Algorithmic amplification

Algorithmic amplification is the process by which automated ranking and recommendation systems on digital platforms increase the visibility of certain content beyond its initial audience. Major platforms including Facebook, YouTube, TikTok, and X (formerly Twitter) use such systems to determine what appears in users' feeds and search results. The term is used in research on social media and digital media regulation to describe how platform design choices influence the distribution of online information. Unlike chronological feeds, algorithmic systems evaluate content using signals such as engagement rates, viewing duration, and predicted relevance to individual users. Content that performs strongly on these metrics may be promoted to progressively larger audiences through feeds, search rankings, or autoplay systems. The process is distinct from content moderation, which involves removing, labelling, or restricting content under platform rules, although the two can interact in practice. The concept is closely connected to the attention economy. Research has linked algorithmic amplification to the spread of misinformation and the circulation of political content, as well as to effects on young users' mental health. The scale and direction of those effects remain debated, in part because independent researchers have limited access to the internal workings of platform recommendation systems. Governments in the European Union, United Kingdom, United States, and China have pursued differing regulatory approaches to recommendation algorithms. The EU's Digital Services Act and the UK's Online Safety Act 2023 impose obligations on large platforms related to recommendation system transparency and risk, while China became the first country to enact binding legislation specifically targeting such systems. Internal documents and whistleblower testimony reported by the BBC in 2026 described how competitive pressure between Meta and TikTok led to trade-offs between engagement and user safety in the design of their recommendation systems. == Terminology == The term algorithmic amplification is used in media studies, platform governance scholarship and regulatory literature to describe how automated systems influence the distribution of content beyond what organic user sharing alone would produce. It is distinct from viral spread, which refers primarily to user-driven sharing behaviour, and from algorithmic bias, which describes systematic errors or unfairness in algorithmic outputs. The related term algorithmic curation is used for the broader process of selecting and ordering content, of which amplification is one possible outcome. The phrase also appears in regulatory and legislative discussion of recommendation systems. The European Union's Digital Services Act (DSA) identifies recommendation systems as a potential source of systemic risk, and the term appears frequently in academic and policy commentary on the regulation. In the United States, proposals including the Filter Bubble Transparency Act and the Kids Online Safety Act (KOSA) have used it to frame requirements around recommendation system transparency. In the United Kingdom, the House of Commons Science, Innovation and Technology Committee used the term in a 2025 report on how recommendation algorithms contributed to the spread of misinformation during the 2024 Southport riots. A Joint Declaration on AI and Freedom of Expression adopted in October 2025 by four international freedom of expression mandate holders, including the UN Special Rapporteur on Freedom of Opinion and Expression and the OSCE Representative on Freedom of the Media, stated that recommender systems and other AI-powered curation tools exert "a large hidden influence and gatekeeper role" over what information people access and consume. == Background == Early internet platforms typically displayed content in reverse-chronological order or through keyword-based search systems. Although the term is most often applied to social media, the underlying logic predates social media itself. A 2021 overview traced the origins of modern recommendation systems to the early 1990s, when they were first used experimentally for personal email and information filtering. The 1992 Tapestry mail system and the 1994 GroupLens news filtering system were early milestones before recommendation systems spread into e-commerce and other online services. As user bases and content volumes grew during the 2000s, major platforms including Google, YouTube, and Facebook developed machine-learning systems to personalise content delivery and prioritise material predicted to generate engagement. Facebook introduced its News Feed in 2006, which gradually shifted from chronological presentation towards algorithmically ranked content. YouTube altered its recommendation system in 2012 to prioritise watch time rather than clicks, a change the platform said was prompted by concerns that click-based metrics encouraged misleading thumbnails and low-quality videos. TikTok, launched internationally in 2018, adopted a model in which its primary content surface, the For You feed, is driven almost entirely by algorithmic recommendation rather than by a user's social graph. An internal document obtained by The New York Times in 2021 showed that the platform's algorithm optimised for retention and time spent, using signals such as watch duration, replays, likes, and comments to score and rank videos. Algorithmic recommendation also became central to platforms outside social media. Spotify's personalised features, including Discover Weekly, Release Radar, and Home recommendations, use behavioural signals and inferred "taste profiles" to surface tracks and artists beyond a listener's existing library. An ethnographic study of music curators at streaming platforms described this blend of algorithmic and human editorial selection as an "algo-torial" model of gatekeeping. Amazon adopted item-based collaborative filtering for product recommendations in 1998, and its recommendation engine has been described as one of the earliest large-scale deployments of recommendation technology in e-commerce. The same dynamics operate on adult content platforms. Law professor Amy Adler has argued that from 2007 onwards the pornography industry migrated to algorithm-driven streaming platforms, most of which are controlled by a single near-monopoly company, Aylo (formerly MindGeek). These platforms use algorithmic search engines, suggestions, rigid categorisation of content, and AI-driven search term optimisation in ways that produce the same distorting effects found on mainstream speech platforms, including filter bubbles, feedback loops, and the tendency of algorithmic recommendations to alter individual preferences. == Mechanisms == Recommendation systems commonly combine collaborative filtering, which predicts a user's preferences from the behaviour of similar users, with machine-learning models that predict which content a user is likely to engage with from their prior activity. In a common two-stage design, a platform first generates a set of candidate items from a large content pool and then ranks them using a scoring model with objectives such as predicted engagement or user satisfaction. Small changes in ranking criteria can shift exposure at scale, particularly when applied repeatedly across multiple browsing sessions. These systems typically rely on signals including engagement rates, viewing duration, click-through rates, and network relationships between users. Modern recommendation pipelines continuously update predictions as new behavioural data arrives, allowing platforms to adjust rankings in near real time. Users' revealed preferences, expressed through behaviour such as clicks and viewing time, do not always align with their stated preferences, expressed through explicit feedback such as surveys or content controls. Popularity signals can create feedback dynamics in which early engagement increases the likelihood that content will be shown to additional users. Experimental research on online cultural markets has demonstrated how such feedback processes can produce unequal visibility outcomes even when initial differences in content quality are small. == Beneficial and public-interest uses == Recommendation systems can help users navigate large volumes of content by surfacing material predicted to match their interests or needs, which can improve discoverability on platforms with large content libraries. In public health communication, platforms can help health authorities distribute timely information at scale, though the same recommendation systems also risk amplifying misinformation alongside official guidance. Sociologist Zeynep Tufekci has argued that the shift from independent blogs to large centralised platforms transferred gatekeeping power from traditional media to corporate algorithms. In the case of the Egyptian uprising of 2011, she noted that ordinary users

