AI Art Can't Be Copyrighted

AI Art Can't Be Copyrighted — independent reviews, comparisons, pricing and step-by-step guides on Aizhi.

HTK Limited

HTK Limited is a software-as-a-service company that provides mobile phone messaging and IVR services. Founded in 1996, HTK is headquartered in Ipswich, Suffolk, UK. HTK provide mass notification services. Specifically, the "Police Direct" messaging service to Suffolk and Norfolk Constabularies. In 2010 the HTK Horizon SaaS platform was selected by the Scottish Environment Protection Agency (SEPA) for their Floodline Warnings Direct service. == History == HTK was founded in 1996 by Marlon Bowser and Adrian Gregory and from the outset focused on what has now become commonly known as Software-as-a-Service. in 2004, according to the Deloitte Fast 50 (UK), HTK was the 17th fastest growing company in the East of England. In 2005 The Times listed HTK 65th nationally and 4th in the East of England in the Sunday Times & Microsoft "Tech Track 100" awards. In 2009 the company was approved as a supplier to UK Government under a new framework agreement. In 2010 HTK launched version 2.2 of its Horizon platform, with a feature set that signals a shift from mass notification into the customer service automation market.
Read more →
Frictionless sharing

Frictionless sharing refers to the transparent or automatic dissemination of user activity across social media platforms, typically without requiring explicit action from the user each time content is shared. The concept gained prominence in 2011 after Mark Zuckerberg announced a series of new features for Facebook at the F8 developers conference, framing the changes as enabling “real-time serendipity in a friction-less experience.” == History and concept == Before 2011, the term “frictionless sharing” was occasionally used in academic and technical contexts to describe sharing of resources with minimal effort, such as through social bookmarking or Creative Commons licensing to reduce barriers to reuse of research data. The concept took on a broader cultural meaning when Facebook introduced its Timeline interface and new “social apps” in 2011. These features enabled third-party applications to automatically publish user activity to the platform—effectively shifting sharing from a deliberate act to a passive process. For example, integrating music streaming service Spotify meant that any song a user listened to could automatically appear in a Facebook “Ticker,” allowing friends to see the activity and click through to play the song themselves. == Zuckerberg’s vision == Zuckerberg articulated a vision of a Web in which sharing occurs by default rather than by choice: “You read, you watch, you listen, you buy—and everyone you know will hear all about it on Facebook.” This “frictionless” model assumes ongoing consent after an initial opt-in. Once users connect an app to their profile, any future activity with that app may be automatically shared. This shift from intentional posting to ambient sharing represented a significant evolution in how personal data is distributed online. == Criticism and debate == Many commentators and users have raised concerns about frictionless sharing. While some criticism centers on online privacy, others focus on how automatic updates can flood news feeds and erode the social value of sharing. Critics argue that when sharing becomes automatic, it dilutes the personal curation that makes social media exchanges meaningful. According to Slate, this approach risks “killing taste,” because users typically choose to share only select content they find worth highlighting, rather than everything they consume. AL.com similarly observed that the frictionless model encourages over-sharing, overwhelming both users and their networks with minor or trivial activities. For example, integrating multiple platforms—such as Twitter, Foursquare, Pinterest, Spotify, and others—can create an incessant stream of updates that some users may find intrusive or irritating. This can lead to what critics describe as “narcissistic” or noisy timelines, potentially undermining the “social” nature of social media. == Business model and data implications == For Facebook, frictionless sharing offers clear business advantages. More frequent and detailed sharing provides valuable data that can be used to refine targeted advertising and personalize content delivery. The model also encourages users to spend more time on the platform, reinforcing its position as a central hub of online social activity. Other technology companies have experimented with similar approaches. Google has introduced forms of cross-platform integration that facilitate automatic activity sharing, though with a more explicit opt-in structure compared to Facebook. This approach has been described as “friction with consent,” allowing users to manually enable or disable integrations on a per-service basis.
Read more →
KKday

KKday is an online travel e-commerce platform focused on connecting independent travelers with authentic, curated local experiences, tours, activities, and attraction tickets. == History == KKday was founded in 2014 in Taipei, Taiwan, by CEO Ming Chen, who previously started and led both Star Travel and Ezfly to IPO. In March of 2016, the company raised US$4.5 million in a Series A round led by AppWorks Ventures with participation by 91Capital. The raise allowed KKday to open offices and expand into Hong Kong, Japan, South Korea and Singapore by 2016. By the end of 2016, KKday offered over 6,000 travel experiences across 53 countries and 174 cities, marking early international expansion with its official launch in Singapore in October 2016, accompanied by promotional campaigns to attract regional users. Expansion into Malaysia, Thailand, Vietnam and the Philippines continued throughout 2017 and into 2018, with the company opening offices in Indonesia and mainland China. KKday rapidly expanded its inventory, reaching over 10,000 experiences in more than 500 cities across 80 countries by 2018, with key markets in Taiwan, Hong Kong, and South Korea. In February 2018, KKday raised $10.5 million in a funding round led by Japanese travel giant H.I.S., allowing integration with larger travel networks and further global growth. Forbes reports that by the end of 2018, the company operated in 11 countries and regions, employed around 400 staff, and recorded over 4 million weekly website views with more than 1 million app downloads. A combination of a Japanese and South Korean trade dispute, along with the Covid-19 pandemic in 2020, lead KKday to pivot quickly toward domestic staycations and local experiences while initially raising $70m in their Series C which, was later extended to $95m. The Series C funds were partially used to accelerate and expand Rezio. Launched in 2019, Rezio is KKday's B2B SaaS booking management platform for travel providers, allowing them to track inventory, manage reservations and sell tickets. FineDayClub was launched in 2020 by KKday as a personalized luxury subscription travel service to cater to high end clients. KKday’s CFO, Jenny Tsai pivoted to lead KKday’s new venture. KKday was able to successfully navigate and adapt to travel patterns during the Covid-19 pandemic by reducing user acquisition costs by two thirds and focusing on domestic travel experiences to drive bookings and revenue. KKday was particularly successful in Vietnam, with bookings increased by 2,000% through 2022 and the company's travel operator platform Rezio, onboarding over 1,200 operators inside the country. In 2021, KKday acquired Activity Japan, a domestic focused travel company, founded by Kimiharu Obuchi in 2014. The successful acquisition, a key factor in KKday’s rapid expansion in the Japanese market, was facilitated by H.I.S., a common early investor in both platforms. In 2023 KKday inked a partnership with Rail Europe to create an all-in-one platform for 150 rail lines over 33 European countries with the intent of increasing ridership across Europe. In late 2024, KKday completed its Series D at $70M, bringing the total amount of capital raised to over $250M. The funds are to be earmarked for continued global expansion, artificial intelligence integration and enhanced partnerships, similar to the partnership with Tablelog, which now allows users to book restaurant reservations at 42,000 restaurants in Japan through the platform. == Platform == KKDay is an e-commerce online travel agency operating in 92 countries with over 350,000 travel experiences available for booking. The company started with focus on authentic local travel experiences in the Asian Pacific market and has expanded to a more global focus. KKday connects travelers with travel services and experiences such as attraction tickets, theme parks, cultural experiences, and seasonal events. KKday has positioned itself as an all-in-one travel super app with booking for hotels, rental cars, flights, sim cards, rail passes, dining and tickets. === Rezio === Rezio is a cloud-based SaaS booking management platform developed by KKday specifically for tour operators, activity providers, and attractions in the travel industry. It serves as an all-in-one system designed to help these businesses digitize their operations, particularly those previously relying on offline processes. Features include a mobile app for on-the-go order management, customer information checks, and voucher scanning, as well as channel management, analytics for customer data, and integrations with multiple OTAs and payment providers. Unlike KKday, which is an OTA marketplace for consumer exposure (with commissions), Rezio focuses on backend operations for suppliers, allowing brand independence, operational efficiency, and direct customer relationships while optionally connecting to OTAs like KKday. Rezio supports over 5,000 merchants, 30,000 experiences, and 10 million travelers worldwide, with a strong presence in Asia. One of the brands successful implementations was at the Nikko Toshogu Shrine where Rezio was implemented to help with long lines and wait times due to over-tourism. The shrine was able to implement the inventory management features to allow online booking and cashless payments onsite. === FineDayClub === FineDayClub is a membership-based travel concierge service launched in late 2020 by KKday. It is aimed at families, and organizations seeking customized travel experiences. It offers one-on-one advisory services. === ActivityJapan === ActivityJapan is a Japanese comprehensive online travel site that specializes in authentic Japanese travel experiences. It was purchased by KKday in 2021 but continues to operate independently.
Read more →
MADI

