AI Chat Youtube

AI Chat Youtube — independent reviews, comparisons, pricing and step-by-step guides on Aizhi.

Operation Serenata de Amor

Operation Serenata de Amor is an artificial intelligence project designed to analyze public spending in Brazil. The project has been funded by a recurrent financing campaign since September 7, 2016, and came in the wake of major scandals of misappropriation of public funds in Brazil, such as the Mensalão scandal and what was revealed in the Operation Car Wash investigations. The analysis began with data from the National Congress then expanded to other types of budget and instances of government, such as the Federal Senate. The project is built through collaboration on GitHub and using a public group with more than 600 participants on Telegram. The name "Serenata de Amor," which means "serenade of love," was taken from a popular cashew cream bonbon produced by Chocolates Garoto in Brazil. == Modules == Throughout development of the project, new modules have been newly introduced in addition to the main repository: The main repository, serenata-de-amor, serves as the starting point for investigative work. Rosie is the robot programmed to identify public funds expenses with discrepancies, starting with CEAP (Quota for Exercise of Parliamentary Activity); it analyzes each of the reimbursements requested by the deputies and senators, indicating the reasons that lead it to believe they are suspicious. From Rosie was born whistleblower, which tweets under the name of @RosieDaSerenata, distributing the results found on social media. Jarbas (Github repository) is a data visualization tool which shows a complete list of reimbursements made available by the Chamber of Deputies and mined by Rosie. Toolbox is a Python installable package that supports the development of Serenata de Amor and Rosie. == History == Operation Serenata de Amor is an Artificial intelligence project for analysis of public expenditures. It was conceived in March 2016 by data scientist Irio Musskopf, sociologist Eduardo Cuducos and entrepreneur Felipe Cabral. The project was financed collectively in the Catarse platform, where it reached 131% of the collection goal paying 3 months of project development. Ana Schwendler, also a data scientist, Pedro Vilanova "Tonny", data journalist, Bruno Pazzim, software engineer, Filipe Linhares, a frontend engineer, Leandro Devegili, an entrepreneur and André Pinho took the first steps towards constructing the platform, such as collecting and structuring the first datasets. Jessica Temporal, data scientist and Yasodara Córdova "Yaso", researcher, Tatiana Balachova "Russa", UX designer, joined the project after the financing took place. The members created a recurring financing campaign, expanding the analysis of public spending to the Federal Senate. Donors make monthly payments ranging from 5 BRL to 200 BRL to maintain group activities. The monthly amount collected is around 10,000 BRL. == Results == In January 2017, concluding the period financed by the initial campaign, the group carried out an investigation into the suspicious activities found by the data analysis system. 629 complaints were made to the Ombudsman's Office of the Chamber of Deputies, questioning expenses of 216 federal deputies. In addition, the Facebook project page has more than 25,000 followers, and users frequently cite the operation as a benchmark in transparency in the Brazilian government. One of the examples of results obtained by the operation is the case of the Deputy who had to return about 700 BRL to the House after his expenses were analyzed by the platform. The platform was able to analyze more than 3 million notes, raising about 8,000 suspected cases in public spending. The community that supports the work of the team benefits from open source repositories, with licenses open for the collaboration. So much so that the two main data scientists of the project presented it at the CivicTechFest in Taipei, obtaining several mentions even in the international press. The technical leader presented the project in Poland during DevConf2017 in Kraków. It was also presented in the Google News Lab in 2017. It was presented by Yaso, when she was the Director of the initiative, at the MIT Media Lab/Berkman Klein Center Initiative for Artificial Intelligence ethics, and at the Artificial Intelligence and Inclusion Symposium, an initiative of the Global Network of Internet & Society Centers (NoC). It was also presented both by Irio and Yaso at the Digital Harvard Kennedy School, over a lunch seminar, where the transparency of the platform and the main solutions found were discussed, so that the code and data are always available to verify its suitability. This infographic provides information about the first results of Operation Serenata de Amor, a project that analyzes open data on public spending to find discrepancies. The project was presented by Yaso to the House Audit and Control Committee of the Chamber of Deputies in August 2017, and raised the interest of House officials who work with open data. The operation has been a source of inspiration for other civic projects that aim to work with similar goals, demonstrating the broader impact of artificial intelligence also in industry in Brazil. Participation of several team members in events throughout Brazil and abroad can be found on the Internet, such as presentation at OpenDataDay, held at Calango Hackerspace in the Federal District, Campus Party Bahia, Campus Party Brasilia, Friends of Tomorrow, XIII National Meeting of Internal Control, in the event USP Talks Hackfest against corruption in João Pessoa, the latter being also highlighted in the National Press.
Read more →
Random (software)

Random was an iOS mobile app that used algorithms and human-curation to create an adaptive interface to the Internet. The app served a remix of relevance and serendipity that allowed people to find diverse topics and interesting content that they might not have encountered otherwise. Random did not require a login or sign-up - the use of the app was anonymous. The app was powered by an artificial intelligence that learned from direct and indirect user interactions inside the app. While learning and adapting to a person, Random created a unique anonymous choice profile that was then used for recommending topics and content. The app didn't recommend the same content twice. == User interface == Random's user interface was made of ever-changing topic blocks that contained keywords and images. By choosing any of the blocks, the user would see related web content. By closing the web content, the user could access new related topics. The user interface allowed people to get more information about a specific topic area or then just leap freely from topic to topic. The content recommended by Random could be any type of web content, varying from news articles to long-form stories and from photographs to videos. Every user of the Random was curating content for other users by using the app. == History == Random was launched in March 2014. The startup was backed by Skype co-founder Janus Friis. The Random app received a strong reception from the likes of The New York Times, TechCrunch, New Scientist, Vice, and other leading publications. The app went on to gain traction with an active and loyal user community of several hundreds of thousands. This was not enough to support the free app model the team strongly believed in, and the service was terminated in December 2015. == Reception == Various reviews in media have emphasized that Random enables people to break their filter bubble and find diverse content they might not find elsewhere. Alan Henry of Lifehacker wrote: "Random... breaks you out by intentionally guiding you to new topics and interesting articles at sites you may not otherwise read." Vice Motherboard's Claire Evans says that: "Random never turns into a filter bubble, because it perpetually injects the irrational into my experience… in a cocktail of relevancy and serendipity." The app has been said to have a unique, minimalistic user experience. Kit Eaton of The New York Times commented that Random "let's you browse the news in a different way to all the other news sites you've probably ever used." Mashable reviewed Random by concluding that the "app may be one of the most simple content-discovery apps on the market."
Read more →
Intel Threat Detection Technology