Inception score

The Inception Score (IS) is an algorithm used to assess the quality of images created by a generative image model such as a generative adversarial network (GAN). The score is calculated based on the output of a separate, pretrained Inception v3 image classification model applied to a sample of (typically around 30,000) images generated by the generative model. The Inception Score is maximized when the following conditions are true: The entropy of the distribution of labels predicted by the Inceptionv3 model for the generated images is minimized. In other words, the classification model confidently predicts a single label for each image. Intuitively, this corresponds to the desideratum of generated images being "sharp" or "distinct". The predictions of the classification model are evenly distributed across all possible labels. This corresponds to the desideratum that the output of the generative model is "diverse". It has been somewhat superseded by the related Fréchet inception distance. While the Inception Score only evaluates the distribution of generated images, the FID compares the distribution of generated images with the distribution of a set of real images ("ground truth"). == Definition == Let there be two spaces, the space of images Ω X {\displaystyle \Omega _{X}} and the space of labels Ω Y {\displaystyle \Omega _{Y}} . The space of labels is finite. Let p g e n {\displaystyle p_{gen}} be a probability distribution over Ω X {\displaystyle \Omega _{X}} that we wish to judge. Let a discriminator be a function of type p d i s : Ω X → M ( Ω Y ) {\displaystyle p_{dis}:\Omega _{X}\to M(\Omega _{Y})} where M ( Ω Y ) {\displaystyle M(\Omega _{Y})} is the set of all probability distributions on Ω Y {\displaystyle \Omega _{Y}} . For any image x {\displaystyle x} , and any label y {\displaystyle y} , let p d i s ( y | x ) {\displaystyle p_{dis}(y|x)} be the probability that image x {\displaystyle x} has label y {\displaystyle y} , according to the discriminator. It is usually implemented as an Inception-v3 network trained on ImageNet. The Inception Score of p g e n {\displaystyle p_{gen}} relative to p d i s {\displaystyle p_{dis}} is I S ( p g e n , p d i s ) := exp ⁡ ( E x ∼ p g e n [ D K L ( p d i s ( ⋅ | x ) ‖ ∫ p d i s ( ⋅ | x ) p g e n ( x ) d x ) ] ) {\displaystyle IS(p_{gen},p_{dis}):=\exp \left(\mathbb {E} _{x\sim p_{gen}}\left[D_{KL}\left(p_{dis}(\cdot |x)\|\int p_{dis}(\cdot |x)p_{gen}(x)dx\right)\right]\right)} Equivalent rewrites include ln ⁡ I S ( p g e n , p d i s ) := E x ∼ p g e n [ D K L ( p d i s ( ⋅ | x ) ‖ E x ∼ p g e n [ p d i s ( ⋅ | x ) ] ) ] {\displaystyle \ln IS(p_{gen},p_{dis}):=\mathbb {E} _{x\sim p_{gen}}\left[D_{KL}\left(p_{dis}(\cdot |x)\|\mathbb {E} _{x\sim p_{gen}}[p_{dis}(\cdot |x)]\right)\right]} ln ⁡ I S ( p g e n , p d i s ) := H [ E x ∼ p g e n [ p d i s ( ⋅ | x ) ] ] − E x ∼ p g e n [ H [ p d i s ( ⋅ | x ) ] ] {\displaystyle \ln IS(p_{gen},p_{dis}):=H[\mathbb {E} _{x\sim p_{gen}}[p_{dis}(\cdot |x)]]-\mathbb {E} _{x\sim p_{gen}}[H[p_{dis}(\cdot |x)]]} ln ⁡ I S {\displaystyle \ln IS} is nonnegative by Jensen's inequality. Pseudocode:INPUT discriminator p d i s {\displaystyle p_{dis}} . INPUT generator g {\displaystyle g} . Sample images x i {\displaystyle x_{i}} from generator. Compute p d i s ( ⋅ | x i ) {\displaystyle p_{dis}(\cdot |x_{i})} , the probability distribution over labels conditional on image x i {\displaystyle x_{i}} . Sum up the results to obtain p ^ {\displaystyle {\hat {p}}} , an empirical estimate of ∫ p d i s ( ⋅ | x ) p g e n ( x ) d x {\displaystyle \int p_{dis}(\cdot |x)p_{gen}(x)dx} . Sample more images x i {\displaystyle x_{i}} from generator, and for each, compute D K L ( p d i s ( ⋅ | x i ) ‖ p ^ ) {\displaystyle D_{KL}\left(p_{dis}(\cdot |x_{i})\|{\hat {p}}\right)} . Average the results, and take its exponential. RETURN the result. === Interpretation === A higher inception score is interpreted as "better", as it means that p g e n {\displaystyle p_{gen}} is a "sharp and distinct" collection of pictures. ln ⁡ I S ( p g e n , p d i s ) ∈ [ 0 , ln ⁡ N ] {\displaystyle \ln IS(p_{gen},p_{dis})\in [0,\ln N]} , where N {\displaystyle N} is the total number of possible labels. ln ⁡ I S ( p g e n , p d i s ) = 0 {\displaystyle \ln IS(p_{gen},p_{dis})=0} iff for almost all x ∼ p g e n {\displaystyle x\sim p_{gen}} p d i s ( ⋅ | x ) = ∫ p d i s ( ⋅ | x ) p g e n ( x ) d x {\displaystyle p_{dis}(\cdot |x)=\int p_{dis}(\cdot |x)p_{gen}(x)dx} That means p g e n {\displaystyle p_{gen}} is completely "indistinct". That is, for any image x {\displaystyle x} sampled from p g e n {\displaystyle p_{gen}} , discriminator returns exactly the same label predictions p d i s ( ⋅ | x ) {\displaystyle p_{dis}(\cdot |x)} . The highest inception score N {\displaystyle N} is achieved if and only if the two conditions are both true: For almost all x ∼ p g e n {\displaystyle x\sim p_{gen}} , the distribution p d i s ( y | x ) {\displaystyle p_{dis}(y|x)} is concentrated on one label. That is, H y [ p d i s ( y | x ) ] = 0 {\displaystyle H_{y}[p_{dis}(y|x)]=0} . That is, every image sampled from p g e n {\displaystyle p_{gen}} is exactly classified by the discriminator. For every label y {\displaystyle y} , the proportion of generated images labelled as y {\displaystyle y} is exactly E x ∼ p g e n [ p d i s ( y | x ) ] = 1 N {\displaystyle \mathbb {E} _{x\sim p_{gen}}[p_{dis}(y|x)]={\frac {1}{N}}} . That is, the generated images are equally distributed over all labels.