Multichannel Audio Digital Interface (MADI) standardized as AES10 by the Audio Engineering Society (AES) defines the data format and electrical characteristics of an interface that carries multiple channels of digital audio. The AES first documented the MADI standard in AES10-1991 and updated it in AES10-2003 and AES10-2008. The MADI standard includes a bit-level description and has features in common with the two-channel AES3 interface. MADI supports serial digital transmission over coaxial cable or fibre-optic lines of 28, 56, 32, or 64 channels; and sampling rates to 96 kHz and beyond with an audio bit depth of up to 24 bits per channel. Like AES3 and ADAT Lightpipe, it is a unidirectional interface from one sender to one receiver. == Development and applications == MADI was developed by AMS Neve, Solid State Logic, Sony and Mitsubishi and is widely used in the audio industry, especially in the professional audio sector. It provides advantages over other audio digital interface protocols and standards such as AES3, ADAT Lightpipe, TDIF (Tascam Digital Interface), and S/PDIF (Sony/Philips Digital Interface). These advantages include: Support for a greater number of channels per line Use of coaxial and optical fiber media that support transmission of audio signals over 100 meters, up to 3000 meters over multi-mode and 40,000 meters over single-mode optical fiber The original specification (AES10-1991) defined the MADI link as a 56-channel transport for linking large-format mixing consoles to digital multitrack recording devices. Large broadcast studios also adopted it for routing multi-channel audio throughout their facilities. The 2003 revision (AES10-2003) adds a 64-channel capability by removing varispeed operation and supports 96 kHz sampling frequency with reduced channel capacity. The latest AES10-2008 standard includes minor clarifications and updates to correspond to the current AES3 standard. Audio over Ethernet of various types is the primary alternative to MADI for transport of many channels of professional digital audio. == Transmission format == MADI links use a transmission format similar to Fiber Distributed Data Interface (FDDI) networking. Since MADI is most often transmitted on copper links via 75-ohm coaxial cables, it more closely compares to the FDDI specification for copper-based links, called CDDI. AES10-2003 recommends using BNC connectors with coaxial cables and SC connectors with optic fibers. MADI over fibre can support a range of up to 2 km. The basic data rate is 100 Mbit/s of data using 4B5B encoding to produce a 125 MHz physical baud rate. Unlike AES3, this clock is not synchronized to the audio sample rate, and the audio data payload is padded using JK sync symbols. Sync symbols may be inserted at any subframe boundary, and must occur at least once per frame. Though the standard disassociates the transmission clock from the audio sample rate, and thus requires a separate word clock connection to maintain synchronization, some vendors do give the option of locking to parts of the transmission timing information for purposes of deriving a word clock. The audio data is almost identical to the AES3 payload, though with more channels. Rather than letters, MADI assigns channel numbers from 0–63. Frame synchronization is provided by sync symbols outside the data itself, rather than an embedded preamble sequence, and the first four time slots of each sub-channel are encoded as normal data, used for sub-channel identification: Bit 0: Set to 1 to mark channel 0, the first channel in each frame Bit 1: Set to 1 to indicate that this channel is active (contains interesting data) Bit 2: notA/B channel marker, used to mark left (0) and right (1) channels. Generally, even channels are A and odd channels are B. Bit 3: Set to 1 to mark the beginning of a 192-sample data block == Sampling frequency == The original AES10-1991 specification allowed 56 channels at sample rates from 32 to 48 kHz with an additional vari-speed range of ± 12.5%. This leads to a total range of 28 to 54 kHz. At the highest frequency, this produces a total of 56 × 32 × 54 = 96768 kbit/s, leaving 3.232% of the channel for synchronization marks and transmit clock error. The 2003 revision specifies different relations between sampling frequency and number of channels. 32 kHz to 48 kHz ± 12.5%, 56 channels; 32 kHz to 48 kHz nominal, 64 channels; 64 kHz to 96 kHz ± 12.5%, 28 channels. With a 48 kHz sampling frequency, 64 channels take 64 × 32 × 48000 = 98.304 Mbit/s. Adding the minimum 8 × 58 kbit/s of framing produces 98688 bit/s, leaving 1.312% free for timing variation and other overhead. Both versions of the standard accommodate higher sampling frequencies (for example, 96 kHz or 192 kHz) by using two or more channels per audio sample on the link.
Read more →
Image-based modeling and rendering

In computer graphics and computer vision, image-based modeling and rendering (IBMR) methods rely on a set of two-dimensional images of a scene to generate a three-dimensional model and then render some novel views of this scene. The traditional approach of computer graphics has been used to create a geometric model in 3D and try to reproject it onto a two-dimensional image. Computer vision, conversely, is mostly focused on detecting, grouping, and extracting features (edges, faces, etc.) present in a given picture and then trying to interpret them as three-dimensional clues. Image-based modeling and rendering allows the use of multiple two-dimensional images in order to generate directly novel two-dimensional images, skipping the manual modeling stage. == Light modeling == Instead of considering only the physical model of a solid, IBMR methods usually focus more on light modeling. The fundamental concept behind IBMR is the plenoptic illumination function which is a parametrisation of the light field. The plenoptic function describes the light rays contained in a given volume. It can be represented with seven dimensions: a ray is defined by its position ( x , y , z ) {\displaystyle (x,y,z)} , its orientation ( θ , ϕ ) {\displaystyle (\theta ,\phi )} , its wavelength ( λ ) {\displaystyle (\lambda )} and its time ( t ) {\displaystyle (t)} : P ( x , y , z , θ , ϕ , λ , t ) {\displaystyle P(x,y,z,\theta ,\phi ,\lambda ,t)} . IBMR methods try to approximate the plenoptic function to render a novel set of two-dimensional images from another. Given the high dimensionality of this function, practical methods place constraints on the parameters in order to reduce this number (typically to 2 to 4). == IBMR methods and algorithms == View morphing generates a transition between images Panoramic imaging renders panoramas using image mosaics of individual still images Lumigraph relies on a dense sampling of a scene Space carving generates a 3D model based on a photo-consistency check
Read more →
Attention inequality

