Willy's Chocolate Experience was an unlicensed event based on Charlie and the Chocolate Factory that took place in Glasgow, Scotland, in February 2024. The event was promoted as an immersive and interactive family experience, illustrated on a promotional website with "dreamlike" AI-generated images. Once it was discovered that the event was held in a sparsely decorated warehouse, many customers complained, and the police were called to the venue. The event went viral on the Internet and attracted worldwide media attention. The event drew comparisons to the 2008 Lapland New Forest controversy, the 2014 Tumblr fan convention DashCon, and Billy McFarland's 2017 Fyre Festival. == Background and advertising == The event was stated to take place over the weekend of 24–25 February 2024. Promotional material advertised "stunning and intricately designed settings inspired by Roald Dahl's timeless tale" and "an array of delectable treats scattered throughout the experience". Both the website and promotional material used poor-quality AI-generated images, which included several spelling errors such as "cartchy tuns" and "a pasadise of sweet teats" and nonsensical words such as "catgacating" and "exarserdray". Tickets cost up to £35 per person. While the event was being promoted in early February, a Reddit user who saw Facebook advertisements suspected it to be a scam and was surprised that people were apparently buying tickets based solely on AI-generated images. The event was organised by House of Illuminati, a company registered to Billy Coull which claimed to offer "unparalleled immersive experiences". An investigation by Third Force News conducted after the event described Coull's previous "murky involvement in the charity sector." Coull had previously registered several other companies and claimed to work as a "consultant" for the now-defunct brand Empowerity, formerly known as the charity Gowanbank Community Hub. In 2021, Gowanbank was forced to remove claims of a £95-per-ticket fundraising "gala" at DoubleTree Glasgow which had been falsely advertised to feature TV personalities and performers including Gok Wan and Joe Black. Coull had claimed to be a doctor with a fake degree from a false university that provided "metaphysical degrees", and had attempted to use the charity to win the 2022 Glasgow City Council election in the seat of Greater Pollok, though he never registered for the election. In the summer of 2023, he independently published 17 AI-generated books on various topics, including vaccine conspiracy theories. Rolling Stone concluded that House of Illuminati's websites and event descriptions were likely written by an AI chatbot, such as ChatGPT. Three actors were hired to portray "Willy McDuff", a character based on Willy Wonka. One of them, Paul Connell, said that the cast were given one day to learn the script. Another actor playing Willy McDuff was 18-year-old Michael Archibald; the experience was his first ever acting job, and he was given the script at 6 pm on Friday before the event began on Saturday. Kirsty Paterson, an actress who played one of the Oompa-Loompas (called "Wonkidoodles" in the script), said that the job offer had been posted on Indeed.com and offered £500 for two days of work. The day before the event, the actors attended a dress rehearsal at the sparsely decorated venue. They were told that others would be working through the night on the production. When they returned on the day of the event, the venue was in the same condition. Paterson was given her costume an hour before the event opened, saying that "We were just handed an Amazon box that probably arrived that morning." == Script == The script for the event is titled Wonkidoodles at McDuff's Chocolate Factory: A Script, and describes Willy McDuff leading an audience through the Garden of Enchantment and the Twilight Tunnel. Once there, they are confronted by a character called The Unknown, described as "an evil chocolate maker who lives in the walls" who seeks to steal the magical "Anti-Graffiti Gobstopper" from McDuff's Imagination Lab. The gobstopper is "a sweet so powerful, it can make any room sparkle without lifting a finger". McDuff defeats The Unknown by amplifying the power of the gobstopper and causing his enemy to be "gently swept up by a robotic vacuum, humorously ending the confrontation". The script was unusual in that it included stage directions for the audience, and descriptions of their reactions. Connell described it as "15 pages of AI-generated gibberish of me just monologuing these mad things", and compared the vacuum cleaner plot point to that of the Nintendo video game Luigi's Mansion. Interviewed after the event, Coull claimed to have written the script himself, using AI only to "check spelling, grammar, and continuity" as he said he had dyslexia. == Event == The event was held at the Box Hub Warehouse event space in Whiteinch, an industrial area of Glasgow. Customers described the venue as "little more than an