Intel Threat Detection Technology (TDT) is a CPU-level technology created by Intel in 2018 to enable host endpoint protections to use a CPU's low-level access to detect threats to a system. TDT consists of multiple components including Accelerated Memory Scanning, which uses the CPU's integrated GPU to scan memory, and Advanced Platform Telemetry, which uses processor-level activity monitoring to detect unusual activity. It is supported on sixth-generation or newer Intel Core CPUs and additional capabilities were added to the 11th generation Core processors. Intel TDT is integrated into several third-party anti-malware solutions including Microsoft Defender, Check Point Harmony Endpoint, CrowdStrike Falcon, and others. == Accelerated Memory Scanning == Accelerated Memory Scanning (also referred to as "Advanced Memory Scanning") uses the CPU's integrated GPU to scan memory for malicious code, instead of using the CPU directly. This improves system responsiveness during anti-malware scanning. and lowers power consumption. Features include pattern matching, using random forest decision trees, string extraction, entropy calculation, and Euclidean clustering. == Advanced Platform Telemetry == Advanced Platform Telemetry collects CPU-level telemetry to detect uncommon activity patterns which might be indicative of malware. The telemetry data is collected from the CPU performance monitoring unit (PMU) and doesn't require a large signature database to detect malware. Instead, it uses machine-learning based correlations to identify indicators of attack For example, Microsoft Defender is able to use TDT's Advanced Platform Telemetry features to detect processor usage patterns indicative of ransomware and cryptojacking with TDT so it can detect them.
Read more →
Vulnerability assessment (computing)

Vulnerability assessment is a process of defining, identifying and classifying the security holes in information technology systems. An attacker can exploit a vulnerability to violate the security of a system. Some known vulnerabilities are Authentication Vulnerability, Authorization Vulnerability and Input Validation Vulnerability. == Purpose == Before deploying a system, it first must go through from a series of vulnerability assessments that will ensure that the build system is secure from all the known security risks. When a new vulnerability is discovered, the system administrator can again perform an assessment, discover which modules are vulnerable, and start the patch process. After the fixes are in place, another assessment can be run to verify that the vulnerabilities were actually resolved. This cycle of assess, patch, and re-assess has become the standard method for many organizations to manage their security issues. The primary purpose of the assessment is to find the vulnerabilities in the system, but the assessment report conveys to stakeholders that the system is secured from these vulnerabilities. If an intruder gained access to a network consisting of vulnerable Web servers, it is safe to assume that he gained access to those systems as well. Because of assessment report, the security administrator will be able to determine how intrusion occurred, identify compromised assets and take appropriate security measures to prevent critical damage to the system. == Assessment types == Depending on the system a vulnerability assessment can have many types and level. === Host assessment === A host assessment looks for system-level vulnerabilities such as insecure file permissions, application level bugs, backdoor and Trojan horse installations. It requires specialized tools for the operating system and software packages being used, in addition to administrative access to each system that should be tested. Host assessment is often very costly in term of time, and thus is only used in the assessment of critical systems. Tools like COPS and Tiger are popular in host assessment. === Network assessment === In a network assessment one assess the network for known vulnerabilities. It locates all systems on a network, determines what network services are in use, and then analyzes those services for potential vulnerabilities. This process does not require any configuration changes on the systems being assessed. Unlike host assessment, network assessment requires little computational cost and effort. == Vulnerability assessment vs penetration testing == Vulnerability assessment and penetration testing are two different testing methods. They are differentiated on the basis of certain specific parameters. == Regulatory requirements == Vulnerability assessments are mandated or strongly recommended by several regulatory frameworks. In the United States healthcare sector, the Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires covered entities to conduct periodic evaluations of their security posture, and a December 2024 Notice of Proposed Rulemaking would explicitly require vulnerability scanning at least every six months for systems containing electronic protected health information. The Payment Card Industry Data Security Standard (PCI DSS) requires quarterly vulnerability scans for organizations that process credit card transactions, and the NIST Cybersecurity Framework includes vulnerability assessment as a core component of its Identify function.
Read more →
Curvelet