Attention inequality is the inequality of distribution of attention across users on social networks, people in general, and for scientific papers. Yun Family Foundation introduced "Attention Inequality Coefficient" as a measure of inequality in attention and arguments it by the close interconnection with wealth inequality. == Relationship to economic inequality == Attention inequality is related to economic inequality since attention is an economically scarce good. The same measures and concepts as in classical economy can be applied for attention economy. The relationship develops also beyond the conceptual level—considering the AIDA process, attention is the prerequisite for real monetary income on the Internet. On data of 2018, a significant relationship between likes and comments on Facebook to donations is proven for non-profit organizations. == Attention economy == The attention economy refers to the practice of maximizing the attention users give to a product for advertising-related reasons. Attention economy remains one of the most common forms of advertising, and has been steadily increasing thanks to new technologies such as television, internet and social media. It is one of the most widely-used approaches to economy for its effectiveness for maximising the noticeability of a certain product. == Attention inequality in social media == In social media, attention inequality refers to the unequal distribution of users' attention on social media platforms. This means that instead of an equal distribution of attention, fewer sources receive a disproportionate share of attention, leaving many unnoticed. This phenomenon is possibly the result of social media algorithms, which are commonly designed to drive maximum engagement. This phenomenon is a large factor in the polarization and creation of echo-chambers. Social media algorithms tend to note content that is already performing well and display it to more users, while content that is equally engaging or well-made is not recommended to users. Posts that trigger strong emotions usually out-perform more "uncontroversial" content. When many users interact with the post, it signals the algorithm that the specific post drives engagement. The algorithm then tends to recommend that type of content to an exponential number of people, potentially outperforming "un-emotional" content. These factors, when combined, tend to create an unequal social media environment. == Attention inequality in science == According to a recent 2025 study about research inequality among scientists published in Information Processing and Management, scientific discourse is restricted to a small group of connected scientists, and is frequently not an accurate representation of the whole scientific community. Using citation-network analysis in the fields of nanoscience and chemical physics, the study claims that a group of connected scientists has a significant notability in the scientific community. The calculated connection strength between these scientists is estimated to be about 4.5, the study also says that these authors cite each other four times more often than would be predicted in a random network, whereas ordinary scientists that exist outside of this group only reach an estimated connection strength of 0.9. The study findings suggest that that scientific attention is not distributed by merit, but rather by the connectedness of the scientists involved in the research. == Extent == As data of 2008 shows, 50% of the attention is concentrated on approximately 0.2% of all hostnames, and 80% on 5% of hostnames. The Gini coefficient of attention distribution lay in 2008 at over 0.921 for such commercial domains names as ac.jp and at 0.985 for .org-domains. The Gini coefficient was measured on Twitter in 2016 for the number of followers as 0.9412, for the number of mentions as 0.9133, and for the number of retweets as 0.9034. For comparison, the world's income Gini coefficient was 0.68 in 2005 and 0.904 in 2018. More than 96% of all followers, 93% of the retweets, and 93% of all mentions are owned by 20% of Twitter. == Causes == At least for scientific papers, today's consensus states that inequality is unexplainable by variations of quality and individual talent. The Matthew effect plays a significant role in the emergence of attention inequality—those who already enjoy large amounts of attention get even more attention, and those who do not lose even more. Ranking algorithms based on relevance to the user have been found to alleviate the inequality of the number of posts across topics.
Read more →
Texas House Bill 20

An Act Relating to censorship of or certain other interference with digital expression, including expression on social media platforms or through electronic mail messages, also known as Texas House Bill 20 (HB20), is a Texas anti-deplatforming law enacted on September 9, 2021. It prohibits large social media platforms from removing, moderating, or labeling posts made by users in the state of Texas based on their "viewpoints", unless considered illegal under federal law or otherwise falling into exempted categories. It also requires them to make various public disclosures relating to their business practices (including the impact of algorithmic and moderation decisions on the content that is delivered to users). The bill is part of a wider array of Republican-backed legislation seeking to prohibit the censorship of political speech, based on allegations that the moderation policies of large social media platforms are not politically neutral. It has been challenged in NetChoice, LLC v. Paxton, and is currently the subject of a circuit split between the Fifth Circuit, and a decision by the Eleventh Circuit that struck down a similar bill in the state of Florida. In September 2023, the U.S. Supreme Court agreed to hear NetChoice v. Paxton jointly with NetChoice v. Moody on questions of whether the Florida and Texas state laws are in compliance with the 1st Amendment. == Content == The law applies to "social media platforms" that serve users in the state of Texas, and have more than 50 million monthly active users in the United States. They are defined as any public internet website or application that allows users to "communicate with other users for the primary purpose of posting information, comments, messages, or images", excluding internet service providers, electronic mail, and services where communication features are "incidental to, directly related to, or dependent on" content that is pre-selected by the operator. In the bill, to "censor" is defined as to "block, ban, remove, deplatform, demonetize, de-boost, restrict, deny equal access or visibility to, or otherwise discriminate against" expression. The law prohibits social media platforms from "censoring on the basis of user viewpoint, user expression, or the ability of a user to receive the expression of others", or on the basis of a user's geographic location in Texas. This includes removal or labeling posts with warnings and disclaimers. Social media platforms may only censor content if it is unlawful, they are "specifically authorized" to do so by federal law, based on requests from "an organization with the purpose of preventing the sexual exploitation of children or protecting survivors of sexual abuse from ongoing harassment", or "directly incites" criminal activity or contains threats of violence against persons based on protected categories. It is disputed over whether this provision is actually enforceable, as it may be preempted by Section 230 of the Communications Decency Act (which states that the operators of interactive computer services are not responsible for the actions of their users). Social media platforms must make public disclosures regarding the algorithmic techniques and moderation polices that are used to determine the content provided to users, must publish a compliant acceptable use policy (AUP), and must publish a biannual transparency report containing specific details on all actions made by the service regarding the moderation of users and content. The law also prohibits email providers from "intentionally imped[ing] the transmission of another person's electronic mail message based on the content." == Legislative history == Texas Governor Greg Abbott signed the bill into law on September 9, 2021. Democrat-proposed amendments excluding Holocaust denial, terrorism content, and vaccine misinformation from the bill were rejected. Following a suit by the industry groups Computer & Communications Industry Association (CCIA) and NetChoice, NetChoice, LLC v. Paxton, the bill was blocked by U.S. District Judge Robert Pitman in December 2021, on First Amendment grounds. Texas appealed to the United States Court of Appeals for the Fifth Circuit. Judges Edith Jones, Andrew Oldham, and Leslie H. Southwick, lifted the injunction on May 11, 2022, but the decision was appealed to the Supreme Court which suspended the bill pending a full review in the Fifth Circuit. On September 16, 2022, the Fifth Circuit reversed the injunction, allowing the bill to take effect; Judge Oldham stated that the bill "chills censorship" and "does not chill speech", and accused the plaintiffs of "attempt[ing] to extract a freewheeling censorship right from the Constitution's free speech guarantee. The Platforms are not newspapers. Their censorship is not speech." Southwick dissented, stating that "we are in a new arena, a very extensive one, for speakers and for those who would moderate their speech. None of the precedents fit seamlessly." The CCIA and NetChoice requested a stay on the ruling and that the case be taken to the Supreme Court, arguing that the reversal conflicts with an Eleventh Circuit decision in NetChoice v. Moody which struck down a similar anti-moderation bill imposed by the state of Florida. On October 12, 2022, the Fifth Circuit granted the stay.
Read more →
Glossary of operating systems terms

