Develop Reference

Differences in volume of audio content

We are having a Skill built for us which plays podcasts and audio snippets of videos. We currently serve all of this content through other traditional platforms like native mobile apps and a website.
One problem we have is that the volume of all this audio content is much lower than the rest of the sounds outputted from the Alexa device. We don't notice any similar discrepancies on the other aforementioned platforms, and the developers building the Skill say that there's no API which allows you to boost or manipulate the output volume (not the system volume).
Has anyone else had experiences with this sort of issue? We are reluctant to pump up the volume of our source files as it will affect all the other places they are listened to.

Short answer - yes it's tricky and you're not alone.
As detailed in this BBC report* on designing a voice application - "All of our experts have experienced problems in audio levels when mixing and mastering audio for smart speakers."
Official guidence from Amazon is:
Program loudness for Alexa should average -14 dB LUFS/LKFS
The true-peak value should not exceed -2 dBFS
It then goes so far as to say that,
Your skill may be rejected if program loudness:
Is lower than -19 dB LUFS
Is higher than -9dB LUFS
However, this mainly seems to apply to audio played either as part of a Flash Briefing or using the AudioPlayer Interface, and you may get away with deviating from this if using it as part of SSML output.
That said, in practice developers tend to bump the levels up on audio until it sounds good. Sticking strictly to the recommendations usually renders the volume way too low.
So, if you didn't want to increase the loudness of clips as it'd affect other platforms, your best options might be to create an Alexa-version of the audio - mixed slightly louder. Though, I recognize that this would be tedious.
*In the interest of transparency, I wanted to declare that I fed into this report.

How can I train the ibm watson personality insights api? [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
Using the api to analyze a twitter stream I am getting very similar results for openness for pretty much everybody. How can I train a corpus to generate a different output

Unfortunately, you can't. Also, I am afraid twitter is not the best source for this kind of analysis since each tweet has just a little piece of text. Watson Personality Insights works better with large text samples, and most probably, twitter sentences are too short to provide enough information for this kind of analysis (even if you concatenate several tweets in the same text sample).
But, if you're getting meaningful results for the other dimensions, what I'd suggest you to do is to ignore the openness information and try to calculate it using another algorithm (your own?) or even checking if just removing this dimension does not provide good enough results for you.
There are some nice tips here -- https://www.ibm.com/smarterplanet/us/en/ibmwatson/developercloud/doc/personality-insights/science.shtml and some references to papers that can help you understand the algorithm internals.

You cannot train Watson Personality Insights at the current version. But there may be alternatives.
From your message it is not clear to me if you are receiving too similar results for individual tweets or entire twitter streams. In the first case, as Leo pointed out in a different answer, please note that you should aim to provide enough information for any analysis to be meaningful (this is 3,000+ words, not just a tweet). In the second case, I would be a bit surprised if your scores are still so similar with so much text (how many tweets per user?), but this may still happen depending on the domain.
If you are analyzing individual tweets you may also benefit from user Tone Analyzer (in Beta as of today). Its "social tone" is basically the same model as Personality Insights, and gives some raw scores even for small texts. (And by the way you get other measures such as emotions and writing style).
And in any case (small or large inputs), we encourage users to take a look at the raw scores in their own data corpus. For example, say you are analyzing a set of IT support calls (I am making this up), you will likely find some traits tend to be all the same because the jargon and writing style is similar in all of them. However, within your domain there may be small differences you may want to focus, ie. there is still a 90% percentile, a lowest 10% in each trait... So you might want to do some data analysis on Personality Insights raw_score (api reference) or just the score in Tone Analyzer (api reference) and draw your own conclusions.

Is there any books or tutorial about writing a small database system? [duplicate]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
The community reviewed whether to reopen this question 12 months ago and left it closed:
Original close reason(s) were not resolved
Improve this question
I am interested in learning how a database engine works (i.e. the internals of it). I know most of the basic data structures taught in CS (trees, hash tables, lists, etc.) as well as a pretty good understanding of compiler theory (and have implemented a very simple interpreter) but I don't understand how to go about writing a database engine. I have searched for tutorials on the subject and I couldn't find any, so I am hoping someone else can point me in the right direction. Basically, I would like information on the following:
How the data is stored internally (i.e. how tables are represented, etc.)
How the engine finds data that it needs (e.g. run a SELECT query)
How data is inserted in a way that is fast and efficient
And any other topics that may be relevant to this. It doesn't have to be an on-disk database - even an in-memory database is fine (if it is easier) because I just want to learn the principals behind it.
Many thanks for your help.