Curvelets are a non-adaptive technique for multi-scale object representation. Being an extension of the wavelet concept, they are becoming popular in similar fields, namely in image processing and scientific computing. Wavelets generalize the Fourier transform by using a basis that represents both location and spatial frequency. For 2D or 3D signals, directional wavelet transforms go further, by using basis functions that are also localized in orientation. A curvelet transform differs from other directional wavelet transforms in that the degree of localisation in orientation varies with scale. In particular, fine-scale basis functions are long ridges; the shape of the basis functions at scale j is 2 − j {\displaystyle 2^{-j}} by 2 − j / 2 {\displaystyle 2^{-j/2}} so the fine-scale bases are skinny ridges with a precisely determined orientation. Curvelets are an appropriate basis for representing images (or other functions) which are smooth apart from singularities along smooth curves, where the curves have bounded curvature, i.e. where objects in the image have a minimum length scale. This property holds for cartoons, geometrical diagrams, and text. As one zooms in on such images, the edges they contain appear increasingly straight. Curvelets take advantage of this property, by defining the higher resolution curvelets to be more elongated than the lower resolution curvelets. However, natural images (photographs) do not have this property; they have detail at every scale. Therefore, for natural images, it is preferable to use some sort of directional wavelet transform whose wavelets have the same aspect ratio at every scale. When the image is of the right type, curvelets provide a representation that is considerably sparser than other wavelet transforms. This can be quantified by considering the best approximation of a geometrical test image that can be represented using only n {\displaystyle n} wavelets, and analysing the approximation error as a function of n {\displaystyle n} . For a Fourier transform, the squared error decreases only as O ( 1 / n ) {\displaystyle O(1/{\sqrt {n}})} . For a wide variety of wavelet transforms, including both directional and non-directional variants, the squared error decreases as O ( 1 / n ) {\displaystyle O(1/n)} . The extra assumption underlying the curvelet transform allows it to achieve O ( ( log ⁡ n ) 3 / n 2 ) {\displaystyle O({(\log n)}^{3}/{n^{2}})} . Efficient numerical algorithms exist for computing the curvelet transform of discrete data. The computational cost of the discrete curvelet transforms proposed by Candès et al. (Discrete curvelet transform based on unequally-spaced fast Fourier transforms and based on the wrapping of specially selected Fourier samples) is approximately 6–10 times that of an FFT, and has the same dependence of O ( n 2 log ⁡ n ) {\displaystyle O(n^{2}\log n)} for an image of size n × n {\displaystyle n\times n} . == Curvelet construction == To construct a basic curvelet ϕ {\displaystyle \phi } and provide a tiling of the 2-D frequency space, two main ideas should be followed: Consider polar coordinates in frequency domain Construct curvelet elements being locally supported near wedges The number of wedges is N j = 4 ⋅ 2 ⌈ j 2 ⌉ {\displaystyle N_{j}=4\cdot 2^{\left\lceil {\frac {j}{2}}\right\rceil }} at the scale 2 − j {\displaystyle 2^{-j}} , i.e., it doubles in each second circular ring. Let ξ = ( ξ 1 , ξ 2 ) T {\displaystyle {\boldsymbol {\xi }}=\left(\xi _{1},\xi _{2}\right)^{T}} be the variable in frequency domain, and r = ξ 1 2 + ξ 2 2 , ω = arctan ⁡ ξ 1 ξ 2 {\displaystyle r={\sqrt {\xi _{1}^{2}+\xi _{2}^{2}}},\omega =\arctan {\frac {\xi _{1}}{\xi _{2}}}} be the polar coordinates in the frequency domain. We use the ansatz for the dilated basic curvelets in polar coordinates: ϕ ^ j , 0 , 0 := 2 − 3 j 4 W ( 2 − j r ) V ~ N j ( ω ) , r ≥ 0 , ω ∈ [ 0 , 2 π ) , j ∈ N 0 {\displaystyle {\hat {\phi }}_{j,0,0}:=2^{\frac {-3j}{4}}W(2^{-j}r){\tilde {V}}_{N_{j}}(\omega ),r\geq 0,\omega \in [0,2\pi ),j\in N_{0}} To construct a basic curvelet with compact support near a ″basic wedge″, the two windows W {\displaystyle W} and V ~ N j {\displaystyle {\tilde {V}}_{N_{j}}} need to have compact support. Here, we can simply take W ( r ) {\displaystyle W(r)} to cover ( 0 , ∞ ) {\displaystyle (0,\infty )} with dilated curvelets and V ~ N j {\displaystyle {\tilde {V}}_{N_{j}}} such that each circular ring is covered by the translations of V ~ N j {\displaystyle {\tilde {V}}_{N_{j}}} . Then the admissibility yields ∑ j = − ∞ ∞ | W ( 2 − j r ) | 2 = 1 , r ∈ ( 0 , ∞ ) . {\displaystyle \sum _{j=-\infty }^{\infty }\left|W(2^{-j}r)\right|^{2}=1,r\in (0,\infty ).} see Window Functions for more information For tiling a circular ring into N {\displaystyle N} wedges, where N {\displaystyle N} is an arbitrary positive integer, we need a 2 π {\displaystyle 2\pi } -periodic nonnegative window V ~ N {\displaystyle {\tilde {V}}_{N}} with support inside [ − 2 π N , 2 π N ] {\displaystyle \left[{\frac {-2\pi }{N}},{\frac {2\pi }{N}}\right]} such that ∑ l = 0 N − 1 V ~ N 2 ( ω − 2 π l N ) = 1 {\displaystyle \sum _{l=0}^{N-1}{\tilde {V}}_{N}^{2}\left(\omega -{\frac {2\pi l}{N}}\right)=1} , for all ω ∈ [ 0 , 2 π ) {\displaystyle \omega \in \left[0,2\pi \right)} , V ~ N {\displaystyle {\tilde {V}}_{N}} can be simply constructed as 2 π {\displaystyle 2\pi } -periodizations of a scaled window V ( N ω 2 π ) {\displaystyle V\left({\frac {N\omega }{2\pi }}\right)} . Then, it follows that ∑ l = 0 N j − 1 | 2 3 j 4 ϕ ^ j , 0 , 0 ( r , ω − 2 π l N j ) | 2 = | W ( 2 − j r ) | 2 ∑ l = 0 N j − 1 V ~ N j 2 ( ω − 2 π l N ) = | W ( 2 − j r ) | 2 {\displaystyle \sum _{l=0}^{N_{j}-1}\left|2^{\frac {3j}{4}}{\hat {\phi }}_{j,0,0}\left(r,\omega -{\frac {2\pi l}{N_{j}}}\right)\right|^{2}=\left|W(2^{-j}r)\right|^{2}\sum _{l=0}^{N_{j}-1}{\tilde {V}}_{N_{j}}^{2}\left(\omega -{\frac {2\pi l}{N}}\right)=\left|W(2^{-j}r)\right|^{2}} For a complete covering of the frequency plane including the region around zero, we need to define a low pass element ϕ ^ − 1 := W 0 ( | ξ | ) {\displaystyle {\hat {\phi }}_{-1}:=W_{0}(\left|\xi \right|)} with W 0 2 ( r ) 2 := 1 − ∑ j = 0 ∞ W ( 2 − j r ) 2 {\displaystyle W_{0}^{2}(r)^{2}:=1-\sum _{j=0}^{\infty }W(2^{-j}r)^{2}} that is supported on the unit circle, and where we do not consider any rotation. == Applications == Image processing Seismic exploration Fluid mechanics PDEs solving Compressed sensing
Read more →
Intel Threat Detection Technology

Intel Threat Detection Technology (TDT) is a CPU-level technology created by Intel in 2018 to enable host endpoint protections to use a CPU's low-level access to detect threats to a system. TDT consists of multiple components including Accelerated Memory Scanning, which uses the CPU's integrated GPU to scan memory, and Advanced Platform Telemetry, which uses processor-level activity monitoring to detect unusual activity. It is supported on sixth-generation or newer Intel Core CPUs and additional capabilities were added to the 11th generation Core processors. Intel TDT is integrated into several third-party anti-malware solutions including Microsoft Defender, Check Point Harmony Endpoint, CrowdStrike Falcon, and others. == Accelerated Memory Scanning == Accelerated Memory Scanning (also referred to as "Advanced Memory Scanning") uses the CPU's integrated GPU to scan memory for malicious code, instead of using the CPU directly. This improves system responsiveness during anti-malware scanning. and lowers power consumption. Features include pattern matching, using random forest decision trees, string extraction, entropy calculation, and Euclidean clustering. == Advanced Platform Telemetry == Advanced Platform Telemetry collects CPU-level telemetry to detect uncommon activity patterns which might be indicative of malware. The telemetry data is collected from the CPU performance monitoring unit (PMU) and doesn't require a large signature database to detect malware. Instead, it uses machine-learning based correlations to identify indicators of attack For example, Microsoft Defender is able to use TDT's Advanced Platform Telemetry features to detect processor usage patterns indicative of ransomware and cryptojacking with TDT so it can detect them.
Read more →
Digital supply chain security