This page is a glossary of Operating systems terminology. == A == access token: In Microsoft Windows operating systems, an access token contains the security credentials for a login session and identifies the user, the user's groups, the user's privileges, and, in some cases, a particular application. == B == binary semaphore: See semaphore. booting: In computing, booting (also known as booting up) is the initial set of operations that a computer performs after electrical power is switched on or when the computer is reset. This can take tens of seconds and typically involves performing a power-on self-test, locating and initializing peripheral devices, and then finding, loading and starting the operating system. == C == cache: In computer science, a cache is a component that transparently stores data so that future requests for that data can be served faster. The data that is stored within a cache might be values that have been computed earlier or duplicates of original values that are stored elsewhere. cloud: Cloud computing operating systems are recent, and were not mentioned in Gagne's 8th Edition (2009). In contrast, by Gagne's 9th (2012), cloud o/s received 3 pages of coverage (41, 42, 716). Doeppner (2011) mentions them (p. 3), but only to prove that operating systems "are not a solved problem" and that even if the day of the dedicated PC is waning, cloud computing has created an entirely new opportunity for o/s development ala sharing, networks, memory, parallelism, etc. Gagne (2012) adds that in addition to numerous traditional o/s's at cloud warehouses, Virtual machine o/s (VMMs), Eucalyptus, Vware, vCloud Director and others are being developed specifically for cloud management with numerous traditional o/s features (security, threads, file and memory management, guis, etc.) (p. 42). Microsoft's investment in cloud aspects of o/s tend to support that argument. concurrency == D == daemon: Operating systems often start daemons at boot time and serve the function of responding to network requests, hardware activity, or other programs by performing some task. Daemons can also configure hardware (like udevd on some Linux systems), run scheduled tasks (like cron), and perform a variety of other tasks. == E == == F == == G == == H == == I == == J == == K == kernel: In computing, the kernel is a computer program that manages input/output requests from software and translates them into data processing instructions for the central processing unit and other electronic components of a computer. The kernel is a fundamental part of a modern computer's operating system. == L == lock: In computer science, a lock or mutex (from mutual exclusion) is a synchronization mechanism for enforcing limits on access to a resource in an environment where there are many threads of execution. A lock is designed to enforce a mutual exclusion concurrency control policy. == M == mutual exclusion: Mutual exclusion is to allow only one process at a time to access the same critical section (a part of code which accesses the critical resource). This helps prevent race conditions. mutex: See lock. == N == == O == == P == paging daemon: See daemon. process == Q == == R == == S == semaphore: In computer science, particularly in operating systems, a semaphore is a variable or abstract data type that is used for controlling access, by multiple processes, to a common resource in a parallel programming or a multi user environment. == T == thread: In computer science, a thread of execution is the smallest sequence of programmed instructions that can be managed independently by an operating system scheduler. The scheduler itself is a light-weight process. The implementation of threads and processes differs from one operating system to another, but in most cases, a thread is contained inside a process. templating: In an o/s context, templating refers to creating a single virtual machine image as a guest operating system, then saving it as a tool for multiple running virtual machines (Gagne, 2012, p. 716). The technique is used both in virtualization and cloud computing management, and is common in large server warehouses. == U == == V == == W == == Z ==
Read more →
Psychology of reasoning

The psychology of reasoning (also known as the cognitive science of reasoning) is the study of how people reason, often broadly defined as the process of drawing conclusions to inform how people solve problems and make decisions. It overlaps with psychology, philosophy, linguistics, cognitive science, artificial intelligence, logic, and probability theory. Psychological experiments on how humans and other animals reason have been carried out for over 100 years. An enduring question is whether or not people have the capacity to be rational. Current research in this area addresses various questions about reasoning, rationality, judgments, intelligence, relationships between emotion and reasoning, and development. == Everyday reasoning == One of the most obvious areas in which people employ reasoning is with sentences in everyday language. Most experimentation on deduction has been carried out on hypothetical thought, in particular, examining how people reason about conditionals, e.g., If A then B. Participants in experiments make the modus ponens inference, given the indicative conditional If A then B, and given the premise A, they conclude B. However, given the indicative conditional and the minor premise for the modus tollens inference, not-B, about half of the participants in experiments conclude not-A and the remainder concludes that nothing follows. The ease with which people make conditional inferences is affected by context, as demonstrated in the well-known selection task developed by Peter Wason. Participants are better able to test a conditional in an ecologically relevant context, e.g., if the envelope is sealed then it must have a 50 cent stamp on it compared to one that contains symbolic content, e.g., if the letter is a vowel then the number is even. Background knowledge can also lead to the suppression of even the simple modus ponens inference Participants given the conditional if Lisa has an essay to write then she studies late in the library and the premise Lisa has an essay to write make the modus ponens inference 'she studies late in the library', but the inference is suppressed when they are also given a second conditional if the library stays open then she studies late in the library. Interpretations of the suppression effect are controversial Other investigations of propositional inference examine how people think about disjunctive alternatives, e.g., A or else B, and how they reason about negation, e.g., It is not the case that A and B. Many experiments have been carried out to examine how people make relational inferences, including comparisons, e.g., A is better than B. Such investigations also concern spatial inferences, e.g. A is in front of B and temporal inferences, e.g. A occurs before B. Other common tasks include categorical syllogisms, used to examine how people reason about quantifiers such as All or Some, e.g., Some of the A are not B. For example if all A are B and some B are C, what (if anything) follows? == Theories of reasoning == There are several alternative theories of the cognitive processes that human reasoning is based on. One view is that people rely on a mental logic consisting of formal (abstract or syntactic) inference rules similar to those developed by logicians in the propositional calculus. Another view is that people rely on domain-specific or content-sensitive rules of inference. A third view is that people rely on mental models, that is, mental representations that correspond to imagined possibilities. A fourth view is that people compute probabilities. One controversial theoretical issue is the identification of an appropriate competence model, or a standard against which to compare human reasoning. Initially classical logic was chosen as a competence model. Subsequently, some researchers opted for non-monotonic logic and Bayesian probability. Research on mental models and reasoning has led to the suggestion that people are rational in principle but err in practice. Connectionist approaches towards reasoning have also been proposed. Despite the ongoing debate about the cognitive processes involved in human reasoning, recent research has shown that multiple approaches can be useful in modeling human thinking. For instance, studies have found that people's reasoning is often influenced by their prior beliefs, which can be modeled using Bayesian probability theory. Additionally, research on mental models has shown that people tend to reason about problems by constructing multiple mental representations of the situation, which can help them to identify relevant features and make inferences based on their understanding of the problem. Moreover, connectionist approaches to reasoning have also gained attention, which focus on the neural network models that can learn from data and generalize to new situations. == Development of reasoning == It is an active question in psychology how, why, and when the ability to reason develops from infancy to adulthood. Jean Piaget's theory of cognitive development posited general mechanisms and stages in the development of reasoning from infancy to adulthood. According to the neo-Piagetian theories of cognitive development, changes in reasoning with development come from increasing working memory capacity, increasing speed of processing, and enhanced executive functions and control. Increasing self-awareness is also an important factor. In their book The Enigma of Reason, the cognitive scientists Hugo Mercier and Dan Sperber put forward an "argumentative" theory of reasoning, claiming that humans evolved to reason primarily to justify our beliefs and actions and to convince others in a social environment. Key evidence for their theory includes the errors in reasoning that solitary individuals are prone to when their arguments are not criticized, such as logical fallacies, and how groups become much better at performing cognitive reasoning tasks when they communicate with one another and can evaluate each other's arguments. Sperber and Mercier offer one attempt to resolve the apparent paradox that the confirmation bias is so strong despite the function of reasoning naively appearing to be to come to veridical conclusions about the world. The study of the development of reasoning abilities is an ongoing area of research in psychology, and multiple factors have been proposed to explain how, why, and when reasoning develops from infancy to adulthood. Recent research has suggested that early experiences and social interactions play a critical role in the development of reasoning abilities. For example, studies have shown that infants as young as six months old can engage in basic logical reasoning, such as reasoning about the relationship between objects and their properties. Furthermore, research has highlighted the importance of parental interaction and cognitive stimulation in the development of children's reasoning abilities. Additionally, studies have suggested that cultural factors, such as educational practices and the emphasis on critical thinking, can also influence the development of reasoning skills across different populations. == Different sorts of reasoning == Philip Johnson-Laird trying to taxonomize thought, distinguished between goal-directed thinking and thinking without goal, noting that association was involved in unrelated reading. He argues that goal directed reasoning can be classified based on the problem space involved in a solution, citing Allen Newell and Herbert A. Simon. Inductive reasoning makes broad generalizations from specific cases or observations. In this process of reasoning, general assertions are made based on past specific pieces of evidence. This kind of reasoning allows the conclusion to be false even if the original statement is true. For example, if one observes a college athlete, one makes predictions and assumptions about other college athletes based on that one observation. Scientists use inductive reasoning to create theories and hypotheses. Philip Johnson-Laird distinguished inductive from deductive reasoning, in that the former creates semantic information while the later does not . In opposition, deductive reasoning is a basic form of valid reasoning. In this reasoning process a person starts with a known claim or a general belief and from there asks what follows from these foundations or how will these premises influence other beliefs. In other words, deduction starts with a hypothesis and examines the possibilities to reach a conclusion. Deduction helps people understand why their predictions are wrong and indicates that their prior knowledge or beliefs are off track. An example of deduction can be seen in the scientific method when testing hypotheses and theories. Although the conclusion usually corresponds and therefore proves the hypothesis, there are some cases where the conclusion is logical, but the generalization is not. For example, the argument, "All young girls wear skirts; Julie is a young
Read more →
Death and the Internet