Data classification (data management)

Data classification is the process of organizing data into categories based on attributes like file type, content, or metadata. The data is then assigned class labels that describe a set of attributes for the corresponding data sets. The goal is to provide meaningful class attributes to former less structured information, enabling organizations to manage, protect, and govern their data more effectively. Data classification can be viewed as a multitude of labels that are used to define the type of data, especially on confidentiality and integrity issues. == Approaches == Classification techniques might be used for reports generated by ERP systems or where the data includes specific personal information that is identified. Many organizations also employ context-based classification that considers factors such as data source, user identity, and application context. == Regulatory frameworks == Data classification schemes are mandated or implied by numerous regulatory frameworks that require organizations to identify, categorize, and protect sensitive information according to its level of sensitivity. The Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires covered entities to conduct an accurate and thorough assessment of potential risks and vulnerabilities to the confidentiality, integrity, and availability of protected health information under 45 CFR 164.308(a)(1)(ii)(A), which necessitates classification of data to distinguish protected health information from other organizational data."Security Standards: Administrative Safeguards". U.S. Department of Health and Human Services. Retrieved April 1, 2026. The December 2024 HIPAA Security Rule notice of proposed rulemaking (90 FR 898) would mandate comprehensive technology asset inventories and require mapping of how electronic protected health information moves through an organization, formalizing data classification as an explicit compliance obligation."HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information". Federal Register. January 6, 2025. Retrieved April 1, 2026. NIST Special Publication 800-60 provides guidelines for mapping information types to security categories, establishing a structured methodology for federal agencies to classify data and apply appropriate security controls based on the potential impact of a security breach."NIST SP 800-60 Vol. 1 Rev. 1: Guide for Mapping Types of Information and Information Systems to Security Categories". National Institute of Standards and Technology. August 2008. Retrieved April 1, 2026.

SCADA Strangelove

SCADA Strangelove is an independent group of information security researchers founded in 2012, focused on security assessment of industrial control systems (ICS) and SCADA. == Activities == Main fields of research include: Discovery of 0-day vulnerabilities in cyber physical systems and coordinated vulnerability disclosure; Security assessment of ICS protocols and development suites; Identification of publicly Internet-connected ICS components and secure it with help of proper authorities; Development of security hardening guides for ICS software; Mapping cybersecurity on to functional safety; Awareness control and delivery of information regarding the actual security state of ICS systems. SCADA Strangelove's interests expand further than classic ICS components and covers various embedded systems, however, and encompass smart home components, solar panels, wind turbines, SmartGrid as well as other areas. == Projects == Group members have and continue to develop and publish numerous open source tools for scanning, fingerprinting, security evaluation and password bruteforcing for ICS devices. These devices work over industrial protocols such as modbus, Siemens S7, MMS, ISO EC 60870, ProfiNet. In 2014 Shodan used some of the published tools for building a map of ICS devices which is publicly available on the Internet. Open source security assessment frameworks, such as THC Hydra, Metasploit, and DigitalBond Redpoint have used Shodan-developed tools and techniques. The group has published security-hardening guidelines for industrial solutions based on Siemens SIMATIC WinCC and WinCC Flexible. The guidelines contain detailed security configuration walk-throughs, descriptions of internal security features and appropriate best practices. Among the group’s more noticeable projects is Choo Choo PWN (CCP) also named the Critical Infrastructure Attack (CIA). This is an interactive laboratory built upon ICS software and hardware used in real world. Every system is connected to a toy city infrastructure, which includes factories, railroads and other facilities. The laboratory has been demonstrated at various conferences including PHDays, Power of Community, and 30C3. Primarily the laboratory is used for the discovery of new vulnerabilities and for evaluation of security mechanisms, however it is also used for workshops and other educational activities. At Positive Hack Days IV, contestants found several 0-day vulnerabilities in Indusoft Web Studio 7.1 by Schneider Electric, and in specific ICS hardware RTU PET-7000 during the ICS vulnerability discovery challenge. The group supports Secure Open SmartGrid (SCADASOS) project to find and fix vulnerabilities in intellectual power grid components such as photovoltaic power station, wind turbine, power inverter. More than 80 000 industrial devices were discovered and isolated from the Internet in 2015. == Appearances == Group members are frequently seen presenting at conferences like CCC, SCADA Security Scientific Symposium, Positive Hack Days. Most notable talks are: === 29C3 === An overview of vulnerabilities discovered in the widely distributed Siemens SIMATIC WinCC software and tools that are implemented for searching ICS on the Internet. === PHDays === This talk consisted of an overview of vulnerabilities discovered in various systems produced by ABB, Emerson, Honeywell and Siemens and was presented at PHDays III and PHDays IV. === Confidence 2014 === Implications of security research aimed at realization of various industrial network protocols Profinet, Modbus, DNP3, IEC 61850-8-1 (MMS), IEC (International Electrotechnical Commission) 61870-5-101/104, FTE (Fault Tolerant Ethernet), Siemens S7. === PacSec 2014 === Presentations of security research showing the impact of radio and 3G/4G networks on the security of mobile devices as well as on industrial equipment. === 31C3 === Analysis of security architecture and implementation of the most wide spread platforms for wind and solar energy generation which produce many gigawatts of it. === 32C3 === Cybersecurity assessment of railway signaling systems such as Automatic Train Control (ATC), Computer-based interlocking (CBI) and European Train Control System (ETCS). === China Internet Security Conference 2016 === In "Greater China Cyber Threat Landscape" keynote by Sergey Gordeychik an overview of vulnerabilities, attacks and cyber-security incidents in Greater China region was presented. === Recon 2017 === In talk "Hopeless: Relay Protection for Substation Automation" by Kirill Nesterov and Alexander Tlyapov security analysis results of key Digital Substation component - Relay Protection Terminals was presented. Vulnerabilities, including remote code execution in Siemens SIPROTEC, General Electric Line Distance Relay, NARI and ABB protective relays was presented. == Philosophy == All names, catchwords and graphical elements refer to Stanley Kubrick’s film, Dr. Strangelove. In their talks, group members often refer to Cold War events such as the Caribbean Crisis, and draw parallels between nuclear arms race and the current escalation of cyberwar. Group members follow the approach of “responsible disclosure” and “ready to wait for years, while vendor is patching the vulnerability”. Public exploits for discovered vulnerabilities are not published. This is on account of the longevity of ICS and by implication the long process of patching ICS. However, conflicts still happen, notably in 2012 when the talk at DEF CON was called off due to a dispute of persistent weaknesses in Siemens industrial software.