abandoned, empty warehouse", with set dressings including a small bouncy castle, AI-generated backdrop images pinned to some of the walls, and props which were "strewn about on bare concrete floors". The venue's windows were dirty and its air conditioning systems were left exposed. Paterson has stated that by the time she saw the venue, she had already signed her contract and "didn't want to disappoint the kids", and thus chose to proceed with the work. The Unknown was played by a 16-year-old actress named Felicia Dawkins, who wore a silver mask and a black cloak. Young children were frightened by the character, who appeared from behind a large rectangular mirror. Despite the script calling for The Unknown to be defeated with a vacuum cleaner, no such prop was provided, and actors were instead asked to improvise. Connell said that he and other employees were told to give each child "two jelly beans and a quarter of a cup of lemonade", although the limited supply of jelly beans quickly ran out. Paterson and another "Wonkidoodle" actress, Jenny Fogarty, said that after the first three 45-minute performances, the cast were told to abandon the script and instead let guests walk through the venue, a process that Paterson said took "about two minutes". The character of The Unknown, previously introduced as the main antagonist, was now "scaring children for no reason". One of the actors playing McDuff improvised the idea that children should pull a "silly face" at The Unknown to scare them away, but Dawkins said that, in other cases, she "just had to awkwardly walk back to my corner". Connell was told he would be given a 15-minute break every 45 minutes, but on the day of the event, he played Willy McDuff for three and a half hours without a break. After returning from a lunch break, Connell encountered a crowd of customers demanding refunds from Coull, and the other actors were unsure what to do next. After being told that the event was now cancelled halfway through its opening day, the actors left and went to a pub. Upon returning to the venue some time later, Connell said that he felt "the threat of violence had become quite high" and that there were two police vans and two squad cars at the scene. == Customer reviews and response == Willy's Chocolate Experience was widely criticised by those who attended it, many of whom demanded refunds. One customer, who had driven with his children for two hours to reach the event, described it as an "absolute con". Other visitors who arrived after the event was closed and were not informed of its cancellation requested compensation for wasted rail fares. Following the event's cancellation, Coull offered to refund 850 people, a statement repeated by the event's Facebook page. Some Facebook users stated that they had received their money back. Paterson and Fogarty stated that they only received half of their paycheque. Box Hub, the organisation that had rented the warehouse to House of Illuminati, issued an apology on House of Illuminati's behalf, stating that they "either have no regards for the families and young children they have disappointed or are too embarrassed to comment", and offered to provide a venue free of charge for those who attended the event. House of Illuminati later stated that they would not host any future events. Coull deleted his LinkedIn profile, his YouTube channel, and his personal website in response to the controversy. A few days after the event, Connell said he felt that Coull was "probably one of the most disliked people in Glasgow right now". In an interview with The Sunday Times, Coull apologised for how the event turned out, saying he would accept responsibility. == Fundraising == In an interview with Wired magazine, Connell stated that he and the other actors were working with parents to provide a free show for the children who attended. Some items from the event were later auctioned for charity. The venue auctioned the leftover hand-written "even
Glyph (data visualization)
In the context of data visualization, a glyph is any marker, such as an arrow or similar marking, used to specify part of a visualization. This is a representation to visualize data where the data set is presented as a collection of visual objects. These visual objects are collectively called a glyph. It helps visualizing data relation in data analysis, statistics, etc. by using any custom notation. In the context of data visualization, a glyph is the visual representation of a piece of data where the attributes of a graphical entity are dictated by one or more attributes of a data record. == Constructing glyphs == Glyph construction can be a complex process when there are many dimensions to be represented in the visualization. Maguire et al proposed a taxonomy based approach to glyph-design that uses a tree to guide the visual encodings used to representation various data items. Duffy et al created perhaps one of the most complex glyph representations with their representation of sperm movement.