A recent extension to the cultural relationship with death is the increasing number of people who die having created a large amount of digital content, such as social media profiles, that will remain after death. This may result in concern and confusion, because of automated features of dormant accounts (e.g. birthday reminders), uncertainty of the deceased's preferences that profiles be deleted or left as a memorial, and whether information that may violate the deceased's privacy (such as email or browser history) should be made accessible to family. Issues with how this information is sensitively dealt with are further complicated as it may belong to the service provider (not the deceased) and many do not have clear policies on what happens to the accounts of deceased users. While some sites, including Facebook and X (formerly Twitter), have policies related to death, others remain dormant until if applicable, deleted due to inactivity or transferred to family or friends. The FADA (Fiduciary Access to Digital Assets Act) was set in place to make it possible to transfer digital possessions legally. More broadly, the heavy increase in social media use is affecting cultural practices surrounding death. "Virtual funerals" and other forms of previously physical memorabilia are being introduced into the digital world, complete with public details of a person's life and death. == E-mail == Gmail and Hotmail allow the email accounts of the deceased to be accessed provided certain requirements are met. Yahoo! Mail will not provide access, citing the No Right of Survivorship and Non-Transferability clause in the Yahoo! terms of service. In 2005, Yahoo! was ordered by the Probate Court of Oakland County, Michigan, to release emails of deceased US Marine Justin Ellsworth to his father, John Ellsworth. == By website == === Facebook === ==== Policies ==== In its early days, Facebook used to delete profiles of dead people, but does not anymore. In October 2009, the company introduced "memorial pages" in response to multiple user requests related to the 2007 Virginia Tech shooting. After receiving a proof of death via a special form, the profile would be converted into a tribute page with minimal personal details, where friends and family members could share their grief. In February 2015, Facebook allowed users to appoint a friend or family member as a "legacy contact" with the rights to manage their page after death. It also gave Facebook users an option to have their account permanently deleted when they die. As of January 2019, all 3 options were active. ==== Controversies ==== In 2013, BuzzFeed criticized Facebook for the lack of control over memorialization that resulted in a "Facebook death" prank aimed at locking users out of their own accounts. In 2017, Reuters reported that a German court rejected a mother's demand to access her deceased daughter's memorialized account stating that the right to private telecommunications outweighed the right to inheritance. In July 2018, Dubai's DIFC Courts ruling clarified that Facebook, Twitter and other social media accounts should be bequeathed in legally binding will. Social media networks have also been criticized for not responding to relatives' requests to alter information on memorialized accounts. Another criticism is that Facebook users often are unaware that their content is ultimately owned not by them, but by Facebook. === Dropbox === ==== Policies ==== Dropbox determines inactive accounts by looking at sign-ins, file shares, and file activity over the previous 12 months. Once an account is determined inactive, Dropbox deletes the files on the account. To request access to the account of a deceased person, heirs are required to send appropriate documents by physical mail. === Google === ==== Policies ==== In April 2013, Google announced the creation of the 'Inactive Account Manager', which allows users of Google services to set up a process in which ownership and control of inactive accounts is transferred to a delegated user. Google also allows users to submit a range of requests regarding accounts belonging to deceased users. Google works with immediate family members and representatives to close online accounts in some cases once a user is known to be deceased, and in certain circumstances may also provide content from a deceased user's account. === X (formerly Twitter) === ==== Policies ==== Until 2010, Twitter (launched in July 2006) did not have a policy on handling deceased user accounts, and simply deleted timelines of deceased users. In August 2010, Twitter allowed memorialization of accounts upon request from family members, and also provided them with an option of either deleting the account or obtaining a permanent backup of the deceased user's public tweets. In 2014, Twitter updated its policy to include an option to delete deceased user photographs. This policy was implemented after multiple Twitter trolls sent Zelda Williams, daughter of Robin Williams, photoshopped images of her father. As of January 2019, the only option that Twitter offered for the accounts of dead people was account deactivation. Previously published content is not removed. To deactivate an account Twitter requires an immediate family member to present a copy of their ID and a death certificate of the deceased. Twitter specified that it does not provide account access to anyone, but does allow people having account login information to continue posting. A prominent example is Roger Ebert's account maintained by his wife Chaz. ==== Controversies ==== In 2012, The Next Web columnist Martin Bryant noticed that since Twitter, unlike Facebook, did not have a "one account per real person" emphasis, memorializing accounts presented a difficulty to the service. He also criticized the service for the lack of control over hacking of such accounts and disapproved the practice of passing dead people's usernames to new owners after a certain period of inactivity. In 2013, Variety ran a feature about Cory Monteith's Twitter account that had 1.5 million followers at the moment on his death and gained almost 1 million new followers afterwards. Monteith's fans also launched #DontDeleteCorysTwitter campaign. As of February 2019, the celebrity's account had 1.63 million followers. Various media reported awkward incidents related to automatic posting and account hacking. === iTunes === ==== Policies ==== iCloud and iTunes accounts are "non transferable" since the content is not owned — users only have a licence to access it. === Wikipedia === Users who have made at least several hundred edits or are otherwise known for substantial contributions to Wikipedia can be noted at a central memorial page. Wikipedia user pages are ordinarily fully edit-protected after the user has died, to prevent vandalism. === YouTube === YouTube grants access to accounts of deceased persons under certain conditions. It is one of the data options that one can select to give access to a trusted contact with Google's Inactive Account Manager. === Instagram === ==== Policies ==== As of the COVID-19 pandemic, Instagram has notified its users of a delay in time of reviewing reports of deceased users due to the limited staff the pandemic has caused. Users that submit a report on a deceased user on Instagram can either memorialize the account or remove it from Instagram's platform. Through memorializing the account, Instagram secures and protects a platform of a deceased user, but per their policy, they do not supply any of the login credentials to the account. For both memorializing or removing a deceased users account, a verified user needs to submit a tangible document that shows proof of death of the user. However, to fully remove an account, the user must be a close or direct family member to the deceased person, and show proof of credibility as well. === Microsoft === ==== Policies ==== Per Microsoft's policies, they do not supply any of the login credentials to a deceased user's Microsoft account. A user does not have to contact or notify Microsoft of the deceased user, as the related user is able to close the account themselves. At default, Microsoft removes accounts after 2 years of inactivity. If the user does not have access to the deceased user's account, Microsoft recommends that the user deletes all bank accounts linked to that of the deceased to ensure no subscriptions are still going through. If the user wants to request to gain access to the deceased user's account, a court order or a subpoena has to be provided to Microsoft, but does not guarantee access to the deceased user's account. For users that live in Germany, more documentation is needed to gain access of a deceased user's account, including the deceased user's death certificate, a form of ID, and a documentation of consent from the deceased. The requesting user needs to provide a form of ID as well. == Digital inheritance == Digital inheritance is the process of handing over
Read more →
Randomized benchmarking