Digital supply chain security refers to efforts to enhance cyber security within the supply chain. It is a subset of supply chain security and is focused on the management of cyber security requirements for information technology systems, software and networks, which are driven by threats such as cyber-terrorism, malware, data theft and the advanced persistent threat (APT). Typical supply chain cyber security activities for minimizing risks include buying only from trusted vendors, disconnecting critical machines from outside networks, and educating users on the threats and protective measures they can take. The acting deputy undersecretary for the National Protection and Programs Directorate for the United States Department of Homeland Security, Greg Schaffer, stated at a hearing that he is aware that there are instances where malware has been found on imported electronic and computer devices sold within the United States. == Examples of supply chain cyber security threats == Network or computer hardware that is delivered with malware installed on it already. Malware that is inserted into software or hardware (by various means) Vulnerabilities in software applications and networks within the supply chain that are discovered by malicious hackers Counterfeit computer hardware == Related U.S. government efforts == Comprehensive National Cyber Initiative Defense Procurement Regulations: Noted in section 806 of the National Defense Authorization Act International Strategy for Cyberspace: White House lays out for the first time the U.S.’s vision for a secure and open Internet. The strategy outlines three main themes: diplomacy, development and defense. Diplomacy: The strategy sets out to “promote an open, interoperable, secure and reliable information and communication infrastructure” by establishing norms of acceptable state behavior built through consensus among nations. Development: Through this strategy the government seeks to “facilitate cybersecurity capacity-building abroad, bilaterally and through multilateral organizations.” The objective is to protect the global IT infrastructure and to build closer international partnerships to sustain open and secure networks. Defense: The strategy calls out that the government “will ensure that the risks associated with attacking or exploiting our networks vastly outweigh the potential benefits” and calls for all nations to investigate, apprehend and prosecute criminals and non-state actors who intrude and disrupt network systems. == Related government efforts around the world == Common Criteria offers with Evaluation Assurance Level(EAL) 4 an opportunity to evaluate all relevant aspects of the digital supply chain security like the product, the development environment, IT systems security, the processes in human resource, physical security and with the module ALC_FLR.3 (Systematic Flaw Remediation) also security update processes and methods even by physical site visits. EAL 4 is mutually recognized in countries that signed the SOGIS-MRA and up to ELA 2 in countries the signed the CCRA but including ALC_FRL.3. Russia: Russia has had non-disclosed functionality certification requirements for several years and has recently initiated the National Software Platform effort based on open-source software. This reflects the apparent desire for national autonomy, reducing dependence on foreign suppliers. India: Recognition of supply chain risk in its draft National Cybersecurity Strategy. Rather than targeting specific products for exclusion, it is considering Indigenous Innovation policies, giving preferences to domestic ITC suppliers in order to create a robust, globally competitive national presence in the sector. China: Deriving from goals in the 11th Five Year Plan (2006–2010), China introduced and pursued a mix of security-focused and aggressive Indigenous Innovation policies. China is requiring an indigenous innovation product catalog be used for its government procurement and implementing a Multi-level Protection Scheme (MLPS) which requires (among other things) product developers and manufacturers to be Chinese citizens or legal persons, and product core technology and key components must have independent Chinese or indigenous intellectual property rights. == Private sector efforts == SLSA (Supply-chain Levels for Software Artifacts) is an end-to-end framework for ensuring the integrity of software artifacts throughout the software supply chain. The requirements are inspired by Google’s internal "Binary Authorization for Borg" that has been in use for the past 8+ years and that is mandatory for all of Google's production workloads. The goal of SLSA is to improve the state of the industry, particularly open source, to defend against the most pressing integrity threats. With SLSA, consumers can make informed choices about the security posture of the software they consume. == Other references == Financial Sector Information Sharing and Analysis Center International Strategy for Cyberspace (from the White House) NSTIC SafeCode Whitepaper Archived 2013-10-21 at the Wayback Machine Trusted Technology Forum and the Open Trusted Technology Provider Standard (O-TTPS) Archived 2012-01-03 at the Wayback Machine Cyber Supply Chain Security Solution Malware Implants in Firmware Supply Chain in the Software Era INFORMATION AND COMMUNICATIONS TECHNOLOGY SUPPLY CHAIN RISK MANAGEMENT TASK FORCE: INTERIM REPORT
Read more →
E-on Vue

Vue is a software tool for world generation by Bentley Systems, with support for many visual effects, animations, and various other features. The tool has been used in several feature-length films. In 2024, Bentley Systems announced that Vue would be discontinued, and be freely available to those that still wish to use it. == Versions == == Features == This is a list of features as of the 2023 release of Vue: === Terrains === Heightfield terrains Procedural terrains Infinite terrains Planetary terrains Real-world terrains 3D terrain sculpting Terrain export === EcoSystem Instancing Technology === Material-based EcoSystems Global EcoSystems Dynamic EcoSystems 360° EcoSystem Population Paint EcoSystem instances EcoParticles Export EcoSystem populations === Vegetation === Built-in Plant editor Compatible with PlantFactory Vegetation assets === Atmosphere, Skies and Clouds === Standard atmospheric model Spectral atmospheric model Photometric atmospheric model Atmosphere presets Procedural Volumetric 3D cloud layers Standalone 3D Metaclouds Convert meshes to Clouds Cloud morphing Import OpenVDB Export standalone and cloud layer zones to OpenVDB Export skies as HDRI === Modeling === Primitive and Feature modeling 3D Text edition tool Metablobbing Hyperblobs Export baked hyperblobs Splines Built in Road Construction toolkit Random rock generator Export rocks === Texturing and UVs === Material presets PBR Substance support Node-based procedural materials Volumetric materials and Hypertextures Stacked UVs Unwrapped UVs Ptex === Interoperability, Integration And Export === Export single assets to generic 3D formats Full scene export Integration plugins Import and Export Camera data as FBX and Nuke.chan Python API ZBrush GoZ bridge === Animation === Animate objects, materials, atmospheres, clouds, waves... Automatic wind and breeze Localized wind effects per plant / per EcoSystem population Omni and directional ventilators for local modifications of plants Time spline editor Automatic keyframe creation Automatic synchronization of cameras and lights Animation export as AfterEffects Import motion tracking information === Lighting === Global illumination, Global Radiosity, Ambient occlusion Subsurface Scattering HDRI image based lighting Point light, Quadratic point light, Spotlight, Quadratic spotlight, Directional light Use IES distribution profiles on photometric lights Area lights, light panels, light portals Physically accurate caustics computation === Rendering === Render with Ray Tracer Render with Path Tracer Stereoscopic rendering 360/180 VR Panorama Render Option Spherical panoramic rendering Tone mapping options Multipass & G-Buffer Network rendering with HyperVue / RenderCows Network rendering with RenderNodes == Users == Blue Sky Studios Digital Domain DreamWorks Animation: Kung Fu Panda Industrial Light & Magic: Indiana Jones and the Kingdom of the Crystal Skull, Pirates of the Caribbean: Dead Man's Chest Sony Pictures Imageworks Warner Bros. Interactive Entertainment Weta Digital
Read more →
AI effect