Stanza Living

Stanza Living is the common brand name for Dtwelve Spaces Private Limited. It provides fully-managed shared living accommodations to students and young professionals. Founded by Anindya Dutta and Sandeep Dalmia, the company is present across 23 cities including Delhi, NCR, Bangalore, Visakhapatnam, Hyderabad, Chennai, Coimbatore, Indore, Pune, Baroda, Vijayawada, and Dehradun, Kota in India, with a capacity of 70,000 beds. Stanza Living is a technology-enabled housing concept which provides fully-furnished residences with amenities like meals, internet, laundry services, housekeeping, security and community engagement programmes. The company has an asset-light business model under which it engages in long-term lease agreements with property owners/developers, who convert their assets into shared living residences as per company guidelines. These assets are subsequently operated by Stanza Living. == Industry background == A report by Cushman & Wakefield (C&W) titled 'Exploring the Student Housing Universe in India City Insights', estimates that there were over 9.08 million migrant student enrolments in India's higher educational institutions (HEIs) for the year 2018-19 who need quality accommodation facilities. According to the report, Delhi-NCR, Mumbai, and Pune are the three biggest markets for student housing in the country, and these cities require an additional 4.75 lakh beds from organized co-living operators to meet the current demand. == History == Stanza Living provides tech-enabled, fully managed community living facilities for students and working professionals. The company was launched as a student housing business in Delhi NCR with a capacity of 100 beds, and grew to 14 cities by 2019. By early 2020, the company began catering to working professionals as well. The company has a combined inventory of 70,000 beds under management for both students and working professionals. Stanza Living is currently valued at $300 million. It has raised a capital of about $70 million from leading global investors like Falcon Edge Capital, Sequoia Capital, Matrix Partners and Accel Partners. November 2017 – Seed funding, September 2018 – Series A, March 2019 – Debt financing, July 2019 – Series C round, December 2019 - Debt financing. The company has invested in building technology products for business efficiency and consumer experience, like the Stanza Resident App and Stanza Real Estate App. Stanza Living has close to 1,500 employees across India. It is recognized among Top Real Estate Tech Startups of 2020 across the globe by research and analysis company Tracxn. The company has been shortlisted among Top 25 Start-ups of India in 2019 by LinkedIn == Founders == Stanza Living was co-founded by Anindya Dutta and Sandeep Dalmia. Sandeep Dalmia is an alumnus of Delhi College of Engineering and IIM Ahmedabad. Prior to Stanza, he was a Principal at Boston Consulting Group, working across India, US and South East Asia markets. Anindya Dutta was previously a Real Estate investor with Oaktree Capital and prior to that, he worked at Goldman Sachs in London. He is an alumnus of IIT Kharagpur and IIM Ahmedabad.

