Abstract: Example methods and systems determine a position of a portion of a human eye based on electromagnetic radiation reflected from the surface of the human eye. A sensor associated with a computing device can be calibrated in response to an event. The computing device can receive data indicative of electromagnetic radiation reflected from a human eye. The computing device can determine a position of a portion of the human eye based on the received data indicative of electromagnetic radiation. The computing device can generate an indication including the position of the portion of the human eye. The computing device can transmit the indication from the computing device. In some embodiments, the data indicative of electromagnetic information can be provided by electromagnetic emitter/sensors mounted on a wearable computing device directed toward a human eye of a wearer of the wearable computing device.

Abstract: Methods and apparatus are disclosed for receiving and transmitting signals at a balloon. Received signals can be received at the balloon, which can include a payload and an envelope. The envelope can include at least a first antenna section and a second antenna section. Both the first and second antenna sections are configured at least to receive the received signals and convey at least the received signals to the payload. The first antenna section can include a first metallization pattern to receive a first type of signal. The second antenna section can include a second metallization pattern to receive a second type of signal, with the first metallization pattern being different from the second metallization pattern.

Abstract: Methods and devices for providing a user-interface are disclosed. In one embodiment, the method comprises receiving data corresponding to a first position of a wearable computing device and responsively causing the wearable computing device to provide a user-interface. The user-interfaces comprises a view region and a menu, where the view region substantially fills a field of view of the wearable computing device and the menu is not fully visible in the view region. The method further comprises receiving data indicating a selection of an item present in the view region and causing an indicator to be displayed in the view region, wherein the indicator changes incrementally over a length of time. When the length of time has passed, the method comprises responsively causing the wearable computing device to select the item.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for memory address pinning. One of the methods includes loading a software module into a sandbox environment; receiving, a message from the software module to a recipient, the message includes a memory address; determining whether to pin the memory address; and passing the message to an address pinning unit which replaces at least a portion of the memory address with at least a portion of a specified replacement address, when it is determined to pin the memory address, and passes the modified message to be delivered to the recipient.

Abstract: Methods and apparatus are disclosed for receiving and transmitting signals at a balloon. Received signals can be received at the balloon, which can include a payload and an envelope. The envelope can include at least a first antenna section and a second antenna section. Both the first and second antenna sections are configured at least to receive the received signals and convey at least the received signals to the payload. The first antenna section can include a first metallization pattern to receive a first type of signal. The second antenna section can include a second metallization pattern to receive a second type of signal, with the first metallization pattern being different from the second metallization pattern.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for executing native code modules. One of the methods includes for executing a native code module includes obtaining the native code module, wherein instructions in the native code module are encoded by variable-length encoding; loading the native code module into a secure runtime environment for an ARM instruction set architecture; and safely executing the native code module in the secure runtime environment using software fault isolation (SFI) mechanisms.

Abstract: Example methods and systems determine viewing states, blinks, and blink intervals of an eye of a wearer of a head-mountable device. The head-mountable display can emit IR radiation from an associated IR radiation source toward a target location. An IR sensor associated with the head-mountable display can receive reflected IR radiation, such as the IR radiation emitted by the IR radiation source and reflected from the target location. The IR sensor can generate amplitude data for the reflected IR radiation. The head-mountable display can be used to determine a viewing state of the target location. The viewing state can be based on the amplitude data. The viewing state can determined from among a no-wearer-present viewing state, a wearer-present viewing state, a closed-eye viewing state, an open-eye viewing state, a non-display-viewing viewing state, and a display-viewing viewing state.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for memory address pinning. One of the methods includes loading a software module into a sandbox environment; receiving, a message from the software module to a recipient, the message includes a memory address; determining whether to pin the memory address; and passing the message to an address pinning unit which replaces at least a portion of the memory address with at least a portion of a specified replacement address, when it is determined to pin the memory address, and passes the modified message to be delivered to the recipient.

Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.

Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that constrain store instructions in the native code module. The SFI mechanisms also maintain control flow integrity for the native code module by dividing a code region associated with the native code module into equally sized code blocks and data blocks and starting each of the data blocks with an illegal instruction.

Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that constrain store instructions in the native code module. The SFI mechanisms also maintain control flow integrity for the native code module by dividing a code region associated with the native code module into equally sized code blocks and data blocks and starting each of the data blocks with an illegal instruction.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for software sandboxing. One of the methods includes receiving a software module that includes verifiably safe computer code and a branch destination table indicating addresses of all instructions that may be targets of indirect control flow transfers; validating the computer code to determine whether it can run safely by using a statically verifiable fault isolation scheme, where validating the computer code comprises validating the addresses of the branch destination table instructions; and running the computer code, in a sandbox environment, if it has been determined to run safely.

Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that constrain store instructions in the native code module. The SFI mechanisms also maintain control flow integrity for the native code module by dividing a code region associated with the native code module into equally sized code blocks and data blocks and starting each of the data blocks with an illegal instruction.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for runtime language-independent sandboxing of software. In one aspect, a system implements an extended Software Fault Isolation (SFI) software sandboxing system configured to provide a user-mode program interface for receiving runtime requests for modifying verifiably safe executable machine code. Requests can include dynamic code creation, dynamic code deletion, and atomic modification of machine code instructions. A runtime modification of a verifiably safe executable memory region is made in response to each received runtime request, and code within the modified memory region has a guarantee of safe execution.

Abstract: Disclosed are systems, methods, and devices for displaying one or more electronic communications associated with a meeting. A request to filter a plurality of electronic communications based on an identifier of a participant of the meeting is received at a computing device. The computing device filters the plurality of electronic communications, based at least on the identifier of the participant, to obtain at least one filtered electronic communication. The computing device generates a display of the at least one filtered electronic communication.

Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that constrain store instructions in the native code module. The SFI mechanisms also maintain control flow integrity for the native code module by dividing a code region associated with the native code module into equally sized code blocks and data blocks and starting each of the data blocks with an illegal instruction.

Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.

Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.

Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.

Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.