Category Archives: Technology

Technology related items.

What does the TWAIN Working Group do?

Posted on by
Reply

At the recent AIIM International AI+IM Global Summit, we asked the audience if they knew what the TWAIN Working Group does and a majority answered that they did not know, or wanted more information. So we’ve created this short explainer video as a high level overview for our 3 projects of TWAIN Classic, TWAIN Direct and PDF/Raster.

1. TWAIN Classic is a mature specification used for USB document scanners.
2. TWAIN Direct is a newer, RESTful API architecture, specification used for Ethernet or WiFi scanners and MFP’s.
3. PDF/Raster, or PDF/R, is a simplified version of PDF optimized for document scanning IoT devices.

Stargate, DeepSeek and Energy Efficiencies of AI with the TWAIN Working Group

Posted on by
Reply

Last week’s announcement of Stargate—a $500 billion collaboration between SoftBank, Oracle, and OpenAI—got me thinking deeply about something even more critical than the technology itself: the energy required for such massive artificial intelligence projects. This was top of mind even before this week’s announcement of DeepSeek, China’s alternative AI system, and I touched on it during the 1/24/2025 Post & Walters Ask Us Anything live podcast. When asked about my most urgent priority, I said “Energy,” and for good reason.

Oracle’s construction of massive new data centers highlights just how much space and energy these infrastructures demand. We’re now at a point where nuclear energy is being seriously considered—and in some cases, implemented—as a power source for data centers. While this level of energy use isn’t inherently bad, it raises an important question: How can we consume energy more economically and use it more efficiently?

To put this into perspective, let’s draw a parallel with the evolution of personal computers and operating systems. In the early days, when CPUs, RAM, and storage were expensive, operating system developers worked hard to optimize resource usage. However, as these components became cheaper and more abundant, efficiency often fell by the wayside, giving rise to “bloatware.” For example, the size of operating systems ballooned from Windows 3.1, which required just 6.7 MB, to modern versions occupying several gigabytes. Similar inefficiencies can be seen in software like Optical Character Recognition (OCR) tools.

Now consider Stargate, which relies on an immense data center infrastructure and consumes vast amounts of energy. Just days later, China announced DeepSeek, a competing AI system built at 1/1000th the cost ($5.6 million vs. $500 billion) and designed to use significantly less energy. According to this article, DeepSeek achieves remarkable energy efficiency, partly because sanctions on chip exports forced its creators to innovate rather than rely on resource-intensive “bloatware.” Early reviews suggest DeepSeek is an impressive competitor to ChatGPT, showing what can be achieved through intelligent, resource-conscious design.

This focus on efficiency resonates with my work on energy-conscious innovations at the TWAIN Working Group (TWG). It’s thrilling to collaborate on designing intelligent AI systems while having a meaningful, positive impact on our planet—a trifecta that aligns with my professional and personal values.

One of TWG’s key initiatives is our integration of TWAIN Direct and PDF/R technologies into RISC-V CPU chips. This enables document scanners to operate independently of external computers, reducing the need for additional CPUs, RAM, and energy. With these technologies embedded directly into IoT devices, we can develop smarter systems that consume less power. For instance, machine learning models can train in the cloud to recognize document patterns and classifications, then push those models down to the RISC-V chip for on-device classification. This approach minimizes data transmission to the cloud and enhances energy efficiency, while continuously improving through feedback loops.

Another exciting project is the addition of JPEG-XL to the PDF/R specification. Our recent white paper, The Benefits of Adding JPEG-XL to the ISO PDF Standard and PDF/Raster,” highlights how this advanced compression format reduces file sizes, conserves storage, streamlines transmission, and encourages digital collaboration over print.

These initiatives are part of a broader strategic objective: providing secure content collaboration solutions. While this challenge might seem solved, it’s an ongoing process of innovation to combat cyber threats and ensure content authenticity, provenance, and transparency. TWG has developed reference platforms for secure documents, integrating blockchain hashing for document verification, C2PA standards for content authenticity, and advanced access controls with biometric and multifactor authentication. These solutions span various types of digital content, from photos and videos to PDF files produced by TWAIN Direct scanners.