Swizzling (computer graphics)

In computer graphics, swizzles are a class of operations that transform vectors by rearranging components. Swizzles can also project from a vector of one dimensionality to a vector of another dimensionality, such as taking a three-dimensional vector and creating a two-dimensional or five-dimensional vector using components from the original vector. For example, if A = {1,2,3,4}, where the components are x, y, z, and w respectively, one could compute B = A.wwxy, whereupon B would equal {4,4,1,2}. Additionally, one could create a two-dimensional vector with A.wx or a five-dimensional vector with A.xyzwx. Combining vectors and swizzling can be employed in various ways. This is common in GPGPU applications. In terms of linear algebra, this is equivalent to multiplying by a matrix whose rows are standard basis vectors. If A = ( 1 , 2 , 3 , 4 ) T {\displaystyle A=(1,2,3,4)^{T}} , then swizzling A {\displaystyle A} as above looks like A . w w x y = [ 0 0 0 1 0 0 0 1 1 0 0 0 0 1 0 0 ] [ 1 2 3 4 ] = [ 4 4 1 2 ] . {\displaystyle A.\!wwxy={\begin{bmatrix}0&0&0&1\\0&0&0&1\\1&0&0&0\\0&1&0&0\end{bmatrix}}{\begin{bmatrix}1\\2\\3\\4\end{bmatrix}}={\begin{bmatrix}4\\4\\1\\2\end{bmatrix}}.}