Randomized benchmarking is an experimental method for measuring the average error rates of quantum computing hardware platforms. The protocol estimates the average error rates by implementing long sequences of randomly sampled quantum gate operations. Randomized benchmarking is the industry-standard protocol used by quantum hardware developers such as IBM and Google to test the performance of the quantum operations. The original theory of randomized benchmarking, proposed by Joseph Emerson and collaborators, considered the implementation of sequences of Haar-random operations, but this had several practical limitations. The now-standard protocol for randomized benchmarking (RB) relies on uniformly random Clifford operations, as proposed in 2006 by Dankert et al. as an application of the theory of unitary t-designs. In current usage randomized benchmarking sometimes refers to the broader family of generalizations of the 2005 protocol involving different random gate sets that can identify various features of the strength and type of errors affecting the elementary quantum gate operations. Randomized benchmarking protocols are an important means of verifying and validating quantum operations and are also routinely used for the optimization of quantum control procedures. == Overview == Randomized benchmarking offers several key advantages over alternative approaches to error characterization. For example, the number of experimental procedures required for full characterization of errors (called tomography) grows exponentially with the number of quantum bits (called qubits). This makes tomographic methods impractical for even small systems of just 3 or 4 qubits. In contrast, randomized benchmarking protocols are the only known approaches to error characterization that scale efficiently as number of qubits in the system increases. Thus RB can be applied in practice to characterize errors in arbitrarily large quantum processors. Additionally, in experimental quantum computing, procedures for state preparation and measurement (SPAM) are also error-prone, and thus quantum process tomography is unable to distinguish errors associated with gate operations from errors associated with SPAM. In contrast, RB protocols are robust to state-preparation and measurement errors Randomized benchmarking protocols estimate key features of the errors that affect a set of quantum operations by examining how the observed fidelity of the final quantum state decreases as the length of the random sequence increases. If the set of operations satisfies certain mathematical properties, such as comprising a sequence of twirls with unitary two-designs, then the measured decay can be shown to be an invariant exponential with a rate fixed uniquely by features of the error model. == History == Randomized benchmarking was proposed in Scalable noise estimation with random unitary operators, where it was shown that long sequences of quantum gates sampled uniformly at random from the Haar measure on the group SU(d) would lead to an exponential decay at a rate that was uniquely fixed by the error model. Emerson, Alicki and Zyczkowski also showed, under the assumption of gate-independent errors, that the measured decay rate is directly related to an important figure of merit, the average gate fidelity and independent of the choice of initial state and any errors in the initial state, as well as the specific random sequences of quantum gates. This protocol applied for arbitrary dimension d and an arbitrary number n of qubits, where d=2n. The SU(d) RB protocol had two important limitations that were overcome in a modified protocol proposed by Dankert et al., who proposed sampling the gate operations uniformly at random from any unitary two-design, such as the Clifford group. They proved that this would produce the same exponential decay rate as the random SU(d) version of the protocol proposed in Emerson et al.. This follows from the observation that a random sequence of gates is equivalent to an independent sequence of twirls under that group, as conjectured in and later proven in. This Clifford-group approach to Randomized Benchmarking is the now standard method for assessing error rates in quantum computers. A variation of this protocol was proposed by NIST in 2008 for the first experimental implementation of an RB-type for single qubit gates. However, the sampling of random gates in the NIST protocol was later proven not to reproduce any unitary two-design. The NIST RB protocol was later shown to also produce an exponential fidelity decay, albeit with a rate that depends on non-invariant features of the error model In recent years a rigorous theoretical framework has been developed for Clifford-group RB protocols to show that they work reliably under very broad experimental conditions. In 2011 and 2012, Magesan et al. proved that the exponential decay rate is fully robust to arbitrary state preparation and measurement errors (SPAM). They also proved a connection between the average gate fidelity and diamond norm metric of error that is relevant to the fault-tolerant threshold. They also provided evidence that the observed decay was exponential and related to the average gate fidelity even if the error model varied across the gate operations, so-called gate-dependent errors, which is the experimentally realistic situation. In 2018, Wallman and Dugas et al., showed that, despite concerns raised in, even under very strong gate-dependence errors the standard RB protocols produces an exponential decay at a rate that precisely measures the average gate-fidelity of the experimentally relevant errors. The results of Wallman. in particular proved that the RB error rate is so robust to gate-dependent errors models that it provides an extremely sensitive tool for detecting non-Markovian errors. This follows because under a standard RB experiment only non-Markovian errors (including time-dependent Markovian errors) can produce a statistically significant deviation from an exponential decay The standard RB protocol was first implemented for single qubit gate operations in 2012 at Yale on a superconducting qubit. A variation of this standard protocol that is only defined for single qubit operations was implemented by NIST in 2008 on a trapped ion. The first implementation of the standard RB protocol for two-qubit gates was performed in 2012 at NIST for a system of two trapped ions
Read more →
Algorithmic curation

