of the year” by Collins Dictionary – many flock to try each new product, whether for a bit of fun or to more seriously assess how it might impact their day-to-day lives.But the products for which OpenAI is best known – Dall-E and ChatGPT – were not OpenAI’s original focus. When founded in 2015 – by current CEO Sam Altman as well as Elon Musk, Carlos Virella, Greg Brockman, Ilya Sutskever, John Schulman and Wojciech Zaremba – it was a research-focused non-profit, but by 2019 the company transitioned to a for-profit model. “At some point they realised they needed to raise more money and they created a product arm”, says Mark Jarecke, New York managing director of design agency Area 17, which has been working with the company on its branding and website since December 2021. Earlier in 2021, OpenAI had released text-to-image generator Dall-E and was gearing up to release ChatGPT in 2022. To match up with the growth in audience these products would bring, Area 17 was tasked “to prepare OpenAI for being a more public-facing company”, Jarecke says. “It was going to be getting a lot of attention, so this was really a moment for [OpenAI] to define itself”. Drawing on OpenAI’s original focus on the safe development of AI, the company still wanted to be “strongly defending” this notion, Jarecke says, as well as emphasising “the idea of precision: they had to be the most accurate”, he adds. Area 17 also conducted desk, interview and qualitative research to understand the new audiences that would interact with OpenAI’s more public-facing incarnation – including corporates, researchers and product users.
Date: 2024-01-23
Category: Design
Evinced’s accessibility testing solutions triple in adoption
Evinced, a provider of web and mobile accessibility solutions, saw its customer base triple in 2023 on the back of new prevention-focused tools like Unit Tester and Design Assistant. These innovations allow developers and designers to automatically catch accessibility issues long before release, marking a shift for the industry toward prevention versus post-hoc fixes. The company’s impressive expansion has cemented its status as a top accessibility vendor, counting 6 of the 10 largest US and UK financial firms alongside major media, SaaS, retail, and other elite customers among its partners. Evinced’s tools integrate directly into existing developer and design workflows, reducing friction for incorporating accessibility best practices. Unit Tester enables developers to bake WCAG 2.2 AA checks right into component unit tests, delivering compatibility feedback for screen readers, voice control, and keyboard-only usage without ever leaving the dev environment. This promises to eliminate a major pain point, as the critical accessibility issues blocking access for the 2.5 billion assistive tech users have historically been both the most important and time-consuming to validate. Legacy testing approaches address less than 21 percent of relevant screen reader and keyboard problems. Unit Tester checks compatibility automatically, meaning components passing its assessments can deliver nearly complete accessibility for these user groups. On the design side, Design Assistant validates difficult issues like screen reader support within Figma. It also auto-generates development and testing guidelines for each design, greatly easing handoff. “The corporate world’s accessibility approach has basically been to find and fix issues late, but technology can now prevent problems early without disrupting teams,” said Navin Thadani, CEO of Evinced. “Our growth shows the industry embracing more proactive accessibility, which will unlock the web for underserved populations.” With digital accessibility legislation and lawsuits accelerating globally, developers should take note of Evinced’s emphasis on weaving inclusion directly into existing workflows. Unit Tester and Design Assistant exemplify tools that make web accessibility a natural part of building digital products rather than an afterthought. Expect prevention and testing automation to be ongoing themes as organisations aim to efficiently address inclusion at scale.
Date: 2024-02-07
Category: Programming
Open source wins concessions in new EU cyber law
The European Cyber Resilience Act (CRA) has undergone substantial revisions, bringing relief to the open-source community. Back in April, the Python Software Foundation (PSF) had expressed concerns about potential repercussions for CPython and PyPI if the initial form of CRA were to be enacted. The primary worry was that, in the course of providing open-source software, the PSF and the Python community might assume legal responsibility for security issues in products built using the code components they provide freely. Seeking clarity, the PSF called for language exempting public software repositories – such as PyPI – from legal responsibilities. The good news is that the final text of the CRA, solidified on December 1st, introduces the concept of an “open source steward.” This term refers to any legal entity dedicated to providing sustained support for the development of specific products with qualifying free and open-source software elements, ensuring their viability for commercial activities. Crucially, the revised text demonstrates a clearer understanding of how open-source software operates and its value within the broader software development ecosystem. It explicitly states that the provision of free and open-source software products without monetisation is not considered a commercial activity. While this marks a positive step forward, the Python community remains vigilant. The notion of an “open source steward” is a novel concept in European law, necessitating monitoring to ensure its implementation aligns with the intent and realities of open-source development. Additionally, ongoing attention is required as other legislative pieces – such as the Product Liability Directive – may impact the Python ecosystem. The PSF has extended gratitude to Open Forum Europe (OFE) – particularly Ciarán O’Riordan – for facilitating collaboration within the FOSS community. The PSF says OFE’s coordination efforts played a crucial role in ensuring that its concerns were effectively communicated to legislators.