Computer security compromised by hardware failure

Computer security compromised by hardware failure is a branch of computer security applied to hardware. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Such secret information could be retrieved by different ways. This article focus on the retrieval of data thanks to misused hardware or hardware failure. Hardware could be misused or exploited to get secret data. This article collects main types of attack that can lead to data theft. Computer security can be compromised by devices, such as keyboards, monitors or printers (thanks to electromagnetic or acoustic emanation for example) or by components of the computer, such as the memory, the network card or the processor (thanks to time or temperature analysis for example). == Devices == === Monitor === The monitor is the main device used to access data on a computer. It has been shown that monitors radiate or reflect data on their environment, potentially giving attackers access to information displayed on the monitor. ==== Electromagnetic emanations ==== Video display units radiate: narrowband harmonics of the digital clock signals; broadband harmonics of the various 'random' digital signals such as the video signal. Known as compromising emanations or TEMPEST radiation, a code word for a U.S. government programme aimed at attacking the problem, the electromagnetic broadcast of data has been a significant concern in sensitive computer applications. Eavesdroppers can reconstruct video screen content from radio frequency emanations. Each (radiated) harmonic of the video signal shows a remarkable resemblance to a broadcast TV signal. It is therefore possible to reconstruct the picture displayed on the video display unit from the radiated emission by means of a normal television receiver. If no preventive measures are taken, eavesdropping on a video display unit is possible at distances up to several hundreds of meters, using only a normal black-and-white TV receiver, a directional antenna and an antenna amplifier. It is even possible to pick up information from some types of video display units at a distance of over 1 kilometer. If more sophisticated receiving and decoding equipment is used, the maximum distance can be much greater. ==== Compromising reflections ==== What is displayed by the monitor is reflected on the environment. The time-varying diffuse reflections of the light emitted by a CRT monitor can be exploited to recover the original monitor image. This is an eavesdropping technique for spying at a distance on data that is displayed on an arbitrary computer screen, including the currently prevalent LCD monitors. The technique exploits reflections of the screen's optical emanations in various objects that one commonly finds close to the screen and uses those reflections to recover the original screen content. Such objects include eyeglasses, tea pots, spoons, plastic bottles, and even the eye of the user. This attack can be successfully mounted to spy on even small fonts using inexpensive, off-the-shelf equipment (less than 1500 dollars) from a distance of up to 10 meters. Relying on more expensive equipment allowed to conduct this attack from over 30 meters away, demonstrating that similar attacks are feasible from the other side of the street or from a close by building. Many objects that may be found at a usual workplace can be exploited to retrieve information on a computer's display by an outsider. Particularly good results were obtained from reflections in a user's eyeglasses or a tea pot located on the desk next to the screen. Reflections that stem from the eye of the user also provide good results. However, eyes are harder to spy on at a distance because they are fast-moving objects and require high exposure times. Using more expensive equipment with lower exposure times helps to remedy this problem. The reflections gathered from curved surfaces on close by objects indeed pose a substantial threat to the confidentiality of data displayed on the screen. Fully invalidating this threat without at the same time hiding the screen from the legitimate user seems difficult, without using curtains on the windows or similar forms of strong optical shielding. Most users, however, will not be aware of this risk and may not be willing to close the curtains on a nice day. The reflection of an object, a computer display, in a curved mirror creates a