Algorithm curation is the selection of online media by technologies such as recommender systems and personalized search. Curation entails the selective sharing of online content and recommendations based on inferred interests. Curation algorithms implement different filter approaches, such as collaborative filtering and content-based filtering. Examples include search engine and social media products such as the Twitter feed, Facebook's News Feed, and Google Personalized Search. == History == === Early algorithmic curation === Online platforms use newsfeed algorithms to determine what content to present to each user. The volume of content published on social media platforms created a need for automated filtering, as manual review of all available content by users is not feasible. These systems function as a form of gatekeeper, shaping which new material users are exposed to and influencing knowledge, attention, and political exposure. ==== Information overload ==== Early ranking algorithms addressed information overload by surfacing the most recent or most popular posts. Later systems shifted toward ranking content based on predicted engagement, aiming to increase the time users spend on a platform. Research has found that these engagement-oriented systems can increase the spread of misinformation and contribute to political polarization as a side effect of optimising for user interaction. ==== How algorithm changes users' feeds over time ==== Algorithmic curation has been found to increase source diversity in some respects while simultaneously reducing the number of external links presented to users, which limits exposure to off-platform content. Research using agent-based modelling has examined how user behaviour, information quality, and algorithmic design interact with one another over time. === Emergence of AI === Platforms increasingly shifted from rule-based ranking systems toward machine-learning and AI-driven approaches, which allow feeds to be personalised at a larger scale and with greater responsiveness to user behaviour. For example, X (formerly Twitter) moved away from a chronological feed toward an AI-powered ranking system that personalises content for each user. These systems are capable of making ranking decisions across volumes of content and user interactions that would not be practical to handle manually. == Approach == === Filter types === ==== Collaborative filtering ==== Collaborative filtering (CF) methods create recommendations based on a person's usage patterns. CF predicts a person's preference for an item by matching their interests with those of users who have similar interests. This process allows for the sharing of ratings between users with similar profiles. CF is based on patterns of human behaviour rather than machine analysis of content itself. Users of CF systems rate items they have interacted with, and these ratings form a profile of interests. The CF system then matches that user with others who have similar profiles, and uses their ratings to generate recommendations. Collaborative filtering can be applied across various content types including text, images, music, and financial products, and can account for complex attributes such as taste and quality that are difficult to represent explicitly. ==== Content-based filtering ==== Content-based filtering (CBF) builds a user profile to represent the types of items a user has engaged with, based on keywords and attributes used to describe those items. Recommendations are generated by presenting items similar to those the user has previously engaged with or is currently viewing. The CBF method creates a profile for each item based on discrete attributes and features, and then constructs a content-based user profile using a weighted vector of those features derived from items the user has rated, purchased, or interacted with. The weights represent the relative importance of each feature, and can be computed using techniques such as Bayesian classifiers, cluster analysis, decision trees, and artificial neural networks, with the goal of estimating the probability that a user will engage with a suggested item. One application of content-based filtering is Pandora Radio, where users provide an artist, genre, or composer to generate a station, and the system surfaces music with similar attributes. == Technology == === Recommender system === Recommender systems rank and suggest content to users based on a combination of implicit and explicit user input. Implicit signals include time spent viewing or engaging with a specific item. Explicit signals include actions such as liking posts, saving store pages, reading news articles, or sharing content. === Personalized search === Personalized search aims to retrieve results most relevant to the user by incorporating contextual factors beyond the explicit query, such as past queries, browsing history, and inferred interests. Social media platforms such as X (formerly Twitter) and Bluesky generate recommendations based on similar users and the content those users interact with. Personalized search may also allow users to explicitly filter results by blocking content containing certain phrases or hashtags. For first-time users without prior history, personalized search may draw on content-based filtering to establish an initial context. Similar processes are used by search engines and retail platforms to tailor results and product recommendations to individual users. == AI contribution == Artificial intelligence contributes to algorithmic curation through machine-learning models capable of processing large volumes of data. Techniques such as deep learning and reinforcement learning allow curation algorithms to model user preferences with greater granularity alongside established filtering approaches. This enables platforms to adjust content rankings rapidly in response to user behaviour. In social media and streaming contexts, AI-driven systems arrange feeds according to predicted relevance, with the outputs shaped by patterns present in the training data. == Social media and potential impact == === Echo chambers === Social media algorithms, such as those used by X (formerly Twitter), recommend content that the system predicts a user will engage with positively. Content from accounts with differing perspectives is less likely to be surfaced, which may reduce source and topic diversity and contribute to the formation of echo chambers. For example, Facebook's news feed is designed to surface content aligned with users' prior engagement, which may reinforce existing views. This dynamic may contribute to filter bubbles, in which users are seldom exposed to content outside their existing interests. Users may further narrow their feeds by actively blocking certain content or accounts. === Over-representation === A pattern observed across social media platforms is the concentration of algorithmic visibility among a small subset of users. Content from the most active users, those with the largest followings, or those generating the most engagement tends to be surfaced more frequently, meaning a small number of accounts can account for a disproportionate share of what appears in other users' feeds.
Read more →
Shell Control Box

Shell Control Box (SCB) is a network security appliance that controls privileged access to remote IT systems, records activities in replayable audit trails, and prevents malicious actions. For example, it records as a system administrator updates a file server or a third-party network operator configures a router. The recorded audit trails can be replayed like a movie to review the events as they occurred. The content of the audit trails is indexed to make searching for events and automatic reporting possible. SCB is a Linux-based device developed by Balabit. It is an application level proxy gateway. In 2017, Balabit changed the name of the product to Privileged Session Management (PSM) and repositioned it as the core module of its Privileged Access Management solution. == Main Features == Balabit’s Privileged Session Management (PSM), Shell Control Box (SCB) is a device that controls, monitors, and audits remote administrative access to servers and network devices. It is a tool to oversee system administrators by controlling the encrypted connections used for administration. PSM (SCB) has full control over the SSH, RDP, Telnet, TN3270, TN5250, Citrix ICA, and VNC connections, providing a framework (with solid boundaries) for the work of the administrators. === Gateway Authentication === PSM (SCB) acts as an authentication gateway, enforcing strong authentication before users access IT assets. PSM can also integrate to user directories (for example, a Microsoft Active Directory) to resolve the group memberships of the users who access the protected servers. Credentials for accessing the server are retrieved transparently from PSM’s credential store or a third-party password management system by PSM impersonating the authenticated user. This automatic password retrieval protects the confidentiality of passwords as users can never access them. === Access Control === PSM controls and audits privileged access over the most wide-spread protocols such as SSH, RDP, or HTTP(s). The detailed access management helps to control who can access what and when on servers. It is also possible to control advanced features of the protocols, like the type of channels permitted. For example, unneeded channels like file transfer or file sharing can be disabled, reducing the security risk on the server. With PSM policies for privileged access can be enforced in one single system. === 4-eyes Authorization === To avoid accidental misconfiguration and other human errors, PSM supports the 4-eyes authorization principle. This is achieved by requiring an authorizer to allow administrators to access the server. The authorizer also has the possibility to monitor – and terminate - the session of the administrator in real-time, as if they were watching the same screen. === Real-time Monitoring and Session Termination === PSM can monitor the network traffic in real time, and execute various actions if a certain pattern (for example, a suspicious command, window title or text) appears on the screen. PSM can also detect specific patterns such as credit card numbers. In case of detecting a suspicious user action, PSM can send an e-mail alert or immediately terminate the connection. For example, PSM can block the connection before a destructive administrator command, such as the „rm” comes into effect. === Session Recording === PSM makes user activities traceable by recording them in tamper-proof and confidential audit trails. It records the selected sessions into encrypted, timestamped, and digitally signed audit trails. Audit trails can be browsed online, or followed real-time to monitor the activities of the users. PSM replays the recorded sessions just like a movie – actions of the users can be seen exactly as they appeared on their monitor. The Balabit Desktop Player enables fast forwarding during replays, searching for events (for example, typed commands or pressing Enter) and texts seen by the user. In the case of any problems (database manipulation, unexpected shutdown, etc.) the circumstances of the event are readily available in the trails, thus the cause of the incident can be identified. In addition to recording audit trails, transferred files can be also recorded and extracted for further analysis.
Read more →
Modulation error ratio

The modulation error ratio (MER) is a measure used to quantify the performance of a digital radio (or digital TV) transmitter or receiver in a communications system using digital modulation (such as QAM). A signal sent by an ideal transmitter or received by a receiver would have all constellation points precisely at the ideal locations, however various imperfections in the implementation (such as noise, low image rejection ratio, phase noise, carrier suppression, distortion, etc.) or signal path cause the actual constellation points to deviate from the ideal locations. Transmitter MER can be measured by specialized equipment, which demodulates the received signal in a similar way to how a real radio demodulator does it. Demodulated and detected signal can be used as a reasonably reliable estimate for the ideal transmitted signal in MER calculation. == Definition == An error vector is a vector in the I-Q plane between the ideal constellation point and the point received by the receiver. The Euclidean distance between the two points is its magnitude. The modulation error ratio is equal to the ratio of the root mean square (RMS) power (in Watts) of the reference vector to the power (in Watts) of the error. It is defined in dB as: M E R ( d B ) = 10 log 10 ⁡ ( P s i g n a l P e r r o r ) {\displaystyle \mathrm {MER(dB)} =10\log _{10}\left({P_{\mathrm {signal} } \over P_{\mathrm {error} }}\right)} where Perror is the RMS power of the error vector, and Psignal is the RMS power of ideal transmitted signal. MER is defined as a percentage in a compatible (but reciprocal) way: M E R ( % ) = P e r r o r P s i g n a l × 100 % {\displaystyle \mathrm {MER(\%)} ={\sqrt {P_{\mathrm {error} } \over P_{\mathrm {signal} }}}\times 100\%} with the same definitions. MER is closely related to error vector magnitude (EVM), but MER is calculated from the average power of the signal. MER is also closely related to signal-to-noise ratio. MER includes all imperfections including deterministic amplitude imbalance, quadrature error and distortion, while noise is random by nature.
Read more →
Hardware trojan