The AI effect is a phenomenon in which advances in artificial intelligence lead to a redefinition of what is considered intelligence, such that capabilities achieved by AI systems are no longer regarded as examples of "real" intelligence. The concept has been used to describe both a cognitive tendency and a sociotechnical pattern, in which successful AI techniques are reclassified as routine computation or absorbed into other domains. Historian Pamela McCorduck described this as a recurring feature of AI research, noting in her 2004 book Machines Who Think that once a problem is solved, it is no longer considered evidence of intelligence. Researcher Rodney Brooks similarly observed in 2002 that once systems are understood, they are often regarded as "just computation". == Definition == The AI effect refers to a shift in how intelligence is defined as machines acquire new capabilities. Tasks such as playing chess, recognizing speech, or interpreting images were historically considered indicators of intelligence, but after successful automation they are often reclassified as routine computation. McCorduck described this as an "odd paradox", in which successful AI systems are assimilated into other domains, leaving AI researchers to focus on unsolved problems. The phenomenon is often interpreted as an instance of moving the goalposts. A commonly cited formulation is Tesler's theorem, often expressed as "AI is whatever hasn't been done yet". When problems are not fully formalised, they may be described using models involving human computation, such as human-assisted Turing machines. == Historical examples == === Game playing === Early AI systems capable of playing games such as checkers and chess were initially regarded as demonstrations of machine intelligence. As these systems improved and became better understood, their achievements were often reinterpreted as examples of computation rather than intelligence. The victory of IBM's Deep Blue over Garry Kasparov in 1997 is a frequently cited example. Critics argued that the system relied on brute-force methods rather than genuine understanding. === Pattern recognition === Technologies such as optical character recognition and speech recognition were once considered core problems in artificial intelligence. As these systems became reliable and widely deployed, they were increasingly treated as standard engineering solutions. === Integration into applications === Many techniques originally developed within AI research have been incorporated into broader technological systems, including marketing, automation, and software applications. Michael Swaine reported in 2007 that AI advances are often presented as developments in other fields. Marvin Minsky observed that successful AI innovations often evolve into separate disciplines. Nick Bostrom noted in 2006 that widely adopted technologies are often no longer labeled as AI. == Contemporary discussion == The AI effect continues to be discussed in the context of recent advances in machine learning, particularly large language models and other generative AI systems. As these systems have become more widely used, some researchers and commentators have noted that their capabilities are frequently described as statistical or mechanical once understood, rather than as intelligence. A 2016 survey of artificial intelligence also noted that AI systems are increasingly embedded in everyday applications, reinforcing earlier observations that successful AI technologies tend to become normalized and no longer identified as AI. At the same time, the widespread commercial use of artificial intelligence has led to greater visibility of the field, contrasting with earlier periods in which AI techniques were often present but unacknowledged. == Interpretations == === Cognitive bias === Some authors describe the AI effect as a cognitive bias in which expectations of intelligence shift as machines achieve new capabilities. === Sociotechnical perspective === Another interpretation emphasizes how technologies are reclassified over time as they become widespread and commercially successful. === Philosophical debate === Some philosophers argue that reclassification reflects genuine conceptual distinctions rather than bias. == Historical context == During periods such as the AI winter, researchers sometimes avoided the term "artificial intelligence" due to negative perceptions. In the 21st century, however, the term "AI" has become widely used in public discourse and marketing. == Broader implications == The AI effect has been linked to broader questions about human uniqueness and the nature of intelligence. Michael Kearns suggested that people may seek to preserve a special role for humans. Similar patterns have been observed in studies of animal cognition. Herbert A. Simon noted that artificial intelligence can provoke strong emotional reactions.
Read more →
Tensor glyph

In scientific visualization a tensor glyph is an object that can visualize all or most of the nine degrees of freedom, such as acceleration, twist, or shear – of a 3 × 3 {\displaystyle 3\times 3} matrix. It is used for tensor field visualization, where a data-matrix is available at every point in the grid. "Glyphs, or icons, depict multiple data values by mapping them onto the shape, size, orientation, and surface appearance of a base geometric primitive." Tensor glyphs are a particular case of multivariate data glyphs. There are certain types of glyphs that are commonly used: Ellipsoid Cuboid Cylindrical Superquadrics According to Thomas Schultz and Gordon Kindlmann, specific types of tensor fields "play a central role in scientific and biomedical studies as well as in image analysis and feature-extraction methods."
Read more →
Cybersecurity in space