Putting all of this together offers us all the promise that A.I. can provide, encourages safe, secure and authentic digital collaboration and, which is of great importance, converses energy so that we can all live our best lives and provide a healthy planet Earth for future generations.

With so many groundbreaking projects underway, the TWAIN Working Group and P3iD Technologies welcome anyone interested to join us. Whether you want to dip your toes in or dive in head-first, there’s a place for you in this journey of innovation.

Capture & IDP Conference 2023 – TWAIN Working Group

Posted on by
Reply

It was a great honor for me to represent the @TWAIN Working Group at the Infosource Capture & IDP Conference last week in Chicago. I provided an update to the attendees on “Monetizing TWAIN Direct” with some examples of Use Cases for Generative AI, Conversational AI and Document Processing AI with TWAIN Direct. Then I shared our success with TWAIN Direct Developers Day in Safety Harbor, Florida as well as the TWAIN Direct ISV Showcase Series webinars. Finally, I thanked our valued member companies and encouraged membership to be part of the Digital Transformation AI future with TWAIN!

At the Infosource Capture & IDP Conference last week, I shared some real Artificial Intelligence use cases for TWAIN Direct. I was having some fun with the TWAIN acronym, to get the audiences attention and to fit in with the theme of AI, but I was also very serious about incorporating various techniques of AI including Generative AI, Conversational AI, and Document Processing/Analytics AI to illustrate the strategic importance of TWAIN Direct to the AI ecosystem

One of the TWAIN Working Group highlights I shared at the Infosource Capture & IDP Conference last week, was TWAIN Direct Developers Day (TD-DD). TD-DD was a terrific and energy-filled day of seeing TWAIN Direct in action. In one day software developers were able to get a functioning TWAIN Direct document scanning application working. Some feedback included: “Integration of TWAIN Direct was simple and easy”, “There was a good vibe at Developers Day” and “The partner ecosystem and ISV solutions for TWAIN Direct are really impressive”. We will be hosting another Developers Day in Spring 2024 so please send me a message for more details.

Fitting directly in the theme of my presentation of “Monetizing TWAIN Direct” at the Infosource Capture & IDP Conference last week, was sharing the TWAIN Direct ISV Showcase Series. This ongoing webinar series, hosted by the TWAIN Working Group, included various topics such as cybersecurity, cashflow management, content management, file conversion, capture, and more, featuring our growing ecosystem of software partners and integrations. Please send me a message if you’d like to be included in future TWAIN Direct ISV Showcase Series webinars.

As a non-profit organization, the TWAIN Working Group is supported by our valued member companies. At the @Infosource Capture & IDP Conference last week, many were in attendance including Atalasoft/Kofax, Epson, Kodak Alaris, PFU, P3iD Technologies and Visioneer. Since TWAIN is an open-source specification, our organization is selling nothing and charges no commercial licensing fees. Our only motivation is to provide a solid industry-leading and accepted standard for scanning device-to-software application communication. I’m pleased to share that at the Conference, the state of document scanning with TWAIN Direct has a very bright future and each opportunity means tangible business for one, or many, of our valued member companies.

Layering Security is easy, effective and affordable so there is no excuse for a data breach

Posted on by
Reply

There was a day and age not so long ago that I might have a little compassion for a data breach, but there is ABSOLUTELY no longer any excuse for these sorts of things to happen. From a technological perspective there is no reason why organizations of all sizes can’t easily implement a highly-effective, yet also affordable cyber Layer Security and Bring Your Own Security (BYOS) strategy. Below I will illustrate these layers of security with specific examples of how modern technology could possibly have greatly reduced data security risk or eliminated a data security breach altogether.

Complications of data security becomes Easier: The compassion I once had for an unintentional oversight for a data security comes from personal past experience as a network administrator when managing IT security was overwhelming complicated. IT Security was, and still is, complicated because there are so many areas of potential exposure in today’s always-on, internet-connected, reality. It’s not easy to stay informed on the rapidly evolving security technologies available these days and I can appreciate this daunting challenge.