If you're good at reading code, studying SQLite will teach you a whole boatload about database design. It's small, so it's easier to wrap your head around. But it's also professionally written.
SQLite 2.5.0 for Code Reading
http://sqlite.org/

The answer to this question is a huge one. expect a PHD thesis to have it answered 100% ;)
but we can think of the problems one by one:
How to store the data internally:
you should have a data file containing your database objects and a caching mechanism to load the data in focus and some data around it into RAM
assume you have a table, with some data, we would create a data format to convert this table into a binary file, by agreeing on the definition of a column delimiter and a row delimiter and make sure such pattern of delimiter is never used in your data itself. i.e. if you have selected <*> for example to separate columns, you should validate the data you are placing in this table not to contain this pattern. you could also use a row header and a column header by specifying size of row and some internal indexing number to speed up your search, and at the start of each column to have the length of this column
like "Adam", 1, 11.1, "123 ABC Street POBox 456"
you can have it like
<&RowHeader, 1><&Col1,CHR, 4>Adam<&Col2, num,1,0>1<&Col3, Num,2,1>111<&Col4, CHR, 24>123 ABC Street POBox 456<&RowTrailer>
How to find items quickly
try using hashing and indexing to point at data stored and cached based on different criteria
taking same example above, you could sort the value of the first column and store it in a separate object pointing at row id of items sorted alphabetically, and so on
How to speed insert data
I know from Oracle is that they insert data in a temporary place both in RAM and on disk and do housekeeping on periodic basis, the database engine is busy all the time optimizing its structure but in the same time we do not want to lose data in case of power failure of something like that.
so try to keep data in this temporary place with no sorting, append your original storage, and later on when system is free resort your indexes and clear the temp area when done
good luck, great project.

There are books on the topic a good place to start would be Database Systems: The Complete Book by Garcia-Molina, Ullman, and Widom

SQLite was mentioned before, but I want to add some thing.
I personally learned a lot by studying SQlite. The interesting thing is, that I did not go to the source code (though I just had a short look). I learned much by reading the technical material and specially looking at the internal commands it generates. It has an own stack based interpreter inside and you can read the P-Code it generates internally just by using explain. Thus you can see how various constructs are translated to the low-level engine (that is surprisingly simple -- but that is also the secret of its stability and efficiency).

I would suggest focusing on www.sqlite.org
It's recent, small (source code 1MB), open source (so you can figure it out for yourself)...
Books have been written about how it is implemented:
http://www.sqlite.org/books.html
It runs on a variety of operating systems for both desktop computers and mobile phones so experimenting is easy and learning about it will be useful right now and in the future.
It even has a decent community here: https://stackoverflow.com/questions/tagged/sqlite

Okay, I have found a site which has some information on SQL and implementation - it is a bit hard to link to the page which lists all the tutorials, so I will link them one by one:
http://c2.com/cgi/wiki?CategoryPattern
http://c2.com/cgi/wiki?SliceResultVertically
http://c2.com/cgi/wiki?SqlMyopia
http://c2.com/cgi/wiki?SqlPattern
http://c2.com/cgi/wiki?StructuredQueryLanguage
http://c2.com/cgi/wiki?TemplateTables
http://c2.com/cgi/wiki?ThinkSqlAsConstraintSatisfaction

may be you can learn from HSQLDB. I think they offers small and simple database for learning. you can look at the codes since it is open source.

If MySQL interests you, I would also suggest this wiki page, which has got some information about how MySQL works. Also, you might want to take a look at Understanding MySQL Internals.
You might also consider looking at a non-SQL interface for your Database engine. Please take a look at Apache CouchDB. Its what you would call, a document oriented database system.
Good Luck!

I am not sure whether it would fit to your requirements but I had implemented a simple file oriented database with support for simple (SELECT, INSERT , UPDATE ) using perl.
What I did was I stored each table as a file on disk and entries with a well defined pattern and manipulated the data using in built linux tools like awk and sed. for improving efficiency, frequently accessed data were cached.