A hardware trojan (HT) is a malicious modification of the circuitry of an integrated circuit. A hardware trojan is completely characterized by its physical representation and its behavior. The payload of an HT is the entire activity that the Trojan executes when it is triggered. In general, trojans try to bypass or disable the security fence of a system: for example, leaking confidential information by radio emission. HTs also could disable, damage or destroy the entire chip or components of it. Hardware trojans may be introduced as hidden front-doors that are inserted while designing a computer chip, by using a pre-made application-specific integrated circuit (ASIC) semiconductor intellectual property core (IP core) that have been purchased from a non-reputable source, or inserted internally by a rogue employee, either acting on their own, or on behalf of rogue special interest groups, or state sponsored spying and espionage. One paper published by IEEE in 2015 explains how a hardware design containing a trojan could leak a cryptographic key leaked over an antenna or network connection, provided that the correct "easter egg" trigger is applied to activate the data leak. In high security governmental IT departments, hardware trojans are a well known problem when buying hardware such as: a KVM switch, keyboards, mice, network cards, or other network equipment. This is especially the case when purchasing such equipment from non-reputable sources that could have placed hardware trojans to leak keyboard passwords, or provide remote unauthorized entry. == Background == In a diverse global economy, outsourcing of production tasks is a common way to lower a product's cost. Embedded hardware devices are not always produced by the firms that design and/or sell them, nor in the same country where they will be used. Outsourced manufacturing can raise doubt about the evidence for the integrity of the manufactured product (i.e., one's certainty that the end-product has no design modifications compared to its original design). Anyone with access to the manufacturing process could, in theory, introduce some change to the final product. For complex products, small changes with large effects can be difficult to detect. The threat of a serious, malicious, design alteration can be especially relevant to government agencies. Resolving doubt about hardware integrity is one way to reduce technology vulnerabilities in the military, finance, energy and political sectors of an economy. Since fabrication of integrated circuits in untrustworthy factories is common, advanced detection techniques have emerged to discover when an adversary has hidden additional components in, or otherwise sabotaged, the circuit's function. == Characterization of hardware trojans == An HT can be characterized by several methods such as by its physical representation, activation phase and its action phase. Alternative methods characterize the HT by trigger, payload and stealth. === Physical characteristics === One of this physical trojan characteristics is the type. The type of a trojan can be either functional or parametric. A trojan is functional if the adversary adds or deletes any transistors or gates to the original chip design. The other kind of trojan, the parametric trojan, modifies the original circuitry, e.g. thinning of wires, weakening of flip-flops or transistors, subjecting the chip to radiation, or using focused ion-beams (FIB) to reduce the reliability of a chip. The size of a trojan is its physical extension or the number of components it is made of. Because a trojan can consist of many components, the designer can distribute the parts of a malicious logic on the chip. The additional logic can occupy the chip wherever it is needed to modify, add, or remove a function. Malicious components can be scattered, called loose distribution, or consist of only few components, called tight distribution, so the area is small where the malicious logic occupies the layout of the chip. In some cases, high-effort adversaries in may regenerate the layout so that the placement of the components of the IC is altered. In rare cases the chip dimension is altered. These changes are structural alterations. === Activation characteristics === The typical trojan is condition-based: It is triggered by sensors, internal logic states, a particular input pattern or an internal counter value. Condition-based trojans are detectable with power traces to some degree when inactive. That is due to the leakage currents generated by the trigger or counter circuit activating the trojan. Hardware trojans can be triggered in different ways. A trojan can be internally activated, which means it monitors one or more signals inside the IC. The malicious circuitry could wait for a count down logic an attacker added to the chip, so that the trojan awakes after a specific time-span. The opposite is externally activated. There can be malicious logic inside a chip, that uses an antenna or other sensors the adversary can reach from outside the chip. For example, a trojan could be inside the control system of a cruising missile. The owner of the missile does not know, that the enemy will be able to switch off the rockets by radio. A trojan which is always-on can be a reduced wire. A chip that is modified in this way produces errors or fails every time the wire is used intensely. Always-on circuits are hard to detect with power trace. In this context combinational trojans and sequential trojans are distinguished. A combinational trojan monitors internal signals until a specific condition happens. A sequential trojan is also an internally activated condition-based circuit, but it monitors the internal signals and searches for sequences not for a specific state or condition like the combinational trojans do. ==== Cryptographic key extraction ==== Extraction of secret keys by means of a hardware trojan without detecting the trojan requires that the trojan uses a random signal or some cryptographic implementation itself. To avoid storing a cryptographic key in the trojan itself and reduction, a physical unclonable function can be used. Physical unclonable functions are small in size and can have an identical layout while the cryptographic properties are different. === Action characteristics === A HT could modify the chip's function or could change the chip's parametric properties (e.g. provokes a process delay). Confidential information can also be transmitted to the adversary (transmission of key information). === Peripheral device hardware trojans === A relatively new threat vector to networks and network endpoints is a HT appearing as a physical peripheral device that is designed to interact with the network endpoint using the approved peripheral device's communication protocol. For example, a USB keyboard that hides all malicious processing cycles from the target network endpoint to which it is attached by communicating with the target network endpoint using unintended USB channels. Once sensitive data is ex-filtrated from the target network endpoint to the HT, the HT can process the data and decide what to do with the data: store the data to memory for later physical retrieval of the HT or possibly ex-filtrate the data to the internet using wireless or using the compromised network endpoint as a pivot. == Potential of threat == A common trojan is passive most of the time-span an altered device is in use. If a trojan is activated the device functionality can be changed, the device can be destroyed or disabled, the device can leak confidential information or the HT may tear down the security and safety of the device. Trojans are stealthy, to avoid detection of the trojan the precondition for activation is a very rare event. Traditional testing techniques are not sufficient. A manufacturing fault happens at a random position while malicious changes are well placed to avoid detection. == Detection == === Physical inspection === First, the molding coat is cut to reveal the circuitry. Then, the engineer repeatedly scans the surface while grinding the layers of the chip. There are several operations to scan the circuitry. Typical visual inspection methods are: scanning optical microscopy (SOM), scanning electron microscopy (SEM), pico-second imaging circuit analysis (PICA), voltage contrast imaging (VCI), light induced voltage alteration (LIVA) or charge induced voltage alteration (CIVA). To compare the floor plan of the chip has to be compared with the image of the actual chip. This is still quite challenging to do. To detect Trojan hardware which include (crypto) keys which are different, an image diff can be taken to reveal the different structure on the chip. The only known hardware Trojan using unique crypto keys but having the same structure is. This property enhances the undetectability of the trojan. === Functional testing === This detection method stimulates the input ports of a chip and monitors the output
Read more →