## WebP 的檔案大小未必比 JPEG 小...

Google 在推 WebP 這個格式的時候，宣稱失真壓縮的部份可以比 JPEG 小 25%～34%：(出自「A new image format for the Web」)

WebP lossless images are 26% smaller in size compared to PNGs. WebP lossy images are 25-34% smaller than comparable JPEG images at equivalent SSIM quality index.

I think Google’s result of 25-34% smaller files is mostly caused by the fact that they compared their WebP encoder to the JPEG reference implementation, Independent JPEG Group’s cjpeg, not Mozilla’s improved MozJPEG encoder. I decided to run some tests to see how cjpeg, MozJPEG and WebP compare. I also tested the new AVIF format, based on the open AV1 video codec. AVIF support is already in Firefox behind a flag and should be coming soon to Chrome if this ticket is to be believed.

WebP seems to have about 10% better compression compared to libjpeg in most cases, except with 1500px images where the compression is about equal.

However, when compared to MozJPEG, WebP only performs better with small 500px images. With other image sizes the compression is equal or worse.

I think MozJPEG is the clear winner here with consistently about 10% better compression than libjpeg.

I think AVIF is a really exciting development and compared to WebP it seems like a true next-generation codec with about 30% better compression ratio compared to libjpeg. Only concern I have is the excessive blurring of low detail areas. It remains to be seen if this can be improved when more advanced tooling becomes available.

Media
New Features

## 原來 Fully Homomorphic Encryption 已經被解啦...

Hacker News Daily 上看到「IBM Releases Fully Homomorphic Encryption Toolkit for MacOS and iOS; Linux and Android Coming Soon」這個消息，主要是 IBM Research 要放出一些跟 Fully Homomorphic Encryption (FHE) 的 library。

Homomorphic encryption 講的是直接對密文操作：(這邊的 $\cdot$ 是操作，可能是加法，也可能是乘法，或是其他類型)

$C_1 = enc(P_1)$
$C_2 = enc(P_2)$

$enc(P_1 \cdot P_2) = enc(P_1) \cdot enc(P_2) = C_1 \cdot C_2$

(雖然只用了十頁主要還是因為 STOC 篇幅的關係，但扣掉 circuit privacy 的部份，前面在說明建構與證明的過程只用了九頁也是很驚人)

## PHP 8 將會移除 XML-RPC，改放到 PECL 內

Twitter 上看到「PHP RFC: Unbundle ext/xmlrpc」這則消息，PHP 官方打算把 XML-RPC (也就是 git repository 裡面的 ext/xmlrpc) 拆出去，移到 PECL

Unbundle ext/xmlrpc (i.e. move it to PECL) without any explicit deprecation.

ext/xmlrpc relies on on libxmlrpc-epi, which is abandoned. Even worse, we are bundling a modified 0.51, while the latest version is 0.54.1. This is exacerbated by the fact that the system library is usually built against libexpat, but the bundled library is likely to be built against libxml2 using our compatibility layer.

## Microsoft 推出的 React Native for Windows + Mac

React Native for Windows + Mac brings React Native support for the Windows 10 SDK as well as the MacOS 10.12 SDK. With this, you can use Javascript to build native Windows apps for all devices supported by Windows 10 including PCs, tablets, 2-in-1s, Xbox, Mixed reality devices, etc., as well as the MacOS desktop and laptop ecosystems.

macOS 的 10.12 是 macOS Sierra，已經是 unsupported 的版本 (到 2019 年九月)，所以目前蘋果官方有支援的作業系統都有在這包的範圍內。

Windows 10 SDK 的部份就不知道現在還有在支援的 Windows 8.1 能不能裝了。(看「Windows 10 SDK」這頁有列出 Win32 程式可以，但就不知道這次這包是不是用 UWP 技術...)

## PHP 8 的提案，將 JSON library 放入必須項目

Twitter 上看到的通知，這個提案將 PHPJSON 列為語言的必須項目，目前的狀態是 Under Discussion：「PHP RFC: Always available JSON extension」。

The Software shall be used for Good, not Evil.

Make it impossible to disable the JSON extension through configuration or build options. Require that JSON be built statically instead of as a shared library.

## 產生模糊縮圖的 BlurHash

For comparison, Instagram sends ~200 byte base64 thumbnails in its API responses. It's a low-res JPEG with a fixed header to save a bit more space. This is also used to blur sensitive images. You can get even better results with webp.

## jQuery 3.5.0 的修正，補 XSS 漏洞

jQuery 的說明如果看不懂，可以交叉參考「XSS Game」這篇的說明，搜尋 htmlPrefilter 應該就可以看到了。

<style><style/><script>alert(1)<\/script>

<style><style></style><script>alert(1)<\/script>

## 用 OpenCV 與類神經網路放大圖片

The first parameter is the name of the model. You can choose between: “edsr”, “fsrcnn”, “lapsrn”, “espcn”. It is very important that this model is the correct one for the model you specified in ‘sr.readModel()’. See the Model section on the bottom of the page for the specifications of each model.