Choosing licensing statement for an open standard/specification [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I've started to write a file format specification for a domain-specific data type. My goal is to improve interoperability between a large number of data providers and search algorithms. I want the result to be available for use, patent-free and without distribution fees.
I'm looking for advice on which license to use, both for the specification and for the contributor agreement, if I need one.
If this were software then I know enough about the GPL, MIT, etc. licenses to make an informed decision. If this were a straight document then I would pick one of the Creative Commons licenses, likely CC by attribution.
Looking around, I don't find any common license statement or much in the way of advice. I'm leaning towards the one used in RFC (for example, the HTTP/1.1 copyright statement) but that says "this document itself may not be modified in any way" (with exceptions), which is something I'm not used to from developing code under the MIT and GPL licenses. But that restrictions seems pretty common in specifications.
Unlike most documents but like code, specifications can be affected by patent. Is it best practices these days to also state that the specification is patent-free and require any contributors to reveal any patent conflicts they may know of and/or freely license those patents for the purposes of implementing the spec?
Should I require some sort of contributor agreement?
Or should I just wing it, choose the RFC copyright statement (or CC-By-Attribution), and not worry about this?

"this document itself may not be modified in any way" (with exceptions) [...] But that restrictions seems pretty common in specifications.
Actually, it is pretty much a requirement. If anybody could change it at will, it wouldn't be much of a specification: that would defeat the whole purpose to "improve interoperability between a large number of data providers and search algorithms".
Dalke: Is it? I'm so used to implementation-defined and ad hoc format definitions and people who break the spec left and right that I didn't think it would add anything, and protection would hinder future extension if I decide to not continue maintaining the code. I thought conformance was better handled by trademark law, like how DRM-based CDs which violate Phillips' Red Book can't use the "CD" logo.
[...] which is something I'm not used to from developing code under the MIT and GPL licenses
Actually, you are used to it, you just don't realize it: the whole reason why you were able to just write the three letters "GPL" above and blindly assume that everybody knows precisely what you mean, is because the GPL itself contains exactly that same restriction. ("Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.") The GPL itself is not distributed under a Free License, precisely because if anybody where allowed to modify it, it would lose its meaning.
Dalke: You're right, although the GFDL's "invariant section" sprang immediately to mind when I was considering the possibilities. I will point out that people do things in the license grant which modify the terms of the GPL to, among other things, make it non-free, and I've personally modified the three-clause BSD license to scratch out Berkeley and put in my name, but those are quibbles.
Is it best practices these days to also state that the specification is patent-free and require any contributors to reveal any patent conflicts they may know of and/or freely license those patents for the purposes of implementing the spec?
Yes. It is clear from your question that you care a great deal about making the barrier for implementors as low as possible. Then, what good is a free, open, royalty-free specification if I have to pay for a patent license anyway? This has to be addressed, preferably by an IP/patent lawyer with extensive expertise in such questions (including, but not limited to, the specific challenges that open source projects face with regards to patent licensing).
There are some quite subtle pitfalls in there. For example, one common theme is to require that patent licenses be made available under what is usually called FRAND (or RAND) terms, which stands for fair, reasonable and non-discriminatory. Which sounds good, right? Except there's a subtle problem there: charging 1 cent for every copy is certainly reasonable and if you charge everybody the same amount, it's also fair and non-discriminatory. Except that open source projects (and even freely distributable proprietary ones) cannot enforce those terms, therefore they cannot implement the specification.
Dalke: Very true. But for licenses that's a well described topic. There are reams of text on the matter, and suggestions, and podcasts, and even automated license choosers. For specifications, not so much. I did know about the RAND issue, and I've heard stories about other spec where a contributor at the end said "Oh! Look at that! We've got a patent on it. Well lucky us!" A question is how much I should worry about it.
So, proper patent promises or covenants or whatever you call them, are very important. (As are trademarks, by the way.)
For example, the W3C originally wanted to adopt a RAND license for its specifications, but after significant protests from projects such as Mozilla and Apache, they decided upon a royalty-free model. So, even an organization which cares deeply about freedom and openness almost made a mistake with the potential of killing every single open source web browser, feedreader and XML parser.
Or should I just wing it, choose the RFC copyright statement (or CC-By-Attribution), and not worry about this?
"Winging" important legal decisions is how people end up bankrupt or even in jail. Or at least extremely unhappy. While the first two are pretty unlikely in this case, I assume that you will be unhappy if you find out in two years that your specification is completely useless because of a glitch in its patent/copyright/IP legalese.
Dalke: I knew that word would be a draw. ;)
There are legal firms that specialize in pro bono work for non-profit developers of open source projects; maybe one of those will help you. The most well-known ones are probably the Software Freedom Law Center (SLFC) in the US and the Institut für Rechtsfragen der Freien und Open Source Software (ifrOSS) in Germany.
And whaddaya know, the fourth news item on the ifrOSS homepage is about the Open Web Foundation Agreement, which is a license template by the Open Web Foundation specifically for open, non-proprietary community-driven specifications for web technologies.
Dalke: Thanks. I'm in Sweden, so I wonder how well those resources will apply to me. Looking at the OWF I see it's US-based but it tries hard to be international, and I see one thing I don't like; the requirement for attribution. It does look like they are the people to talk to. Thanks for the pointer!