Microsoft Query
Microsoft Query is a visual method of creating database queries using examples based on a text string, the name of a document or a list of documents. The QBE system converts the user input into a formal database query using Structured Query Language (SQL) on the backend, allowing the user to perform powerful searches without having to explicitly compose them in SQL, and without even needing to know SQL. It is derived from Moshé M. Zloof's original Query by Example (QBE) implemented in the mid-1970s at IBM's Research Centre in Yorktown, New York. In the context of Microsoft Access, QBE is used for introducing students to database querying, and as a user-friendly database management system for small businesses. Microsoft Excel allows results of QBE queries to be embedded in spreadsheets.
MaPS S.A.
MaPS S.A. is a software editor founded in 2011 by Thierry Muller. The company is headquartered in Luxembourg. Its platform, called MaPS System, provides Data Management software for Multichannel Marketing. == History and funding == The first version of MaPS System was released under the agency Prem1um S.A. in 2005 in the partnership with Pingroom agency. In combination with MaPS System, Prem1um also provided various consulting services in Marketing, Publishing and Sales. This is where MaPS System takes its names (M stands for Marketing, P for Publishing and S for Sales). In 2011, after being successful, Prem1um S.A. decided to enable the software MaPS System to operate independently under MaPS S.A., as a separate company and editor of the software. The first financial supports were provided by Malta ICI, a Venture Capital firm, and the local partner Chameleon Invest, a seed-capital fund led by Business Angels, who invested €900,000. In a second investment round in 2014 led by Newion Investments, a Venture Capital firm, €1.4 Million were raised, thus amounting to total assets of €2.2 Million. In 2016, the company was taken over by three private investors. In 2018, after two years of continuous growth and European expansion in Belgium, Germany and Switzerland, MaPS S.A acquired Awevo, an e-commerce web agency. == Products == The services included in MaPS System range from the data centralization, Data Governance to an optimized Multichannel Marketing. The software currently includes more than 35 modules for Master Data Management, Product Information Management, Digital Asset Management, Business Process Management including catalogue Publishing features. == Certifications == In 2019, MaPS System and Awevo received "Made in Luxembourg" label, given to the companies whose services are entirely designed in Luxembourg, without any production or development offshoring. MaPS System is a member of ICT Cluster by Luxinnovation.
Non-personal data
Non-Personal Data (NPD) is electronic data that does not contain any information that can be used to identify a natural person. Thus, it can either be data that has no personal information to begin with (such as weather data, stock prices, data from anonymous IoT sensors); or it is data that had personal data that was subsequently pseudoanonymized (for example, identifiable strings substituted with random strings) or anonymized (such as by irreversibly removing all personal data). NPD is part of the overall Data Governance Strategy of a region or country. While personal data are covered by Data Protection Legislation such as GDPR, other kinds of data would fall under the scope of NPD Regulation. == Importance of non-personal data == It has been pointed out that the future is data-driven. What this means is that much of the present innovation taking place in domains such as Machine Learning and Artificial Intelligence is fueled by data, which is needed for calibrating the complex models (comprising neural network-based as well as other kinds). The larger the volume, diversity and quality of the data, the higher is the quality of the model, leading to better predictions and explanations. However, there is a flip-side to data availability. The newly-emerging awareness of privacy and the consequent need for powerful Data Protection Regulations (such as GDPR) makes it increasingly difficult or impossible to obtain data in the quantities required. This is a contradiction, and the only way out would be to remove all personal data from data sets (either by Data anonymization or Pseudonymization coupled with noise injection, at which point it becomes NPD. Therefore, many innovation-friendly countries are coming out with regulatory regimes that would ensure that personal data is protected, while, at the same time, non-personal data can be extracted from personal data so that innovation is fostered. In other words, NPD 'unlocks' value that was locked away in data sets that have personally-identifiable information. It is expected that multiple NPD data sets will begin to be available on free or commercial basis from different providers once the regulations are in place. == Emerging regulatory frameworks == Non-Personal Data has significant uses that may be economic, social, political or security-related. Several countries and regions are in the process of regulating the use of NPD. In May 2019, the European Union operationalized its Regulation of the Free Flow of NPD. India announced a nine-member expert committee to make recommendations on the regulation of NPD in 2019, which published its first report in mid-2020. The report was opened for public comments, after which it was revised and published in December 2020. == Proposed NPD regulatory framework in India == The following were the objectives of the proposed Indian regulation as per the revised report: Sovereignty: India has rights over the data of India, its people and organisations. Benefit India: Benefits of data must accrue to India and its people. Benefits the world: Innovation, new models and algorithms for the world. Privacy: Misuse, reidentification and harms must be prevented. Simplicity: The regulations should be simple, digital and unambiguous. Innovation and entrepreneurship: The data should be freely available for innovation and entrepreneurship in India. == Concerns == The major concern in the use of NPD is if there are techniques (statistical or AI-based) by which multiple data sets can be used to extract personally-identifiable data.