No longer should it be so complicated to implement a solid cyber security strategy with simple dashboards where administrators can easily establish, manage and control their entire multi-cloud environment, including on-premise storage, through one simple interface. The challenge of learning each individual cloud ecosystems terminology, back-end configuration as well managing user access can be delivered in a simple to understand Management Console dashboard. So ‘complicated technology’ is eliminated as any excuse for a data breach.

Laying security provides an Effective defense: Historically, there always have been silos of outstanding security products where organizations can build various layers of cyber security but these proved to be challenging for several reasons. This layering involved using different vendors which meant different business contracts with each, or it meant that each vendor was at a different phase of their product life-cycles or the interoperability between the systems wasn’t smooth or flaky at best.

However, using modern and innovative security solutions that are tightly integrated with many layers of security methods — bordering on the verge of ‘paranoid’ levels — makes it much easier for network administrators to address many of these areas of data exposure risks. Nowadays implementing a fully integrated, end-to-end IoT security layered platform from device to storage literally takes only minutes. This Security-as-a-Service technology leaves all the magic of these secure layers to the back-end system automation where the administrators or users themselves never have to get involved. This highest level of security paranoia just simply happens without worry so providing a fully layered security stack of technology. No longer is there any excuse for a data breach because these layers do not consist of many disconnected parts; it’s simply one secure IoT platform.

Enterprise Security commoditized and now Affordable for everyone: ‘The Cloud’ has, unquestionably, delivered on the great promise of bringing technology and services which were once only affordable to large enterprise customers and now to organizations of all sizes. This is a shared cost of the cloud economy business model. For example, Salesforce delivers enterprise level CRM services, Amazon delivers enterprise Web Services (AWS) infrastructure and Google provides enterprise class business applications, all at great scale and with the highest levels of reliability. The common denominator where these companies can offer such enterprise services at such affordable costs is that ‘the cloud’ allows everyone to share in the costs, yet also share in the benefits. The same concept of offering enterprise grade salesforce automation, infrastructure services and business applications can now be applied to an Enterprise Data Security strategy which is affordable for everyone. For this reason, that traditionally enterprise class security was only available to organizations with large spending budgets is absolutely not an excuse for a data breach.

Now that we’ve taken a look at three factors which eliminate any excuse for a potential data breach, let’s take a look at each layer in a bit more detail and cite a recent example.

  • Bring your Own, always-on, data Encryption

Data breaches are not always the result of some nefarious black-hat hacker trying to steal your most sensitive corporate data. Sometimes honest mistakes happen such as is the case where the Pentagon exposed some of its data on Amazon server(1). This is an example where the complications of a Data Security implementation were overlooked or ignored. In this particular case anyone that had an Amazon Web Services account had access to the data stored because of a misconfiguration. It’s not that the technology wouldn’t have worked but there are just simply too many honest ways to misconfigure security settings.

This would not have happened if the Pentagon had implemented encryption security that wasn’t tied exclusively with Amazon’s Web Service user accounts and brought their own data encryption technology while still using the exact same Amazon S3 storage system they are currently utilize so no change in workflow. They could just have automatically enforced an encrypted secure strategy with technology that is not optional, it’s always-on as a default and cannot be misconfigured.

  • Virtual, non-Physical, Key Encryption System

Another example of most likely an honest mistake is where Uber Got Hacked Because It Left Its Security Key Out In Public(2) and the consequences are wide ranging where now Uber Is Already Getting Sued Over Its Gigantic Data Breach.(3) In this particular situation the traditional approach of using password security ‘keys’ led directly to a ransom demand, and consequent payment, to a nefarious hacker. Using traditional security key management methodology, password ‘keys’ are similar to a username/password combination or a physical software ‘key’ file that locks (encrypts) and unlocks (decrypts) files or your car door. The risk is that with a physical asset and storing ‘keys’ in this manner, there exists the possibility of exposure no matter how safe an organization attempts to store these keys. It’s like if you left the keys to your front door on the front porch of your home.