Software evaluation licensing [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
My company is looking to start distributing some software we developed and would like to be able to let people try the software out before buying. We'd also like to make sure it can't be copied and distributed to our customers' customers.
One model we've seen is tying a license to a MAC address so the software will only work on one machine.
What I'm wondering is, what's a good way to generate a license key with different information embedded in it such as license expiration date, MAC address, and different software restrictions?

I've used both FLEXlm from Macrovision (formerly Globetrotter) and the newer RLM from Reprise Software (as I understand, written by FlexLM's original authors). Both can key off either the MAC address or a physical dongle, can be either node-locked (tied to one machine only) or "floating" (any authorized machine on the network can get a license doled out by a central license server, up to a maximum number of simultaneously checked-out copies determined by how much they've paid for). There are a variety of flexible ways to set it up, including expiration dates, individual sub-licensed features, etc. Integration into an application is not very difficult. These are just the two I've used, I'm sure there are others that do the job just as well.
These programs are easily cracked, meaning that there are known exploits that let people either bypass the security of your application that uses them, either by cutting their own licenses to spoof the license server, or by merely patching your binary to bypass the license check (essentially replacing the subroutine call to their library with code that just says "return 'true'". It's more complicated than that, but that's what it mostly boils down to. You'll see cracked versions of your product posted to various Warez sites. It can be very frustrating and demoralizing, all the more so because they're often interested in cracking for cracking sake, and don't even have any use for your product or knowledge of what to do with it. (This is obvious if you have a sufficiently specialized program.)
Because of this, some people will say you should write your own, maybe even change the encryption scheme frequently. But I disagree. It's true that rolling your own means that known exploits against FLEXlm or RLM won't instantly work for your application. However, unless you are a total expert on this kind of security (which clearly you aren't or you wouldn't be asking the question), it's highly likely that in your inexperience you will end up writing a much less secure and more crackable scheme than the market leaders (weak as they may be).
The other reason not to roll your own is simply that it's an endless cat and mouse game. It's better for your customers and your sales to put minimal effort into license security and spend that time debugging or adding features. You need to come to grips with the licensing scheme as merely "keeping honest people honest", but not preventing determined cracking. Accept that the crackers wouldn't have paid for the software anyway.
Not everybody can take this kind of zen attitude. Some people can't sleep at night knowing that somebody somewhere is getting something for nothing. But try to learn to deal with it. You can't stop the pirates, but you can balance your time/effort/expense trying to stop all piracy versus making your product better for users. Remember, sometimes the most pirated applications are also the most popular and profitable. Good luck and sleep well.

I'd suggest you take the pieces of information you want in the key, and hash it with md5, and then just take the first X characters (where X is a key length you think is manageable).
Cryptographically, it's far from perfect, but this is the sort of area where you want to put in the minimum amount of effort which will stop a casual attacker - anything more quickly becomes a black hole.
Oh, I should also point out, you will want to provide the expiration date (and any other information you might want to read out yourself) in plain text (or slightly obfuscated) as part of the key as well if you go down this path - The md5 is just to stop the end user from changing he expiration date to extend the license.
The easiest thing would be a key file like this...
# License key for XYZZY
expiry-date=2009-01-01
other-info=blah
key=[md5 has of MAC address, expiry date, other-info]

We've used the following algorithm at my company for years without a single incident.
Decide the fields you want in the code. Bit-pack as much as possible. For example, dates could be "number of days since 2007," and then you can get away with 16-bits.
Add an extra "checksum" field. (You'll see why in a second.) The value of this field is a checksum of the packed bytes from the other fields. We use "first 32 bits from MD5."
Encrypt everything using TEA. For the key, use something that identifies the customer (e.g. company name + personal email address), that way if someone wants to post a key on the interweb they have to include their own contact info in plain text.
Convert hex to a string in some sensible way. You can do straight hex digits but some people like to pick a different set of 16 characters to make it less obvious. Also include dashes or something regularly so it's easier to read it over the phone.
To decrypt, convert hex to string and decrypt with TEA. But then there's this extra step: Compute your own checksum of the fields (ignoring the checksum field) and compare to the given checksum. This is the step that ensures no one tampered with the key.
The reason is that TEA mixes the bits completely, so if even one bit is changed, all other bits are equally likely to change during TEA decryption, therefore the checksum will not pass.
Is this hackable? Of course! Almost everything is, but this is tight enough and simple to implement.
If tying to contact information is not sufficient, then include a field for "Node ID" and lock it to MAC address or somesuch as you suggest.