virtual image that is located behind the reflecting surface. For a flat mirror this virtual image has the same size and is located behind the mirror at the same distance as the original object. For curved mirrors, however, the situation is more complex. === Keyboard === ==== Electromagnetic emanations ==== Computer keyboards are often used to transmit confidential data such as passwords. Since they contain electronic components, keyboards emit electromagnetic waves. These emanations could reveal sensitive information such as keystrokes. Electromagnetic emanations have turned out to constitute a security threat to computer equipment. The figure below presents how a keystroke is retrieved and what material is necessary. The approach is to acquire the raw signal directly from the antenna and to process the entire captured electromagnetic spectrum. Thanks to this method, four different kinds of compromising electromagnetic emanations have been detected, generated by wired and wireless keyboards. These emissions lead to a full or a partial recovery of the keystrokes. The best practical attack fully recovered 95% of the keystrokes of a PS/2 keyboard at a distance up to 20 meters, even through walls. Because each keyboard has a specific fingerprint based on the clock frequency inconsistencies, it can determine the source keyboard of a compromising emanation, even if multiple keyboards from the same model are used at the same time. The four different kinds way of compromising electromagnetic emanations are described below. ===== The Falling Edge Transition Technique ===== When a key is pressed, released or held down, the keyboard sends a packet of information known as a scan code to the computer. The protocol used to transmit these scan codes is a bidirectional serial communication, based on four wires: Vcc (5 volts), ground, data and clock. Clock and data signals are identically generated. Hence, the compromising emanation detected is the combination of both signals. However, the edges of the data and the clock lines are not superposed. Thus, they can be easily separated to obtain independent signals. ===== The Generalized Transition Technique ===== The Falling Edge Transition attack is limited to a partial recovery of the keystrokes. This is a significant limitation. The GTT is a falling edge transition attack improved, which recover almost all keystrokes. Indeed, between two traces, there is exactly one data rising edge. If attackers are able to detect this transition, they can fully recover the keystrokes. ===== The Modulation Technique ===== Harmonics compromising electromagnetic emissions come from unintentional emanations such as radiations emitted by the clock, non-linear elements, crosstalk, ground pollution, etc. Determining theoretically the reasons of these compromising radiations is a very complex task. These harmonics correspond to a carrier of approximately 4 MHz which is very likely the internal clock of the micro-controller inside the keyboard. These harmonics are correlated with both clock and data signals, which describe modulated signals (in amplitude and frequency) and the full state of both clock and data signals. This means that the scan code can be completely recovered from these harmonics. ===== The Matrix Scan Technique ===== Keyboard manufacturers arrange the keys in a matrix. The keyboard controller, often an 8-bit processor, parses columns one-by-one and recovers the state of 8 keys at once. This matrix scan process can be described as 192 keys (some keys may not be used, for instance modern keyboards use 104/105 keys) arranged in 24 columns and 8 rows. These columns are continuously pulsed one-by-one for at least 3μs. Thus, these leads may act as an antenna and generate electromagnetic emanations. If an attacker is able to capture these emanations, he can easily recover the column of the pressed key. Even if this signal does not fully describe the pressed key, it still gives partial information on the transmitted scan code, i.e. the column number. Note that the matrix scan routine loops continuously. When no key is pressed, we still have a signal composed of multiple equidistant peaks. These emanations may be used to remotely detect the presence of powered computers. Concerning wireless keyboards, the wireless data burst transmission can be used as an electromagnetic trigger to detect exactly when a key is pressed, while the matrix s