With a modern, cloud-first, approach there would be no physical key to compromise, and thus further reduce risk data breach exposure. While keys are still necessary to encrypt and decrypt files, the idea of physical keys should be a thing of the past. Ideally the keys should be only temporary used in memory and then instantly destroyed when not needed. This is the best approach available and can be achieved when people seriously consider new types of innovation instead of the standard ‘herd mentality’ by just continuing to do things as they’ve always been done. The golden rule should be that you can’t break what’s not there.

  • Biometrics Multi-Factor Authentication

Other times the technology itself exposes risks as was the case with Western Digital (WD) where it was suggested from SEC Consult Vulnerability Lab as a Top tip: Unplug your WD My Cloud boxen – now(4). Western Digital provides network-attached storage (NAS) solutions and an easy way to use these WD devices is through a web interface. In this particular breach it was verified that there is a known vulnerability where hackers can bypass username/password authentication and get direct access to the root file system and all the data stored on these NAS devices.

Nowadays nearly all mobile phones and even computers have cameras and microphones. Facial and Voice Recognition are becoming more mainstream with the likes of Amazon Alexa, Google Voice and Microsoft Cortana and technology exists where users can easily register their face and/or voice as another form of user authentication. In this case, a second form of authentication, instead of just only username/password authentication, such as Face or Voice would have prevented unauthorized access to the data on these devices. Also, while passwords might be easily guessed if not using a strong password, face and voice is much harder to duplicate. Today’s modern technology can allow a user to register their Face or Voice in just a few minutes and further reduce the risk of a potential data breach with this multi-factor authentication approach to an overall cyber security strategy.

  • Strip files of their digital identity and store in a manner safe even when stolen

Lastly, when all else fails, such as where Oxford and Cambridge Club data breach: 5,000 members’ data compromised after backup hard drive stolen(5) then you have to be assured that these nefarious hackers can’t understand your data even when they are in physical possession of the content. Just assume an absolute worst-case scenario where (a) multi-factor authentication was circumvented, (b) unauthorized data decryption was achieved with brute force and (c) the hacker was in physical possession of your content where you can’t erase or take any counter-measures. In this case you certainly don’t want your files to appear as recognizable files such as a PDF medical record, a legal agreement document or a financial spreadsheet.

So how can you achieve this? Using innovative security technology, you would strip these PDF, DOCX or XLXS files of their digital identity, meaning absolutely no metadata about the objects themselves is available to the hacker. No obvious file extensions such as ‘.pdf’ are ever exposed. Then filenames themselves are cleansed of their real name such as ‘credit card numbers.xls’ and each object is split into completely random folders/sub-folders and files which render these items completely unusable to the hackers. In fact, to ensure a security level past the paranoid level a single object can be striped across multiple backend storage systems to provide a true hybrid storage solution.

In summary, I hope that you can appreciate that implementing an innovative, modern, cloud-first, Bring Your Own Security (BYOS) data security strategy provides no excuse for breaches. In a perfect world a combination of all the above layers of security which fits seamlessly into existing user workflows, that is easy to implement from a technical perspective and is affordable to everyone is cyber security euphoria.

I would not want to be the next person or organization that has to deal with one of these security breaches when the technology is available to avoid such disaster. There are two distinctly different ROI’s from my perspective. The obvious ROI is ‘Return on Investment’ by using technology to improve business process to enhance productivity, decrease operational costs and create a competitive advantage which is rather easy to measure. And then there is the second, not so obvious ROI, which is reduced ‘Risk of Investigation’ through a lax data security strategy. I just wish during my personal experience as a network administrator that the technology existed which would provide the maximum ROI to both extremes. The bottom line is that a sound cyber security strategy is the responsibility of everyone in an organization from CEO, CFO, CIO, CTO, employees to partners and providers so everyone must careful consider and participate in securing data. There is simply no excuse for a data breach.

References:

1. Pentagon exposed some of its data on Amazon server

2. Uber Got Hacked Because It Left Its Security Key Out In Public

3. Uber Is Already Getting Sued Over Its Gigantic Data Breach

“Uber failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach,”

4. Top tip: Unplug your WD My Cloud boxen – now

5. Oxford and Cambridge Club data breach: 5,000 members’ data compromised after backup hard drive stolen