Cybersecurity in space involves the defense of all space assets (e.g. navigation systems, satellites, ground antennas, networks, etc.). The security of space can be affected by attacks such as disruption, corruption as well as the destruction of depended-upon assets/collected data. Government (e.g. militaries) and non-government sectors (e.g. financial industries) have started to become more reliant on numerous space-based services. Due to the criticality of these services, space security experts have identified these assets as high-value targets (HVT) that can cause detrimental consequences to all of Earth. == Scope and definitions == Space assets are broken down by three sub-sectors: the space component, the ground component, and the individual user component. The architecture of space assets is extremely complex and allows for a frequent attack vector utilized, the disruption by radio frequency (RF) cyber-attacks. In 2020, a memorandum was published by President Donald Trump, Space Policy Directive‑5 (SPD‑5). It established principles to ensure the safeguarding of all space assets. In 2023, the National Institute of Standards and Technology’s (NIST) published IR 8270, Introduction to Cybersecurity for Commercial Satellite Operations. This report established a baseline risk-management framework (RMF) to be implemented into space operations. == History == During the Cold War in the 1950s-1960s, the United States and Russia entered what was called the “Space Race”. By 1957, the Soviet Union successfully launched the first satellite into space named Sputnik. By 1961, the first key milestone was accomplished when the Soviet Union’s Yuri Gagarin became the first human to orbit Earth. This was later followed by the first American, Alan Shepard, to be launched into space; this was followed by John Glenn becoming the first American to orbit Earth in 1962. In 1969, a pinnacle milestone was reached when Apollo 11 launched into space and Neil Armstrong became the first man to walk on the moon. As space operations furthered, Commercial off-the-shelf products became increasingly popular but resulted in a rapid increase to the cyber-attack surface. Public awareness of space security did not increase until 2022, when the Viasat KA-SAT incident occurred, resulting in the disruption of a large number of modems across Europe. The attack was later accredited to Russia by the U.S. and the U.K. Policy and standards started to rapidly increase by 2020. The establishment of SPD-5 was released in 2020 followed by asset hardening instructions in 2022, and NIST’s IR 8270 in 2023. It was not until 2025 that Europe published their own findings in the Space Threat Landscape 2025 Report. This document led to the EU’s security proposals and standards. == Threats == === Radio-frequency Interference and Global Navigation Satellite Systems (GNSS) Spoofing === Space services are highly dependent on RF links for systems such as GNSS, however, a consequence of this dependency on RF is denial of service and deception. In 2017, the Black Sea maritime event occurred when numerous ships were subject to spoofing. Space services depend on RF links susceptible to jamming (denial) and spoofing (deception), including for GNSS/Positioning, Navigation, and Timing (PNT). Annotated incidents include the 2017 Black Sea maritime spoofing event affecting numerous ships, and extensive aviation GNSS spoofing patterns surveyed in various regions during 2024–2025. === Network intrusion and malware === Cyber threats can intrude and infect assets with malware. They do this by finding misconfiguration vulnerabilities, remote-management interfaces, and/or supply-chain vulnerabilities mainly in ground networks and user terminals. When KA-SAT occurred, it resulted from bulk modem disturbances. Forensic analysts later suggested malicious management controls and wiper malware as the root cause. === Supply-chain and lifecycle risks === The outsource of COTS components, external vendors, and software defined payloads allowed for vulnerabilities to emerge in the System/Product Lifecycle. In response, EU recommended the implementation of lifecycle-wide controls as mitigating factors. === Espionage, disruption, and influence === As Advanced Persistent Threats (APTs), Global Positioning System (GPS) intervention, and information warfare increased, assets like transponders became more frequent targets of attack. == Noteworthy incidents == The Viasat KA‑SAT incident of 2022, where a large number of modems in Europe were disrupted, resulted in the loss of telemetry access to a significant amount of wind turbines in Germany. The mass GNSS deception of the Black Sea in 2017 affected numerous ships when they started to convey fake central locations in Russia. Between 2024 and 2025, there was a mass, repetitive aviation GNSS spoofing that affected the aircraft of various regions. == Standards, guidelines, and best practices == SPD‑5 (U.S.) – This established risk-based engineering, verifying and ensuring positive control, and the implementation of risk mitigation controls. NIST IR 8270 – This created a RMF for COTS satellites. CISA/FBI SATCOM Advisory (AA22‑076) – Provided guidance on hardening techniques such as least-privileged, access control, encryption, etc.). ENISA Space Threat Landscape 2025 – It established the categorization of assets to organize threats, ensuring the observation of system/product lifecycle, and an RMF for COTS satellites. ECSS‑E‑ST‑80C (2024) – This established a standard for securing lifecycles in space, covering all segments (e.g. ground, launch, etc.). == Regulation and governance == As of 2025, there is no international regulations established for space assets, but the U.S., EU, and ESA institutional initiatives have published standards to address security concerns. The U.S. implemented SPD-5 and the Federal Communications Commission (FCC); the FCC addressed orbital debris. While the EU created standards to address technological mandates and support the implementation of NIS2. Lastly, the ESA created a special operations center to safeguard their satellites. International governance is still evolving, but forums have been held by the United Nations Committee on the Peaceful Uses of Outer Space. International conversations under forums such as the UN Committee on the Peaceful Uses of Outer Space (COPUOS) progressively note the cyber–space safety relationship, though formal global norms specific to space cybersecurity continue evolving. == Risk management approaches == Through RMF, mitigation controls have been implemented to reduce the risk of exploitation while increasing the security of space. Controls addressing mitigation include proper configuration, system hardening, zero-trust architectures, encryption, etc. Both the government and industries have placed an emphasis on incident response procedures to identify, contain, and remediate breaches.
Read more →
Capture the flag (cybersecurity)

In computer security, Capture the Flag (CTF) is an exercise in which participants attempt to find text strings, called "flags", which are secretly hidden in purposefully vulnerable programs or websites. They can be used for both competitive or educational purposes. In two main variations of CTFs, participants either steal flags from other participants (attack/defense-style CTFs) or from organizers (jeopardy-style challenges). A mixed competition combines these two styles. Competitions can include hiding flags in hardware devices, they can be both online or in-person, and can be advanced or entry-level. The game is inspired by the traditional outdoor sport with the same name. CTFs are used as a tool for developing and refining cybersecurity skills, making them popular in both professional and academic settings. == Overview == Capture the Flag (CTF) is a cybersecurity competition that is used to test and develop computer security skills. It was first developed in 1996 at DEF CON, the largest cybersecurity conference in the United States which is hosted annually in Las Vegas, Nevada. The conference hosts a weekend of cybersecurity competitions, including their flagship CTF. Two popular CTF formats are jeopardy and attack-defense. Both formats test participant’s knowledge in cybersecurity, but differ in objective. In the Jeopardy format, participating teams must complete as many challenges of varying point values from a various categories such as cryptography, web exploitation, and reverse engineering. In the attack-defense format, competing teams must defend their vulnerable computer systems while attacking their opponent's systems. The exercise involves a diverse array of tasks, including exploitation and cracking passwords, but there is little evidence showing how these tasks translate into cybersecurity knowledge held by security experts. Recent research has shown that the Capture the Flag tasks mainly covered technical knowledge but lacked social topics like social engineering and awareness on cybersecurity. == Educational applications == CTFs have been shown to be an effective way to improve cybersecurity education through gamification. There are many examples of CTFs designed to teach cybersecurity skills to a wide variety of audiences, including PicoCTF, organized by the Carnegie Mellon CyLab, which is oriented towards high school students, and Arizona State University supported pwn.college. Beyond educational CTF events and resources, CTFs has been shown to be a highly effective way to instill cybersecurity concepts in the classroom. CTFs have been included in undergraduate computer science classes such as Introduction to Information Security at the National University of Singapore. CTFs are also popular in military academies. They are often included as part of the curriculum for cybersecurity courses, with the NSA organized Cyber Exercise culminating in a CTF competition between the US service academies and military colleges. == Competitions == Many CTF organizers register their competition with the CTFtime platform. This allows the tracking of the position of teams over time and across competitions. These include "Plaid Parliament of Pwning", "More Smoked Leet Chicken", "Dragon Sector", "dcua", "Eat, Sleep, Pwn, Repeat", "perfect blue", "organizers" and "Blue Water". Overall the "Plaid Parliament of Pwning" and "Dragon Sector" have both placed first worldwide the most with three times each. === Community competitions === Every year there are dozens of CTFs organized in a variety of formats. Many CTFs are associated with cybersecurity conferences such as DEF CON, various editions of SANS Institute's NetWars, HITCON, and BSides. The DEF CON CTF, an attack-defence CTF, is notable for being one of the oldest CTF competitions to exist, and has been variously referred to as the "World Series", "Superbowl", and "Olympics", of hacking by media outlets. The NYU Tandon hosted Cybersecurity Awareness Worldwide (CSAW) CTF is one of the largest open-entry competitions for students learning cybersecurity from around the world. In 2021, it hosted over 1200 teams during the qualification round. In addition to conference organized CTFs, many CTF clubs and teams organize CTF competitions. Many CTF clubs and teams are associated with universities, such as the CMU associated Plaid Parliament of Pwning, which hosts PlaidCTF, and the ASU associated Shellphish. Some community CTFs are online and open to all participants. The SANS Institute Holiday Hack Challenge and TryHackMe Advent of Cyber. === Government-supported competitions === Governmentally supported CTF competitions include the DARPA Cyber Grand Challenge and ENISA European Cybersecurity Challenge. In 2023, the US Space Force-sponsored Hack-a-Sat CTF competition included, for the first time, a live orbital satellite for participants to exploit. === Corporate-supported competitions === Corporations and other organizations sometimes use CTFs as a training or evaluation exercise, with benefits similar to those in educational settings. In addition to internal CTF exercises, some corporations such as Google and Tencent host publicly accessible CTF competitions. == In popular culture == In Mr. Robot, a qualification round for the DEF CON CTF competition is depicted in the season 3 opener "eps3.0_power-saver-mode.h". The logo for DEF CON can be seen in the background. In The Undeclared War, a CTF is depicted in the opening scene of the series as a recruitment exercise used by GCHQ. Go Go Squid!, a Chinese television series, is based around training for and competing in highly stylized CTF competitions .
Read more →
Photoanalysis