Date: 2024-01-15
Category: Programming
Egretia mashes up HTML5 and blockchain
Beijing-based company Egret Technology is planning to combine two of the most important modern technologies, HTML5 and blockchain, in a project called Egretia. The idea behind Egretia is solving some technical issues in the HTML5 game industry—such as multiplayer matchmaking, digital item marketplaces, data storage, advertising and crowdfunding—using blockchain. Egret is already well-known in the HTML5 community due to its work on HTML5 development tools, including an engine, IDE and packaging tools, which are reportedly used by 200,000 active developers. With the integration of Egretia blockchain technologies into the Egret development suite and the release of an SDK, game developers will be able to easily make use of new blockchain-powered backend features. These include universal digital wallets, online multiplayer, distributed communications and data storage, game distribution, a digital goods marketplace and an advertising platform. Think of something like Valve's popular Steam service for PC gamers, but decentralised for greater transparency. An Egreten wallet is also provided for users to keep their digital items, games and in-game rewards, which will be accessible via the web, PCs and mobiles. This should allow users to move and trade their digital items between games that use the Egretia framework, rather than having their rewards limited to a single game. The Egretia project includes its own token, Egreten, which users can spend to buy games, DLC, digital items and so on, and receive for playing games, crowdfunding games and sharing ads. Developers will also receive tokens for participating in Egretia by developing and operating games or offering in-game advertising. Acquired Egreten tokens can be spent by developers to advertise their games. Of course, Egretia are also offering these tokens for sale in an ICO which takes place on May 26th. The company is hoping to raise $23.7 million (£17.6 million) by selling 39% of its 8 billion tokens. If Egret are able to convince a significant portion of their developers to make use of these new features in their new and existing HTML5 games, Egretia could become a success. It could also become something of a gateway for developers into blockchain development, which could help alleviate the pressure on the limited number of blockchain developers.
Date: 2018-05-21
Category: HTML/CSS
W3C and WHATWG come together for HTML and DOM specifications
The World Wide Web Consortium (W3C) and the Web Hypertext Application Technology Working Group (WHATWG) will collaborate on developing a single version of the HTML and DOM specifications – in a move which may help bring the two factions closer together. The memorandum of understanding means both parties will endeavour to pursue the following path: W3C and WHATWG will work together on HTML and DOM, housed in and maintained by the WHATWG repositories, to produce a living standard; W3C will facilitate community work directly in the WHATWG repositories, to include bridging communities, developing use cases, filing issues, writing tests, and mediating issue resolution; W3C will stop independently publishing a designated list of specifications related to HTML and DOM, instead working to take WHATWG review drafts to W3C recommendations. Writing in a blog post confirming the cessation of hostilities, W3C CEO Jeff Jaffe noted the move was a continuation of partnership mechanisms, first begun in December 2017. “Since then, W3C membership [has] weighed in regularly including at two bi-annual meetings; there were several direct meetings between W3C management and the WHATWG Steering Group,” wrote Jaffe. “In September and December 2018, during the extensions of the Web Platform Working Group, we noted that while negotiations continued in order to provide a single authoritative specification for HTML and DOM, the specifications that were part of the negotiations with the WHATWG would not be advanced on the W3C Recommendation track. “W3C remains committed to ensuring that HTML development continues to take into account the needs of the global community, and continues to improve in areas such as accessibility, internationalisation and privacy while providing greater interoperability, performance and security,” Jaffe added. Regular readers of this publication will be aware of the various spats between W3C and WHATWG over the years; not least with the then-emerging HTML5 specification in 2012. In July of that year, the organisations announced they were going different ways, with WHATWG working on the living standard and W3C focusing on recreating static ‘snapshots’ of the standard. Speaking to this publication at the time Ian Jacobs, then head of communications at W3C, described the move as an ‘ongoing partnership’ having previously called it a ‘programmed transition.’