Don't use MAC addresses. On some hardware we've tested - in particular some IBM Thinkpads - the MAC address can change on a restart. We didn't bother investigating why this was, but we learned quite early during our research not to rely on it.
Obligatory disclaimer & plug: the company I co-founded produces the OffByZero Cobalt licensing solution. So it probably won't surprise you to hear that I recommend outsourcing your licensing, & focusing on your core competencies.
Seriously, this stuff is quite tricky to get right, & the consequences of getting it wrong could be quite bad. If you're low-volume high-price a few pirated copies could seriously dent your revenue, & if you're high-volume low-price then there's incentive for warez d00dz to crack your software for fun & reputation.
One thing to bear in mind is that there is no such thing as truly crack-proof licensing; once someone has your byte-code on their hardware, you have given away the ability to completely control what they do with it.
What a good licensing system does is raise the bar sufficiently high that purchasing your software is a better option - especially with the rise in malware-infected pirated software. We recommend you take a number of measures towards securing your application:
get a good third-party licensing system
pepper your code with scope-contained checks (e.g. no one global variable like fIsLicensed, don't check the status of a feature near the code that implements the feature)
employ serious obfuscation in the case of .NET or Java code

The company I worked for actually used a usb dongle. This was handy because:
Our software was also installed on that USB Stick
The program would only run if it found the (unique) hardware key (any standard USB key has that, so you don't have to buy something special, any stick will do)
it was not restricted to a computer, but could be installed on another system if desired
I know most people don't like dongles, but in this case it was quite handy as it was actually used for a special purpose media player that we also delivered, the USB keys could thus be used as a demo on any pc, but also, and without any modifications, be used in the real application (ie the real players), once the client was satisfied

We keep it simple: store every license data to an XML (easy to read and manage), create a hash of the whole XML and then crypt it with a utility (also own and simple).
This is also far from perfect, but it can hold for some time.

Almost every commercial license system has been cracked, we have used many over the years all eventually get cracked, the general rule is write your own, change it every release, once your happy try to crack it yourself.
Nothing is really secure, ultimately look at the big players Microsoft etc, they go with the model honest people will pay and other will copy, don't put too much effort into it.
If you application is worth paying money for people will.

I've used a number of different products that do the license generation and have created my own solution but it comes down to what will give you the most flexibility now and down the road.
Topics that you should focus on for generating your own license keys are...
HEX formating, elliptic curve cryptography, and any of the algorithms for encryption such as AES/Rijndael, DES, Blowfish, etc. These are great for creating license keys.
Of course it isn't enough to have a key you also need to associate it to a product and program the application to lock down based on a key system you've created.
I have messed around with creating my own solution but in the end when it came down to making money with the software I had to cave and get a commercial solution that would save me time in generating keys and managing my product line...
My favorite so far has been License Vault from SpearmanTech but I've also tried FlexNet (costly), XHEO (way too much programming required), and SeriousBit Ellipter.
I chose the License Vault product in the end because I would get it for much cheaper than the others and it simply had more to offer me as we do most of our work in .NET 3.5.

It is difficult to provide a good answer without knowing anything about your product and customers. For enterprise software sold to technical people you can use a fairly complex licensing system and they'll figure it out. For consumer software sold to the barely computer-literate, you need a much simpler system.
In general, I've adopted the practice of making a very simple system that keeps the honest people honest. Anyone who really wants to steal your software will find a way around any DRM system.
In the past I've used Armadillo (now Software Passport) for C++ projects. I'm currently using XHEO for C# projects.

If your product requires the use of the internet, then you can generate a unique id for the machine and use that to check with a license web service.
If it does not, I think going with a commercial product is the way to go. Yes, they can be hacked, but for the person who is absolutely determined to hack it, it is unlikely they ever would have paid.
We have used: http://www.aspack.com/asprotect.aspx
We also use a function call in their sdk product that gives us a unique id for a machine.
Good company although clearly not native English speakers since their first product was called "AsPack".