Photoanalysis (or photo analysis) refers to the study of pictures to compile various types of data, for example, to measure the size distribution of virtually anything that can be captured by photo. Photoanalysis technology has changed the way mines and mills quantify fragmented material. Images are an effective way to document conditions before, after, and even during blasting activities. The technology is advancing at a high rate, and lenses, storage media memory, light sensitivity and resolution have been improving steadily. Today's digital cameras and camcorders include high-resolution optics, compact size, automatic time and date stamps, good battery life, shutters to freeze motion, and computers to autofocus and eliminate jitter using image stabilization. == Mining == Photoanalysis in mining operations can provide an automated system that forewarns a company of potential problems with materials, leading to economies and reduced damage caused from over-sized materials. It can also help determine the effectiveness of blasts. A company can use this technology to monitor materials moving on a conveyor belt in an underground environment, to measure piles left over from a blast, and even measure the amount of material being carried by dump trucks or vessels to a destination. Photoanalysis is being used on SAG mills worldwide to control the size of rock being crushed. Companies are using this technology to determine the size of particles being processed in the SAG Mill.[1] Archived 2009-05-23 at the Wayback Machine Having oversize material entering the SAG mill makes an operation less efficient, costing companies money in electrical and maintenance costs. Photoanalysis technology can eliminate unwanted material before it enters the mill, keeping rock crushing costs low. == Forestry == Wood chip size can affect the overall quality of a product. With automated photoanalysis systems, companies can remove any unwanted wrong-size particles without stopping their mill process. Photoanalysis can affect how efficiently forestry companies operate. In mills worldwide, photoanalysis technology is improving the use of lumber products, cutting back on the amount of trees being used to operate, and saving companies money through quality control optimization.[2] With the current downturn in the North American forestry industry, operators are looking at making their mills more efficient and effective when processing materials. Photoanalysis technology helps identify any weaknesses in the process by continuously monitoring different sections of an operation. == Agriculture == Agricultural companies can, using photoanalysis, monitor conveyor belts of food without contaminating the product by touching it. Other benefits of photoanalysis systems include: Automated removal of any unwanted material on food conveyor Improved quality control for the most important parts of the agricultural process Pinpoint accuracy that helps the efficiency and effectiveness of product handling techniques The importance of photoanalysis technology is being noticed by the agricultural industry as it identifies any unwanted materials going through the process. In an example, if a mouse is on a conveyor of corn, photoanalysis technology would be able to identify the unwanted object and remove it before it contaminates the whole process. == Origins of photoanalysis technology == Photoanalysis technology was created by using the Waterloo Image Enhancement Process in the 1980s. After further development of the imaging process with explosives producer DuPont, engineers Tom Palangio and Takis Katsabanis began selling photoanalysis software commercially. They later renamed the process WipFrag, standing for Waterloo Image Process Fragmentation Today, photoanalysis technology has evolved into stabilized and portable systems that can automatically capture and analyze results instantly. Thousands of these products are currently being used around the world to measure fragmented material. == Photoanalysis equipment photos == == Fragmentation analysis == Fragmentation analysis is becoming a popular term in mining, agricultural and forestry industries. With the majority of money in these industries directed towards the proper sizing of materials, companies are using fragmentation analysis to determine various factors within an operation.[3] The two main ways a company keeps track of fragmented material are through manual and automated sieving procedures. Manual sieving involves extracting a sample of material to analyze the size distribution. The results can be tabulated within two days. Automated sieving is an advanced way of sieving materials running through a process. Without having to extract the material, photoanalysis can take place, allowing for immediate results with pinpoint accuracy. == Blast Fragmentation Software == Operators are using fragmentation analysis to determine the effectiveness of various blasts. With automated sieving technology, workers can track the success of these blasts and receive instant results. Companies are using these results to determine what blasting method yielded the best results for their specific operation. The common variables associated with blast optimization are the provided Particle Size Distribution (PSD) from a shovel fragmentation system, geology including rock type and fracturing, and energy factor. By using photoanalysis the fragmented materials can be monitored, offering pinpoint accuracy and allowing mine operators to make adjustments to future blasting procedures. See Optical Granulometry to view the automated sieving process. == Pre-crushing analysis == Maintenance costs can be significantly reduced if an operation focuses on the fragmentation of the particles passing through their process. Automated sieving systems can detect and help remove any oversize material before it enters the crusher and causes maintenance problems. It also helps determine the effectiveness of the mining process prior to crushing; the sizing of material is always a critical part of operations in the mining, forestry and agricultural industries. Having an analysis taking place at every major point in an operation allows for the proper tracking of material being processed. Engineers can then determine what part of the process needs improving based solely on the size of material. == Post-crushing analysis == Measuring how effective industrial crushers are, can help save a company millions of dollars in energy costs on an annual basis. There are two components that affect a typical crusher: the size of the material inputted, and the speed at which the crusher is moving. If the user can find a perfect balance between these two components, the materials will be crushed to the right size in the shortest time possible. Meeting the material standards set by governments and large companies can be hard. Having a post-crushing analysis taking place ensures that no oversize material gets shipped; eliminating the chance of getting fined for not meeting industry specifications.
Read more →
Randonautica