Date: 2019-05-29
Category: HTML/CSS
Adopted or abandoned: Microsoft details Chromium-based Edge features
Microsoft has provided details of what features are being adopted or abandoned from Chromium for its Edge browser reincarnation. Last year, Microsoft announced it would be scrapping development of its EdgeHTML engine (a decision criticised by some) and switching to Chromium for its Edge browser. In providing reasons why it made the switch, Microsoft cites better web compatibility for users, less fragmentation for developers, and the ability to ‘join forces to evolve the web’. The company has provided a breakdown of what features to expect in the Chromium-based Edge. Microsoft is, of course, now contributing to Chromium. So far, the company has completed around 300 merges in areas such as accessibility (UIA), high contrast, caption styling (Web VTT), native caret browsing, ARM 64, and TSF1. Other areas the company notes it ‘would like to help with’ includes PDF enhancements, battery life, smooth scrolling, editing, layout, dev tools, and web authentication. Battery life was a subject of much debate between Microsoft and Google while developing their own browser engines. Microsoft claimed its Edge browser was more battery-efficient and produced several videos as proof. In the latest video, the Edge device lasted the longest and depleted the battery after 14 hours and 20 minutes while the Chrome device lasted 12 hours and 32 minutes. Microsoft highlighted three areas of investigation where it believes Chromium battery life can be improved: high-resolution timer in message pump, disk cache during video playback, and audio offloading to hardware. Edge was often praised for its scrolling performance. In Microsoft’s tests, the company found much higher latency in Chromium over its EdgeHTML engine and has prioritised it as another contribution area. Microsoft is, of course, looking to port some of its own features and services over to Chromium. The company is currently working on PlayReady DRM, integration with Microsoft services, and single sign-on functionality.
Date: 2019-04-09
Category: HTML/CSS
White House urges adoption of memory-safe programming languages
The White House Office of the National Cyber Director (ONCD) has released a new report today urging the technology industry to take steps to reduce vulnerabilities in software that leave digital systems open to cyberattacks. The report, titled “Back to the Building Blocks: A Path Toward Secure and Measurable Software,” emphasises the importance of technology manufacturers adopting memory-safe programming languages to prevent entire classes of vulnerabilities from entering the digital ecosystem. “We, as a nation, have the ability – and the responsibility – to reduce the attack surface in cyberspace and prevent entire classes of security bugs from entering the digital ecosystem but that means we need to tackle the hard problem of moving to memory-safe programming languages,” said National Cyber Director Harry Coker. The report – which is a result of collaboration between the ONCD team, the technical community, and public and private sector partners – outlines the threat and opportunity available in moving towards a future where software is memory-safe and secure by design. “The Office of the National Cyber Director has written what will become mandatory reading for the entire technical community as it works towards maximising the security of our shared digital ecosystem,” says Shyam Sankar, CTO at Palantir. “By taking an engineering-first approach to cybersecurity policy, the White House is providing an actionable roadmap for reducing memory safe vulnerabilities and improving software measurement capabilities — both of which are necessary to ensure that all software innovators are doing their part to defend against daily cyber threats to US national security.” The ONCD is also encouraging the research community to address the problem of software measurability in order to develop better diagnostics that measure cybersecurity quality. By adopting an engineering-forward approach to policymaking, the ONCD is ensuring that the technical community’s expertise is reflected in how the Federal Government approaches these problems. “It is impressive to see the White House take on the important topic of software security via the use of better programming languages. Memory safety bugs have led to numerous vulnerabilities in real-world systems,” comments Dan Boneh, Professor of Computer Science, Stanford University, “Software quality would be greatly improved if we could somehow wave a magic wand and have all existing software translated to a memory-safe language. Unfortunately, such a magic wand does not yet exist.” Assistant National Cyber Director for Technology Security, Anjana Rajan, highlighted that some of the most infamous cyber events in history – such as the Morris worm of 1988 and the Heartbleed vulnerability in 2014 – were caused by memory safety vulnerabilities. “For thirty-five years, memory safety vulnerabilities have plagued the digital ecosystem, but it doesn’t have to be this way,” says Rajan, Assistant National Cyber Director for Technology Security. “This report was created for engineers by engineers because we know they can make the architecture and design decisions about the building blocks they consume—and this will have a tremendous effect on our ability to reduce the threat surface, protect the digital ecosystem and, ultimately, the nation.” The ONCD has engaged with a diverse group of