Zero-day vulnerability
A zero-day (also known as a 0-day) is a vulnerability or security hole in a computer system unknown to its developers or anyone capable of mitigating it. Until the vulnerability is remedied, threat actors can exploit it in a zero-day exploit, or zero-day attack. The term "zero-day" originally referred to the number of days since a new piece of software was released to the public, so "zero-day software" was obtained by hacking into a developer's computer before release. Eventually the term was applied to the vulnerabilities that allowed this hacking, and to the number of days that the vendor has had to fix them. Vendors who discover the vulnerability may create patches or advise workarounds to mitigate it, though users need to deploy that mitigation to eliminate the vulnerability in their systems. Zero-day attacks are severe threats. == Definition == Despite developers' goal of delivering a product that works entirely as intended, virtually all products contain software and hardware bugs. If a bug creates a security risk, it is called a vulnerability. Vulnerabilities vary in their ability to be exploited by malicious actors. Some are not usable at all, while others can be used to disrupt the device with a denial of service attack. The most dangerous allow the attacker to inject and run their own code, without the user being aware of it. Although the term "zero-day" initially referred to the time since the vendor had become aware of the vulnerability, zero-day vulnerabilities can also be defined as the subset of vulnerabilities for which no patch or other fix is available. A zero-day exploit is any exploit that takes advantage of such a vulnerability. == Exploits == An exploit is the delivery mechanism that takes advantage of the vulnerability to penetrate the target's systems, for such purposes as disrupting operations, installing malware, or exfiltrating data. Researchers Lillian Ablon and Andy Bogart write that "little is known about the true extent, use, benefit, and harm of zero-day exploits". Exploits based on zero-day vulnerabilities are considered more dangerous than those that take advantage of a known vulnerability. However, it is likely that most cyberattacks use known vulnerabilities, not zero-days. Governments of states are the primary users of zero-day exploits, not only because of the high cost of finding or buying vulnerabilities, but also the significant cost of writing the attack software. Nevertheless, anyone can use a vulnerability, and according to research by the RAND Corporation, "any serious attacker can always get an affordable zero-day for almost any target". Many targeted attacks and most advanced persistent threats rely on zero-day vulnerabilities. In 2017, the average time to develop an exploit from a zero-day vulnerability was estimated at 22 days. The difficulty of developing exploits has been increasing over time due to increased anti-exploitation features in popular software. === Window of vulnerability === Zero-day vulnerabilities are often classified as alive—meaning that there is no public knowledge of the vulnerability—and dead—the vulnerability has been disclosed, but not patched. If the software's maintainers are actively searching for vulnerabilities, it is a living vulnerability; such vulnerabilities in unmaintained software are called immortal. Zombie vulnerabilities can be exploited in older versions of the software but have been patched in newer versions. Even publicly known and zombie vulnerabilities are often exploitable for an extended period. Security patches can take months to develop, or may never be developed. A patch can have negative effects on the functionality of software and users may need to test the patch to confirm functionality and compatibility. Larger organizations may fail to identify and patch all dependencies, while smaller enterprises and personal users may not install patches. Research suggests that risk of cyberattack increases if the vulnerability is made publicly known or a patch is released. Cybercriminals can reverse engineer the patch to find the underlying vulnerability and develop exploits, often faster than users install the patch. According to research by RAND Corporation published in 2017, zero-day exploits remain usable for 6.9 years on average, although those purchased from a third party only remain usable for 1.4 years on average. The researchers were unable to determine if any particular platform or software (such as open-source software) had any relationship to the life expectancy of a zero-day vulnerability. Although the RAND researchers found that 5.7 percent of a stockpile of secret zero-day vulnerabilities will have been discovered by someone else within a year, another study found a higher overlap rate, as high as 10.8 percent to 21.9 percent per year. == Countermeasures == Because, by definition, there is no patch that