Randonautica (a portmanteau of "random" + "nautica") is an app launched on February 22, 2020 founded by Auburn Salcedo and Joshua Lengfelder. It randomly generates coordinates that encourages the user to explore their local area and report what is found. According to its creators, the app is "an attractor of strange things," letting one choose specific coordinates based on a specific theme. It gained controversy after a report of two teenagers coincidentally finding a corpse while using the application. == Overview == The app, which creators claim to be inspired by chaos theory and Guy Debord's Theory of the Dérive, offers its users three types of coordinates to choose from: an attractor, a void, or an anomaly. The app has a cult following on YouTube and TikTok and there is a subreddit made by the creators for users of the app. == History == 29-year-old circus performer Joshua Lengfelder discovered a bot called Fatum Project in a fringe science chat group on Telegram in January 2019. According to The New York Times, "He absorbed the project’s theories about how random exploration could break people out of their predetermined realities, and how people could influence random outcomes with their minds." Lengfelder then created a Telegram bot using Fatum Project's code, generating coordinates. He then created the subreddit r/randonauts in March. In October, developer Simon Nishi McCorkindale made the bot's webpage. With the help of Auburn Salcedo, chief executive of a TV agency, both created Randonauts LLC. Salcedo became the chief operating officer while Lengfelder was the CEO. The app, called Randonautica, was launched on February 22, 2020. Later the same year the app and back-end got completely overhauled by a new team of developers and got a more visual and friendlier design and logo. In April 2022 Lengfelder exited Randonauts LLC and Auburn Salcedo became CEO. == Reception == The app has as many as 10.8 million users as of July 2020, gaining popularity amid the COVID-19 pandemic in the United States as restrictions have been lightened. Emma Chamberlain made a YouTube video about the app that helped increase its following. i-D reported that the hashtag #randonautica has gained 176.5 million views on TikTok, although it has not marketed itself yet. === Controversy === With the app's popularity, users started reporting coincidences which many find unsettling. The majority of reports were from TikTok and Reddit, as well as Telegram. The most notable controversy involved a group of people heading to a beach in Duwamish Head, Puget Sound, West Seattle per the app, where they found a bag with two dead bodies, a 27-year-old male and a 36-year-old female, as reported by the Seattle Police homicide detectives. In August 2020, police arrested and charged their landlord, Michael Lee Dudley, in connection with the murders. In March 2021, Dudley was denied bail while other people were under suspicion of aiding Dudley in the dismemberment and disposal of the bodies, but no one else had been charged. This has caused speculation that the app has an intended, puzzle-like theme. However, Lengfelder stated that it is "a shocking coincidence." Salcedo called the videos fake, and that "It’s so hard to manage, because people are really taking creative liberties after seeing how much traction the app is getting in that fear factor." In 2022, Michael Dudley was convicted of second degree murder for killing both victims, who were identified as Jessica Lewis and Austin Wenner. He was sentenced to 46 years in prison the following year. In their questions page, Randonautica's creators have said that if the app generates coordinates inside a private property, it is a violation of their terms and conditions to trespass. In addition, Randonautica has also received allegations that the app is used for human trafficking, which its creators have denied, saying that data collected by the app are anonymous. It also ensured that the app is not designed to violate religious customs, saying that "the app is simply a tool. Just as a knife can be used either to prepare dinner or to cut somebody."
Read more →
CPU modes

CPU modes (also called processor modes, CPU states, CPU privilege levels and other names) are operating modes for the central processing unit of most computer architectures that place restrictions on the type and scope of operations that can be performed by instructions being executed by the CPU. For example, this design allows an operating system to run with more privileges than application software by running the operating systems and applications in different modes. Ideally, only highly trusted kernel code is allowed to execute in the unrestricted mode; everything else (including non-supervisory portions of the operating system) runs in a restricted mode and must use a system call (via interrupt) to request the kernel perform on its behalf any operation that could damage or compromise the system, making it impossible for untrusted programs to alter or damage other programs (or the computing system itself). Device drivers are designed to be part of the kernel due to the need for frequent I/O access. Multiple modes can be implemented, e.g. allowing a hypervisor to run multiple operating system supervisors beneath it, which is the basic design of many virtual machine systems available today. == Mode types == The unrestricted mode is often called kernel mode, but many other designations exist (master mode, supervisor mode, privileged mode, etc.). Restricted modes are usually referred to as user modes, but are also known by many other names (slave mode, problem state, etc.). Hypervisor Hypervisor mode is used to support virtualization, allowing the simultaneous operation of multiple operating systems. Kernel and user In kernel mode, the CPU may perform any operation allowed by its architecture; any instruction may be executed, any I/O operation initiated, any area of memory accessed, and so on. In the other CPU modes, certain restrictions on CPU operations are enforced by the hardware. Typically, certain instructions are not permitted (especially those—including I/O operations—that could alter the global state of the machine), some memory areas cannot be accessed, etc. User-mode capabilities of the CPU are typically a subset of those available in kernel mode, but in some cases, such as hardware emulation of non-native architectures, they may be significantly different from those available in standard kernel mode. Some CPU architectures support more modes than those, often with a hierarchy of privileges. These architectures are often said to have ring-based security, wherein the hierarchy of privileges resembles a set of concentric rings, with the kernel mode in the center. Multics hardware was the first significant implementation of ring security, but many other hardware platforms have been designed along similar lines, including the Intel 80286 protected mode, and the IA-64 as well, though it is referred to by a different name in these cases. Mode protection may extend to resources beyond the CPU hardware itself. Hardware registers track the current operating mode of the CPU, but additional virtual-memory registers, page-table entries, and other data may track mode identifiers for other resources. For example, a CPU may be operating in Ring 0 as indicated by a status word in the CPU itself, but every access to memory may additionally be validated against a separate ring number for the virtual-memory segment targeted by the access, and/or against a ring number for the physical page (if any) being targeted. This has been demonstrated with the PSP handheld system. Hardware that meets the Popek and Goldberg virtualization requirements makes writing software to efficiently support a virtual machine much simpler. Such a system can run software that "believes" it is running in supervisor mode, but is actually running in user mode. == Architectures == Several computer systems introduced in the 1960s, such as the IBM System/360, DEC PDP-6/PDP-10, the GE-600/Honeywell 6000 series, and the Burroughs B5000 series and B6500 series, support two CPU modes; a mode that grants full privileges to code running in that mode, and a mode that prevents direct access to input/output devices and some other hardware facilities to code running in that mode. The first mode is referred to by names such as supervisor state (System/360), executive mode (PDP-6/PDP-10), master mode (GE-600 series), control mode (B5000 series), and control state (B6500 series). The second mode is referred to by names such as problem state (System/360), user mode (PDP-6/PDP-10), slave mode (GE-600 series), and normal state (B6500 series); there are multiple non-control modes in the B5000 series. === RISC-V === RISC-V has three main CPU modes: User Mode (U), Supervisor Mode (S), and Machine Mode (M). Virtualization is supported via an orthogonal CSR setting instead of a fourth mode.
Read more →