stakeholders, rallying them to join the Administration’s effort. “This new technical report takes a positive step forward on a critical issue—the need for foundational safeguards against the root cause of many vulnerabilities across the software supply chain,” comments Mark Danberg, Chairman and CEO of Viasat. “Addressing vulnerabilities across systems and infrastructure, and ensuring resilient and diverse connectivity options are vital to national security interests.” The report aligns with two major themes of the President’s National Cybersecurity Strategy released nearly one year ago, which aims to shift the responsibility of cybersecurity away from individuals and small businesses and onto large organisations like technology companies and the Federal Government that are more capable of managing the ever-evolving threat. This latest work also complements interest from Congress on this topic, including efforts from the US Senate and House Appropriations Committees and legislative efforts from the US Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-MI) and US Senator Ron Wyden (D-OR). “Internet security problems are global problems, and solving them will require engagement from our nation’s leaders. I commend the Office of the National Cyber Director for taking the important first step beyond high-level policy, translating these ideas into calls-to-action the technical and business communities can understand,” says Jeff Moss, President of DEFCON and Black Hat. “I endorse the recommendation to adopt memory-safe programming languages across the ecosystem because doing so can eliminate whole categories of vulnerabilities that we have been putting band-aids on for the past thirty years.”
Date: 2024-02-27
Category: News
GitHub enables secret scanning push protection by default
In response to the alarming trend of API keys, tokens, and other confidential data being inadvertently exposed, GitHub has taken further steps to fortify its platform against potential breaches. Within the first two months of 2024, GitHub has uncovered one million leaked secrets across public repositories, averaging over a dozen incidents per minute. Such alarming figures underscore the pressing need for robust safeguards to protect users and their data. Since August last year, GitHub has offered users the option to opt-in to secret scanning push protection—a feature designed to automatically intercept and block commits upon the detection of sensitive information. Building on this initiative, GitHub has now made secret scanning push protection mandatory for all pushes to public repositories. The recent rollout of push protection marks a significant stride towards bolstering the security posture of GitHub’s vast user base. Under this new framework, users will be presented with the option to either remove the detected secret from their commits or, if deemed safe, bypass the block. While the transition to this enhanced security protocol may take a week or two to apply universally, users can proactively verify the status and opt-in early through the code security and analysis settings. Acknowledging the potential ramifications of leaked secrets, GitHub underscores the importance of safeguarding not only private repositories but also public ones, which are integral to the open-source community. With over 95 percent of pushes to private repositories already being scanned by GitHub Advanced Security customers, extending push protection to public repositories reflects a commitment to upholding the integrity and security of the entire GitHub ecosystem. Despite the implementation of push protection, GitHub affirms users’ autonomy in managing their security preferences. While the default setting is to enable push protection, users retain the flexibility to bypass the block or disable push protection entirely through their user security settings. However, GitHub strongly advises against disabling push protection outright—advocating instead for a judicious approach where exceptions are made on a case-by-case basis. For organisations leveraging the GitHub Enterprise plan, additional security features – including GitHub Advanced Security – are available to fortify private repositories against potential breaches. This comprehensive DevSecOps platform solution encompasses secret scanning, code scanning, AI-powered autofix code suggestions, and other static application security (SAST) features. GitHub’s secret-scanning technology encompasses over 200 token types and patterns from more than 180 service providers; boasting industry-leading precision and minimising false positives. By leveraging the collective efforts of the community, GitHub aims to prevent the inadvertent exposure of sensitive information on public repositories. Earlier this week, research from Apiiro found that over 100,000 repositories on GitHub are infected with malicious code. The platform has been grappling with an ongoing “repo confusion” attack, where thousands of repositories flooded with obfuscated malware have targeted the platform. These attacks are part of a larger malware distribution campaign, reminiscent of tactics disclosed by Phylum last year. The campaign relies on deceptive Python packages hosted on cloned repositories to disseminate a malicious payload known as BlackCap Grabber. GitHub’s rollout of automatic push protection serves as a critical defence mechanism against such nefarious activities, providing users with enhanced visibility and control over their repositories’ security.
Date: 2024-03-01
Category: News