can block a zero-day exploit, all systems employing the software or hardware with the vulnerability are at risk. This includes secure systems such as banks and governments that have all patches up to date. Security systems are designed around known vulnerabilities, and repeated exploitations of a zero-day exploit could continue undetected for an extended period of time. Although there have been many proposals for a system that is effective at detecting zero-day exploits, this remains an active area of research in 2023. Many organizations have adopted defense-in-depth tactics so that attacks are likely to require breaching multiple levels of security, which makes it more difficult to achieve. Conventional cybersecurity measures such as training and access control — including multi-factor authentication, least-privilege access, and air-gapping makes it harder to compromise systems with a zero-day exploit. Since writing perfectly secure software is impossible, some researchers argue that driving up the cost of exploits is considered a good strategy to reduce the burden of cyberattacks. == Market == Zero-day exploits can fetch millions of dollars. There are three main types of buyers: White: the vendor, or to third parties such as the Zero Day Initiative that disclose to the vendor. Often such disclosure is in exchange for a bug bounty. Not all companies respond positively to disclosures, as they can cause legal liability and operational overhead. It is not uncommon to receive cease-and-desist letters from software vendors after disclosing a vulnerability for free. Gray: the largest and most lucrative. Government or intelligence agencies buy zero-days and may use it in an attack, stockpile the vulnerability, or notify the vendor. The United States federal government is one of the largest buyers. As of 2013, the Five Eyes (United States, United Kingdom, Canada, Australia, and New Zealand) captured the plurality of the market and other significant purchasers included Russia, India, Brazil, Malaysia, Singapore, North Korea, and Iran. Middle Eastern countries were poised to become the biggest spenders. Black: organized crime, which typically prefers exploit software rather than just knowledge of a vulnerability. These users are more likely to employ "half-days" where a patch is already available. In 2015, the markets for government and crime were estimated at least ten times larger than the white market. Sellers are often hacker groups that seek out vulnerabilities in widely used software for financial reward. Some will only sell to certain buyers, while others will sell to anyone. White market sellers are more likely to be motivated by non pecuniary rewards such as recognition and intellectual challenge. Selling zero-day exploits is legal. Despite calls for more regulation, law professor Mailyn Fidler says there is little chance of an international agreement because key players such as Russia and Israel are not interested. The sellers and buyers that trade in zero-days tend to be secretive, relying on non-disclosure agreements and classified information laws to keep the exploits secret. If the vulnerability becomes known, it can be patched and its value consequently crashes. Because the market lacks transparency, it can be hard for parties to find a fair price. Sellers might not be paid if the vulnerability was disclosed before it was verified, or if the buyer declined to purchase it but used it anyway. With the proliferation of middlemen, sellers could never know to what use the exploits could be put. Buyers could not guarantee that the exploit was not sold to another party. Both buyers and sellers advertise on the dark web. Research published in 2022 based on maximum prices paid as quoted by a single exploit broker found a 44 percent annualized inflation rate in exploit pricing. Remote zero-click exploits could fetch the highest price, while those that require local access to the device are much cheaper. Vulnerabilities in widely used software are also more expensive. They estimated that around 400 to 1,500 people sold exploits to th
Microsoft Query
Microsoft Query is a visual method of creating database queries using examples based on a text string, the name of a document or a list of documents. The QBE system converts the user input into a formal database query using Structured Query Language (SQL) on the backend, allowing the user to perform powerful searches without having to explicitly compose them in SQL, and without even needing to know SQL. It is derived from Moshé M. Zloof's original Query by Example (QBE) implemented in the mid-1970s at IBM's Research Centre in Yorktown, New York. In the context of Microsoft Access, QBE is used for introducing students to database querying, and as a user-friendly database management system for small businesses. Microsoft Excel allows results of QBE queries to be embedded in spreadsheets.